ethical considerations such as privacy

... Emotion  Persuasion based on reason alone may  be more ethical  Reasoning alone may be insufficient to  convince or persuade others  Use of emotion in persuasion may be  unethical if the negotiators intent is  self­serving and may harm the other  party ... Tactics  Rely on persuasion rather than  manipulation and coercion  Identify tactics to avoid (e.g. anything  dishonest, disrespectful, irresponsible,  manipulative)  Agree to common guidelines (e.g. treat  others with respect, avoid  misrepresentations) Outline  Ethics Defined  Ethical Negotiation  Negotiation Tactics  Ethics and Emotion  Responding to Unethical Negotiators Chapter 5 Ethical Considerations Societal Ethics “Ethics refers to our beliefs about what  comprises a happy life, what makes for a  worthwhile society; ethics also includes our  beliefs about what behavior contributes to or  frustrates the achievement of a worthwhile  society.  Finally, ethics wonders about what  features of character are worth cultivating.”  Delores Dooley ­ Philosophyer ... Negotiation  Importance of context  Locus of control • Internal locus of control – see yourself as a causal agent of  what happens to you • External locus of control – view outside factors as the  predominant cause of negative outcomes in your life • Those with internal locus of control are less likely to make  excuses for their actions if found to be engaged in  questionable tactics  Right to defend or protect self from unethical  opponents Ethics  Behaving in moral ways  Most societies have guidelines for behavior  What one society views as unethical may be  considered acceptable in another society  Ethics is evolving rather than a set of  standards that must never change  Develop code of ethics ...

... Cách dùng as such và such as Hai cụm từ, as such và such as, trông thì có vẻ giống nhau nhưng trên thực tế hai cụm từ này khác nhau về nghĩa. As such có hai nghĩa. ... nói: She's an athlete, and as such she has to train very hard. The film was a romance, and as such it had the usual happy ending. Chúng ta cũng có thể dùng as such để diễn tả ý một ... sell books as such, but it does sell magazines and newspapers. Tạp chí và báo cũng là mặt hàng tương tự như sách, nhưng chúng không phải là sách. He isn't American as such, but...

... Publishing as Pearson Addison-Wesley Classes  A type whose variables are objects, is a class  ifstream is the type of the in_stream variable (object)  ifstream is a class  The class of an ... Publishing as Pearson Addison-Wesley Class Member Functions  Member functions of an object are the member functions of its class  The class determines the member functions of the object  The class ... class ifstream has an open function  Every variable (object) declared of type ifstream has that open function Slide 6- 9 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Why...

... The GRUB boot loader will be install on /dev/sda. Chọn check box Use a boot loader password  chọn Change password. Nhập vào mật khẩu  chọn OK  chọn Next. - Thiết lập cấu hình mạng ... Trí Thức – Lưu Hành Nội Bộ 12 Chương trình cài đặt yêu cầu password root phải có chiều dài ít nhất 6 ký tự. Nhập password cho accont root  chọn Next. - Chọn các chương trình và packages ... tên usera: - Kiểm tra usera trong /etc/passwd : - Kiểm tra usera trong /etc/shadow: usera đang bị tạm khoá. Do chưa được tạo passwd. TRUNG TÂM ĐÀO TẠO QUẢN TRỊ VÀ AN NINH...

... interaction- oriented personalities with the remainder task oriented. The final assessment that she arrived at was: Alice Š self-oriented Brian Š task-oriented Bob Š task-oriented Carol Š interaction-oriented Dorothy ... facilities such as variable font sizes, etc. 3. Ideally, someone who has experience of designing assistive technology systems. Otherwise, someone with experience of interfacing to hardware units as all systems ... growing market of assistive technology to help elderly and disabled people live independently. Alice has been asked to lead a team of 6 d evelopers than can develop new products based around the...

... DOES THE WEB APPLICATION  REQUIRE AUTHENTICATION OF THE  USER?  Many Web applications require another server  authenticate users  Examine how information is passed between the  two servers  Encrypted channels  Verify that logon and password information is  stored on secure places  Authentication servers introduce a second target 44 37 34 APPLICATION VULNERABILITIES  COUNTERMEASURES (CONTINUED)  Top­10 Web application vulnerabilities (continued)  Remote administration flaws  Attacker can gain access to the Web server through the  remote administration interface  Web and application server misconfiguration  Any Web server software out of the box is usually vulnerable  to attack  Default accounts and passwords  Overly informative error messages 32 16 WEB FORMS  Use the <form> element or tag in an HTML document  Allows customer to submit information to the Web server  Web servers process information from a Web form by  using a Web application  Easy way for attackers to intercept data that users  submit to a Web server 7 APPLICATION VULNERABILITIES  COUNTERMEASURES  Open Web Application Security Project (OWASP)  Open, not­for­profit organization dedicated to finding  and fighting vulnerabilities in Web applications  Publishes the Ten Most Critical Web Application  Security Vulnerabilities  Top­10 Web application vulnerabilities  Unvalidated parameters  HTTP requests are not validated by the Web server  Broken access control  Developers implement access controls but fail to test them  properly 29 USING SCRIPTING LANGUAGES  Dynamic Web pages can be developed using scripting  languages  VBScript  JavaScript  PHP 18 OPEN DATABASE CONNECTIVITY  (ODBC) (CONTINUED)  ODBC defines  Standardized representation of data types  A library of ODBC functions  Standard methods of connecting to and logging on to a  DBMS 24 WEB APPLICATION COMPONENTS  Static Web pages  Created using HTML  Dynamic Web pages  Need special components  <form> tags  Common Gateway Interface (CGI)  Active Server Pages (ASP)  PHP  ColdFusion  Scripting languages  Database connectors 6 APACHE WEB SERVER  Tomcat Apache is another Web Server program  Tomcat Apache hosts anywhere from 50% to 60% of all  Web sites  Advantages  Works on just about any *NIX and Windows platform  It is free  Requires Java 2 Standard Runtime Environment (J2SE,  version 5.0) 15 ON WHAT PLATFORM WAS THE WEB  APPLICATION DEVELOPED?  Several different platforms and technologies can  be used to develop Web applications  Attacks differ depending on the platform and  technology used to develop the application  Footprinting is used to find out as much information  as possible about a target system  The more you know about a system the easier it is to  gather information about its vulnerabilities 45 OPEN DATABASE CONNECTIVITY  (ODBC)  Standard database access method developed by  the SQL Access Group  ODBC interface allows an application to access  Data stored in a database management system  Any system that understands and can issue ODBC  commands  Interoperability among back­end DBMS is a key  feature of the ODBC interface 23 48 UNDERSTANDING WEB APPLICATIONS  It is nearly impossible to write a program without bugs  Some bugs create security vulnerabilities  Web applications also have bugs  Web applications have a larger user base than standalone  applications  Bugs are a bigger problem for Web applications 5 DOES THE WEB APPLICATION  CONNECT TO A BACKEND DATABASE  SERVER? (CONTINUED)  Basic testing should look for  Whether you can enter text with punctuation marks  Whether you can enter a single quotation mark followed by  any SQL keywords  Whether you can get any sort of database error when  attempting to inject SQL 43 DOES THE WEB APPLICATION USE  DYNAMIC WEB PAGES?  Static Web pages do not create a security  environment  IIS attack example  Submitting a specially formatted URL to the  attacked Web server  IIS does not correctly parse the URL  information  Attackers could launch a Unicode exploit http://www.nopatchiss.com/scripts/ ... DOES THE WEB APPLICATION  REQUIRE AUTHENTICATION OF THE  USER?  Many Web applications require another server  authenticate users  Examine how information is passed between the  two servers  Encrypted channels  Verify that logon and password information is  stored on secure places  Authentication servers introduce a second target 44 37 34 APPLICATION VULNERABILITIES  COUNTERMEASURES (CONTINUED)  Top­10 Web application vulnerabilities (continued)  Remote administration flaws  Attacker can gain access to the Web server through the  remote administration interface  Web and application server misconfiguration  Any Web server software out of the box is usually vulnerable  to attack  Default accounts and passwords  Overly informative error messages 32 16 WEB FORMS  Use the <form> element or tag in an HTML document  Allows customer to submit information to the Web server  Web servers process information from a Web form by  using a Web application  Easy way for attackers to intercept data that users  submit to a Web server 7 APPLICATION VULNERABILITIES  COUNTERMEASURES  Open Web Application Security Project (OWASP)  Open, not­for­profit organization dedicated to finding  and fighting vulnerabilities in Web applications  Publishes the Ten Most Critical Web Application  Security Vulnerabilities  Top­10 Web application vulnerabilities  Unvalidated parameters  HTTP requests are not validated by the Web server  Broken access control  Developers implement access controls but fail to test them  properly 29 USING SCRIPTING LANGUAGES  Dynamic Web pages can be developed using scripting  languages  VBScript  JavaScript  PHP 18 OPEN DATABASE CONNECTIVITY  (ODBC) (CONTINUED)  ODBC defines  Standardized representation of data types  A library of ODBC functions  Standard methods of connecting to and logging on to a  DBMS 24 WEB APPLICATION COMPONENTS  Static Web pages  Created using HTML  Dynamic Web pages  Need special components  <form> tags  Common Gateway Interface (CGI)  Active Server Pages (ASP)  PHP  ColdFusion  Scripting languages  Database connectors 6 APACHE WEB SERVER  Tomcat Apache is another Web Server program  Tomcat Apache hosts anywhere from 50% to 60% of all  Web sites  Advantages  Works on just about any *NIX and Windows platform  It is free  Requires Java 2 Standard Runtime Environment (J2SE,  version 5.0) 15 ON WHAT PLATFORM WAS THE WEB  APPLICATION DEVELOPED?  Several different platforms and technologies can  be used to develop Web applications  Attacks differ depending on the platform and  technology used to develop the application  Footprinting is used to find out as much information  as possible about a target system  The more you know about a system the easier it is to  gather information about its vulnerabilities 45 OPEN DATABASE CONNECTIVITY  (ODBC)  Standard database access method developed by  the SQL Access Group  ODBC interface allows an application to access  Data stored in a database management system  Any system that understands and can issue ODBC  commands  Interoperability among back­end DBMS is a key  feature of the ODBC interface 23 48 UNDERSTANDING WEB APPLICATIONS  It is nearly impossible to write a program without bugs  Some bugs create security vulnerabilities  Web applications also have bugs  Web applications have a larger user base than standalone  applications  Bugs are a bigger problem for Web applications 5 DOES THE WEB APPLICATION  CONNECT TO A BACKEND DATABASE  SERVER? (CONTINUED)  Basic testing should look for  Whether you can enter text with punctuation marks  Whether you can enter a single quotation mark followed by  any SQL keywords  Whether you can get any sort of database error when  attempting to inject SQL 43 DOES THE WEB APPLICATION USE  DYNAMIC WEB PAGES?  Static Web pages do not create a security  environment  IIS attack example  Submitting a specially formatted URL to the  attacked Web server  IIS does not correctly parse the URL  information  Attackers could launch a Unicode exploit http://www.nopatchiss.com/scripts/ ... DOES THE WEB APPLICATION  REQUIRE AUTHENTICATION OF THE  USER?  Many Web applications require another server  authenticate users  Examine how information is passed between the  two servers  Encrypted channels  Verify that logon and password information is  stored on secure places  Authentication servers introduce a second target 44 37 34 APPLICATION VULNERABILITIES  COUNTERMEASURES (CONTINUED)  Top­10 Web application vulnerabilities (continued)  Remote administration flaws  Attacker can gain access to the Web server through the  remote administration interface  Web and application server misconfiguration  Any Web server software out of the box is usually vulnerable  to attack  Default accounts and passwords  Overly informative error messages 32 16 WEB FORMS  Use the <form> element or tag in an HTML document  Allows customer to submit information to the Web server  Web servers process information from a Web form by  using a Web application  Easy way for attackers to intercept data that users  submit to a Web server 7 APPLICATION VULNERABILITIES  COUNTERMEASURES  Open Web Application Security Project (OWASP)  Open, not­for­profit organization dedicated to finding  and fighting vulnerabilities in Web applications  Publishes the Ten Most Critical Web Application  Security Vulnerabilities  Top­10 Web application vulnerabilities  Unvalidated parameters  HTTP requests are not validated by the Web server  Broken access control  Developers implement access controls but fail to test them  properly 29 USING SCRIPTING LANGUAGES  Dynamic Web pages can be developed using scripting  languages  VBScript  JavaScript  PHP 18 OPEN DATABASE CONNECTIVITY  (ODBC) (CONTINUED)  ODBC defines  Standardized representation of data types  A library of ODBC functions  Standard methods of connecting to and logging on to a  DBMS 24 WEB APPLICATION COMPONENTS  Static Web pages  Created using HTML  Dynamic Web pages  Need special components  <form> tags  Common Gateway Interface (CGI)  Active Server Pages (ASP)  PHP  ColdFusion  Scripting languages  Database connectors 6 APACHE WEB SERVER  Tomcat Apache is another Web Server program  Tomcat Apache hosts anywhere from 50% to 60% of all  Web sites  Advantages  Works on just about any *NIX and Windows platform  It is free  Requires Java 2 Standard Runtime Environment (J2SE,  version 5.0) 15 ON WHAT PLATFORM WAS THE WEB  APPLICATION DEVELOPED?  Several different platforms and technologies can  be used to develop Web applications  Attacks differ depending on the platform and  technology used to develop the application  Footprinting is used to find out as much information  as possible about a target system  The more you know about a system the easier it is to  gather information about its vulnerabilities 45 OPEN DATABASE CONNECTIVITY  (ODBC)  Standard database access method developed by  the SQL Access Group  ODBC interface allows an application to access  Data stored in a database management system  Any system that understands and can issue ODBC  commands  Interoperability among back­end DBMS is a key  feature of the ODBC interface 23 48 UNDERSTANDING WEB APPLICATIONS  It is nearly impossible to write a program without bugs  Some bugs create security vulnerabilities  Web applications also have bugs  Web applications have a larger user base than standalone  applications  Bugs are a bigger problem for Web applications 5 DOES THE WEB APPLICATION  CONNECT TO A BACKEND DATABASE  SERVER? (CONTINUED)  Basic testing should look for  Whether you can enter text with punctuation marks  Whether you can enter a single quotation mark followed by  any SQL keywords  Whether you can get any sort of database error when  attempting to inject SQL 43 DOES THE WEB APPLICATION USE  DYNAMIC WEB PAGES?  Static Web pages do not create a security  environment  IIS attack example  Submitting a specially formatted URL to the  attacked Web server  IIS does not correctly parse the URL  information  Attackers could launch a Unicode exploit http://www.nopatchiss.com/scripts/...

... of case-by-case decision-making generally, it also acknowl- edges that for some issues there can be broad social considerations that provide reasons for adopting a uniform policy across all cases. ... reasoning involved in the third ap- proach, it too is casuistic. It is helpful to have terms to distinguish these two versions of casuistry. Thus, I refer to the third approach as strict casuistry ... ‘It does seem reasonable to argue that as long as an individual does not have a life so blighted by suVering that it outweighs any pleasure gained by living, that individual has not been wronged...