Chapter 8.

Information Security and Cyber Law

Digital Society: A society in which everything runs on digital technology where paperless and
electronic means are the norm.
Digital Society is a modern, progressive society that is formed as a result of the adoption and
integration of Information and Communication Technologies (ICT) at home, work, education and
recreation, and supported by advanced telecommunications and wireless connectivity systems and
solutions.

Digital Divide :
Digital Divide is “the gap between those who have and do not have access to computers and
the Internet”.
At a high level, the digital divide is the gap between those with Internet access and those
without it. But the digital divide is multifaceted and includes many factors such as access,
affordability, quality, and relevance.

The digital divide is the unequal access to digital technology, including smartphones,
tablets, laptops, and the internet and inequality around access to information and resources.
The digital divide encompasses differences in both access (first-level digital divide) and usage
(second-level digital divide) of computers and the Internet between (1) industrialized and developing
countries (global divide).
The divide caused by access to ICT is based on the differences between individuals and
countries with and without access to ICT.
The divide caused by usage to ICT is based on the differences between individuals who know
how to use technologies with different level of skill and knowledge and those who either don‟t know
or know with limited skills and knowledge.

Computer Ethics or Cyber Ethics

Cyber ethics is the philosophic study of ethics pertaining (applicable or related) to computers,
encompassing user behavior and what computers are programmed to do, and how this affects
individuals and society. For years, various governments have enacted regulations while
organizations have defined policies about cyber ethics. [Wikipedia]

Computer/Cyber ethics is the set of commonly agreed moral standards or principles that govern the
use of computers.
Computer ethics is essentially a set of philosophical guidelines or moral standards that aim to
influence behaviour and prevent harm and work to ward off (prevent someone or something from
harming or affecting one) technology misuse by computer scientists, programmers, and other
decision-making individuals within the field.
They can also help to navigate or guide social conduct and user interactions when using
computer systems – particularly where the internet is concerned.
Computer ethics primarily enforces the ethical implementation and use of computing
resources which include Internet privacy, methods and procedures to avoid infringing copyrighted
content, trademarks, unauthorized distribution of digital content, user interaction with websites,
software and related services.

The commandments (rules or instructions) of computer ethics include:

1. Thou shalt not use a computer to harm other people.
2. Thou shalt not interfere with other people‟s computer work.
3. Thou shalt not snoop around in other people‟s computer files.
1
 4. Thou shalt not use a computer to steal.
5. Thou shalt not use a computer to bear false witness.
6. Thou shalt not copy or use proprietary software for which you have not paid (without
permission).
7. Thou shalt not use other people‟s computer resources without authorisation or proper
compensation.
8. Thou shalt not appropriate other people‟s intellectual output.
9. Thou shalt think about the social consequences of the program you are writing or the system
you are designing.
10. Thou shalt always use a computer in ways that ensure consideration and respect for other
humans.

Computer ethics: common concerns and considerations

There are a number of ethical concerns that have arisen within computing and information
technology (IT), particularly following the rise of the internet, social media, artificial intelligence and
advanced machine learning algorithms.

Computer crime (Cybercrime)

Cybercrime is a threat that evolves as rapidly as new technology does. Through hacking,
malware, viruses, worms, phishing, Trojan horses, and so on, cybercriminals and hackers can steal
money and data, commit fraud, traffic in illegal content and intellectual property, and commit
identity theft.
Privacy and security
Digital security, anonymity, information ethics, and information privacy online can be hugely
important to people. However, threats abound, from companies secretly tracking – and selling –
online activity, to individual people cyberbullying other people.
[Cyberbullying is the use of electronic communication to bully (seek to harm, intimidate) a
person, typically by sending messages of an intimidating or threatening nature.]

Intellectual property
Theft or the unauthorized distribution of digital content, copyrighted content, and intellectual
property is an ongoing issue online, with everything from art and entertainment media to software
and innovative commercial products shared illegally online.

Privacy Concerns
 Hacking is unlawful intrusion into a computer or a network. A hacker can intrude through the
security levels of a computer system or network and can acquire unauthorised access to other
computers.
 Malware means malicious software which is created to impair a computer system. Common
malware are viruses, spyware, worms and trojan horses. A virus can delete files from a hard
drive while a spyware can collect data from a computer.
 Data Protection – also known as information privacy or data privacy is the process of
safeguarding data which intends to influence a balance between individual privacy rights while
still authorising data to be used for business purposes.
 Anonymity – is a way of keeping a user‟s identity masked through various applications.

Intellectual Property Rights

 Copyright – is a form of intellectual property that gives proprietary publication, distribution and
usage rights for the author. This means that whatever idea the author created cannot be
employed or disseminated by anyone else without the permission of the author.

2
 Plagiarism – is an act of copying and publishing another person‟s work without proper citation.
It‟s like stealing someone else‟s work and releasing it as own work.
 Cracking – is a way of breaking into a system by getting past the security features of the system.
It‟s a way of skipping the registration and authentication steps when installing a software.
 Software License – allows the use of digital material by following the license agreement.
Ownership remains with the original copyright owner, users are just granted licenses to use the
material based on the agreement.

Unethical computing practices:

Some unethical computing practices:

1. Cyberbullying: When people bully other people by the use of electronic communication ( like
the web, telephone, etc.) it‟s referred to as cyberbullying. Cyberbullying has been done by friends,
classmates, relatives, or any other unknown persons. Sending harmful emails to a person, harm
people by posting and distributing the fake information about them, are some common ways of
cyberbullying.
Cyberbullying, can affect bullied persons emotionally or mentally or in some cases of the
students or kids, it may affect their study or they may lose self-esteem.

2. Phishing is a form of psychological manipulation of people where attackers deceive people into
revealing sensitive information such as personally identifiable information, banking and credit card
details, login credentials etc. or installing malware such as ransomware by sending span emails or
through fake websites.

3. Hacking is an illegitimate or unethical activity in which a highly skilled technical person(or

commonly known as computer programmer) enters another person‟s computer without the
permission of the user and steals important data/project/applications from the computer or
sometimes destroys the information from the system.

4. Spamming is an unethical activity of sending bulk unwanted e-mails to target‟s computer from
a strange or unknown source with an intention to deliver viruses, worms, trojan horses, malware,
spyware, etc. to attack the user.

5. Plagiarism: Plagiarism is stealing or copying someone else‟s intellectual work (can be an idea,
literary work or academic work, computer program or applications etc.) and representing it as own
work without giving credit to the creator or without citing the source of information.

Malicious Software

1. Virus: It is a small program or software which is embedded with a legitimate program and
designed to harm the computer system.
2. Worms: It is a self-replicating program that spread across networks due to the poor security of
the infected computers.
3. Trojan horse: Trojan horse is a program that allows the hackers to gain remote access to a target
system.

General steps to protect our system from risks:

To minimize internet privacy violation risks, the following measures need to be taken:
1. Always use preventive software applications, like anti-virus, anti-malware, etc,
2. Avoid exposing personal data on websites with low-security levels.
3. Avoid shopping from unreliable websites.
3
4. Always use strong passwords consisting of letters, numerals, and special characters.
5. Always keep operating system updated.
6. Always on the firewall.

Information Security
Information security is the practice of protecting information by mitigating or reducing
information risks. It typically involves preventing or reducing the probability of
unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion,
corruption, modification, inspection, recording, or devaluation of information. It also involves actions
intended to reduce the adverse impacts of such incidents.
Information security (InfoSec) a set of tools and practices that can be used to protect digital
and analog information. InfoSec provides coverage for cryptography, mobile computing, social
media, as well as infrastructure and networks containing private, financial, and corporate
information. Cybersecurity, on the other hand, protects both raw and meaningful data, but only from
internet-based threats.
InfoSec covers a range of IT domains, including infrastructure and network security, auditing,
and testing. It uses tools like authentication and permissions to restrict unauthorized users from
accessing private information. These measures help us prevent harms related to information theft,
modification, or loss.
The CIA triad consists of three core principles – confidentiality, integrity, and availability
(CIA). Together, these principles serve as the foundation that guides information security policies.
Here is a brief overview of each principle:

Confidentiality – information must only be available to authorized parties.

Integrity – information must remain consistent, trustworthy, and accurate.
Availability – information must remain accessible to authorized parties, even during failures (with
minimal or no disruption).
The main objectives of InfoSec are typically related to ensuring confidentiality, integrity, and
availability of company information. Since InfoSec covers many areas, it often involves the
implementation of various types of security, including application security, infrastructure security,
cryptography, incident response, vulnerability management, and disaster recovery.
Access to protected information must be restricted to people who are authorized to access the
information. The computer programs, and in many cases the computers that process the information,
must also be authorized. Access control is generally considered in three steps: identification,
authentication, and authorization.
Identification is an assertion of who someone is or what something is.
Authentication is the act of verifying a claim of identity.
There are three different types of information that can be used for authentication.
Something we know: things such as a PIN, a password, or our first school name.
Something we have: a citizenship card or a driver's license.
Something we are: biometrics, including palm prints, fingerprints, and retina (eye) scans.
After successful identification and authentication of a person, program or computer, the
process of determining what informational resources they are permitted to access and what actions
they will be allowed to perform (run, view, create, delete, or change) is called authorization.

Information security has many uses, including:

1. Confidentiality: Keeping sensitive information confidential and protected from unauthorized
access.
2. Integrity: Maintaining the accuracy and consistency of data, even in the presence of malicious
attacks.

4
3. Availability: Ensuring that authorized users have access to the information they need, when
they need it.
4. Compliance: Meeting regulatory and legal requirements, such as those related to data privacy
and protection.
5. Risk management: Identifying and mitigating potential security threats to prevent harm to the
organization.
6. Disaster recovery: Developing and implementing a plan to quickly recover from data loss or
system failures.
7. Authentication: Verifying the identity of users accessing information systems.
8. Encryption: Protecting sensitive information from unauthorized access by encoding it into a
secure format.
9. Network security: Protecting computer networks from unauthorized access, theft, and other
types of attacks.
10. Physical security: Protecting information systems and the information they store from theft,
damage, or destruction by securing the physical facilities that house these systems.

What is cyberlaw?
The law which governs the legal issues in the cyberspace regarding the internet or WWW for
digital data processing and transaction is called the cyber law.

Write down the importance of cyberlaw.

Cyberlaw is that it controls cyber-crime and misuse of the computer. It also touches almost all
aspects of transaction and activities on the cyberspace.

What are the major issues addressed by cyber law?

The major issues addressed by cyber law are:
i) Criminal activities on cyberspace.
ii) Electronic commerce, online transactions, and digital signature
iii) Intellectual property right, copyright violation
iv) The provision of e-governance by promoting electronic recording system

Cyberspace is a virtual space created by the computer network, internet, and telecommunication is
called cyberspace.

What are the major laws included in cyber law?

The major laws included in the cyber law are:
i) Electronic and Digital Signature law
ii) Computer crime / Cybercrime law
iii) Intellectual property law
iv) Data protection and privacy law
v) Telecommunication law

What is cyber-crime?
Cyber-crime is an illegal action involved in any computer, computer system or overall computer
network like the internet.
The example of computer crime are:
i. Software piracy
ii. Hacking
iii. Cracking
iv. Pornography

5
What is a digital signature?
A digital code (generated and authenticated by public key encryption) which is attached to an
electronically transmitted document to verify its contents and the sender's identity.

Define encryption and decryption.

The process of encoding (scrambling) information in such a way that it is unreadable to all is called
encryption.
The process of restoring encrypted data to its original form is called decryption.

What is salami saving?

When a computer programmer alters a program so that it subtracts a very small amount of
money from each account and alters the fund to the embezzler‟s account is called salami saving.
(Embezzler: someone who violates a trust by taking (money) for his own use. Cheater, deceiver,
slicker, trickster etc.

What are intellectual property rights?

The legal property rights of someone over his/her creations of the mind both artistic and commercial
are called intellectual property rights.

What is computer ethics?

Computer ethics refers to a kind of international law that gives awareness to the user regarding
the immoral behavior and activities in the computing field. Computer ethics refers to follow the rules
and regulation of computer technology and not to harm other computer users knowingly or
unknowingly.

Multiple Choice Questions

1. A genetic term that is concerned to the legal and regulatory aspects of Internet and computer
technology.
Copyright law Cyber law Computer Crime None of them
2. “The Electronic Transaction and Digital Signature Act-Ordinance” is Known as:
i. Intellectual Property Law iii. Cyber Law
ii. Telecommunication Law iv. Data Protection Law
3. A criminal activity within the information technology infrastructure.
Digital crime Intellectual property Cybercrime All of them
4. is the normal Principal that regulates the use of computers.
Cyber Law Cyber act Computer ethics All of them
5. The method of making the data or message unreadable by unauthorized people.
Digital signature Decryption Encryption All of them
6. Cyber law of Nepal commonly known as the Electronic Transaction and Digital Signature Act
Ordinance was enacted in Nepal in
i) 2061 BS ii) 2062BS iii) 2063 BS iv) 2064 BS
7. When did cyber law introduced in Nepal.
i.2002 A.D. ii.2003 A.D. iii.2004 A.D. iv.2005 A.D.
8. Premeditated, usually politically-motivated violence committed against civilians through the
use of, or with the help of, computer technology
i) Cyber stalking ii) Cyber laundering iii) Cyber theft iv) Cyber terrorism
9. The act of attempting to acquire sensitive information like usernames, passwords and credit
card details by disguising as a trust worthy source.
i) Hacking ii) Phishing iii) Computer Virus iv) Cyber stalking
10. Electronic transfer of illegally-obtained monies with the goal of hiding its source and
6
 possibly its destination.
I)Cyber stalking ii) Cyber laundering iii) Cyber theft iv) Cyber terrorism
11. Which of the following is computer crime?
i. piracy ii. pornography iii. harassment iv.All of above
12. Which of the following is not computer crime?
i. Plagiarism ii. Password guessing iii. Internet iv. virus transferring
13. Which of the following is included in cyber law?
i. Trademark right ii. Copyright iii. Data privacy iv. All of the above
14. Which of the following is not computer ethics?
Not to steal data Not to bear false message Not to use Internet Not to harm the society
15. The term „cyberspace‟ was used in:
1984 1884 1985 1885
16. The law which includes literature and art, films, computer programs, invention, designed used
by traders for their goods or services is called:
i. Data Privacy Law iii. Intellectual Property Law
ii. Telecommunication Law iv. Cyber crime Law
17. The Process of ensuring the preservation, integrity and reliability of data is
Known as:
i. Intellectual Property Law iii. Data Protection and Privacy law
ii. Cyber Law iv. Telecommunication Law
18. The government of Nepal has passed the cyber law on:
31st Bhadra 2061 BS 29th Bhadra 2061 BS 30thBhadra 2062 BS 30thBhadra 2061 BS
19. The law that provides a legal framework to facilitate and safeguard electronic transaction in the
electronic medium.
i. Digital signature law ii. Intellectual property law ii. Telecommunication law
20. A federal law enacted in 1970 to ensure confidentiality of consumer credit information held
by lenders and credit reporting agencies.
i. Fair credit reporting act ii.Federal privacy act iii.Copyright act
Answers:
1. Cyber law 2. Cyber law 3. Cyber crime 4. Computer 5. Encryption
Ethics
6. 2061 7. 2004 A.D. 8. Cyber terrorism 9. Phishing 10. Cyber
laundering
11. All of the above 12. Internet 13. All of the above 14. Not to use 15. 1984
Internet
16. . Intellectual 17. Data Protection 18. 30 Bhadra 2061 19. Digital
th 20. Fair credit
Property Law and Privacy law BS signature law reporting act

Password Sniffing: a technique employed by hackers to capture passwords by intercepting data

packets and searching them for password.

Embezzle : To steal by fraud for ones own use.

Forgery: The act or legal offense of imitating or counterfeiting documents, signatures to deceive copy,
imitate illegal so that it looks genuine.

Spammer: Person who send unsolicited (unwanted, unrequested) email message to many recipients
at one time.
Intruder: An unauthorized user/ program considered to have malicious intent on computer n/w.

7
Piracy: Theft of computer design and program. Unauthorized distribution of a computer program.

Crack: to gain unauthorized access to n/w by breach (failure to do something that should be done
according to the rule)

Public domain s/w: Software‟s that are not covered by copyright or other property protection. A
program donated for public use by its owner or developer and freely available for copying and
distribution.
Proprietary s/w: A s/w owned or copyrighted by an individual or a business and available for use
only through purchase or by permission of the owner. Copyright strengthen the original legal
power.
Shareware: Copyrighted s/w distribute on “try b4 you buy” basis. User who want to continue using
the program after the trial period are encouraged to send a payment to the program‟s author.

Open source s/w: The practice of making the source code for a s/w product freely available, at no
cost, to interested user and developers even though they are not involved in creating the original
product. The distributors of open source software expect and encourage users and outside
programmers to examine the code in order to identify problems and to modify code with suggested
improvement and enhancements. E.g.: Linux and Apache web server

Hacker: Referred to a clever or expert programmer who attempts to break into computer
system. More commonly used to refer to someone who can gain unauthorized access to other
computers and tampers with program and data.
Some characteristics that qualify one as a hacker are paraphrased here:
 A person who enjoys learning details of a programming language or system
 A person who enjoys actually doing the programming rather than just theorizing about it
 A person capable of appreciating someone else's hacking
 A person who picks up programming quickly
 A person who is an expert at a particular programming language or system, as in
"UNIXhacker"

Cracker: A cracker is someone who breaks into someone else's computer system, often on a network,
bypasses passwords or licenses in computer programs, or in other ways intentionally breaches
computer security.
Crackers are malicious person who attempts or breaks into a secure computer system, with
the intent of stealing or destroying information or disabling the system. Crackers are sophisticated,
well equipped criminals who performs some form of computer sabotage. Cracking means
deciphering of a code or encrypted data.
Hackers are skilled computer programmer who breaks (hacks) a password code, or otherwise
gains remote access to a protected computer system, mainly for the thrill of it. Unlike a 'cracker,' a
hacker may or may not also perform a criminal action such as alteration or stealing of data, or
transfer of funds. The term hacker originally denotes a skilled programmer proficient in machine
code and computer operating systems.
The term hacker is someone who attempts to break into computer systems or seeks and
exploits weaknesses in a computer system or computer network. Hacker would be a proficient
programmer or engineer with sufficient technical knowledge to understand the weak points in a
security system.
Some characteristics that qualify one as a hacker are:
• A person who enjoys learning details of a programming language or system
• A person who enjoys actually doing the programming rather than just theorizing about it
• A person capable of appreciating someone else's hacking
8
• A person who picks up programming quickly
• A person who is an expert at a particular programming language or system, as in "UNIX
hacker"

Authentication: In multiuser or n/w o/s the process by which the system validates user‟s logon
information. In this process a user name and password is compared against an authorized list, and if
system detects a match, access is granted to the extent specified in the permission list for that user.
Authorization: The right granted an individual to use the system and the data stored on it. It is set up
system administrator and verified by the computer based on some form of user identification such as
password. Access privileges, permissions.
A computer virus is a piece of software, a series of data, or a command sequence that
exploits a bug, glitch, or vulnerability.
Forgery is the act of reproducing something for a deceitful or fraudulent purpose. It is the
crime of falsely making or altering a writing by which the legal rights or obligations of another
person are apparently affected.
Forgery is the process of making, adapting, or imitating objects, statistics, or documents with
the intent to deceive or make usually large amounts of money by selling the forged item. Forging
money or currency is more often called counterfeiting. Consumer goods may also be counterfeits if
they are not manufactured or produced by the designated manufacture or producer given on the
label or flagged by the trademark symbol.

Plagiarism: A piece of written work or an idea or a computer program/application that

somebody has copied and claims as own.
Plagiarism is the illicit reproduction of another person's intellectual property, especially written
content, for presentation as one's own. This includes information from web pages, books, songs,
television shows, email messages, interviews, articles, artworks or any other medium.
Plagiarism means presenting the words, phrases, ideas or work of another, including certain
facts and statistics, as if they were presenter‟s own work.
The work of others includes "art, graphics, computer programs, music, pictures, graphs,
diagrams, data, websites, or other communication or recording media," including "formatting,"
images, statistics, and problem solutions.
Plagiarism involves passing off someone else's work as one's own, that is, writing as if
someone else's ideas and arguments had originated with oneself.
Copyright infringement: to copy by stealing other‟s copyrighted work or idea.

Digital Signature:

A digital signature is an electronic, encrypted, stamp of authentication on digital

information such as email messages, macros, or electronic documents. A signature confirms that
the information originated from the signer and has not been altered.
A digital signature is a mathematical technique used to validate the authenticity and integrity
of a digital document, message or software. It's the digital equivalent of a handwritten signature or
stamped seal, but it offers far more inherent security. A digital signature is intended to solve the
problem of tampering and impersonation in digital communications.
Digital signatures can provide evidence of origin, identity and status of electronic documents,
transactions or digital messages. Signers can also use them to acknowledge informed consent.
A certificate authority is an entity similar to a notary public. It issues digital certificates, signs
certificates to verify their validity and tracks which certificates have been revoked or have expired.

The following terms and definitions show what assurances are provided by digital signatures.
 Authenticity The signer is confirmed as the signer.
9
 Integrity The content has not been changed or tampered with since it was digitally signed.
 Non-repudiation Proves to all parties the origin of the signed content. Repudiation refers to
the act of a signer denying any association with the signed content.
 Notarization Signatures in Microsoft Word, Microsoft Excel, or Microsoft PowerPoint files,
which are time stamped by a secure time-stamp server, under certain circumstances, have the
validity of a notarization.

Digital signatures offer the following benefits:

Security : Security capabilities are embedded in digital signatures to ensure a legal document isn't
altered and signatures are legitimate or legal. Security features include asymmetric cryptography,
personal identification numbers (PINs), checksums and cyclic redundancy checks (CRCs) etc.
Timestamping : This provides the date and time of a digital signature and is useful when timing is
critical, such as for stock trades, lottery ticket issuance and legal proceedings.
Time savings : Digital signatures simplify the time-consuming processes of physical document
signing, storage and exchange, enabling businesses to quickly access and sign documents.
When signing digitally, the signers identify themselves as it can provide evidence of origin,
identity, and status of electronic documents, transactions, or digital messages. This acts as a
trustworthy means of identification.
Cost savings: Organizations can go paperless and save money previously spent on the physical
resources, time, personnel and office space used to manage and transport documents.
Traceability: Digital signatures create an audit trail that makes internal record-keeping easier for
businesses. With everything recorded and stored digitally, there are fewer opportunities for a manual
signee or record-keeper to make a mistake or misplace something.

Legal validity
Digital signatures provide authenticity and verification. This can stand in any court of law
like any other signed paper document. Time stamping and the ability to track and easily archive
documents improve and simplify audit and compliance.
Data integrity
Documents that are signed digitally cannot be altered or edited after signing, which makes the
data safe and secure. The government agencies often ask for these certificates to cross-check and
verify the business transaction.

Advantages of digital signature:

 A digital signature provides better security in the transaction. Any unauthorized person cannot
do fraudulence in transactions.
 We can easily track the status of the documents on which the digital signature is applied.
 High speed up document delivery.
 It is 100% legal it is issued by the government authorized certifying authority.
 If we have signed a document digitally, then we cannot deny it.
 In this signature, When a document is get signed, date and time are automatically stamped on it.
 It is not possible to copy or change the document signed digitally.
 Identification of the person that signs.
 Elimination of the possibility of committing fraud by an imposter.

Protocols: Protocols are the set of rules and formats for sending and receiving data. It works as
guidelines to govern the exchange between equipments. There are different types of protocols that we can
use. Some of popular protocols are TCP/IP, HTTP, FTP, IPX/SPX.

10
TCP/IP (Transmission Control Protocol/Internet Protocol)
TCP/IP is the basic communication language or protocol of the Internet. It can also be used as
a communications protocol in a private network (either an intranet or an extranet). (TCP/IP is the
suite of communications protocols used to connect hosts on the Internet. TCP/IP uses several
protocols, the two main ones being TCP and IP. TCP/IP is built into the UNIX operating system and
is used by the Internet. Network operating systems having their own protocols, such as Netware, also
support TCP/IP.
TCP/IP is a set of rules (protocols) governing communications among all computers on the
Internet. More specifically, TCP/IP dictates how information should be packaged (turned into
bundles of information called packets), sent, and received, as well as how to get to its destination.
TCP/IP was developed in 1978 and driven by Bob Kahn and Vint Cerf.
TCP is responsible for breaking data down into small packets before they can be sent over a
network, and for assembling the packets again when they arrive.
IP takes care of the communication between computers. It is responsible for addressing, sending and
receiving the data packets over the Internet.
TCP/IP is a two-layer program. The higher layer, Transmission Control Protocol, manages
the assembling of a message or file into smaller packets that are transmitted over the Internet and
received by a TCP layer that reassembles the packets into the original message. The lower layer,
Internet Protocol, handles the address part of each packet so that it gets to the right destination.
TCP/IP uses the client/server model of communication in which a computer user (a client)
requests and is provided a service (such as sending a Web page) by another computer (a server) in
the network. TCP/IP communication is primarily point-to-point, meaning each communication is
from one point (or host computer) in the network to another point or host computer
The TCP/IP model and many of its protocols are maintained by the Internet Engineering Task
Force (IETF)
HTTP - Hyper Text Transfer Protocol
HTTP takes care of the communication between a web server and a web browser. HTTP is used for
sending requests from a web client (a browser) to a web server, returning web content (web pages)
from the server back to the client. Names used for TCP/IP addresses are called domain names.
SMTP (simple mail transfer protocol) takes care of sending emails. Often emails are sent to an email
server (SMTP server), then to other servers, and finally to its destination. SMTP can only transmit
pure text. It cannot transmit binary data like pictures, sounds or movies.
POP - Post Office Protocol
The POP protocol is used by email programs to retrieve emails from an email server. If our
email program uses POP, all our emails are downloaded to our email program (also called email
client), each time it connects to our email server.
Web Browser A web browser is an application for accessing websites, which, when a user requests a
web page from a particular website, using the client software, retrieves its files from a web server and
then displays the page on the user's screen.
e.g. : Mozilla Firefox, Google Chrome, MS- Edge, Safari, Opera etc.
Web Server
A web server is software and underlying hardware that uses HTTP (Hypertext Transfer
Protocol) and other protocols to respond to client requests made over the World Wide Web in order
to display website content through storing, processing and delivering webpages to users.
Besides HTTP, web servers also support SMTP (Simple Mail Transfer Protocol) and FTP (File
Transfer Protocol), used for email, file transfer and storage.
Web server hardware is connected to the internet and allows data to be exchanged with other
connected devices, while web server software controls how a user accesses hosted files.
When a web browser, like Google Chrome or Firefox, needs a file that's hosted on a web
server, the browser will request the file by HTTP. When the request is received by the web server, the
HTTP server will accept the request, find the content and send it back to the browser through HTTP.
11
WWW
WWW refers to all the websites, web pages and documents over internet that are
interconnected by means of hyperlinks that users can access on their local computers and other
devices through the internet.
FTP
The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of
computer files from a server to a client on a computer network over Transmission Control
Protocol/Internet Protocol (TCP/IP) connections.
HTTP
Hypertext Transfer Protocol (HTTP) is an application-layer protocol for transmitting
hypermedia documents, such as HTML which is designed for communication between web browsers
and web servers.
Through the HTTP protocol, resources are exchanged between client devices and servers over
the internet. Client devices send requests to servers for the resources needed to load a web page; the
servers send responds back to the client to fulfill the requests.
Telnet
Telnet is a network protocol used to virtually access a computer and to provide a two-way,
collaborative and text-based communication channel between two machines.
Telnet is a client/server application protocol based on a reliable connection-oriented transport
that provides access to virtual terminals of remote systems on local area networks or the Internet. It
consists of two components: the protocol itself which specifies how two parties to communicate and
the software application that provides the service.
It follows a user command Transmission Control Protocol/Internet Protocol (TCP/IP) networking
protocol for creating remote sessions.
TELNET is commonly used by terminal emulation programs that allow us to log into a
remote host. However, TELNET can also be used for terminal-to-terminal communication and
interprocess communication. TELNET is also used by other protocols (for example, FTP) for
establishing a protocol control channel.

IP
The Internet Protocol (IP) is a protocol or set of rules, for sending or routing and addressing packets
of data from one device to another across the internet so that they can travel across networks and
arrive at the correct destination.
Every device has an IP address that uniquely identifies it and enables it to communicate with
and exchange data with other devices connected to the internet.
IP is responsible for defining how applications and devices exchange packets of data with
each other. It is the principal communications protocol responsible for the formats and rules for
exchanging data and messages between computers on a single network or several internet-connected
networks. It does this through the Internet Protocol Suite (TCP/IP), a group of communications
protocols

TCP
Transmission Control Protocol (TCP) is a connection-oriented protocol which establishes the
connection prior to the communication that occurs between the computing devices in a network
and enables application programs and computing devices to exchange messages over a network.
It is designed to send packets across the internet and ensure the successful delivery of data
and messages over networks.
TCP is one of the basic standards that define the rules of the internet and is included within
the standards defined by the Internet Engineering Task Force (IETF).

12