This article discusses the importance of confidentiality, integrity, and availability in ATM information security. It also explains the advantages of biometric security and the concept of false negative rates. Additionally, it provides a solution to decrypt an encrypted text using substitution and Caesar Cipher methods.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ATM INFORMATION SECURITY ATM Information Security Assessment No- Assessment Title- Student Name and ID- Student name and Code- Student Email Address-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ATM INFORMATION SECURITY Question Number 1: The example of confidentiality, integrity, and availability are defined below: Confidentiality: The confidentiality that is to be provided for the ATM card generally is to keep the data or information that are stored in the ATM card secured and kept private from any other intruders. The information in the card should not reach in the hand of unauthorized person. Confidentiality gives the surety that the information that is transferred reaches only to the authorized user (Kim et al., 2015). The data in the ATM card is to be kept private. Example including in the confidentiality gives surety that the pin of the ATM card, CVV number and the card number is made secret and needed to be kept secret throughout the lifetime of the card. Integrity: There is a necessity in the ATM card that information is to be kept same as transmitted by the sender. The information involved in the ATM card should be altered while transmission(He&Wang,2015).Theprocessofintegritymaintainstheconsistency, trustworthiness, and the accuracy of the information. All certain measure are to be involved providing the integrity security of the information in a transaction process. Many data integrity controls are taken to keep the information safe throughout the transaction process (Siponen, Mahmood & Pahnila, 2014). Examples of integrity measures that can be taken are the process of encryption. Encryption is done to keep the data integrity in case there is some accidental reason for data breach. Availability: Availability includes all data and information involved in the system are to be present with the user so that the user do not face any kind of problem while the transaction process is going on. It
2ATM INFORMATION SECURITY is also to be kept in mind that the information is available only with the authenticated user (Ciuffo & Weiss, 2017). Any unauthorized users do not use the information of other users. This will lead to insecurity of the data available with the user (Thomas, Vinod & Robinson, 2017). The availability of the information can be made secured by keeping backup for the data to be kept secret. Ina system, there can be a denial-of-attack by some unauthenticated user that can be mitigated by backup process or the encryption process. Question Number 2: The given case study states that a thief broke in the ATM and the thief was successful in jamming the card reader of the machine (De Luca et al, 2015). As a result, of jamming the ATM card reader, the user who wants a transaction will not be able to take out the card from the ATM machine. The thief also destroyed the machine by destroying the keypad of the machine, in which the user enters the pin. But, while he was working on the keypad, a customer arrives the center to withdraw cash. The thief was successful in destroying five keys, and five keys were left undestroyed. The customer who came to the machine was successful in his transaction (Layton, 2016). But, after collecting the cash, the customer was unable to take out the card as the card reader was jammed. While the customer was out for help, the thief tried to discover the pin and take out some cash from the account. The total number of possibility that the thief can input with the five keys available can be done by combining all the possibilities. The digits in a ATM pin is 4 and with the five keys good, the maximum number of possibilities that the thief can attempt is 5P4= 5! / (5-4)! = 5 * 4 * 3 * 2 = 120 possible outcomes. But, the security of the ATM does not allow the user for so many attempt. As per the security of ATM machine, the maximum times a user can enter wrong pin is three times. If a
3ATM INFORMATION SECURITY customer enters three consecutive wrong pins, then the card will be blocked and the customer has to call the Customer Care of the bank to unblock, or will have to wait for 24 hours for the card to block (Alaskar, Vodanovich & Shen, 2015). Therefore, coincidently if the thief becomes successful in giving the correct pin, he will be successful to collect some cash. But, he will not be able to enter 120 attempts for determining the correct pin of the ATM card. Question Number 3: There can be many reasons due to which users finds the biometric system a secured one. Out of all the advantages that biometric provides, three of the most important advantages are listed below: 1) The administrative cost of a user or an organization is cut less. The installation process of biometric is very less and does not much maintenance as there is no use of paper and much of the work is done automatically by the system itself (Chen, Pande & Mohapatra, 2014).Also, to maintain the system of biometric, no such training is required as it does not need any professionals to handle the system. 2) Improves the return investment as this authentication system gives security for accuracy, the misuse of resources is basically reduced, and the accountability is also increased for the information stored in the system (Ogbanufe & Kim, 2017). 3)Thesystemofbiometricsecurityisthemostsecuredsystemthatisavailablefor authentication. As, the biometric system deals with the physical parts of the human body, there is no chance of being theft and biometric of all humans are different from each other.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4ATM INFORMATION SECURITY Question Number 4: There are many circumstances where false negative rates are more than the false positive rates. False negative rate increases when the system cannot detect the data of an authenticated user and rejects their authentication (Barbosa & Silva, 2015). One of the instances, which can describe that false negative rate is more than that of false negative is the result of a test. In a diagnosis test result, the system can wrongly deny the test report as a wrong one due to some technical error in the database. False positive is a situation where the system of biometric detects an unauthorized user as an authorized one wrongly. The rate of false positive is comparatively less than the false positive rate. Question Number 5: Many algorithm processes are there in security system, by which a cipher text can be encrypted or decrypted similar to that of the transposition method (Ab Rahman & Choo, 2015). The other methods that work same like transposition method are Caesar Shift Method, Columnar Transposition Method, Substitution Method, Baconian Method and many more. The encrypted key given in the question is: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE To decrypt the text, two methods are used in this solution. Firstly, by substitution method followed by Caesar Cipher shifting by 3. The numeric values of the total encrypted key are determined to proceed with the solution. Then, with the key 234 given, in a continuous way substitution method is applied. After substitution method, Caesar Cipher method is applied of back shifting by three. The desired result of the given encrypted text is given below:
5ATM INFORMATION SECURITY Text givenNTJWKHXK Values of the alphabet142010231182411 Key applied23423423 Substitution method121762184228 Caesar cipher decryption by 3 33333333 Numeric value of decrypted text 91431851195 Decrypted TextINCREASE Text givenAMK Values of the alphabet11311 Key applied423 Substitution method23118 Caesar cipher decryption by 3333 Numeric value of decrypted text2085
6ATM INFORMATION SECURITY Decrypted TextTHE Text givenWWUJJYZTX Values of the alphabet232321101025262024 Key applied423423423 Substitution method1921186822221821 Caesar cipher decryption by 3333333333 Numericvalueof decrypted text1618153519191518 Decrypted TextPROCESSOR Text givenMWKXZKUHE Values of the alphabet1323112426112185 Key applied423423423 Substitution method9218202481762 Caesar cipher decryption by 3333333333
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7ATM INFORMATION SECURITY Numericvalueof decrypted text61851721514325 Decrypted TextFREQUENCY So, after the decryption, the text that is determined is INCREASE THE PROCESSOR FREQUENCY References Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling in the cloud.Computers & Security,49, 45-69. Alaskar, M., Vodanovich, S., & Shen, K. N. (2015, January). Evolvement of Information Security Research on Employees' Behavior: A Systematic Review and Future Direction. InSystem Sciences (HICSS), 2015 48th Hawaii International Conference on(pp. 4241- 4250). IEEE. Barbosa, F. G., & Silva, W. L. S. (2015, November). Support vector machines, Mel-Frequency CepstralCoefficientsandtheDiscreteCosineTransformappliedonvoicebased biometric authentication. InSAI Intelligent Systems Conference (IntelliSys), 2015(pp. 1032-1039). IEEE. Chen, S., Pande, A., & Mohapatra, P. (2014, June). Sensor-assisted facial recognition: an enhanced biometric authentication system for smartphones. InProceedings of the 12th
8ATM INFORMATION SECURITY annual international conference on Mobile systems, applications, and services(pp. 109- 122). ACM. Ciuffo,F.,&Weiss,G.M.(2017,October).Smartwatch-basedtranscriptionbiometrics. InUbiquitousComputing,ElectronicsandMobileCommunicationConference (UEMCON), 2017 IEEE 8th Annual(pp. 145-149). IEEE. De Luca, A., Hang, A., Von Zezschwitz, E., & Hussmann, H. (2015, April). I feel like I'm taking selfiesallday!:towardsunderstandingbiometricauthenticationonsmartphones. InProceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems(pp. 1411-1414). ACM. He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver environment.IEEE Systems Journal,9(3), 816-823. Kim, H., Park, J., Lee, J., & Ryou, J. (2015). Biometric authentication technology trends in smart device environment. InMobile and Wireless Technology 2015(pp. 199-206). Springer, Berlin, Heidelberg. Layton,T.P.(2016).InformationSecurity:Design,implementation,measurement,and compliance. CRC Press. Ogbanufe, O., & Kim, D. J. (2017). Comparing fingerprint-based biometrics authentication versus traditional authentication methods for e-payment.Decision Support Systems. Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study.Information & management,51(2), 217- 224.
9ATM INFORMATION SECURITY Thomas, K. P., Vinod, A. P., & Robinson, N. (2017, March). Online Biometric Authentication UsingSubject-SpecificBand Power featuresof EEG.InProceedingsofthe2017 International Conference on Cryptography, Security and Privacy(pp. 136-141). ACM.