ATM Information Security
Added on 2023-06-14
10 Pages2235 Words261 Views
Running head: ATM INFORMATION SECURITY
ATM Information Security
Assessment No-
Assessment Title-
Student Name and ID-
Student name and Code-
Student Email Address-
ATM Information Security
Assessment No-
Assessment Title-
Student Name and ID-
Student name and Code-
Student Email Address-
1ATM INFORMATION SECURITY
Question Number 1:
The example of confidentiality, integrity, and availability are defined below:
Confidentiality: The confidentiality that is to be provided for the ATM card generally is to keep
the data or information that are stored in the ATM card secured and kept private from any other
intruders. The information in the card should not reach in the hand of unauthorized person.
Confidentiality gives the surety that the information that is transferred reaches only to the
authorized user (Kim et al., 2015). The data in the ATM card is to be kept private. Example
including in the confidentiality gives surety that the pin of the ATM card, CVV number and the
card number is made secret and needed to be kept secret throughout the lifetime of the card.
Integrity: There is a necessity in the ATM card that information is to be kept same as
transmitted by the sender. The information involved in the ATM card should be altered while
transmission (He & Wang, 2015). The process of integrity maintains the consistency,
trustworthiness, and the accuracy of the information. All certain measure are to be involved
providing the integrity security of the information in a transaction process. Many data integrity
controls are taken to keep the information safe throughout the transaction process (Siponen,
Mahmood & Pahnila, 2014). Examples of integrity measures that can be taken are the process of
encryption. Encryption is done to keep the data integrity in case there is some accidental reason
for data breach.
Availability:
Availability includes all data and information involved in the system are to be present with the
user so that the user do not face any kind of problem while the transaction process is going on. It
Question Number 1:
The example of confidentiality, integrity, and availability are defined below:
Confidentiality: The confidentiality that is to be provided for the ATM card generally is to keep
the data or information that are stored in the ATM card secured and kept private from any other
intruders. The information in the card should not reach in the hand of unauthorized person.
Confidentiality gives the surety that the information that is transferred reaches only to the
authorized user (Kim et al., 2015). The data in the ATM card is to be kept private. Example
including in the confidentiality gives surety that the pin of the ATM card, CVV number and the
card number is made secret and needed to be kept secret throughout the lifetime of the card.
Integrity: There is a necessity in the ATM card that information is to be kept same as
transmitted by the sender. The information involved in the ATM card should be altered while
transmission (He & Wang, 2015). The process of integrity maintains the consistency,
trustworthiness, and the accuracy of the information. All certain measure are to be involved
providing the integrity security of the information in a transaction process. Many data integrity
controls are taken to keep the information safe throughout the transaction process (Siponen,
Mahmood & Pahnila, 2014). Examples of integrity measures that can be taken are the process of
encryption. Encryption is done to keep the data integrity in case there is some accidental reason
for data breach.
Availability:
Availability includes all data and information involved in the system are to be present with the
user so that the user do not face any kind of problem while the transaction process is going on. It
2ATM INFORMATION SECURITY
is also to be kept in mind that the information is available only with the authenticated user
(Ciuffo & Weiss, 2017). Any unauthorized users do not use the information of other users. This
will lead to insecurity of the data available with the user (Thomas, Vinod & Robinson, 2017).
The availability of the information can be made secured by keeping backup for the data to be
kept secret. Ina system, there can be a denial-of-attack by some unauthenticated user that can be
mitigated by backup process or the encryption process.
Question Number 2:
The given case study states that a thief broke in the ATM and the thief was successful in
jamming the card reader of the machine (De Luca et al, 2015). As a result, of jamming the ATM
card reader, the user who wants a transaction will not be able to take out the card from the ATM
machine. The thief also destroyed the machine by destroying the keypad of the machine, in
which the user enters the pin. But, while he was working on the keypad, a customer arrives the
center to withdraw cash. The thief was successful in destroying five keys, and five keys were left
undestroyed. The customer who came to the machine was successful in his transaction (Layton,
2016). But, after collecting the cash, the customer was unable to take out the card as the card
reader was jammed. While the customer was out for help, the thief tried to discover the pin and
take out some cash from the account. The total number of possibility that the thief can input with
the five keys available can be done by combining all the possibilities. The digits in a ATM pin is
4 and with the five keys good, the maximum number of possibilities that the thief can attempt is
5P4 = 5! / (5-4)! = 5 * 4 * 3 * 2 = 120 possible outcomes.
But, the security of the ATM does not allow the user for so many attempt. As per the
security of ATM machine, the maximum times a user can enter wrong pin is three times. If a
is also to be kept in mind that the information is available only with the authenticated user
(Ciuffo & Weiss, 2017). Any unauthorized users do not use the information of other users. This
will lead to insecurity of the data available with the user (Thomas, Vinod & Robinson, 2017).
The availability of the information can be made secured by keeping backup for the data to be
kept secret. Ina system, there can be a denial-of-attack by some unauthenticated user that can be
mitigated by backup process or the encryption process.
Question Number 2:
The given case study states that a thief broke in the ATM and the thief was successful in
jamming the card reader of the machine (De Luca et al, 2015). As a result, of jamming the ATM
card reader, the user who wants a transaction will not be able to take out the card from the ATM
machine. The thief also destroyed the machine by destroying the keypad of the machine, in
which the user enters the pin. But, while he was working on the keypad, a customer arrives the
center to withdraw cash. The thief was successful in destroying five keys, and five keys were left
undestroyed. The customer who came to the machine was successful in his transaction (Layton,
2016). But, after collecting the cash, the customer was unable to take out the card as the card
reader was jammed. While the customer was out for help, the thief tried to discover the pin and
take out some cash from the account. The total number of possibility that the thief can input with
the five keys available can be done by combining all the possibilities. The digits in a ATM pin is
4 and with the five keys good, the maximum number of possibilities that the thief can attempt is
5P4 = 5! / (5-4)! = 5 * 4 * 3 * 2 = 120 possible outcomes.
But, the security of the ATM does not allow the user for so many attempt. As per the
security of ATM machine, the maximum times a user can enter wrong pin is three times. If a
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Role of Confidentiality, Integrity, and Availability in ATM systemlg...
|8
|1687
|2617
Sample Paper on Information Securitylg...
|5
|1759
|126
Information Technology - Assignment Solutionlg...
|5
|1474
|167
Information Security: Confidentiality, Integrity, and Availabilitylg...
|6
|2253
|395
Information Security: CIA Triad, Biometric Authentication, False Negative, Encryptionlg...
|14
|3843
|70
Information System for Automated Teller Machines Name of Student-Name of University- Author's Notelg...
|5
|1413
|122