This IT write up discusses the importance of information security in ATM systems and the challenges of biometric authentication. It covers topics such as confidentiality, integrity, and availability requirements in ATM systems, as well as the challenges of accuracy, cost, and points of failure in biometric authentication systems.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: INFO SECURITY 0 IT Write Up Information Security (Student details :) 4/1/2019
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Info Security 1 Contents IT Write Up: Information Security............................................................................................2 Solution: 1..................................................................................................................................2 Solution: 2..................................................................................................................................2 Solution: 3..................................................................................................................................3 Solution: 4..................................................................................................................................4 Solution: 5..................................................................................................................................5 References..................................................................................................................................6
Info Security 2 IT Write Up: Information Security Solution: 1 ATM’s system has to keep personal identification numbers (PINs) confidential, for boththehostsystemaswellasduringon-goingtransmissionforanymoney withdrawntransaction. In addition, such system shouldprotect the integrity of an account records along withof individual transactions. Apart from this, host system availability is important for the economic well-being of the banks and financial institutions however the availability of personal teller machines is of comparatively lessconcern in the context of ATM systems(Yeh & Chang, 2007). While considering an ATM system where users uses a PIN as well as a debit card to accesstheirbankaccounts,examplesofavailability,confidentialityandintegrity requirements related with the ATM system are as follows: Integrity requirements: the most important integrity requirement is that the major actions performed through an ATM must always be linked to an account related with the customer’s bank card(Stallings, Brown, Bauer, & Bhattacharjee, 2012). Confidentiality requirements: within ATM systems, the communication network amid the bank and the ATM must always be encrypted in a way that customer’s personal data can be kept confidential efficiently. In addition, as we know that PINs are the unique numbers which are utilised for withdrawing money from the ATM systems, hence these PINs must always be encrypted whenever and wherever they are stored (Peffers, Tuunanen, Rothenberger, & Chatterjee, 2009). Availability requirements: in this context, first important availability requirement is that the ATM systems must always be capable to assist a minimum of X concurrent customersataspecifictime.Apartfromthis, ATMsystemsmustalwaysbe accessible around 99.9 per cent of the total time so that people do not suffer difficulty while attempting to draw their money out from the banks(Vacca, 2012).
Info Security 3 Solution: 2 As per the given information, a thief has attempted to steal the money from an ATM machine and provided that an ATM machine has 0-9 numerical keys along with few special keys. Besides, the given scenario suggesting that the thief broke five numeric keys thus now he has the opportunity of making a combination for ATM pin which must be followed with the rest 5 keys only. Moreover, it is well-known that an ATM pin contains 4 digits hence the thief will be supposed to enter 4 digits while the number will be 0000 at its minimum level and 9999 at its utmost level. The reason behind the above is that within integer value, 9 is the highest value and 0 is the lowest one. In this way, the maximum possible combinations entered by the thief will be as follows: Total number of keys (0,1,2,3,4,5,6,7,8,9) =10 Additionally, the thief broke out 5 numeric keys, hence left keys=5 keys (p). Digits to be entered for the ATM pin (r) =4 & repetition is allowed by the thief. Here, on applying Permutation Formula,  In this way, total maximum number of PINs to be entered = 624, because one combination will be the card holder or customer’s pin itself. Solution: 3 In the context of bio-metrics authentication (referred as BA) system, there are some challenges while inspiring people for using BA at workplaces or anywhere else as follows: Accuracy problem: as per the users of BA, authorization of the users at the right time is the main problem during the implementation of bio-metrics system. Authorization often becomes inaccurate and hence analyze the body parts of human system incorrectly which should be appropriately authenticated for drawing exact results. In addition, lack of attention and carefulness during the authentication of BA could majorly ruin the outcomes in terms of accuracy and authorization(Picanso, 2008). Counter to the problem: it can be suggested to the users that they should be more careful and cautious while authenticating with BA as accuracy also depends upon lack of suppleness(Schultz, 2009).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Info Security 4 Cost: BA iscostly in nature from the budget point of view hence the utilisation of bio-metrics has become complex for the country or company level use. Additionally, budget of the BA within any institution can make people excuses about using this system for the entry validations(Howell, 2017). Counter to the problem: therefore, to counter this argument a proper analysis or evaluation of the chosen area or location requires to be done prior implementation of the bio- metrics system. Apart from this, assistance from the efficient financial institutions can also be taken for the cost-effective implementation of bio-metrics within any system(Datta & Zhao, 2009). Several points of failures: as we know thatentire system is inter-connected with each other and hence a single point failure may lead to complete shutdown of the whole system. For an example, ATM systems would also not function properly as well as could hamper the accounts of customers utilising the same system. In this way, functionality of BA majorly depends on identifying the face of the persons as well as disturbance within the similar may lead to failure of the whole associated system(Howell, 2017). Counter to the problem: points of failures while using BA can get easily reduced by updating the system timely and removing the bugs at the same time if occurs(Howell, 2017). Moreover,adoptingpremiumqualitytechnologicalservicesintermsofsoftwareand hardware, can remove this challenge from the system(Clodfelter, 2010). Solution: 4 Within bio-metrics authentication systems, false positives and false negatives both are suggested to be averted by the system administrators as both are complements to each other (Kizza, 2009).In this context, following scenarios are highlighting the presence of false negatives over as well as above false positives: Scenario I:as we know that major operations of BA are based upon recognition of faces of the human-beings, it would cause trouble to the owner of a safe during the case of an emergency(Datta & Zhao, 2009).As the urgent requirement of money or funds will not be properly processed through the basic elements of BA because as a result the owner of the safe will suffer and hence situation will become false negative one. In addition, it has been
Info Security 5 observed that within a negative kind of methodology within BA, it can allow in retrieving location details(Gollmann, 2010). Scenario II: the second scenario is aboutdealing with BA while hurting a person physically or creating a situation close to his or her death. In this context, if an employee who is suffering from cardiac arrest is not able to get help from his or her colleagues due to non- authentication by the bio-metrics for not recognizing the persons(Howell, 2017).In this way, this type of scenarios tends to result false negative and hence could be life-threatening for the whole organization. Besides, in this case false positive has been become the false negative due to its last result. Hence, it is clear that false negatives of the BA system are more severe than false positives of the system(Tiwana & Konsynski, 2010). Solution: 5
Info Security 6 References Clodfelter, R. (2010). Biometric technology in retailing: Will consumers accept fingerprint authentication?Journal of Retailing and Consumer Services, 17(3), 181-188. Datta, D., & Zhao, H. (2009). Effect of false positive and false negative rates on inference of binding target conservation across different conditions and species from ChIP-chip data.BMC bioinformatics, 10(1), 23. Gollmann, D. (2010). Computer Security.Wiley Interdisciplinary Reviews: Computational Statistics, 2(5), 544-554. Howell, K. (2017, 08 28).3 Problems With Biometric Security, Including Fingerprint ID. Retrieved from IP Switch: https://blog.ipswitch.com/3-reasons-biometrics-are-not- secure Kizza, J. (2009).Guide to computer network security.London: Springer. Peffers, K., Tuunanen, T., Rothenberger, M., & Chatterjee, S. (2009). A design science research methodology for information systems research.Journal of managemene information systems, 24(3), 45-77. Picanso, K. (2008). Protecting information security under a uniform data breach notification law.Fordham L.(Rev.), 355. Schultz, R. (2009).Contemporary issues in ethics and information technology(Ed. ed.). London: IGI Global. Stallings, W., Brown, L., Bauer, M., & Bhattacharjee, A. (2012).Computer security: principles and practice.NJ: Pearson Education. Tiwana, A., & Konsynski, B. (2010). Complementarities between organizational IT architecture and governance structure.Information Systems Research, 21(2), 288-304. Vacca, J. (2012).Computer and information security handbook.London: Newnes. Yeh, Q., & Chang, A. (2007). Threats and countermeasures for information system security: A cross-industry study.Information & Management, 44(5), 480-491.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.