Information Security
VerifiedAdded on  2023/01/20
|6
|1196
|79
AI Summary
This document discusses the importance of information security and the need to maintain confidentiality, integrity, and authentication in ATM systems. It also explores the risks of biometrics and the impact of false negatives. Additionally, it provides an overview of transportation cipher methods.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SECURITY
Information Security
Name of Student-
Name of University-
Author’s Note-
Information Security
Name of Student-
Name of University-
Author’s Note-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY
Question 1
ATM needs CIA triad that consists of confidentiality, Integrity as well as Authentication.
The ATM need to maintain all three aspects of CIA triad to satisfy the rules and regulations.
For confidentiality, the Communication channels of the ATM should be encrypted with
encryption algorithm and so that they network are secured from hackers (Thomas, Vinod &
Robinson, 2017). The pin that are generated by the user should also follow the encryption
technique.
For integrity, the ATM should maintain the data integrity in the system. The data should
not be changed or altered in the network channel.
To maintain availability, the ATM machine should be available all the time to the
customers as because the main objective of the ATM system is to provide service to its
customers all 24 hours a day.
Question 2
As per calculation, after breaking five keys of the ATM, the thief is only left with five
other keys the total number of possible four digit pins he can enter is 120 times.
But as the ATM has security policies, the thief will be able to enter the pin only three
time. The security of the ATM states that a user can enter wrong pin only three times in an ATM
and after the third wrong attempt, the card will be blocked for a day (Kim et al., 2015). So, as the
question, the thief will have only three chance to get the pin.
Question 3
Question 1
ATM needs CIA triad that consists of confidentiality, Integrity as well as Authentication.
The ATM need to maintain all three aspects of CIA triad to satisfy the rules and regulations.
For confidentiality, the Communication channels of the ATM should be encrypted with
encryption algorithm and so that they network are secured from hackers (Thomas, Vinod &
Robinson, 2017). The pin that are generated by the user should also follow the encryption
technique.
For integrity, the ATM should maintain the data integrity in the system. The data should
not be changed or altered in the network channel.
To maintain availability, the ATM machine should be available all the time to the
customers as because the main objective of the ATM system is to provide service to its
customers all 24 hours a day.
Question 2
As per calculation, after breaking five keys of the ATM, the thief is only left with five
other keys the total number of possible four digit pins he can enter is 120 times.
But as the ATM has security policies, the thief will be able to enter the pin only three
time. The security of the ATM states that a user can enter wrong pin only three times in an ATM
and after the third wrong attempt, the card will be blocked for a day (Kim et al., 2015). So, as the
question, the thief will have only three chance to get the pin.
Question 3
2INFORMATION SECURITY
Three main reasons for people being reluctant to use the technology of biometrics are
stated below:
Reason 1: The data that are saved are not secured. The data that are stored in biometrics
database are personal data of the people about their eyes, fingers and face (Ciuffo, & Weiss,
2017). The data collected are to be saved securely and biometric does not ensure such data
security with the data stored in the system.
Reason 2: The data in biometrics can be hacked. Hackers have many ways to hacks and
account and the data stored in biometric are extremely personal data and there is a high risk of
account hacking in biometrics. Identity of the person is breached with the use of biometrics.
Reason 3: There remains a surveillance fear while dealing with biometrics. The
biometrics makes use of law enforcement in the system. The data that are collected by hacking
the system can be used for unethical purposes.
These risks stated above can be overcome by the increasing the user experience,
lessening the spoofing attacks implementing multi factor authentication in the biometric system.
Question 4
Two instances that states that false negative are more serious compared to false positive
are stated below:
Example One: In a pregnancy test, there may be false negative result and false positive
result. The testing system for testing pregnancy can be malfunctioned due to some technical
errors (Bhagavatula et al., 2015). Due to technical error of pregnancy test, a woman who is
pregnant might not be aware of her pregnancy and might not have health check-ups. As a result,
Three main reasons for people being reluctant to use the technology of biometrics are
stated below:
Reason 1: The data that are saved are not secured. The data that are stored in biometrics
database are personal data of the people about their eyes, fingers and face (Ciuffo, & Weiss,
2017). The data collected are to be saved securely and biometric does not ensure such data
security with the data stored in the system.
Reason 2: The data in biometrics can be hacked. Hackers have many ways to hacks and
account and the data stored in biometric are extremely personal data and there is a high risk of
account hacking in biometrics. Identity of the person is breached with the use of biometrics.
Reason 3: There remains a surveillance fear while dealing with biometrics. The
biometrics makes use of law enforcement in the system. The data that are collected by hacking
the system can be used for unethical purposes.
These risks stated above can be overcome by the increasing the user experience,
lessening the spoofing attacks implementing multi factor authentication in the biometric system.
Question 4
Two instances that states that false negative are more serious compared to false positive
are stated below:
Example One: In a pregnancy test, there may be false negative result and false positive
result. The testing system for testing pregnancy can be malfunctioned due to some technical
errors (Bhagavatula et al., 2015). Due to technical error of pregnancy test, a woman who is
pregnant might not be aware of her pregnancy and might not have health check-ups. As a result,
3INFORMATION SECURITY
the woman may harm herself and the baby. In this can false negative is more serious problem
compared to false positive where a couple expecting a baby is not actually pregnant but has false
result about being the woman being pregnant.
Example two: Second case might be the test result of AIDs for a person. If a person
having AIDS have a false negative answer, this might increase the risk of spreading the virus
(Memon, 2017). If that particular person is not aware of the virus, the person will not continue
the treatment and the virus will increase and spread to others as well. This false negative result is
more serious compared to false positive result in AIDs test.
Question 5
The process that helps the programmer to rearrange the way of letters of plain text and
encode them to cipher text is known as transportation cipher. There are many kinds of algorithm
techniques that are used by the programmers in a transportation cipher (Alsaadi, 2015). Those
methods are columnar transportation, rail fence algorithm, Caesar cipher text, Baconian cipher,
substitution method, Polybius cipher. These transportation algorithms are known as mono-
alphabetic substitution method of cipher text. Other transportation method that are included in
the cipher algorithm are Autokey method, enigma method of transportation, Porta Cipher,
Running cipher key, and Gronsfield algorithm.
For solving the given cipher text, the transportation method that are used are substitution
method and columnar method. Given cipher text is:
Cipher Text: LC DOMX IZY XVH P XMJQSH AANW FIHABRT
After applying the key 567 given in the question, then applying Caesar cipher method
and lastly the one time pad given in the question, the decoded plain text that is derived is
the woman may harm herself and the baby. In this can false negative is more serious problem
compared to false positive where a couple expecting a baby is not actually pregnant but has false
result about being the woman being pregnant.
Example two: Second case might be the test result of AIDs for a person. If a person
having AIDS have a false negative answer, this might increase the risk of spreading the virus
(Memon, 2017). If that particular person is not aware of the virus, the person will not continue
the treatment and the virus will increase and spread to others as well. This false negative result is
more serious compared to false positive result in AIDs test.
Question 5
The process that helps the programmer to rearrange the way of letters of plain text and
encode them to cipher text is known as transportation cipher. There are many kinds of algorithm
techniques that are used by the programmers in a transportation cipher (Alsaadi, 2015). Those
methods are columnar transportation, rail fence algorithm, Caesar cipher text, Baconian cipher,
substitution method, Polybius cipher. These transportation algorithms are known as mono-
alphabetic substitution method of cipher text. Other transportation method that are included in
the cipher algorithm are Autokey method, enigma method of transportation, Porta Cipher,
Running cipher key, and Gronsfield algorithm.
For solving the given cipher text, the transportation method that are used are substitution
method and columnar method. Given cipher text is:
Cipher Text: LC DOMX IZY XVH P XMJQSH AANW FIHABRT
After applying the key 567 given in the question, then applying Caesar cipher method
and lastly the one time pad given in the question, the decoded plain text that is derived is
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SECURITY
Plain Text: WE HAVE WON CASE NUMBER FIVE HUNDRED
Plain Text: WE HAVE WON CASE NUMBER FIVE HUNDRED
5INFORMATION SECURITY
References
Bhagavatula, C., Ur, B., Iacovino, K., Kywe, S. M., Cranor, L. F., & Savvides, M. (2015).
Biometric authentication on iphone and android: Usability, perceptions, and influences on
adoption. Proc. USEC, 1-2.
Memon, N. (2017). How Biometric Authentication Poses New Challenges to Our Security and
Privacy [In the Spotlight]. IEEE Signal Processing Magazine, 34(4), 196-194.
Alsaadi, I. M. (2015). Physiological Biometric Authentication Systems, Advantages,
Disadvantages And Future Development: A Review. International Journal Of Scientific
& Technology Research, 4(8), 285-289.
Kim, H., Park, J., Lee, J., & Ryou, J. (2015). Biometric authentication technology trends in smart
device environment. In Mobile and Wireless Technology 2015 (pp. 199-206). Springer,
Berlin, Heidelberg.
Thomas, K. P., Vinod, A. P., & Robinson, N. (2017, March). Online Biometric Authentication
Using Subject-Specific Band Power features of EEG. In Proceedings of the 2017
International Conference on Cryptography, Security and Privacy (pp. 136-141). ACM.
Ciuffo, F., & Weiss, G. M. (2017, October). Smartwatch-based transcription biometrics.
In Ubiquitous Computing, Electronics and Mobile Communication Conference
(UEMCON), 2017 IEEE 8th Annual (pp. 145-149). IEEE.
References
Bhagavatula, C., Ur, B., Iacovino, K., Kywe, S. M., Cranor, L. F., & Savvides, M. (2015).
Biometric authentication on iphone and android: Usability, perceptions, and influences on
adoption. Proc. USEC, 1-2.
Memon, N. (2017). How Biometric Authentication Poses New Challenges to Our Security and
Privacy [In the Spotlight]. IEEE Signal Processing Magazine, 34(4), 196-194.
Alsaadi, I. M. (2015). Physiological Biometric Authentication Systems, Advantages,
Disadvantages And Future Development: A Review. International Journal Of Scientific
& Technology Research, 4(8), 285-289.
Kim, H., Park, J., Lee, J., & Ryou, J. (2015). Biometric authentication technology trends in smart
device environment. In Mobile and Wireless Technology 2015 (pp. 199-206). Springer,
Berlin, Heidelberg.
Thomas, K. P., Vinod, A. P., & Robinson, N. (2017, March). Online Biometric Authentication
Using Subject-Specific Band Power features of EEG. In Proceedings of the 2017
International Conference on Cryptography, Security and Privacy (pp. 136-141). ACM.
Ciuffo, F., & Weiss, G. M. (2017, October). Smartwatch-based transcription biometrics.
In Ubiquitous Computing, Electronics and Mobile Communication Conference
(UEMCON), 2017 IEEE 8th Annual (pp. 145-149). IEEE.
1 out of 6
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.