Information Security: CIA Triad, ATM Security, Biometric Authentication, Cipher Text Decryption
VerifiedAdded on  2023/06/14
|9
|1589
|359
AI Summary
This article discusses the CIA triad, ATM security, biometric authentication, and cipher text decryption. It covers topics such as confidentiality, integrity, and availability, security processes involved with ATM machine security, reasons for using biometric authentication, and methods for decrypting cipher text.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INFORMATION SECURITY
Information Security
Assessment No-
Assessment Title-
Student Name and ID-
Student name and Code-
Student Email Address-
Information Security
Assessment No-
Assessment Title-
Student Name and ID-
Student name and Code-
Student Email Address-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INFORMATION SECURITY
Answer to Question 1:
According to CIA triad, confidentiality, integrity, and availability are described as follows:
Confidentiality:
The main aim of confidentiality is to keep the information involved in the system secured
and protect the data from being breached or accessed by unauthorized person (Siponen,
Mahmood & Pahnila, 2014). The ATM cards contains many information that is to be kept
private from unauthorized access and the data in the ATM card consists of many important
information. The customers of the bank should keep the details of their ATM cards private so
that others do not access the bank details (Layton, 2016). The information confidentiality
involves encryption to keep all the data safe and the encryption process looks into the factor that
the right person gets the right access to the data.
Integrity:
The integrity security of ATM cards involves the fact that the content of the data should
not be changed or modified by invalid users and original message should reach to the authorized
person. According to the rules of integrity, the value of the AT should be kept original (Ab
Rahman & Choo, 2017). The data or the information that are transmitted over the network
should be tampered free. The data integrity of the system is secured by the encryption process
and contains hash functions for keeping the data safe.
Availability:
Answer to Question 1:
According to CIA triad, confidentiality, integrity, and availability are described as follows:
Confidentiality:
The main aim of confidentiality is to keep the information involved in the system secured
and protect the data from being breached or accessed by unauthorized person (Siponen,
Mahmood & Pahnila, 2014). The ATM cards contains many information that is to be kept
private from unauthorized access and the data in the ATM card consists of many important
information. The customers of the bank should keep the details of their ATM cards private so
that others do not access the bank details (Layton, 2016). The information confidentiality
involves encryption to keep all the data safe and the encryption process looks into the factor that
the right person gets the right access to the data.
Integrity:
The integrity security of ATM cards involves the fact that the content of the data should
not be changed or modified by invalid users and original message should reach to the authorized
person. According to the rules of integrity, the value of the AT should be kept original (Ab
Rahman & Choo, 2017). The data or the information that are transmitted over the network
should be tampered free. The data integrity of the system is secured by the encryption process
and contains hash functions for keeping the data safe.
Availability:
2INFORMATION SECURITY
The availability of data should be maintained by the security of the system. The
credentials that are needed for a successful transaction is to be available with the user while
transaction process is ongoing (Alaskar, Vodanovich & Shen, 2015). The security of the system
should ensure that the data is only available with the user and no other intruder gets the available
data of the ATM.
Answer to Question 2:
According to the scenario given, some security processes are involved with the ATM
machine security. The security system of the ATM allows a user to enter wrong pin to a
maximum of three times. After three wrong trials, the card of the user gets blocked. The card
gets unblocked only after 24 hours or so, or has to call the customer care to unblock the card
(Ciuffo & Weiss, 2017). According to the situation given, the thief has five keys left. With the
five keys, many four-digit ATM pin can be generated. The maximum number of four-digit ATM
pin that is possible in this case is:
5!/ (5-4)! = 5 * 4 * 3 * 2 = 120 times.
But, the security of the ATM will not allow the thief to enter the pin 120 times. The thief
will get a maximum of three trials and coincidently if the pins entered within the three trails get
correct, the transaction will be successful. Otherwise, the thief will not be able to withdraw
money and the card will get blocked.
Answer to Question 3:
The main reasons for which the users mainly depends on biometric authentication are:
The availability of data should be maintained by the security of the system. The
credentials that are needed for a successful transaction is to be available with the user while
transaction process is ongoing (Alaskar, Vodanovich & Shen, 2015). The security of the system
should ensure that the data is only available with the user and no other intruder gets the available
data of the ATM.
Answer to Question 2:
According to the scenario given, some security processes are involved with the ATM
machine security. The security system of the ATM allows a user to enter wrong pin to a
maximum of three times. After three wrong trials, the card of the user gets blocked. The card
gets unblocked only after 24 hours or so, or has to call the customer care to unblock the card
(Ciuffo & Weiss, 2017). According to the situation given, the thief has five keys left. With the
five keys, many four-digit ATM pin can be generated. The maximum number of four-digit ATM
pin that is possible in this case is:
5!/ (5-4)! = 5 * 4 * 3 * 2 = 120 times.
But, the security of the ATM will not allow the thief to enter the pin 120 times. The thief
will get a maximum of three trials and coincidently if the pins entered within the three trails get
correct, the transaction will be successful. Otherwise, the thief will not be able to withdraw
money and the card will get blocked.
Answer to Question 3:
The main reasons for which the users mainly depends on biometric authentication are:
3INFORMATION SECURITY
1) The users do not have to remember the passwords or the user id for log-in their system. The
biometric system is used instead of the passwords and user id (He & Wang, 2015). If the user
forgets the password somehow, recovering the password is a time taking process, and many
resources are also wasted to recover the password. To skip all these issues, users prefers to use
biometric system instead of other systems.
2) The second advantage that the biometric authentication offers is reducing the headache of
using pen or paper in the organization (Ogbanufe & Kim, 2017). Biometric system reduces the
cost of using many resources in the organization, and also reduces the time of security check for
the user. The system of biometric makes the system more secure.
3) The biometric authentication gives security to the system by providing accountability, and
provides accuracy to the system.
Answer to Question 4:
For false negative, the system of biometric authentication rejects the actual authentication
of the user as an unauthorized one even if the user is an authorized one. The data that is present
in the system does not match the database of the system (Chen, Pande & Mohapatra, 2014). The
rate of false negative is generally high where the result is basically negative, even if the input are
positive. The rate of false negative ranges from 0.00066% whereas, the rate of false positive
ranges from 0%. False positive biometric authentication is a rate of security authentication in
which the system wrongly interprets the unauthorized user as an authorized one. The data in the
database seems to be similar with the data of unauthorized user.
1) The users do not have to remember the passwords or the user id for log-in their system. The
biometric system is used instead of the passwords and user id (He & Wang, 2015). If the user
forgets the password somehow, recovering the password is a time taking process, and many
resources are also wasted to recover the password. To skip all these issues, users prefers to use
biometric system instead of other systems.
2) The second advantage that the biometric authentication offers is reducing the headache of
using pen or paper in the organization (Ogbanufe & Kim, 2017). Biometric system reduces the
cost of using many resources in the organization, and also reduces the time of security check for
the user. The system of biometric makes the system more secure.
3) The biometric authentication gives security to the system by providing accountability, and
provides accuracy to the system.
Answer to Question 4:
For false negative, the system of biometric authentication rejects the actual authentication
of the user as an unauthorized one even if the user is an authorized one. The data that is present
in the system does not match the database of the system (Chen, Pande & Mohapatra, 2014). The
rate of false negative is generally high where the result is basically negative, even if the input are
positive. The rate of false negative ranges from 0.00066% whereas, the rate of false positive
ranges from 0%. False positive biometric authentication is a rate of security authentication in
which the system wrongly interprets the unauthorized user as an authorized one. The data in the
database seems to be similar with the data of unauthorized user.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INFORMATION SECURITY
Answer to Question 5:
The process similar as transportation can be substitution method, double transportation
method, columnar transportation method, or Caesar cipher method.
The cipher text that is given is:
NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
This message can be decrypted by using two cipher text algorithm. Firstly, by
substitution method, and secondly by Caesar Cipher method. The process of decrypting the
message is shown below:
The Text Given N T J W K H X K
Numeric Values 14 20 10 23 11 8 24 11
Key Applied 2 3 4 2 3 4 2 3
Substitution Method Applied 12 17 6 21 8 4 22 8
Caesar Cipher Shifting 3 3 3 3 3 3 3 3
Subtracted 3 from Substitution
Number
9 14 3 18 5 1 19 5
Decoded Text I N C R E A S E
The Text Given A M K
Numeric Values 1 13 11
Key Applied 4 2 3
Substitution Method 23 11 8
Answer to Question 5:
The process similar as transportation can be substitution method, double transportation
method, columnar transportation method, or Caesar cipher method.
The cipher text that is given is:
NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
This message can be decrypted by using two cipher text algorithm. Firstly, by
substitution method, and secondly by Caesar Cipher method. The process of decrypting the
message is shown below:
The Text Given N T J W K H X K
Numeric Values 14 20 10 23 11 8 24 11
Key Applied 2 3 4 2 3 4 2 3
Substitution Method Applied 12 17 6 21 8 4 22 8
Caesar Cipher Shifting 3 3 3 3 3 3 3 3
Subtracted 3 from Substitution
Number
9 14 3 18 5 1 19 5
Decoded Text I N C R E A S E
The Text Given A M K
Numeric Values 1 13 11
Key Applied 4 2 3
Substitution Method 23 11 8
5INFORMATION SECURITY
Applied
Caesar Cipher Shifting 3 3 3
Subtracted 3 from
Substitution Number 20 8 5
Decoded Text T H E
The Text Given W W U J J Y Z T X
Numeric Values 23 23 21 10 10 25 26 20 24
Key Applied 4 2 3 4 2 3 4 2 3
Substitution Method
Applied 19 21 18 6 8 22 22 18 21
Caesar Cipher Shifting 3 3 3 3 3 3 3 3 3
Subtracted 3 from
Substitution Number 16 18 15 3 5 19 19 15 18
Decoded Text P R O C E S S O R
The Text Given M W K X Z K U H E
Numeric Values 13 23 11 24 26 11 21 8 5
Applied
Caesar Cipher Shifting 3 3 3
Subtracted 3 from
Substitution Number 20 8 5
Decoded Text T H E
The Text Given W W U J J Y Z T X
Numeric Values 23 23 21 10 10 25 26 20 24
Key Applied 4 2 3 4 2 3 4 2 3
Substitution Method
Applied 19 21 18 6 8 22 22 18 21
Caesar Cipher Shifting 3 3 3 3 3 3 3 3 3
Subtracted 3 from
Substitution Number 16 18 15 3 5 19 19 15 18
Decoded Text P R O C E S S O R
The Text Given M W K X Z K U H E
Numeric Values 13 23 11 24 26 11 21 8 5
6INFORMATION SECURITY
Key Applied 4 2 3 4 2 3 4 2 3
Substitution Method
Applied 9 21 8 20 24 8 17 6 2
Caesar Cipher Shifting 3 3 3 3 3 3 3 3 3
Subtracted 3 from
Substitution Number 6 18 5 17 21 5 14 3 25
Decoded Text F R E Q U E N C Y
The final text is INCREASE THE PROCESSOR FREQUENCY
Key Applied 4 2 3 4 2 3 4 2 3
Substitution Method
Applied 9 21 8 20 24 8 17 6 2
Caesar Cipher Shifting 3 3 3 3 3 3 3 3 3
Subtracted 3 from
Substitution Number 6 18 5 17 21 5 14 3 25
Decoded Text F R E Q U E N C Y
The final text is INCREASE THE PROCESSOR FREQUENCY
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Alaskar, M., Vodanovich, S., & Shen, K. N. (2015, January). Evolvement of Information
Security Research on Employees' Behavior: A Systematic Review and Future Direction.
In System Sciences (HICSS), 2015 48th Hawaii International Conference on (pp. 4241-
4250). IEEE.
Chen, S., Pande, A., & Mohapatra, P. (2014, June). Sensor-assisted facial recognition: an
enhanced biometric authentication system for smartphones. In Proceedings of the 12th
annual international conference on Mobile systems, applications, and services (pp. 109-
122). ACM.
Ciuffo, F., & Weiss, G. M. (2017, October). Smartwatch-based transcription biometrics.
In Ubiquitous Computing, Electronics and Mobile Communication Conference
(UEMCON), 2017 IEEE 8th Annual (pp. 145-149). IEEE.
He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver
environment. IEEE Systems Journal, 9(3), 816-823.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. CRC Press.
Ogbanufe, O., & Kim, D. J. (2017). Comparing fingerprint-based biometrics authentication
versus traditional authentication methods for e-payment. Decision Support Systems.
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Alaskar, M., Vodanovich, S., & Shen, K. N. (2015, January). Evolvement of Information
Security Research on Employees' Behavior: A Systematic Review and Future Direction.
In System Sciences (HICSS), 2015 48th Hawaii International Conference on (pp. 4241-
4250). IEEE.
Chen, S., Pande, A., & Mohapatra, P. (2014, June). Sensor-assisted facial recognition: an
enhanced biometric authentication system for smartphones. In Proceedings of the 12th
annual international conference on Mobile systems, applications, and services (pp. 109-
122). ACM.
Ciuffo, F., & Weiss, G. M. (2017, October). Smartwatch-based transcription biometrics.
In Ubiquitous Computing, Electronics and Mobile Communication Conference
(UEMCON), 2017 IEEE 8th Annual (pp. 145-149). IEEE.
He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver
environment. IEEE Systems Journal, 9(3), 816-823.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. CRC Press.
Ogbanufe, O., & Kim, D. J. (2017). Comparing fingerprint-based biometrics authentication
versus traditional authentication methods for e-payment. Decision Support Systems.
8INFORMATION SECURITY
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), 217-
224.
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information
security policies: An exploratory field study. Information & management, 51(2), 217-
224.
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.