Information Security: Confidentiality, Integrity, and Availability
Added on 2023-06-14
6 Pages2253 Words395 Views
Running head: INFORMATION SECURITY
Information Security
Name of Student-
Name of University-
Author’s Note-
Information Security
Name of Student-
Name of University-
Author’s Note-
1INFORMATION SECURITY
Answer for Question 1:
Example of Confidentiality:
Confidentiality is used to give protection to the information from the ATM card by some unauthorized systems or users.
For transaction in ATM, the card has to be physically present and the ATM pin has to be known by the user for successful
transaction (Luca et al., 2015).
The system of ATM card has to inbuilt the confidentiality of the card by encrypting pin and card of the user while transmission
is taking place.
There are mainly two types of breaches in confidentiality. One of the breach in confidentiality may take place when there some
other person looks over the details of the ATM while entering the pin. And the other breach in confidentiality occurs if the
details of the employees in a company may stolen
There is necessity of confidentiality to use ATM for maintaining people’s privacy and the personal information of the user.
Example of Integrity:
Data integrity involves that data cannot be changed or altered without access of the user.
There can be violation of integrity if the user deliberately or accidentally deletes files or changes the content of the details of
atm (Thomas, Vinod & Robinson, 2017).
The professionals who are responsible for information security can find some ways for implementing control over the errors of
integrity.
Example of Availability:
The availability of information states that the information that are needed to complete the transaction should be available with
the user.
The computing systems that are needed to process, store information should be secured, and the data in them must be
protected.
To ensure the data service, the denial-of-service attacks is basically prevented.
Answer for Question 2:
According to the scenario given in the question, a thief broke in an ATM and was successful in jamming the card reader of the
ATM machine. The thief was also successful in breaking five keys from the dial pad. While the thief was on his way to break other
keys as well, he had to stop as a customer approached the ATM for transaction (Ghosh et al., 2017). The customer was successful in
taking out cash from the ATM but the card was jammed because the thief had jammed the card reader. While the customer went out to
fetch help from others, the thief tried to find out the pin of the card. With the four keys that were working, the thief can find out many
possibilities of the entering the keys. The total number of possibilities that the thief can enter is
5P4 = 5!/(5 - 4)! = 5!/4! = 120 ways by which the thief can detect the pin of the card.
However, all the ATMs have many security factors. There are some limitations that thief can enter the pin for the card. An
ATM machine allows the user to enter the pin for maximum 3 times (Memon, 2017). After three wrong attempts, the card will be
blocked.
Answer for Question 1:
Example of Confidentiality:
Confidentiality is used to give protection to the information from the ATM card by some unauthorized systems or users.
For transaction in ATM, the card has to be physically present and the ATM pin has to be known by the user for successful
transaction (Luca et al., 2015).
The system of ATM card has to inbuilt the confidentiality of the card by encrypting pin and card of the user while transmission
is taking place.
There are mainly two types of breaches in confidentiality. One of the breach in confidentiality may take place when there some
other person looks over the details of the ATM while entering the pin. And the other breach in confidentiality occurs if the
details of the employees in a company may stolen
There is necessity of confidentiality to use ATM for maintaining people’s privacy and the personal information of the user.
Example of Integrity:
Data integrity involves that data cannot be changed or altered without access of the user.
There can be violation of integrity if the user deliberately or accidentally deletes files or changes the content of the details of
atm (Thomas, Vinod & Robinson, 2017).
The professionals who are responsible for information security can find some ways for implementing control over the errors of
integrity.
Example of Availability:
The availability of information states that the information that are needed to complete the transaction should be available with
the user.
The computing systems that are needed to process, store information should be secured, and the data in them must be
protected.
To ensure the data service, the denial-of-service attacks is basically prevented.
Answer for Question 2:
According to the scenario given in the question, a thief broke in an ATM and was successful in jamming the card reader of the
ATM machine. The thief was also successful in breaking five keys from the dial pad. While the thief was on his way to break other
keys as well, he had to stop as a customer approached the ATM for transaction (Ghosh et al., 2017). The customer was successful in
taking out cash from the ATM but the card was jammed because the thief had jammed the card reader. While the customer went out to
fetch help from others, the thief tried to find out the pin of the card. With the four keys that were working, the thief can find out many
possibilities of the entering the keys. The total number of possibilities that the thief can enter is
5P4 = 5!/(5 - 4)! = 5!/4! = 120 ways by which the thief can detect the pin of the card.
However, all the ATMs have many security factors. There are some limitations that thief can enter the pin for the card. An
ATM machine allows the user to enter the pin for maximum 3 times (Memon, 2017). After three wrong attempts, the card will be
blocked.
2INFORMATION SECURITY
Answer for Question 3:
1. The first advantage is that the users do not have to enter their usernames and their passwords as a login credentials for log in.
The use of bio-metric is a replacement of the password and user-name of the user and is considered as the alternative of entering
password (Barbosa & Silva, 2015). The biometric authentication is also used to enhance the on boarding and methods to know the
customers well. For a brand, the biometric is the most advantageous way to improve the experience of the user.
2. The biometric is a problem solving way for remembering the password for the users. To remember the password is a great
problem for the users and biometric solves that problem for many service providers and different online enterprise (Bhagavatula et al.,
2015). For authentication, the passwords that are used by the users are not always strong and those data has a possibility of facing a
data breach. Biometric helps to solve the problem of password forgetting.
3. The biometric authentication establishes the accountability for the users. After the biometric is implemented, the result of
biometric gives a solid activity of the audit trail so that the accountability can be established (Kim et al., 2015). All the transaction
done by the user is recorded and is documented clearly by the user that are associated with the biometrics. This actually reduces the
misuse of the system and protects the data from being hacked.
Answer for Question 4:
The false negative biometric authentication is a rate in authentication where an authorized user or a person is basically rejected
so that they cannot access the system. This generally happens when the users do not find the biometric data of the user in the database
and rejects their access even if the user is an authenticated one (Chen, Pande & Mohapatra, 2014). All the authentication techniques
should have low false negative data or false rejection rate because if false negative exists in authentication, then the users will become
frustrated. The false positive biometric authentication is basically a process which accepts an unauthorized user as an authorized one.
This mainly occurs when the biometric data of a person matches to some extent of the data of authorized user in the database and the
person is not authorized (Ciuffo & Weiss, 2017). The rate of acceptance is done for a security measure so that the prevention can be
done from falsifying the data. The rate of false negative generally ranges between 0.00066 % up to 1.0 %, which is more than the rate
of false acceptance.
Answer for Question 5:
One way by which the transportation cipher can be decrypted is the columnar transposition of decryption method. The
columnar transposition method generally has a security for the transposition security that has extra benefit to utilize the keyword. The
columnar transposition method is comparatively easier than other methods of decryption and also offers an effect of better mixing
when compared to railfence cipher (Alsaadi, 2015). The main advantage of columnar transposition compared to substitution method of
encrypting is that the algorithms can be used more than one time. For an example, the columnar transposition of decrypting the cipher
can be used twice on plaintext. The keyword that is used first can be used both the times or some different key can be used for
applying the algorithm the second time.
The process to decipher an encrypted text can be done mainly in two steps. The two steps are:
To decipher the text, the user normally has to work on the length of the columns by dividing the length by key length.
After the first step is done, the message is then written in the columns again and then the key retransforms the columns again.
Answer for Question 3:
1. The first advantage is that the users do not have to enter their usernames and their passwords as a login credentials for log in.
The use of bio-metric is a replacement of the password and user-name of the user and is considered as the alternative of entering
password (Barbosa & Silva, 2015). The biometric authentication is also used to enhance the on boarding and methods to know the
customers well. For a brand, the biometric is the most advantageous way to improve the experience of the user.
2. The biometric is a problem solving way for remembering the password for the users. To remember the password is a great
problem for the users and biometric solves that problem for many service providers and different online enterprise (Bhagavatula et al.,
2015). For authentication, the passwords that are used by the users are not always strong and those data has a possibility of facing a
data breach. Biometric helps to solve the problem of password forgetting.
3. The biometric authentication establishes the accountability for the users. After the biometric is implemented, the result of
biometric gives a solid activity of the audit trail so that the accountability can be established (Kim et al., 2015). All the transaction
done by the user is recorded and is documented clearly by the user that are associated with the biometrics. This actually reduces the
misuse of the system and protects the data from being hacked.
Answer for Question 4:
The false negative biometric authentication is a rate in authentication where an authorized user or a person is basically rejected
so that they cannot access the system. This generally happens when the users do not find the biometric data of the user in the database
and rejects their access even if the user is an authenticated one (Chen, Pande & Mohapatra, 2014). All the authentication techniques
should have low false negative data or false rejection rate because if false negative exists in authentication, then the users will become
frustrated. The false positive biometric authentication is basically a process which accepts an unauthorized user as an authorized one.
This mainly occurs when the biometric data of a person matches to some extent of the data of authorized user in the database and the
person is not authorized (Ciuffo & Weiss, 2017). The rate of acceptance is done for a security measure so that the prevention can be
done from falsifying the data. The rate of false negative generally ranges between 0.00066 % up to 1.0 %, which is more than the rate
of false acceptance.
Answer for Question 5:
One way by which the transportation cipher can be decrypted is the columnar transposition of decryption method. The
columnar transposition method generally has a security for the transposition security that has extra benefit to utilize the keyword. The
columnar transposition method is comparatively easier than other methods of decryption and also offers an effect of better mixing
when compared to railfence cipher (Alsaadi, 2015). The main advantage of columnar transposition compared to substitution method of
encrypting is that the algorithms can be used more than one time. For an example, the columnar transposition of decrypting the cipher
can be used twice on plaintext. The keyword that is used first can be used both the times or some different key can be used for
applying the algorithm the second time.
The process to decipher an encrypted text can be done mainly in two steps. The two steps are:
To decipher the text, the user normally has to work on the length of the columns by dividing the length by key length.
After the first step is done, the message is then written in the columns again and then the key retransforms the columns again.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Sample Paper on Information Securitylg...
|5
|1759
|126
Information System for Automated Teller Machines Name of Student-Name of University- Author's Notelg...
|5
|1413
|122
ATM Information Securitylg...
|10
|2235
|261
Computing IT Security - Confidentiality, Integrity, Availability, Biometric Authentication, False Positive and False Negativelg...
|7
|1683
|77
Information Security Assignment Samplelg...
|8
|1673
|45
Role of Confidentiality, Integrity, and Availability in ATM systemlg...
|8
|1687
|2617