Desklib Logo

Information Security: Confidentiality, Integrity, Availability, Biometric Authentication, and Cipher

Verified

Added on  2023/06/14

|6
|1396
|129
AI Summary
This article discusses the importance of confidentiality, integrity, and availability in information security, factors that might be reluctant to use biometric for authentication, false negatives, and cipher.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: INFORMATION SECURITY 1
Information Security
Name:
Institution Affiliation:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SECURITY 2
Question 1
Confidentiality
When a client uses card and a PIN – (personal identification number) to gain access to their
account using ATM, they expect the PIN to be confidential to the host system of the transactions
and communication channel between web host system and bank website server (Bulgurcu,
Cavusoglu & Benbasat, 2010).
Level of importance to confidentiality
In situation where a PIN is unsecure when carrying out a transaction, it could lead to
compromise of the account. Therefore, it needs to be encrypted well.
Integrity
The client expects t transaction data to remain the same without any detrimental or accidental
changes.
Degree of important on integrity
An example to illustrate this concept: Think about a client who withdraws $ 600 and the
balance expected on the account should be 5500 USD. Instead of the system showing a balance
5500 dollars to the account, it accidently updates 5200 USD. To the part of the client this is a
loss since more money has been deducted. It is important to note that as much as the transaction
impact on the customer account directly, the integrity of transactions should be protected.
Availability
ATM machine should be accessible to serve the customers’ needs the times.
Document Page
INFORMATION SECURITY 3
Degree of importance of availability
It improves the financial progress of financial institution, thus, ATM should be functional and
efficient always (Hannan & Asif, 2017).
Question 2
Since the thief broke 5 different keys and Alice was able to enter her PIN, he should use the
remaining 5 keys. Hence, the total number of the possible keys is calculated as follows;
4- The pin is 4 digits
5- The remaining number of keys since the rest were broken
54 = 625
625 is the number of keys the thief may have to try in the worst case to gain an access to Alice
account.
Question 3
There are various factors which might be reluctant to use biometric for authentication they are as
follows;
Cost factor: The cost of biometric is very high compared to the authentication techniques
(Hannan & Asif, 2017). The biometric systems are costly when compared with the other security
measures for authentication, for example passwords and the personal identification numbers
(Whitman & Mattord, 2011). So whilst the biometrics could offer an extra security, the costs
currently has outweighed advantages in many of the cases.
Document Page
INFORMATION SECURITY 4
Point of the failure: In most of the cases, biometric authentication needs is dependent to the
lighting. This could cause problems when it comes to using login techniques (Whitman &
Mattord, 2011). In the event there was unfortunate accidents that could occur, physical features
that are used for the biometric authentication could get changed. This would cause some
complexities when it comes to the authentication at a later time.
Users might hesitate to use the biometric authentication because the devices are non-cancellable.
This means parts which are ruined or even worse in an accident is certainly not easily substituted
for instance forgotten password (Whitman & Mattord, 2011). This is the reason why people have
multiple finger-print scanned when they enlist for the fingerprint biometrics (Safa, Sookhak,Von,
Furnell, Ghani & Herawan, 2015). Additionally, you will discover security issues and the fear for
the possible mishandle to the data and misuse of the data is the major reasons that explain
precisely why individuals are cynical to adopting biometric security procedures which includes
biometric passports.
Question 4
A false negative is when the biometric systems fail in recognizing an authentic person, which led
to something occurring. Depending on what the aspects there could be some serious
consequences.
Personal: The owner of the safe could be prevented from gaining access to the safe, which lead
them unable to access a necessary resource.
Institutional: In an instance where server infrastructure is down, organization need to access their
data center to restore service (Jain, Ross & Pankanti, 2006). Each minute organization losses a

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SECURITY 5
lot of money and if the biometric system does not recognize the customer, they continue losing
more money and reputation.
When biometric is used as the primary affirmation framework for entering the premises it can
bring in hindering of resources (Peltier, 2016). At the level of utilizing fingerprints that are
identifiable tool for proof to distinguish lawbreakers the false antagonistic might result to not the
right individual being charged. In a situation wherein biometric would not acknowledge entry of
office security personal and there have been a case where theft happened in an enterprise and
biometric authentication provides an having access to all the other except security personnel.
Question 5
Cipher is usually the end product to an encryption which is made to plain text through use of
algorithm regarded as Cipher. It entails a series of steps which could be followed as the
procedure (Gordon & Loeb, 2002). To encipher is converting information into the cipher or
code. Cipher is the synonymous with the code since they are both set of steps which encrypts the
message. Cipher text that is encrypted text. It means when the text has been sent through use of
any media software application (Gordon & Loeb, 2002). It will be encrypted. Therefore, no third
party or individual could read the text. Those that are not invited to read the text would not be
able only the receiver for whom the text is sent can be read the message in its original text form
(Peltier, T. R. (2016). The plain text is what one has before any encryption has been done.
Moreover, Cipher text is the information which is encrypted as it contains original plaintext and
it is unreadable by human or a computer without utilizing a proper cipher in order to decrypt it
(Peltier, 2016). The plain text for the below encrypted text through use of key 13 is
Document Page
INFORMATION SECURITY 6
NTJWKHXK AMK WWUJJYZTX MWKXZKUHE when the text has been decrypted it
become as follows; AGWJXUKX NZX JJHWWLMGK ZJXKMXHUR.
References
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an
empirical study of rationality-based beliefs and information security awareness. MIS
quarterly, 34(3), 523-548.
Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM
Transactions on Information and System Security (TISSEC), 5(4), 438-457.
Hannan, S. A., & Asif, A. M. A. M. (2017). Analysis of Polyalphabetic Transposition Cipher
Techniques used for Encryption and Decryption. International Journal of Computer
Science and Software Engineering (IJCSSE), 6(2), 41-46.
Jain, A. K., Ross, A., & Pankanti, S. (2006). Biometrics: a tool for information security. IEEE
transactions on information forensics and security, 1(2), 125-143.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015).
Information security conscious care behaviour formation in organizations. Computers &
Security, 53, 65-78.
Whitman, M. E., & Mattord, H. J. (2011). Principles of information security. Cengage Learning.
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.