Information Security - Desklib

Verified

Added on 2023/06/14

AI Summary

This article discusses the importance of confidentiality, integrity, and availability in information security, with examples related to ATM security. It also explores the challenges of biometric authentication and encryption techniques. Additionally, it provides answers to common questions related to ATM security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY
Information Security
Name of the Student
Name of the University
Authors Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION SECURITY
1. Answer to Question 1
Confidentiality
Examples of confidentiality related to the ATM (Automated Teller Machines) are
listed below;
As the PIN of the Customer is used by the banks information system and server, thus
the transmission of data from the ATM to the server and Vice versa should be done through
the secured transmission channel (Such as using SSL or secured socket layer).
As the it is possible for the network intruders to intercept the SSL channel, thus in
order to secure the data of the user or the customers it is important to transmit the transaction
data in an encrypted form.
Degree of importance of Confidentiality
As the PIN works as a digital identity of a customer to the information system of the Banks,
thus unsecured data transmission of data through an unsecured channel can lead to the
compromise of the user data to the unintended users of hackers (Hajare et al., 2018). Thus
degree of importance is high.
Integrity
Integrity of the data is also important for the users to maintain the integrity in the
complete life cycle of data transaction from the ATM to the server of the bank.
Thus changes in the mid of the transmission of the data may lead to the financial loss
of the customer.
As the financial transactions completed using the ATM reflects as well as impacts on
the customer’s account thus the integrity of the data should be maintained and checked.
Availability
As the ATM is required by the customers in order to get their required money at
anytime from anywhere. Therefore, as a part of the information system component it should
have minimal downtime.
2. Answer to Question 2
As the thief had managed to break 5 of the total 10 keys on the key pad of the ATM,
thus it is evident that the customer used the remaining five keys to enter his/her PIN to the
ATM. Therefor the thief now has to try to get the 4 Digit PIN from the remaining 5 keys on
the board.
Thus the chances for the thief to get the correct PIN of the Customer will be given
by,
5P4 = 5! / (5-4)! =120 times.

2INFORMATION SECURITY
3. Answer to Question 3
For the biometric authentication, people hesitate to use this due to its strict nature to
recognise people. In case of the ordinary authentication process, passwords of the users can
be managed and reset to get access. On the contrary, the biometric authentication process
cannot be adjusted in case user losses his/her fingers, or eyes through which the biometric
components recognises them.
In addition to that, potential misuse of the biometric data also makes the people
reluctant from using the biometric authentication solutions. once any users face, DNA or iris
related data/ profile are converted into a digital file, it becomes difficult to protect the users
data from fraudsters. Identity theft and financial fraud using the stolen biometrics data also
makes the users to hesitate to use the biometrics devices.
Another reason that makes people reluctant to use the biometric is the breach of
privacy as the stored data by the government organizations can be breached by the hackers to
get the private details of different users (Hajare et al., 2018).
As the biometric data is related to the privacy of the users, thus the data should be
protected from any kind of breach so that confidence grows among the people to use and
share the data.
The above objections of the users can be countered by storing the user biometric data
using some kind of encryption format. So that, even if the database of the users gets
breached, the data cannot be intercepted by the hacker.
4. Answer to Question 4
In case of using biometrics, the false positive is related to the situation where
biometric system erroneously accepts a biometric data sample as being a match with the data
stored in the database this is also denoted by false accept by the system (Onyesolu & Okpala,
2017).
On the other hand, false negative is about the situation when some valid biometric
data of a user is provided but the system rejects it as false one or one that is not in the
database which is again noted as false reject.
In case of hospital for an emergency case if the biometric system does not allow a
surgeon due to false negative leads to their inability to access the hospital premises. Again for
an economic institution, some security personnel may not be able to access the office
premises in any emergency situation like robbery.
5. Answer to Question 5
In case of using transposition for encrypting and decrypting texts, the given text or
the plaint text is written using an array and then assembling the elements in the different
columns of this array according to some predefined and given permutation process. In case
some of the cells of the columns are empty those are filed with a neutral letter

3INFORMATION SECURITY
For the given text the key is given by 234. Now in order to solve the problem we need
to get the numeric positions of English letters. This is given by,
A=1, B=2, C=3, D=4, E=5, F =6, G=7, H=8, I =9, J = 10
K = 11, L = 12, M = 13, N = 14, O = 15, P = 16, Q = 17, R = 18, S = 19, T = 20,
U = 21, V = 22, W = 23, X = 24, Y = 25, Z = 26.
For the given sentence in the encrypted form,
NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
There are mainly three parts, we will proceed with each part separately. For first part,
Encrypted Text N T J W K H X K
Corresponding numeric
value 14 20 1
0 23 11 8 24 11
Using the given key the above one changes to,
N T J W K H X K
2 3 4 2 3 4 2 3
12 1
7 6 21 8 4 2
2 8
After using the cease cipher text default shift which is 3, we get,
N T J W K H X K
9 14 3 18 5 1 19 5
Now the changed word will be
I =9, N = 14, C=3, R = 18, E=5, A=1, S = 19, E=5;
Thus the word becomes, INCREASE
In the similar way the second encrypted word (AMK) changes in the following
A M K
23 11 8
20 8 5
The new word is THE.
For the last two encrypted words WWUJJYZTX MWKXZKUHE,
Given encryption W W U J J Y Z T X
Numeric value as per the position 23 23 21 10
1
0 25 26 20 24
Given Key 4 2 3 4 2 3 4 2 3
Resultant after substitution 19 21 18 6 8 22 22 18 21
Shift using default ceaser cipher technique 3 3 3 3 3 3 3 3 3
Resultant value 16 18 15 3 5 19 19 15 18
Decrypted Text P R O C E S S O R

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION SECURITY
Thus the decrypted text Becomes
PROCESSOR.
Encrypted value M W K X Z K U H E
Corresponding numeric value 13 23 11 24
2
6 11 21 8 5
Given Key 4 2 3 4 2 3 4 2 3
Decoded from the substitution cipher 9 21 8 20
2
4 8 17 6 2
Shifting using Ceaser cipher 3 3 3 3 3 3 3 3 3
Decoded from the caeser cipher 6 18 5 17
2
1 5 14 3 25
Decrypted Text F R E Q U E N C Y
Thus the last decrypted word is, FREQUENCY.
The Complete decrypted sentence is, INCRESE THE PROCESSOR FREQUENCY.

5INFORMATION SECURITY
References
Hajare, U., Mahajan, R., Jadhav, S., Pingale, N., & Salunke, S. (2018). Efficient Cash
Withdrawal from ATM machine using Mobile Banking.
Karovaliya, M., Karedia, S., Oza, S., & Kalbande, D. R. (2015). Enhanced security for ATM
machine with OTP and Facial recognition features. Procedia Computer Science, 45,
390-396.
Onyesolu, M. O., & Okpala, A. C. (2017). Improving Security Using a Three-Tier
Authentication for Automated Teller Machine (ATM). International Journal of
Computer Network and Information Security, 9(10), 50.
Pathak, S. K., Pathak, S. K., Mishra, M. K., Kesharwani, L., & Gupta, A. K. (2015).
Automated Teller Machine (ATM) Frauds and Security. EDITORIAL BOARD, 192.