This document provides detailed information on information security, covering topics such as ATM systems, biometric authentication, and transposition ciphers. It includes answers to common security concerns and explains encryption methods. References are also provided.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: INFORMATION SECURITY 0 IT Write Up Information Security (Student details :) 4/14/2019
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security 1 Contents Information Security..................................................................................................................2 Answer 1....................................................................................................................................2 Answer 2....................................................................................................................................2 Answer 3....................................................................................................................................3 Answer 4....................................................................................................................................4 Answer 5....................................................................................................................................4 References..................................................................................................................................5
Information Security 2 Information Security Answer 1 Within ATMs systems, admin needs to keep personal identification numbers (herein after referred as PINs) confidential, within the host system and while executing transmissions during atransaction. Moreover, system like ATMs must preserve the integrity of an account records related to the individual ATM transactions. Additionally, the ATM PINs must be encrypted due to the major confidentiality requirement. In addition, info integrity within ATM systems requires protecting info from being altered from illegal parties(Tiwana & Konsynski, 2010).Hence, integrity requirements significantly suggest thatthe ATM related actions mustbe linked to thebank accounts directly associated with the ATM cards. Besides, availability of information in ATM machines means to assure that each and every authorized party is capable to retrieve the correct and suitable info whenever required(Vacca, 2012). Thus, availability requirements of ATMs suggest thatATM system need to be able to serve a minimum of Xconcurrent consumers at a specific time. Finally, information within ATM systemscarriesvalueonlywhenitiscorrectaswellasusable(Peffers,Tuunanen, Rothenberger, & Chatterjee, 2009). Answer 2 According to the scenario, a thief broke an ATM machine through a screwdriver while also jammed the card reader and broke five keys from ATM keypad. During attempting stealing money from ATM, thief had to halt the process of break-in and as one ATM customer reached for withdrawing money from the ATM and hence he hides himself. Hence, calculation over the maximum attempt of ATM PINs that thief might need to enter before correctly revealing the customer’s PIN for stealing the money is as follows: Total number of keys in the keypad of ATM = 10 (0,1,2,3,4,5,6,7,8,9). Now, it has provided that the thief already broke out 5 keys, hence left number of keys in keypad of the ATM= 5. Number of digits in an ATM PIN; p=4 (because 4 digits are there in an ATM PIN)
Information Security 3 In addition, as repetition is allowed when thief will try to crack the ATM PIN, hence on applying permutation formula the maximum number of the ATM PINs require to be entered from the thief’s end for stealing that customer’s money is calculated as: Finally, the answer is 624, because out of all 625, 1 combination of the possible permutations will be the card holder or customer’s pin itself. Answer 3 If we think about bio-metric authentication system (referred as BAS), then there are numerous reasons behind people show reluctance while using BAS(Vacca, 2012).Likewise, there are various ways of countering the raised objections of those people who do not want to use BAS(Yeh & Chang, 2007). Thus, the main reasons along with their counter solutions are as follows: Reasons for which people feel reluctant while using BAS Measures to counter people’s protests for using BAS Reason I: BAS are not secure and private (Clodfelter, 2010). Yes, BAS is not a private system because it doesnotcontainsecrets.Additionally, integrity of BASs does not based on secrets or private information(Kizza, 2009). ReasonII:BASscaneffortlesslyget hacked by the hackers(Schultz, 2009). If BAS get hacked then there will be no harm as stealing templates of the public’s identitywillbeuselessforthethief (Picanso, 2008). Reason III: BASsmight harm people’s health by impacting on heart, eye or rest body organs(Yeh & Chang, 2007). It is only a myth among public as they do not want to utilise BAS(Stallings, Brown, Bauer, &Bhattacharjee,2012).Besides, themedicalresearchdatasuggeststhat thereisnoharmoverhumanbody functions during recording the heartbeats,
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Information Security 4 speech patterns, retina impressions or lip passwordsforBAS’sauthentications (Gollmann, 2010). Answer 4 Within BAS, false negatives and false positive rates are typically complementary as raising first will definitely lower the second one(Datta & Zhao, 2009).On the other hand, false negatives are majorly much serious than false positives and hence the same can be illustrated with the help of 2 scenarios discussed below. Case I: when there is a medical emergency with an individual inside a data centre, X person wants to take that sick person to CPR however he could not help him because of false negatives of the BAS. Contrary, X person can get access easily entry and saved life of the fainted employee thus it will be considered as a false positives of BAS(Howell, 2017). Case II: BAS is supposed to authenticate a worker X and it does not, hence it delayed that worker’s job hence it is a false negative of BAS. On the other hand, BAS falsely authenticated another new person at the workplace then it is a false positive of BAS (Clodfelter, 2010). Thus, both of the above cases are depicting that false negatives of BAS are severe than false positives of the BAS. Answer 5 In the area of cryptography, transposition ciphers are the type of measures of encryption by that particular positions held from units of plain text get moved in a regular system within a method which the cipher text forms a permutation of that plain text(Infosec, 2012).Thus, steps followed to decrypt the given text in order to get the original text, are as follows: Finding the value of keys for encrypting or decrypting the given message signal and hence found keys= 15, i.e. (k=15) Now apply the main cipher formula for decrypting the given text message which is: e (x)= (x-k) (Mod 26)(Infosec, 2012).
Information Security 5 In this case, x = cipher text value. K = key value (15) In this way, after inserting cipher text value within the above mentioned formula, one will get the decoded message or info that can be transferred through sender’s end to receiver’s end. Finally, the cipher text value which was given = LC DOMX IZY XVHP XMJQSH AANW FIHABRT and hence the plain text value decoded will be given by: WN ONXI TKJ IGSA IXUBDS LLYH QTSLMCE, it will be that original message which will be transferred through an employee to next one. References Clodfelter, R. (2010). Biometric technology in retailing: Will consumers accept fingerprint authentication?Journal of Retailing and Consumer Services, 17(3), 181-188. Datta, D., & Zhao, H. (2009). Effect of false positive and false negative rates on inference of binding target conservation across different conditions and species from ChIP-chip data.BMC bioinformatics, 10(1), 23. Gollmann, D. (2010). Computer Security.Wiley Interdisciplinary Reviews: Computational Statistics, 2(5), 544-554. Howell, K. (2017, 08 28).3 Problems With Biometric Security, Including Fingerprint ID. Retrieved from IP Switch: https://blog.ipswitch.com/3-reasons-biometrics-are-not- secure Kizza, J. (2009).Guide to computer network security.London: Springer. Peffers, K., Tuunanen, T., Rothenberger, M., & Chatterjee, S. (2009). A design science research methodology for information systems research.Journal of managemene information systems, 24(3), 45-77. Picanso, K. (2008). Protecting information security under a uniform data breach notification law.Fordham L.(Rev.), 355.
Information Security 6 Schultz, R. (2009).Contemporary issues in ethics and information technology(Ed. ed.). London: IGI Global. Stallings, W., Brown, L., Bauer, M., & Bhattacharjee, A. (2012).Computer security: principles and practice.NJ: Pearson Education. Tiwana, A., & Konsynski, B. (2010). Complementarities between organizational IT architecture and governance structure.Information Systems Research, 21(2), 288-304. Vacca, J. (2012).Computer and information security handbook.London: Newnes. Yeh, Q., & Chang, A. (2007). Threats and countermeasures for information system security: A cross-industry study.Information & Management, 44(5), 480-491.