Information Security
VerifiedAdded on 2023/01/19
|7
|1632
|87
AI Summary
This document provides detailed information on information security, covering topics such as ATM systems, biometric authentication, and transposition ciphers. It includes answers to common security concerns and explains encryption methods. References are also provided.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: INFORMATION SECURITY
0
IT Write Up
Information Security
(Student details :)
4/14/2019
0
IT Write Up
Information Security
(Student details :)
4/14/2019
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Information Security
1
Contents
Information Security..................................................................................................................2
Answer 1....................................................................................................................................2
Answer 2....................................................................................................................................2
Answer 3....................................................................................................................................3
Answer 4....................................................................................................................................4
Answer 5....................................................................................................................................4
References..................................................................................................................................5
1
Contents
Information Security..................................................................................................................2
Answer 1....................................................................................................................................2
Answer 2....................................................................................................................................2
Answer 3....................................................................................................................................3
Answer 4....................................................................................................................................4
Answer 5....................................................................................................................................4
References..................................................................................................................................5
Information Security
2
Information Security
Answer 1
Within ATMs systems, admin needs to keep personal identification numbers (herein
after referred as PINs) confidential, within the host system and while executing transmissions
during a transaction. Moreover, system like ATMs must preserve the integrity of an account
records related to the individual ATM transactions. Additionally, the ATM PINs must be
encrypted due to the major confidentiality requirement. In addition, info integrity within
ATM systems requires protecting info from being altered from illegal parties (Tiwana &
Konsynski, 2010). Hence, integrity requirements significantly suggest that the ATM related
actions must be linked to the bank accounts directly associated with the ATM cards. Besides,
availability of information in ATM machines means to assure that each and every authorized
party is capable to retrieve the correct and suitable info whenever required (Vacca, 2012).
Thus, availability requirements of ATMs suggest that ATM system need to be able to serve a
minimum of X concurrent consumers at a specific time. Finally, information within ATM
systems carries value only when it is correct as well as usable (Peffers, Tuunanen,
Rothenberger, & Chatterjee, 2009).
Answer 2
According to the scenario, a thief broke an ATM machine through a screwdriver
while also jammed the card reader and broke five keys from ATM keypad. During attempting
stealing money from ATM, thief had to halt the process of break-in and as one ATM
customer reached for withdrawing money from the ATM and hence he hides himself.
Hence, calculation over the maximum attempt of ATM PINs that thief might need to
enter before correctly revealing the customer’s PIN for stealing the money is as follows:
Total number of keys in the keypad of ATM = 10 (0,1,2,3,4,5,6,7,8,9).
Now, it has provided that the thief already broke out 5 keys, hence left number of
keys in keypad of the ATM= 5.
Number of digits in an ATM PIN; p=4 (because 4 digits are there in an ATM PIN)
2
Information Security
Answer 1
Within ATMs systems, admin needs to keep personal identification numbers (herein
after referred as PINs) confidential, within the host system and while executing transmissions
during a transaction. Moreover, system like ATMs must preserve the integrity of an account
records related to the individual ATM transactions. Additionally, the ATM PINs must be
encrypted due to the major confidentiality requirement. In addition, info integrity within
ATM systems requires protecting info from being altered from illegal parties (Tiwana &
Konsynski, 2010). Hence, integrity requirements significantly suggest that the ATM related
actions must be linked to the bank accounts directly associated with the ATM cards. Besides,
availability of information in ATM machines means to assure that each and every authorized
party is capable to retrieve the correct and suitable info whenever required (Vacca, 2012).
Thus, availability requirements of ATMs suggest that ATM system need to be able to serve a
minimum of X concurrent consumers at a specific time. Finally, information within ATM
systems carries value only when it is correct as well as usable (Peffers, Tuunanen,
Rothenberger, & Chatterjee, 2009).
Answer 2
According to the scenario, a thief broke an ATM machine through a screwdriver
while also jammed the card reader and broke five keys from ATM keypad. During attempting
stealing money from ATM, thief had to halt the process of break-in and as one ATM
customer reached for withdrawing money from the ATM and hence he hides himself.
Hence, calculation over the maximum attempt of ATM PINs that thief might need to
enter before correctly revealing the customer’s PIN for stealing the money is as follows:
Total number of keys in the keypad of ATM = 10 (0,1,2,3,4,5,6,7,8,9).
Now, it has provided that the thief already broke out 5 keys, hence left number of
keys in keypad of the ATM= 5.
Number of digits in an ATM PIN; p=4 (because 4 digits are there in an ATM PIN)
Information Security
3
In addition, as repetition is allowed when thief will try to crack the ATM PIN, hence
on applying permutation formula the maximum number of the ATM PINs require to
be entered from the thief’s end for stealing that customer’s money is calculated as:
Finally, the answer is 624, because out of all 625, 1 combination of the possible
permutations will be the card holder or customer’s pin itself.
Answer 3
If we think about bio-metric authentication system (referred as BAS), then there are
numerous reasons behind people show reluctance while using BAS (Vacca, 2012). Likewise,
there are various ways of countering the raised objections of those people who do not want to
use BAS (Yeh & Chang, 2007).
Thus, the main reasons along with their counter solutions are as follows:
Reasons for which people feel reluctant
while using BAS
Measures to counter people’s protests for
using BAS
Reason I: BAS are not secure and private
(Clodfelter, 2010).
Yes, BAS is not a private system because it
does not contain secrets. Additionally,
integrity of BASs does not based on secrets
or private information (Kizza, 2009).
Reason II: BASs can effortlessly get
hacked by the hackers (Schultz, 2009).
If BAS get hacked then there will be no
harm as stealing templates of the public’s
identity will be useless for the thief
(Picanso, 2008).
Reason III: BASs might harm people’s
health by impacting on heart, eye or rest
body organs (Yeh & Chang, 2007).
It is only a myth among public as they do
not want to utilise BAS (Stallings, Brown,
Bauer, & Bhattacharjee, 2012). Besides,
the medical research data suggests that
there is no harm over human body
functions during recording the heartbeats,
3
In addition, as repetition is allowed when thief will try to crack the ATM PIN, hence
on applying permutation formula the maximum number of the ATM PINs require to
be entered from the thief’s end for stealing that customer’s money is calculated as:
Finally, the answer is 624, because out of all 625, 1 combination of the possible
permutations will be the card holder or customer’s pin itself.
Answer 3
If we think about bio-metric authentication system (referred as BAS), then there are
numerous reasons behind people show reluctance while using BAS (Vacca, 2012). Likewise,
there are various ways of countering the raised objections of those people who do not want to
use BAS (Yeh & Chang, 2007).
Thus, the main reasons along with their counter solutions are as follows:
Reasons for which people feel reluctant
while using BAS
Measures to counter people’s protests for
using BAS
Reason I: BAS are not secure and private
(Clodfelter, 2010).
Yes, BAS is not a private system because it
does not contain secrets. Additionally,
integrity of BASs does not based on secrets
or private information (Kizza, 2009).
Reason II: BASs can effortlessly get
hacked by the hackers (Schultz, 2009).
If BAS get hacked then there will be no
harm as stealing templates of the public’s
identity will be useless for the thief
(Picanso, 2008).
Reason III: BASs might harm people’s
health by impacting on heart, eye or rest
body organs (Yeh & Chang, 2007).
It is only a myth among public as they do
not want to utilise BAS (Stallings, Brown,
Bauer, & Bhattacharjee, 2012). Besides,
the medical research data suggests that
there is no harm over human body
functions during recording the heartbeats,
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Information Security
4
speech patterns, retina impressions or lip
passwords for BAS’s authentications
(Gollmann, 2010).
Answer 4
Within BAS, false negatives and false positive rates are typically complementary as
raising first will definitely lower the second one (Datta & Zhao, 2009). On the other hand,
false negatives are majorly much serious than false positives and hence the same can be
illustrated with the help of 2 scenarios discussed below.
Case I: when there is a medical emergency with an individual inside a data centre, X
person wants to take that sick person to CPR however he could not help him because of false
negatives of the BAS. Contrary, X person can get access easily entry and saved life of the
fainted employee thus it will be considered as a false positives of BAS (Howell, 2017).
Case II: BAS is supposed to authenticate a worker X and it does not, hence it delayed
that worker’s job hence it is a false negative of BAS. On the other hand, BAS falsely
authenticated another new person at the workplace then it is a false positive of BAS
(Clodfelter, 2010).
Thus, both of the above cases are depicting that false negatives of BAS are severe
than false positives of the BAS.
Answer 5
In the area of cryptography, transposition ciphers are the type of measures of
encryption by that particular positions held from units of plain text get moved in a regular
system within a method which the cipher text forms a permutation of that plain text (Infosec,
2012). Thus, steps followed to decrypt the given text in order to get the original text, are as
follows:
Finding the value of keys for encrypting or decrypting the given message signal and
hence found keys= 15, i.e. (k=15)
Now apply the main cipher formula for decrypting the given text message which is:
e (x)= (x-k) (Mod 26) (Infosec, 2012).
4
speech patterns, retina impressions or lip
passwords for BAS’s authentications
(Gollmann, 2010).
Answer 4
Within BAS, false negatives and false positive rates are typically complementary as
raising first will definitely lower the second one (Datta & Zhao, 2009). On the other hand,
false negatives are majorly much serious than false positives and hence the same can be
illustrated with the help of 2 scenarios discussed below.
Case I: when there is a medical emergency with an individual inside a data centre, X
person wants to take that sick person to CPR however he could not help him because of false
negatives of the BAS. Contrary, X person can get access easily entry and saved life of the
fainted employee thus it will be considered as a false positives of BAS (Howell, 2017).
Case II: BAS is supposed to authenticate a worker X and it does not, hence it delayed
that worker’s job hence it is a false negative of BAS. On the other hand, BAS falsely
authenticated another new person at the workplace then it is a false positive of BAS
(Clodfelter, 2010).
Thus, both of the above cases are depicting that false negatives of BAS are severe
than false positives of the BAS.
Answer 5
In the area of cryptography, transposition ciphers are the type of measures of
encryption by that particular positions held from units of plain text get moved in a regular
system within a method which the cipher text forms a permutation of that plain text (Infosec,
2012). Thus, steps followed to decrypt the given text in order to get the original text, are as
follows:
Finding the value of keys for encrypting or decrypting the given message signal and
hence found keys= 15, i.e. (k=15)
Now apply the main cipher formula for decrypting the given text message which is:
e (x)= (x-k) (Mod 26) (Infosec, 2012).
Information Security
5
In this case, x = cipher text value.
K = key value (15)
In this way, after inserting cipher text value within the above mentioned formula, one
will get the decoded message or info that can be transferred through sender’s end to
receiver’s end.
Finally, the cipher text value which was given = LC DOMX IZY XVHP XMJQSH
AANW FIHABRT and hence the plain text value decoded will be given by:
WN ONXI TKJ IGSA IXUBDS LLYH QTSLMCE, it will be that original message
which will be transferred through an employee to next one.
References
Clodfelter, R. (2010). Biometric technology in retailing: Will consumers accept fingerprint
authentication? Journal of Retailing and Consumer Services, 17(3), 181-188.
Datta, D., & Zhao, H. (2009). Effect of false positive and false negative rates on inference of
binding target conservation across different conditions and species from ChIP-chip
data. BMC bioinformatics, 10(1), 23.
Gollmann, D. (2010). Computer Security. Wiley Interdisciplinary Reviews: Computational
Statistics, 2(5), 544-554.
Howell, K. (2017, 08 28). 3 Problems With Biometric Security, Including Fingerprint ID.
Retrieved from IP Switch: https://blog.ipswitch.com/3-reasons-biometrics-are-not-
secure
Kizza, J. (2009). Guide to computer network security. London: Springer.
Peffers, K., Tuunanen, T., Rothenberger, M., & Chatterjee, S. (2009). A design science
research methodology for information systems research. Journal of managemene
information systems, 24(3), 45-77.
Picanso, K. (2008). Protecting information security under a uniform data breach notification
law. Fordham L.(Rev.), 355.
5
In this case, x = cipher text value.
K = key value (15)
In this way, after inserting cipher text value within the above mentioned formula, one
will get the decoded message or info that can be transferred through sender’s end to
receiver’s end.
Finally, the cipher text value which was given = LC DOMX IZY XVHP XMJQSH
AANW FIHABRT and hence the plain text value decoded will be given by:
WN ONXI TKJ IGSA IXUBDS LLYH QTSLMCE, it will be that original message
which will be transferred through an employee to next one.
References
Clodfelter, R. (2010). Biometric technology in retailing: Will consumers accept fingerprint
authentication? Journal of Retailing and Consumer Services, 17(3), 181-188.
Datta, D., & Zhao, H. (2009). Effect of false positive and false negative rates on inference of
binding target conservation across different conditions and species from ChIP-chip
data. BMC bioinformatics, 10(1), 23.
Gollmann, D. (2010). Computer Security. Wiley Interdisciplinary Reviews: Computational
Statistics, 2(5), 544-554.
Howell, K. (2017, 08 28). 3 Problems With Biometric Security, Including Fingerprint ID.
Retrieved from IP Switch: https://blog.ipswitch.com/3-reasons-biometrics-are-not-
secure
Kizza, J. (2009). Guide to computer network security. London: Springer.
Peffers, K., Tuunanen, T., Rothenberger, M., & Chatterjee, S. (2009). A design science
research methodology for information systems research. Journal of managemene
information systems, 24(3), 45-77.
Picanso, K. (2008). Protecting information security under a uniform data breach notification
law. Fordham L.(Rev.), 355.
Information Security
6
Schultz, R. (2009). Contemporary issues in ethics and information technology (Ed. ed.).
London: IGI Global.
Stallings, W., Brown, L., Bauer, M., & Bhattacharjee, A. (2012). Computer security:
principles and practice. NJ: Pearson Education.
Tiwana, A., & Konsynski, B. (2010). Complementarities between organizational IT
architecture and governance structure. Information Systems Research, 21(2), 288-304.
Vacca, J. (2012). Computer and information security handbook. London: Newnes.
Yeh, Q., & Chang, A. (2007). Threats and countermeasures for information system security:
A cross-industry study. Information & Management, 44(5), 480-491.
6
Schultz, R. (2009). Contemporary issues in ethics and information technology (Ed. ed.).
London: IGI Global.
Stallings, W., Brown, L., Bauer, M., & Bhattacharjee, A. (2012). Computer security:
principles and practice. NJ: Pearson Education.
Tiwana, A., & Konsynski, B. (2010). Complementarities between organizational IT
architecture and governance structure. Information Systems Research, 21(2), 288-304.
Vacca, J. (2012). Computer and information security handbook. London: Newnes.
Yeh, Q., & Chang, A. (2007). Threats and countermeasures for information system security:
A cross-industry study. Information & Management, 44(5), 480-491.
1 out of 7
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.