ITC542 - Assessment Item 2: Security Fundamentals
VerifiedAdded on 2024/05/21
|11
|1782
|367
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
ITC542 - Assessment item 2
Security Fundamentals
Student Name: Muzakir Mohammed
Student ID: 11597897
Student E-mail Address: mmoham77@postoffice.csu.edu.au
1
Security Fundamentals
Student Name: Muzakir Mohammed
Student ID: 11597897
Student E-mail Address: mmoham77@postoffice.csu.edu.au
1
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
Introduction................................................................................................................................3
Question1...................................................................................................................................4
Question2...................................................................................................................................5
Question3...................................................................................................................................6
Question4...................................................................................................................................7
Question5...................................................................................................................................8
Conclusion................................................................................................................................10
References................................................................................................................................11
2
Introduction................................................................................................................................3
Question1...................................................................................................................................4
Question2...................................................................................................................................5
Question3...................................................................................................................................6
Question4...................................................................................................................................7
Question5...................................................................................................................................8
Conclusion................................................................................................................................10
References................................................................................................................................11
2
Introduction
This is an assessment based on fundamental security. The aim of this assessment is to
develop and gauge understandings of learner about the security of different machines. In
order to complete this assessment, I have to describe the degree of importance for
requirements like confidentiality, integrity and availability. I also have to perform calculation
work to define number attempt to identify correct pin. There is a requirement to identify
reasons why people reluctant to use biometrics. I also have to reveal circumstance where
false negatives are more significant than false positive.
3
This is an assessment based on fundamental security. The aim of this assessment is to
develop and gauge understandings of learner about the security of different machines. In
order to complete this assessment, I have to describe the degree of importance for
requirements like confidentiality, integrity and availability. I also have to perform calculation
work to define number attempt to identify correct pin. There is a requirement to identify
reasons why people reluctant to use biometrics. I also have to reveal circumstance where
false negatives are more significant than false positive.
3
Question1
Examples are as follows:
Confidentiality
To use ATM service, a customer has to use the card and their personal identification
number called pin to access their account using ATM
So the customer should have to keep their PIN confidential
The customer has to keep their PIN confidential during transaction operation done on
bank server.
Degree of Importance of Confidentiality
Using of unsecured pin during the transaction by ATM or bank server may lead
disclose account
So, confidentiality of PIN should be maintained properly and should be encrypted
properly.
Integrity
The customer expected that the transaction record is done without any malicious
activities or accidents
Degree of Importance of Integrity
On specific time, when a customer withdraws the amount of 500 USD and the rest
balance is 6690. Instead of updating 6690 it updated as 6200 USD, cause unexpected
loss of amount.
Transaction performed directly affect account of the customer so transactional
integrity should be maintained and secured.
Availability
The Automated Tailored Machine should be available 24*7 to serve customers.
Degree of Importance of availability
The availability of ATM services eventually boosts the economic growth of the bank.
So the ATM machine should have 99.99% availability
Maximum availability increase customers loyalty
(Chia, 2018)
4
Examples are as follows:
Confidentiality
To use ATM service, a customer has to use the card and their personal identification
number called pin to access their account using ATM
So the customer should have to keep their PIN confidential
The customer has to keep their PIN confidential during transaction operation done on
bank server.
Degree of Importance of Confidentiality
Using of unsecured pin during the transaction by ATM or bank server may lead
disclose account
So, confidentiality of PIN should be maintained properly and should be encrypted
properly.
Integrity
The customer expected that the transaction record is done without any malicious
activities or accidents
Degree of Importance of Integrity
On specific time, when a customer withdraws the amount of 500 USD and the rest
balance is 6690. Instead of updating 6690 it updated as 6200 USD, cause unexpected
loss of amount.
Transaction performed directly affect account of the customer so transactional
integrity should be maintained and secured.
Availability
The Automated Tailored Machine should be available 24*7 to serve customers.
Degree of Importance of availability
The availability of ATM services eventually boosts the economic growth of the bank.
So the ATM machine should have 99.99% availability
Maximum availability increase customers loyalty
(Chia, 2018)
4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Question2
A thief broke an ATM using screwdriver and jam card reader. He/she also broke five keys
from the keypad of ATM. Thief stop the process when a customer reached to the ATM. The
customer successfully entered their pin means the customer ATM pin can be defined by using
rest of the pin. Generally, an ATM has 10 keys in keypad and the thief broke the five key.
The ATM pin is generated in a combination of four keys. So the maximum number of PINs
are as follows:
Rest available number of Keys=5
PIN key combination= 4
So, the total number of PINs that the thief may have to enter before correctly discovering
customer’s PIN is 625.
("How many ATM pin code permutations/combinations can be produced with 4 digits?”
2018)
5
A thief broke an ATM using screwdriver and jam card reader. He/she also broke five keys
from the keypad of ATM. Thief stop the process when a customer reached to the ATM. The
customer successfully entered their pin means the customer ATM pin can be defined by using
rest of the pin. Generally, an ATM has 10 keys in keypad and the thief broke the five key.
The ATM pin is generated in a combination of four keys. So the maximum number of PINs
are as follows:
Rest available number of Keys=5
PIN key combination= 4
So, the total number of PINs that the thief may have to enter before correctly discovering
customer’s PIN is 625.
("How many ATM pin code permutations/combinations can be produced with 4 digits?”
2018)
5
Question3
The three reasons why people may be reluctant to use bio-metrics are as follows:
Multiprogramming
Multiprogramming is a process that facilitates to run several software or program in
parallel at single instance on a single processor.
Multiprogramming protects user’s program as well as data of other user’s operations
because data for OS is a very important aspect.
Protected Object in Computing System
With the support of operating system multiprogramming help to protect resources like
Procedures and sub-procedures
Sharable I/O disk
Memory
Printer
Database
OS’s basic Security methods
Cryptographic separation
Temporal separation
Physical separation
Logical separation
Various ways of how to counter those objections
Physical separation
Physical separation uses different physical resources
It is expensive but very easy to implement
Example
Object which uses physical separation to maintain security
The printer is the best example of physical separation.
It is used to perform several tasks.
So it requires great security from unauthorized access
Printer devices are separated on the basis of the operation mode.
(Problem, 2018)
6
The three reasons why people may be reluctant to use bio-metrics are as follows:
Multiprogramming
Multiprogramming is a process that facilitates to run several software or program in
parallel at single instance on a single processor.
Multiprogramming protects user’s program as well as data of other user’s operations
because data for OS is a very important aspect.
Protected Object in Computing System
With the support of operating system multiprogramming help to protect resources like
Procedures and sub-procedures
Sharable I/O disk
Memory
Printer
Database
OS’s basic Security methods
Cryptographic separation
Temporal separation
Physical separation
Logical separation
Various ways of how to counter those objections
Physical separation
Physical separation uses different physical resources
It is expensive but very easy to implement
Example
Object which uses physical separation to maintain security
The printer is the best example of physical separation.
It is used to perform several tasks.
So it requires great security from unauthorized access
Printer devices are separated on the basis of the operation mode.
(Problem, 2018)
6
Question4
A false negative occurs when the biometric device fails to authenticate the individual. The
two circumstances where false negative are significantly more serious than false positive are
as follows:
Personal: Owner of the safe restricted by the biometric device from accessing, lead to
unable to use a required resource when owner really needed amount available in safe.
Institutional: The server going to down and needed to access data center for providing
a service. Every minute losing thousand million revenue of organization and the
biometric didn’t authenticate me lead to lose more money and revenue
Safety: An employee in data center organization fell down on the floor because of
heart attack and the biometric device doesn’t authenticate me and the result she could
die.
("False positive and False negative. Statistical errors explained", 2018)
7
A false negative occurs when the biometric device fails to authenticate the individual. The
two circumstances where false negative are significantly more serious than false positive are
as follows:
Personal: Owner of the safe restricted by the biometric device from accessing, lead to
unable to use a required resource when owner really needed amount available in safe.
Institutional: The server going to down and needed to access data center for providing
a service. Every minute losing thousand million revenue of organization and the
biometric didn’t authenticate me lead to lose more money and revenue
Safety: An employee in data center organization fell down on the floor because of
heart attack and the biometric device doesn’t authenticate me and the result she could
die.
("False positive and False negative. Statistical errors explained", 2018)
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Question5
George informed his employees that the message he will send them will be encrypted using
Caesar cipher which is followed by another substitution technique where the key is 234.
From this statement we get to know that at the phase of decryption, firstly it is required to
apply the substitution technique which uses a key then the output from the technique will be
the input for the Caesar cipher technique for decryption. Hence the output will be decrypted
that is the plain text.
Given cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
The substitution technique which uses the key for encryption and decryption is Vigenere
Cipher. So here I have first used the vigenere cipher technique for decrypting the given cipher
text.
For decryption using vignere cipher, the equation is:
The number of the alphabet range from 0 to 25 where 0 is A and 25 is Z.
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Check the first letter that is N.
N = 13
Key: 234
Mi= (13 - 2) mod 26 = 11 = L
Check the next letter that is T
T = 19
Key: 234
Mi= (19 - 3) mod 26 = 16 = Q
Similarly
Key 2 3 4 2 3 4 2 3 4 2 3 4 2 3 4
Cipher
Text
N T J W K H X K A M K W W U J
Decrypted
code
L Q F U H D V H W K H S U R F
Key 2 3 4 2 3 4 2 3 4 2 3 4 2 3
Cipher
Text
J Y Z T X M W K X Z K U H E
Decrypted
code
H V V R U I U H T X H Q F B
8
George informed his employees that the message he will send them will be encrypted using
Caesar cipher which is followed by another substitution technique where the key is 234.
From this statement we get to know that at the phase of decryption, firstly it is required to
apply the substitution technique which uses a key then the output from the technique will be
the input for the Caesar cipher technique for decryption. Hence the output will be decrypted
that is the plain text.
Given cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
The substitution technique which uses the key for encryption and decryption is Vigenere
Cipher. So here I have first used the vigenere cipher technique for decrypting the given cipher
text.
For decryption using vignere cipher, the equation is:
The number of the alphabet range from 0 to 25 where 0 is A and 25 is Z.
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Check the first letter that is N.
N = 13
Key: 234
Mi= (13 - 2) mod 26 = 11 = L
Check the next letter that is T
T = 19
Key: 234
Mi= (19 - 3) mod 26 = 16 = Q
Similarly
Key 2 3 4 2 3 4 2 3 4 2 3 4 2 3 4
Cipher
Text
N T J W K H X K A M K W W U J
Decrypted
code
L Q F U H D V H W K H S U R F
Key 2 3 4 2 3 4 2 3 4 2 3 4 2 3
Cipher
Text
J Y Z T X M W K X Z K U H E
Decrypted
code
H V V R U I U H T X H Q F B
8
Decrypted code using Vigenere cipher technique
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Key: 234
Decrypted code(Cipher text 2): LQFUHDVH WKH SURFHVVRU IUHTXHQFB
Now we will apply the Caesar cipher technique on the decrypted code that is cipher text 2
X is the text on which decryption need to be done and n is the key which is equal to 3.
Cipher text 2: LQFUHDVH WKH SURFHVVRU IUHTXHQFB
Applying Caesar cipher technique on first letter L:
L = 11
Dn(x) = (11 - 3) mod 26 = 8 = I
Applying Caesar cipher technique on first letter Q:
L = 16
Dn(x) = (16 - 3) mod 26 = 13 = N
Similarly
Cipher
Text 2
L Q F U H D V H W K H S U R F
Plain
Text
I N C R E A S E T H E P R O C
Cipher
Text 2
H V V R U I U H T X H Q F B
Plain
Text
E S S O R F R E Q U E N C Y
Hence the decrypted code that is the plain text of the given cipher text is:
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Plain text: INCREASE THE PROCESSOR FREQUENCY
("Steps of the Research Process - Excerpt", 2018)
9
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Key: 234
Decrypted code(Cipher text 2): LQFUHDVH WKH SURFHVVRU IUHTXHQFB
Now we will apply the Caesar cipher technique on the decrypted code that is cipher text 2
X is the text on which decryption need to be done and n is the key which is equal to 3.
Cipher text 2: LQFUHDVH WKH SURFHVVRU IUHTXHQFB
Applying Caesar cipher technique on first letter L:
L = 11
Dn(x) = (11 - 3) mod 26 = 8 = I
Applying Caesar cipher technique on first letter Q:
L = 16
Dn(x) = (16 - 3) mod 26 = 13 = N
Similarly
Cipher
Text 2
L Q F U H D V H W K H S U R F
Plain
Text
I N C R E A S E T H E P R O C
Cipher
Text 2
H V V R U I U H T X H Q F B
Plain
Text
E S S O R F R E Q U E N C Y
Hence the decrypted code that is the plain text of the given cipher text is:
Cipher text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Plain text: INCREASE THE PROCESSOR FREQUENCY
("Steps of the Research Process - Excerpt", 2018)
9
Conclusion
I have successfully completed this assessment which is based on the fundamental security of
ATM and concept of biometric devices. I have fulfilled the aim of this assessment so that
learner can understand the security of different machines. In order to complete this
assessment, I have described the degree of importance for requirement like confidentiality,
integrity and availability. I have performed a calculation to define number attempt to identify
correct pin and found that a thief has to attempt 625 times to define correct ATM pin. I have
also identified reasons where people reluctant to use biometrics. I also have revealed
circumstance where false negatives are more significant than false positive.
10
I have successfully completed this assessment which is based on the fundamental security of
ATM and concept of biometric devices. I have fulfilled the aim of this assessment so that
learner can understand the security of different machines. In order to complete this
assessment, I have described the degree of importance for requirement like confidentiality,
integrity and availability. I have performed a calculation to define number attempt to identify
correct pin and found that a thief has to attempt 625 times to define correct ATM pin. I have
also identified reasons where people reluctant to use biometrics. I also have revealed
circumstance where false negatives are more significant than false positive.
10
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
References
5 steps to understanding your customer’s buying process | B2B Marketing.
(2018). B2bmarketing.net. Retrieved from
https://www.b2bmarketing.net/en/resources/blog/5-steps-understanding-your-customers-
buying-process
Chia, T. (2018). Confidentiality, Integrity, Availability: The three components of the CIA
Triad « Stack Exchange Security Blog. Security.blogoverflow.com. Retrieved from
https://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-
components-of-the-cia-triad/
Datta, D., & Zhao, H. (2018). Effect of false positive and false negative rates on inference of
binding target conservation across different conditions and species from ChIP-chip data.
Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC2637844/
False positive and False negative. Statistical errors explained. (2018). 365 Data Science.
Retrieved from https://365datascience.com/false-positive-vs-false-negative/
How many ATM pincode permutations/combinations can be produced with 4 digits?.
(2018). https://www.quora.com/. Retrieved from https://www.quora.com/How-many-ATM-
pincode-permutations-combinations-can-be-produced-with-4-digits
Problem, C. (2018). Combinatorics and Probability Problem. Math.stackexchange.com.
Retrieved from https://math.stackexchange.com/questions/293921/combinatorics-and-
probability-problem
Steps of the Research Process - Excerpt. (2018). human-kinetics. Retrieved from
http://www.humankinetics.com/excerpts/excerpts/steps-of-the-research-process
What is confidentiality, integrity, and availability (CIA triad)? - Definition from WhatIs.com.
(2018). WhatIs.com. Retrieved from https://whatis.techtarget.com/definition/Confidentiality-
integrity-and-availability-CIA
11
5 steps to understanding your customer’s buying process | B2B Marketing.
(2018). B2bmarketing.net. Retrieved from
https://www.b2bmarketing.net/en/resources/blog/5-steps-understanding-your-customers-
buying-process
Chia, T. (2018). Confidentiality, Integrity, Availability: The three components of the CIA
Triad « Stack Exchange Security Blog. Security.blogoverflow.com. Retrieved from
https://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-
components-of-the-cia-triad/
Datta, D., & Zhao, H. (2018). Effect of false positive and false negative rates on inference of
binding target conservation across different conditions and species from ChIP-chip data.
Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC2637844/
False positive and False negative. Statistical errors explained. (2018). 365 Data Science.
Retrieved from https://365datascience.com/false-positive-vs-false-negative/
How many ATM pincode permutations/combinations can be produced with 4 digits?.
(2018). https://www.quora.com/. Retrieved from https://www.quora.com/How-many-ATM-
pincode-permutations-combinations-can-be-produced-with-4-digits
Problem, C. (2018). Combinatorics and Probability Problem. Math.stackexchange.com.
Retrieved from https://math.stackexchange.com/questions/293921/combinatorics-and-
probability-problem
Steps of the Research Process - Excerpt. (2018). human-kinetics. Retrieved from
http://www.humankinetics.com/excerpts/excerpts/steps-of-the-research-process
What is confidentiality, integrity, and availability (CIA triad)? - Definition from WhatIs.com.
(2018). WhatIs.com. Retrieved from https://whatis.techtarget.com/definition/Confidentiality-
integrity-and-availability-CIA
11
1 out of 11
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.