Security Fundamentals Assignment
VerifiedAdded on 2020/05/16
|6
|1116
|216
AI Summary
This assignment explores the core concepts of information security, including confidentiality, integrity, and availability. It delves into false positives and negatives in authentication systems and demonstrates how to decrypt text using a substitution cipher. The assignment provides practical examples and insights into essential security principles.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: SECURITY FUNDAMENTALS 1
Security Fundamentals
Institution
Date
Name
Security Fundamentals
Institution
Date
Name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
SECURITY FUNDAMENTALS 2
Question 1
Confidentiality
The user will utilize their card PIN to access their bank accounts on the ATM.
It is expected that the PI is confidential on the system and also during the transaction in
the communication channel (Tchernykh, Schwiegelsohn, Talbi & Babenko, 2016). During transit
between the server and the host ATM.
For this case, the degree of importance of confidentiality goes to the extent which
unsecure PIN used to perform transactions may lead to the account being compromised. For this
reason, the PIN must be well encrypted in a secure transaction.
Integrity
The ATM user anticipates that the transaction he or she is performing goes well without
any accidental changes.
The degree of Integrity: The system must always be correct in all calculations on the
money. All withdrawals must be deducted correctly without any mistakes. Therefore, the
integrity of transactions must be kept since any transaction will directly affect the customer.
Availability
The ATM must at all times regardless of any circumstance be available to every customer
(Tchernykh et al., 2016).
The degree of availability: The ATM being always operational and serviceable will
improve the bank’s economic growth.
Question 1
Confidentiality
The user will utilize their card PIN to access their bank accounts on the ATM.
It is expected that the PI is confidential on the system and also during the transaction in
the communication channel (Tchernykh, Schwiegelsohn, Talbi & Babenko, 2016). During transit
between the server and the host ATM.
For this case, the degree of importance of confidentiality goes to the extent which
unsecure PIN used to perform transactions may lead to the account being compromised. For this
reason, the PIN must be well encrypted in a secure transaction.
Integrity
The ATM user anticipates that the transaction he or she is performing goes well without
any accidental changes.
The degree of Integrity: The system must always be correct in all calculations on the
money. All withdrawals must be deducted correctly without any mistakes. Therefore, the
integrity of transactions must be kept since any transaction will directly affect the customer.
Availability
The ATM must at all times regardless of any circumstance be available to every customer
(Tchernykh et al., 2016).
The degree of availability: The ATM being always operational and serviceable will
improve the bank’s economic growth.
SECURITY FUNDAMENTALS 3
Question 2.
The thief needs to enter a 4 digit pin. In a digit, he can only enter a maximum decimal of
10; that is entering either 0,1,2,3,4,5,6,7,8 or 9.
Now, the maximum pins he is required to enter is equaled the number of decimals he can
provide in each digit in every one of the four digits. For instance, if the four digit number is
ABCD, the thief can only provide 10 possible decimals in every of the four digits. That is, 10 in
A, B, C and in D.
Finally, the total number of pins required will be:
10*10*10*10 = 10000.
Question 3.
Utilizing biometrics can be daunting if you have more than one person to use the system.
One person will be called every time to help in logging into the system.
Second, biometrics can be very expensive since its market is still somehow fractured.
One would have to purchase a fingerprint scanner, an iris scanner or a voice recognition
framework as different products from different vendors (Alsaadi, 2015).
People also understand that biometric data just like any other kind of data is stored on
servers. If the servers are not well secured, they can be vulnerable to attacks.
Accuracy – It is true that biometrics can fail to validate the details of a person on many
occasions. Many people would shy away from this and just implement password protection
mechanisms.
Question 2.
The thief needs to enter a 4 digit pin. In a digit, he can only enter a maximum decimal of
10; that is entering either 0,1,2,3,4,5,6,7,8 or 9.
Now, the maximum pins he is required to enter is equaled the number of decimals he can
provide in each digit in every one of the four digits. For instance, if the four digit number is
ABCD, the thief can only provide 10 possible decimals in every of the four digits. That is, 10 in
A, B, C and in D.
Finally, the total number of pins required will be:
10*10*10*10 = 10000.
Question 3.
Utilizing biometrics can be daunting if you have more than one person to use the system.
One person will be called every time to help in logging into the system.
Second, biometrics can be very expensive since its market is still somehow fractured.
One would have to purchase a fingerprint scanner, an iris scanner or a voice recognition
framework as different products from different vendors (Alsaadi, 2015).
People also understand that biometric data just like any other kind of data is stored on
servers. If the servers are not well secured, they can be vulnerable to attacks.
Accuracy – It is true that biometrics can fail to validate the details of a person on many
occasions. Many people would shy away from this and just implement password protection
mechanisms.
SECURITY FUNDAMENTALS 4
Ways to counter these objections:
Biometric system vendors and developers need to come up with better strategies for
utilizing biometrics. For instance, they should implement a biometric system that allows for the
registration of several persons into a single system. This will aid in getting rid of the issue of
calling out a single individual to do the authentication every other time.
Vendors must now diversify into providing full-fledged biometric systems to clients. One
vendor should be able to provide an iris scanner, fingerprint reader and a voice recognition
system in order to reduce the costs.
Question 4.
A False Positive Situation is when an unauthenticated user is accepted yet they supposed
to be rejected. A false negative is when the authenticated user is rejected yet he or she should
have been accepted (Morton, Bryson, Coughlin, Rowe, Ravichandran, Petigura & Batalha,
2016).
False negatives can be very disastrous when for instance, is a scenario where biometrics
is utilized as the main method of authentication for getting into any asset premise. A false
negative thus in this situation means that an individual who should be allowed to get into the will
be denied entry. This, therefore, means that any asset maintenance will not be done as nobody
will be authenticated by the system.
Question 5.
Decrypting text using substitution is fairly easy. With this method, different shifts are
user to hide the letter distribution. A provided shift is utilized in every letter of the text.
Ways to counter these objections:
Biometric system vendors and developers need to come up with better strategies for
utilizing biometrics. For instance, they should implement a biometric system that allows for the
registration of several persons into a single system. This will aid in getting rid of the issue of
calling out a single individual to do the authentication every other time.
Vendors must now diversify into providing full-fledged biometric systems to clients. One
vendor should be able to provide an iris scanner, fingerprint reader and a voice recognition
system in order to reduce the costs.
Question 4.
A False Positive Situation is when an unauthenticated user is accepted yet they supposed
to be rejected. A false negative is when the authenticated user is rejected yet he or she should
have been accepted (Morton, Bryson, Coughlin, Rowe, Ravichandran, Petigura & Batalha,
2016).
False negatives can be very disastrous when for instance, is a scenario where biometrics
is utilized as the main method of authentication for getting into any asset premise. A false
negative thus in this situation means that an individual who should be allowed to get into the will
be denied entry. This, therefore, means that any asset maintenance will not be done as nobody
will be authenticated by the system.
Question 5.
Decrypting text using substitution is fairly easy. With this method, different shifts are
user to hide the letter distribution. A provided shift is utilized in every letter of the text.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
SECURITY FUNDAMENTALS 5
Thereafter, a key word is repeated severally as required to achieve similar length (Khan & Qazi,
2017). For this case, the key provided is 234. So for every letter in our cypher text, we shift
according to the key 234.
NTJ WKH XKA MKW WUJ JYZ TXM WKX ZKU HE
234 234 234 234 234 234 234 234 234 23
PWN YNL ZME OMA AXN LBD VAQ YNB BNY JH
This is done by shifting the letters according to the 234 key. If the letter is N for instance,
its plain text is shifted twice; that is through O and landing on P, thus making its plain text P. The
same is repeated for other letters.
With this, the final decrypted message therefore becomes:
PWNYNLZMEOMAAXNLBDVAQYNBBNYJH
Works Cited
Alsaadi, I. M. (2015). Physiological Biometric Authentication Systems, Advantages,
Disadvantages And Future Development: A Review. International Journal Of Scientific
& Technology Research, 4(8), 285-289.
Khan, F. H., & Qazi, F. (2017). Advance Procedure Of Encryption And Decryption Using
Transposition And Substitution. JOURNAL OF INFORMATION COMMUNICATION
TECHNOLOGIES AND ROBOTICS APPLICATIONS (JICTRA).(Formally known as
Journal of Computer Science of NICE). ISSN# 2226-3683, 6(1), 43-56.
Morton, T. D., Bryson, S. T., Coughlin, J. L., Rowe, J. F., Ravichandran, G., Petigura, E. A., ...
& Batalha, N. M. (2016). False positive probabilities for all Kepler objects of interest:
Thereafter, a key word is repeated severally as required to achieve similar length (Khan & Qazi,
2017). For this case, the key provided is 234. So for every letter in our cypher text, we shift
according to the key 234.
NTJ WKH XKA MKW WUJ JYZ TXM WKX ZKU HE
234 234 234 234 234 234 234 234 234 23
PWN YNL ZME OMA AXN LBD VAQ YNB BNY JH
This is done by shifting the letters according to the 234 key. If the letter is N for instance,
its plain text is shifted twice; that is through O and landing on P, thus making its plain text P. The
same is repeated for other letters.
With this, the final decrypted message therefore becomes:
PWNYNLZMEOMAAXNLBDVAQYNBBNYJH
Works Cited
Alsaadi, I. M. (2015). Physiological Biometric Authentication Systems, Advantages,
Disadvantages And Future Development: A Review. International Journal Of Scientific
& Technology Research, 4(8), 285-289.
Khan, F. H., & Qazi, F. (2017). Advance Procedure Of Encryption And Decryption Using
Transposition And Substitution. JOURNAL OF INFORMATION COMMUNICATION
TECHNOLOGIES AND ROBOTICS APPLICATIONS (JICTRA).(Formally known as
Journal of Computer Science of NICE). ISSN# 2226-3683, 6(1), 43-56.
Morton, T. D., Bryson, S. T., Coughlin, J. L., Rowe, J. F., Ravichandran, G., Petigura, E. A., ...
& Batalha, N. M. (2016). False positive probabilities for all Kepler objects of interest:
SECURITY FUNDAMENTALS 6
1284 newly validated planets and 428 likely false positives. The Astrophysical
Journal, 822(2), 86.
Tareef, A., & Al-Ani, A. (2015). A highly secure oblivious sparse coding-based watermarking
system for ownership verification. Expert Systems with Applications, 42(4), 2224-2233.
1284 newly validated planets and 428 likely false positives. The Astrophysical
Journal, 822(2), 86.
Tareef, A., & Al-Ani, A. (2015). A highly secure oblivious sparse coding-based watermarking
system for ownership verification. Expert Systems with Applications, 42(4), 2224-2233.
1 out of 6
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.