Assessment Item 2: Information Security Solutions and Case Studies
VerifiedAdded on 2025/04/29
|11
|1777
|267
AI Summary
Desklib provides past papers and solved assignments like this ITC595 Information Security project, helping students understand complex topics.
ITC595 - INFORMATION SECURITY
ASSESSMENT ITEM 2
ASSESSMENT ITEM 2
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
Introduction................................................................................................................................3
Solution One:.............................................................................................................................4
Solution Two..............................................................................................................................4
Solution Three............................................................................................................................5
Solution Four..............................................................................................................................6
Solution Five..............................................................................................................................6
Conclusion..................................................................................................................................9
References................................................................................................................................10
Introduction................................................................................................................................3
Solution One:.............................................................................................................................4
Solution Two..............................................................................................................................4
Solution Three............................................................................................................................5
Solution Four..............................................................................................................................6
Solution Five..............................................................................................................................6
Conclusion..................................................................................................................................9
References................................................................................................................................10
Introduction
This file will contain the assignment which would have 5 questions. After going through the
file the reader would have gain brief knowledge on working of an ATM, how bio-metric
works & what are the advantages and disadvantages of ATM & how to overcome these
disadvantages. The first question contains the complete description on how ATM pin is
useful, in the second question a case study is given which is based on P&C and is a numerical
question, in the third question bio-metric system is briefly explained and their drawbacks will
be mentioned and correct measures which should be taken to remove these problems are
mentioned, in the fourth part brief explanation will be made on false negative and false
positive, in fifth part which would be the last part would contain encrypting using
transposition techniques and brief idea would be given on the topic Encryption and
decryption.
This file will contain the assignment which would have 5 questions. After going through the
file the reader would have gain brief knowledge on working of an ATM, how bio-metric
works & what are the advantages and disadvantages of ATM & how to overcome these
disadvantages. The first question contains the complete description on how ATM pin is
useful, in the second question a case study is given which is based on P&C and is a numerical
question, in the third question bio-metric system is briefly explained and their drawbacks will
be mentioned and correct measures which should be taken to remove these problems are
mentioned, in the fourth part brief explanation will be made on false negative and false
positive, in fifth part which would be the last part would contain encrypting using
transposition techniques and brief idea would be given on the topic Encryption and
decryption.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Solution One:
ATM stands for Automated teller machine which is used to withdraw and deposit cash in the
account. There are around 3.5 million machines installed throughout the world. The ATM can
be accessed through a card which is unique for every individual and has a pin which is used
for security purposes. pin stands for the personal identification number, and it is must for
getting the access of the account. After inserting the card the pin is asked so that the account
can be verified.
ATM consist of CPU which is used to control transactions and handles user interface, pad for
entering the pin, secure microprocessor, keys which are used to navigate through the machine
printer to print the slip, indicators, and sensors.
there are various features which are used to protect the ATM from getting hacked such as the
ATM automatically lock itself when any manipulation is done on the firewall and alert the
operator if any other person rather than authorized person open the machine(Gurunathan, A.,
& Pareek, R et al.,2017).
Integrity:
The access is given 3rd person apart from the user. the 3rd person can manage the transaction
of the account holder. For example, a 3rd person can make changes to the account if the
amount is correct which is to be transferred.
Confidentiality:
The most effective way of providing confidentiality is that the message is encrypted and only
the receiver has the ability to decrypt the code. for example, the user enters the pin to get
verified a use the ATM machine.
Availabilities:
Only authorized persons can access the account which is verified by entering the correct card
and pin. Misuse of account is prevented through the pin system. for example, unique details
are provided to a machine for verification.
ATM stands for Automated teller machine which is used to withdraw and deposit cash in the
account. There are around 3.5 million machines installed throughout the world. The ATM can
be accessed through a card which is unique for every individual and has a pin which is used
for security purposes. pin stands for the personal identification number, and it is must for
getting the access of the account. After inserting the card the pin is asked so that the account
can be verified.
ATM consist of CPU which is used to control transactions and handles user interface, pad for
entering the pin, secure microprocessor, keys which are used to navigate through the machine
printer to print the slip, indicators, and sensors.
there are various features which are used to protect the ATM from getting hacked such as the
ATM automatically lock itself when any manipulation is done on the firewall and alert the
operator if any other person rather than authorized person open the machine(Gurunathan, A.,
& Pareek, R et al.,2017).
Integrity:
The access is given 3rd person apart from the user. the 3rd person can manage the transaction
of the account holder. For example, a 3rd person can make changes to the account if the
amount is correct which is to be transferred.
Confidentiality:
The most effective way of providing confidentiality is that the message is encrypted and only
the receiver has the ability to decrypt the code. for example, the user enters the pin to get
verified a use the ATM machine.
Availabilities:
Only authorized persons can access the account which is verified by entering the correct card
and pin. Misuse of account is prevented through the pin system. for example, unique details
are provided to a machine for verification.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Solution Two
In this, a case study is given in which the thief damages the pin pad and only 5 keys were left
which were working. The thief installed a machine which stole the details of the card when
the card is inserted into the ATM. now the thief has only 5 keys and the combination from
these 5 keys would provide the correct pin. The pin can start from '0000' and end at '9999',
within this range the combinations are made.
In this question, P&C would be used for telling how many tries the thief has to make in order
to break the code. Out of 10 keys, only 5 keys are working that means the combinations are to
be made with only 5 key which is left.
The formula for calculating P&C are given below (Tallarida et al., 2015)
NPR = n!/(nr)!
Thief would enter the 5 digits remaining in 4 digit PIN code.
5 5 5 5
0 1 2 3
Thief should have enter all 5 digits which are remaining in keypad of ATM, for this number
of combinations which are possible are 5*5*5*5
= 625
Therefore, Thief would have to make 625 combinations to guess the answer and out of which
one is correct. So total after 624 combinations answer would be possible in worst case
scenario.
In this, a case study is given in which the thief damages the pin pad and only 5 keys were left
which were working. The thief installed a machine which stole the details of the card when
the card is inserted into the ATM. now the thief has only 5 keys and the combination from
these 5 keys would provide the correct pin. The pin can start from '0000' and end at '9999',
within this range the combinations are made.
In this question, P&C would be used for telling how many tries the thief has to make in order
to break the code. Out of 10 keys, only 5 keys are working that means the combinations are to
be made with only 5 key which is left.
The formula for calculating P&C are given below (Tallarida et al., 2015)
NPR = n!/(nr)!
Thief would enter the 5 digits remaining in 4 digit PIN code.
5 5 5 5
0 1 2 3
Thief should have enter all 5 digits which are remaining in keypad of ATM, for this number
of combinations which are possible are 5*5*5*5
= 625
Therefore, Thief would have to make 625 combinations to guess the answer and out of which
one is correct. So total after 624 combinations answer would be possible in worst case
scenario.
Solution Three
Inaccuracy in Matching:
In this days password for any computer related data is being stored in a hash format which
will provide more security to it a can dorm more credentials issues. While talking about a
biometric system which is being used in the various organization and many smartphones have
used fingerprints as a function which will provide more security in their smartphones.
Applications in a smartphone can be secured with the help of fingerprint and can be used
further for more security concern and to provide maximum security to their customers.
Accuracy is being a point of research in this field and various approaches are being used to
attain maximum efficiency of the biometric in a smartphone. ( Karovaliya et al, 2015)
Breaching of data:
Data is one of the most important concerns in security and data security should be attained.
To provide maximum security of data biometric is being used bu inaccuracy of fingerprint
system it may cause concern to the user about their data. Breaches of data would be a concern
because hackers are attacking their data and can cause breached into their some confidential
data. To avoid this some algorithm should be made which are under development and can
cause protection of data with more security.
Large information value:
Information in the era is being increased at an exponential data and security concerns for the
data is also being increased. Information value has been increased and data information is
being increased. The user should have to set some unique passwords which are unable or
complex which will take time for cracking of password. To do this customer should set their
password between 8 to 32 characters with some lower case and upper case letters with a
combination of numeric as well as alphanumeric characters. ( Gurunathan, A., & Pareek, R.
2017)
Inaccuracy in Matching:
In this days password for any computer related data is being stored in a hash format which
will provide more security to it a can dorm more credentials issues. While talking about a
biometric system which is being used in the various organization and many smartphones have
used fingerprints as a function which will provide more security in their smartphones.
Applications in a smartphone can be secured with the help of fingerprint and can be used
further for more security concern and to provide maximum security to their customers.
Accuracy is being a point of research in this field and various approaches are being used to
attain maximum efficiency of the biometric in a smartphone. ( Karovaliya et al, 2015)
Breaching of data:
Data is one of the most important concerns in security and data security should be attained.
To provide maximum security of data biometric is being used bu inaccuracy of fingerprint
system it may cause concern to the user about their data. Breaches of data would be a concern
because hackers are attacking their data and can cause breached into their some confidential
data. To avoid this some algorithm should be made which are under development and can
cause protection of data with more security.
Large information value:
Information in the era is being increased at an exponential data and security concerns for the
data is also being increased. Information value has been increased and data information is
being increased. The user should have to set some unique passwords which are unable or
complex which will take time for cracking of password. To do this customer should set their
password between 8 to 32 characters with some lower case and upper case letters with a
combination of numeric as well as alphanumeric characters. ( Gurunathan, A., & Pareek, R.
2017)
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Solution Four
In False positive, the user gets access due to the mismatch of the identity. The user accesses
the details of another person.
In False negative, the user tries to access the account but couldn’t get access as the machine
doesn’t recognize the user and denies the request for access.
One condition is that the user tries to access the machine which has face recognition or
fingerprint sensor but the machine could not match the details with the user which was stored
in the system so it denies the request and doesn’t allow the user to access the machine. This
condition comes under false negative as the user is valid but the machine could not identify
the user.
The second case could be that the user is not authorized to access the account but somehow
machine matches the fingerprint or face recognition with the data stored in the system and
allows the user to access the account. This condition comes under false positive as the user
who is not authorized gets access to the account.
In False positive, the user gets access due to the mismatch of the identity. The user accesses
the details of another person.
In False negative, the user tries to access the account but couldn’t get access as the machine
doesn’t recognize the user and denies the request for access.
One condition is that the user tries to access the machine which has face recognition or
fingerprint sensor but the machine could not match the details with the user which was stored
in the system so it denies the request and doesn’t allow the user to access the machine. This
condition comes under false negative as the user is valid but the machine could not identify
the user.
The second case could be that the user is not authorized to access the account but somehow
machine matches the fingerprint or face recognition with the data stored in the system and
allows the user to access the account. This condition comes under false positive as the user
who is not authorized gets access to the account.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Solution Five
There are many techniques which are used for encrypting the text and in this assignment
Transposition technique is used for encryption. These techniques provide security as they are
converted into numbers and these can be decrypted by the receiver only. These techniques are
called cryptography. In this the message is sent from the user side is converted into encrypted
form and then the message is sent over the network which is decrypted at the server side. This
technique makes it harder to take the valuable information.
Decryption
In decryption, the data which is received from the user side is decoded to the original
message which is readable by the user. This message can only be decrypted by the receiver
who has the authenticity to read the message. The messages which are received are of equal
length when received and length of numbers and character when decrypted are of the same
size. These are read in the pattern such as columns (Delivett & Walton et al., 2015).
Encryption
This is the process used when the message is to be sent over the network. The messages
which are transmitted over the networks are converted into numerical values. These messages
are sent in a rail format and these in the form of a matrix which is written in the form of
columns.
Numerical
First Step: The given question have 30 characters which is being converted into numbers with
a convention of A=0, B=1… Z= 26.
Below are text which is being converted into numbers. After that all have been mod with 26
to provide a cipher.
mod26: 4,13,17, 8,4,14, 4,23,23, 10,9,2, 12,22,4, 20,10,14, 25,14,18, 3,13,17, 2,26,13,
25,13,13
Second Step: Decrypted Vignere Cipher with respect to key: 567 / FGH. In this step every
key which is being mod with 26 is then converted into decrypted Viegnere Cipher by
subtracting 567 to the moded values.
There are many techniques which are used for encrypting the text and in this assignment
Transposition technique is used for encryption. These techniques provide security as they are
converted into numbers and these can be decrypted by the receiver only. These techniques are
called cryptography. In this the message is sent from the user side is converted into encrypted
form and then the message is sent over the network which is decrypted at the server side. This
technique makes it harder to take the valuable information.
Decryption
In decryption, the data which is received from the user side is decoded to the original
message which is readable by the user. This message can only be decrypted by the receiver
who has the authenticity to read the message. The messages which are received are of equal
length when received and length of numbers and character when decrypted are of the same
size. These are read in the pattern such as columns (Delivett & Walton et al., 2015).
Encryption
This is the process used when the message is to be sent over the network. The messages
which are transmitted over the networks are converted into numerical values. These messages
are sent in a rail format and these in the form of a matrix which is written in the form of
columns.
Numerical
First Step: The given question have 30 characters which is being converted into numbers with
a convention of A=0, B=1… Z= 26.
Below are text which is being converted into numbers. After that all have been mod with 26
to provide a cipher.
mod26: 4,13,17, 8,4,14, 4,23,23, 10,9,2, 12,22,4, 20,10,14, 25,14,18, 3,13,17, 2,26,13,
25,13,13
Second Step: Decrypted Vignere Cipher with respect to key: 567 / FGH. In this step every
key which is being mod with 26 is then converted into decrypted Viegnere Cipher by
subtracting 567 to the moded values.
26: 25,7, 10, 3,24,7,25, 17,16,5, 3,21,7,16, 23,15,4,7,20,8, 11,24,7,10, 23,16, 6, 20, 7, 6.
Third Step: Brute force methods will be applied which will check each cipher text at certain
shifts and by following this procedures, at shift 3 result will be achieved.
Verifying until 25 shifts
Shift +1…..
Shift +2…..
Shift +3 = WE HAVE WON CASE NUMBER FIVE HUNDRED
Third Step: Brute force methods will be applied which will check each cipher text at certain
shifts and by following this procedures, at shift 3 result will be achieved.
Verifying until 25 shifts
Shift +1…..
Shift +2…..
Shift +3 = WE HAVE WON CASE NUMBER FIVE HUNDRED
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Conclusion
The report is made on the assignment which has five questions. After reading this report the
reader will understand the concept of ATM's working and need of ATM pin to make it
secure. There is a case study mention in which permutation and combination are used to find
the solution for the numerical problem. Another part consists of information on biometrics
and their problems mentioned with appropriate solutions. The last two parts contain
information on false negative & positive and different techniques used for encryption and
description using transposition technique. A question is also solved for encryption and
decryption.
The report is made on the assignment which has five questions. After reading this report the
reader will understand the concept of ATM's working and need of ATM pin to make it
secure. There is a case study mention in which permutation and combination are used to find
the solution for the numerical problem. Another part consists of information on biometrics
and their problems mentioned with appropriate solutions. The last two parts contain
information on false negative & positive and different techniques used for encryption and
description using transposition technique. A question is also solved for encryption and
decryption.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
References Gurunathan, A., & Pareek, R. (2017). U.S. Patent Application No. 15/262,764
Karovaliya, M., Karedia, S., Oza, S., & Kalbande, D. R. (2015). Enhanced security
for ATM machine with OTP and Facial recognition features. Procedia Computer
Science, 45, 390-396.
Meena, D., Pathak, P., & Gupta, S. (2016). Cryptography Bases Solution FOR
Distributed Denial of Service Attack in Manet. International Journal of Grid and
Distributed Computing, 9(6), 219-234.
Nandakumar, K., & Jain, A. K. (2015). Biometric template protection: Bridging the
performance gap between theory and practice. IEEE Signal Processing Magazine,
32(5), 88-100.
Tallarida, R. J. (2015). Pocketbook of integrals and mathematical formulas. Chapman
and Hall/CRC.
Walton, T., & Delivett, P. (2016). U.S. Patent No. 9,460,296. Washington, DC: U.S.
Patent and Trademark Office.
Karovaliya, M., Karedia, S., Oza, S., & Kalbande, D. R. (2015). Enhanced security
for ATM machine with OTP and Facial recognition features. Procedia Computer
Science, 45, 390-396.
Meena, D., Pathak, P., & Gupta, S. (2016). Cryptography Bases Solution FOR
Distributed Denial of Service Attack in Manet. International Journal of Grid and
Distributed Computing, 9(6), 219-234.
Nandakumar, K., & Jain, A. K. (2015). Biometric template protection: Bridging the
performance gap between theory and practice. IEEE Signal Processing Magazine,
32(5), 88-100.
Tallarida, R. J. (2015). Pocketbook of integrals and mathematical formulas. Chapman
and Hall/CRC.
Walton, T., & Delivett, P. (2016). U.S. Patent No. 9,460,296. Washington, DC: U.S.
Patent and Trademark Office.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.