Security Fundamentals Assignment - Security in Banking Systems

Verified

Added on 2023/01/19

AI Summary

This assignment delves into the realm of security fundamentals, focusing on the critical aspects of ATM security, biometric authentication, and encryption techniques. The first question examines the core principles of confidentiality, integrity, and availability within the context of ATM systems. The second question involves a permutation problem, calculating the possible PIN combinations given a limited set of keys. The assignment then explores the challenges and issues associated with biometric authentication, including accuracy, cost, and potential points of failure. Furthermore, the assignment presents real-world scenarios illustrating the occurrence of false negatives and false positives in biometric systems. Finally, the assignment concludes with a decryption exercise, where students are tasked with deciphering a ciphertext using a substitution cipher and determining the original message. The student has provided a detailed analysis of the questions and problems related to security fundamentals and provided well-referenced answers to the assignment questions.

SECURITY FUNDAMENTAL 0
Security Fundamental

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SECURITY FUNDAMENTAL 1
Question 1
The term ATM refers to the automatic teller machine which is one of the modern
techniques that involve in the banking sectors. Mainly, such kind of technology requires a
personal identification number of PIN number in order to access the bank account of
consumers. This question will discuss the examples of confidentiality, integrity and
availability of the ATM machine.
Confidentiality
It is observed that for accessing the bank accounts of consumers a credit or debit is
required along with the personal identification number. The PIN number provides a platform
for accessing the debit or credit card through ATM machine and it also increases the level of
security (Asgari, et al., 2017). It is analysed that the banks also need to control and manage
the security of consumer’s accounts whenever an interaction is happening between the ATM
machine and bank network. Therefore, effective encryption technique along with the PIN
number ensures that the high level of confidentiality is controlled and managed properly.
Integrity
In this modern era, it is very important for improving and optimizing the ATM
machines in order to ensure the integrity of systems. By using integrity of system banks can
improve the privacy and security of the systems and they can be maintained the data or
information transferred from bank to consumers (Montefusco, Casar, Koelle, & Stelkens-
Kobsch, 2016). Therefore, it is argued that the authority of consumer’s accounts should be
incorporated for maintaining problems and queries related to the bank accounts of
individuals.
Availability
The frequency of automatic teller machine is completely depended on the demand of
individual and banking sectors should regularly update the accounts of consumers for
reducing the issues faced by the users. The availability of the ATM systems can influence the
use of information and communication technology and it helps banking industries for
reducing risk factors linked with the ATM machine. From a recent study, it has been found
that the unavailability of the automatic teller machine can enhance the numerous kinds of
issues and lead the dissatisfaction or unsatisfied related problems. However, the availability

SECURITY FUNDAMENTAL 2
of the automatic teller machine with more efficiency and effectiveness in terms of product
and service could interconnect a large number of users at a time.
Question 2
After analysing the give question it has been found that there are a total of ten
numbers of keys present in the automatic teller machine which start from 0 to 9. In which the
consumer is required to enter the PIN numbers for accessing their bank accounts through a
debit card. Moreover, the thief took out from only five number keys so, only five major keys
are left in order to access the bank account. So, here the value of n equals to 5 and r equals to
the 4 as per the given question because PIN number contains only 4 digital numeric numbers.
This problem can be solved with the help of permutation concept in which the numbers of
permutations at a time duration is determined by the below equation
P (n, r) = nPp
Here, the value of n equals to 5 and r is equal to 4 and putting these values in the
above equation consumers can find the value of P.
So, from the above equation, it is analysed the maximum numbers of pins to be
allowed are 624 because 1 of the possible permutation is the correct PIN number of the debit
card. So, the answer to this question is 624 which do not involve the correct PIN number.
Question 3
There are following key aspects for utilizing bio-metric authentication procedure:
Accuracy issue
It is analysed the proper authentication of the consumer’s account is one of the
common problems with the implantation of bio-metric systems. Mainly, bio-metric often
becomes less efficient in terms of analysing the body parts and must be authenticated in a
proper manner (De Luca, Hang, Von Zezschwitz, & Hussmann, 2015).
Cost
The second problems linked with the bio-metric systems are more expansive and
complex for designing and implementing (Hejazi, et al., 2016). Therefore, it has been

SECURITY FUNDAMENTAL 3
suggested that the effective evaluation of location required to be completed before developing
and implementing the bio-metric systems.
Points of failure
The entire bio-metric system is linked with every communication system and single
failure point can break the entire system which is another key issue with this technique. Due
to which automatic teller machines are not working properly and consumers suffer from
points of failure regarding access their accounts (Ghosh, et al., 2017).
Question 4
In this modern era, there are numerous types of scenarios and case studies available
which indicates the presence of false negatives over and above false positive. Some of them
are described below:
Case one
It is observed that the key aspect of the bio-metric process is dependent on the face
recognition and it is very complex for consumers to secure and private their personal data
files (Lu, Li, Peng, & Yang, 2015). Moreover, the urgent requirements of money could not be
processed by the bio-metric systems due to which the user may face the situation of a false
negative. In the case of the negative process the bio-metric system provides a platform for
hackers to access the detail of location.
Case two
The fundamental concept of biometric system deals with the physical conditions of
users and develop situation close to the consumer’s death. However, individuals who are
running with cardiac arrest process would not collect more assistance because the biometric
process could not scan the location of other users (Choi, Lee, & Yoon, 2016). Therefore, this
type of issue falls into the false negative section and it is one of the dangers problems for
every consumer. Loss of consumer’s character is another key factor linked with biometric
which is occurred due to numerous administrations systems.
Question 5
From the given scenario it has been found that the cipher text transferred from source is
LC DOMX IZY XVHP XMJQSH AANW FIHABRT. For decoding the given cipher text a
substation process can be adopted which includes the following steps:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SECURITY FUNDAMENTAL 4
 Initially, determine the key value used by the employees for sending and receiving
information.
 After that, apply the formula of cipher technique which is given by:

 Put the value of key parameters used in the cipher equation and decode each alphabet
as per the given key value (Jones, 2016).
For this situation, the value of the key is 15 and putting the value of x and k in the cipher
equation for finding the original message. Therefore, the value of plain text for the given
cipher text is “WN ONXI TKJ IGSA IXUBDS LLYH QTSLMCE”. However, in the cipher
text, every alphabet is shifted by the 15 because here employees used 15 as a key value.
So, cipher text is LC DOMX IZY XVHP XMJQSH AANW FIHABRT and the plain text
or original information sent by the employee is WN ONXI TKJ IGSA IXUBDS LLYH
QTSLMCE.

SECURITY FUNDAMENTAL 5
References
Asgari, H., Stelkens-Kobsch, T. H., Montefusco, P., Abhaya, L., Koelle, R., Markarian, G., &
D'Auria, G. (2017). Provisioning for a distributed ATM security management: The
GAMMA approach. IEEE Aerospace and Electronic Systems Magazine, 32(11), 5-21.
Choi, H. S., Lee, B., & Yoon, S. (2016). Biometric authentication using noisy
electrocardiograms acquired by mobile sensors. IEEE Access, 4, 1266-1273.
De Luca, A., Hang, A., Von Zezschwitz, E., & Hussmann, H. (2015). I feel like i'm taking
selfies all day!: Towards understanding biometric authentication on smartphones.
In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing
Systems, 10(2), 1411-1414.
Ghosh, S., Majumder, A., Goswami, J., Kumar, A., Mohanty, S. P., & Bhattacharyya, B. K.
(2017). Swing-pay: One card meets all user payment and identity needs: A digital
card module using NFC and biometric authentication for peer-to-peer payment. IEEE
Consumer Electronics Magazine, 6(1), 82-93.
Hejazi, M., Al-Haddad, S. A. R., Singh, Y. P., Hashim, S. J., & Aziz, A. F. A. (2016). ECG
biometric authentication based on a non-fiducial approach using kernel
methods. Digital Signal Processing, 52, 72-86.
Jones, J. (2016). A Columnar Transposition cipher in a contemporary setting. IACR
Cryptology ePrint Archive, 2016, 5.
Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). An enhanced biometric-based authentication
scheme for telecare medicine information systems using elliptic curve
cryptosystem. Journal of medical systems, 39(3), 32.
Montefusco, P., Casar, R., Koelle, R., & Stelkens-Kobsch, T. H. (2016). Addressing security
in the ATM environment: from identification to validation of security
countermeasures with the introduction of new security capabilities in the ATM system
context. In 2016 11th International Conference on Availability, Reliability and
Security (ARES), 12(2), 532-541.