Discuss about the Information Security for Fundamentals of InfoSec in Theory and Practice.
Automated Teller Machine or an ATM is used for the purpose of withdrawing cash without even visiting to the bank or without interacting with the bank staff members. Three important requirements are present for the ATM card and the PIN. They are as follows:
Confidentiality: It is the other name for privacy and it helps to maintain the privacy of the ATM card. Under no circumstances, the confidentiality of the card should be lost. The user would major losses if this type of situation arrives (Peltier, 2013).
The degree of importance of confidentiality is high since, unsecured PIN during the transactions can lead to the compromise of the bank account and therefore, encryption must be present.
The examples of confidentiality in ATM system are as follows:
The degree of importance of integrity is high as if any hacker or thief gets hold of the ATM card or PIN; they might change the data for the purpose of withdrawing money. Hence, data integrity should be maintained properly.
The examples are as follows:
Availability: The next requirement is the availability of valid information and hardware. If these would be absent, it is impossible to execute any transaction.
The degree of importance of availability of information and hardware is extremely high as without the information of PIN, ATM card and the ATM, it is impossible to use them.
The examples are as follows:
According to the given scenario, the thief wants to discover the PIN of the customer.
There is a process to find out the PIN of the customer. There are four keys in a PIN and for discovering the accurate PIN of the customer; the thief should undergo a series of permutations.
The series of the PIN of the customer can be from 0 to 9.
Available keys = 4.
Keys broken in the keypad= 5.
Hence, the total no of probabilities for detecting the PIN is
5P4 = 5!/(5 – 4)! = 5!/4! = 120.
Therefore, the thief can detect the correct PIN up to 120 ways.
However, only 3 times the PIN could be given. After the third wrong attempt, the ATM card would be automatically blocked.
Biometric authentication system is utilized for identifying any particular individual with the help of his or her biological traits and attributes. A database is maintained in this purpose, where the data is matched with the previously existing data. When the data is matched, the person is termed as authorized, else unauthorized (Bhagavatula et al., 2015). The most significant examples of biometric authentication system are the fingerprint recognition, face or voice recognition, retina scan and iris scan.
However, in spite of all these advantages, biometric authentication system is still not used by few people. The main reasons with their solutions for this are given below:
To solve this problem, cheap machines are available in the market that does not incur huge cost and does not exceed the budget limit (De Gramatica et al., 2015).
To solve this problem, metrics like False Acceptance Rate and False Rejection Rate are utilized that determine the accuracy.
Password Resetting: The third problem is password resetting. It is extremely difficult to reset the password.
To solve this problem, regulations like PCI-DDS and HIPAA can be used.
Biometric authentication system is the procedure of recognition of any specific individual with the help of his or her biological traits and attributes. These are exclusively utilized for uniquely identifying the person. This type of authentication is also used to lock or unlock any phone, laptop or any other computing device.
The biometric identification is done either by physiological or by behavioural features. The physiological features include the body parts like fingerprint recognition, face or voice recognition, retina scan and iris scan (De Gramatica et al., 2015). The behavioural attributes include the behaviour, voice and gait of the person.
Many times, there are certain situations, where the false negative rates get higher and serious than the false positive rates. The examples of two such situations are as follows:
In cryptography, transposition is the best method for encryption. Rail fence cipher is the best form of the transposition cipher that is used for decrypting the encrypted cipher in a proper sequence (Singh, 2013). It is extremely effective and could be executed quickly.
George decided to send the instructions completely encrypted under Caesar cipher by following one after another.
The substitution key is 234 and the cipher text is NTJWKHXK AMK WWUJJYZTX MWKXZKUHE.
After using the algorithms of Caesar cipher and substitution, the given encrypted text could be decrypted as:
|
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z |
|
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
|
Encrypted Text |
N |
T |
J |
W |
K |
H |
X |
K |
|
|
Numeric value |
14 |
20 |
10 |
23 |
11 |
8 |
24 |
11 |
|
|
Substitution Key |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
|
|
Decoded from the substitution cipher |
12 |
17 |
6 |
21 |
8 |
4 |
22 |
8 |
|
|
Shifting as Caeser cipher |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
|
|
Decoded from Caeser cipher |
9 |
14 |
3 |
18 |
5 |
1 |
19 |
5 |
|
|
Decoded Text |
I |
N |
C |
R |
E |
A |
S |
E |
|
|
Encrypted Text |
A |
M |
K |
||||||
|
Corresponding numeric value |
1 |
13 |
11 |
||||||
|
Substitution Key |
4 |
2 |
3 |
||||||
|
Decoded from substitution cipher |
23 |
11 |
8 |
||||||
|
Shifting as Caeser cipher |
3 |
3 |
3 |
||||||
|
Decoded from caeser cipher |
20 |
8 |
5 |
||||||
|
Decoded Text |
T |
H |
E |
|
Encrypted Text |
W |
W |
U |
J |
J |
Y |
Z |
T |
X |
|
Corresponding numeric value |
23 |
23 |
21 |
10 |
10 |
25 |
26 |
20 |
24 |
|
Substitution Key |
4 |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
|
Decoded from substitution cipher |
19 |
21 |
18 |
6 |
8 |
22 |
22 |
18 |
21 |
|
Caeser cipher shift |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
|
Decoded from caeser cipher |
16 |
18 |
15 |
3 |
5 |
19 |
19 |
15 |
18 |
|
Decoded Text |
P |
R |
O |
C |
E |
S |
S |
O |
R |
|
Encrypted Text |
M |
W |
K |
X |
Z |
K |
U |
H |
E |
|
Corresponding numeric value |
13 |
23 |
11 |
24 |
26 |
11 |
21 |
8 |
5 |
|
Substitution Key |
4 |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
|
Decoded from substitution cipher |
9 |
21 |
8 |
20 |
24 |
8 |
17 |
6 |
2 |
|
Shifting Caeser cipher |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
|
Decoded from caeser cipher |
6 |
18 |
5 |
17 |
21 |
5 |
14 |
3 |
25 |
|
Decoded Text |
F |
R |
E |
Q |
U |
E |
N |
C |
Y |
Hence, the decrypted text for the provided text of NTJWKHXK AMK WWUJJYZTX MWKXZKUHE is
INCREASE THE PROCESSOR FREQUENCY.
References
Andress, J. (2014). The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
Bhagavatula, C., Ur, B., Iacovino, K., Kywe, S. M., Cranor, L. F., & Savvides, M. (2015). Biometric authentication on iphone and android: Usability, perceptions, and influences on adoption. Proc. USEC, 1-2.
De Gramatica, M., Labunets, K., Massacci, F., Paci, F., & Tedeschi, A. (2015, March). The role of catalogues of threats and security controls in security risk assessment: an empirical study with ATM professionals. In International Working Conference on Requirements Engineering: Foundation for Software Quality (pp. 98-114). Springer, Cham.
Peltier, T. R. (2013). Information security fundamentals. CRC Press.
Singh, G. (2013). A study of encryption algorithms (RSA, DES, 3DES and AES) for information security. International Journal of Computer Applications, 67(19).
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), 217-224.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download