Discuss about the Information Security for Automated Teller Machine.
ATM is an electronic device that helps to withdraw money without going to the bank. It is extremely effective and is present in every city, village or country in the world. The customer, who is withdrawing money, should have a valid bank account with balance in it (De Gramatica et al., 2015). The major advantage of this electronic device is that there is no time restriction and the client can withdraw his or her money anytime. Moreover, a huge amount of money could be extracted from the account and thus it is extremely advantageous for the customer.
The ATM or the Automated Teller Machine users are solely provided with personal identification number or PIN and an ATM card. The presence of both of these is required for any transaction. This PIN is a unique number of four digit and it is kept hidden or private. There are three basic requirements for maintenance of privacy and security in the PIN and other bank account details (Peltier, 2016). These are known as CIA or simply confidentiality, integrity and availability. The descriptions of these three requirements with proper examples are given below:
Confidentiality: The most important requirement for any ATM card is confidentiality. This can be referred to as privacy. This confidentiality is maintained by the customers by not sharing the credentials with the other users so that the data is not hacked at any cost.
The degree of importance of the confidentiality factor is extremely high as the PIN could easily be utilized for any type of illegal activities by the hackers.
The two examples of confidentiality are as follows:
The degree of importance of the integrity factor is extremely high as if the data would be changed, it could be used by the hackers.
The two examples of integrity are as follows:
Availability: The availability of relevant information and the hardware is required for making the transaction (Von Solms & Van Niekerk, 2013).
The degree of importance of the availability factor is high as without the information and hardware, transaction will not be made.
The examples of availability are as follows:
According to the given scenario, a thief has broken the Automated Teller Machine or an ATM after using a screwdriver and finally has jammed the card reader of that particular ATM machine. Next, this thief has broken the five keys from the keypad of the ATM.
Meanwhile, a customer gets in the ATM for withdrawing cash. He is successful in withdrawing cash, however unsuccessful in taking out the card; since the card reader is jammed. He thus, goes out for calling of help for getting out his ATM card from the machine.
The thief now wants to discover the PIN of the customer.
Total number of keys in PIN= 4
Total number of keys broken by the thief = 5.
Therefore, the total number of possibilities of permutation of the four keys is give below:
5P4 = 5!/(5 – 4)! = 5!/4! = 120.
Hence, the thief can detect up to 120 ways of permutation.
However, there is a restriction of 3 times in every ATM. After the third wrong attempt, the card would be blocked.
Biometric authentication systems are utilized for the proper and systematic identification of any specific individual with the help of his or her biological features. The identity of the user is verified with this type of system and thus is extremely effective and popular in respect to others (Bhagavatula et al., 2015). The methods of the biometric authentication are utilized for the protection of several types of systems. The logical systems that are facilitated through the access points of hardware to all the physical systems that are protected by the physical barriers, like secured research sites and secured facilities, are secured with biometric.
There are various types of biometric authentication systems that are utilized for successfully identifying the individuals. The most popular types are the fingerprint recognition, face recognition, scanning of iris, cornea, and hand palm, and voice recognition. These biometric authentication systems help the individual to protect their valuables or get entry to any secured or protected building (Frank et al., 2013). The most significant benefit of this type of system is that fake data or information is restricted. A database or an information system is present within the biometric system and the biological trait or data is matched with the previously existing data.
In spite of providing these benefits, few people do not want to use biometric authentication systems. There are eventually three major reasons for this type of phenomenon. The most significant reasons for not using biometric system are as follows:
There are various regulations like HIPAA and PCI-DDS that are used for resolving this problem.
ii) Lack of Data Accuracy: The next important problem is the lack of data accuracy as biometric systems does not provide 100% accuracy in data.
Various metrics like FAR or FRR help in this type of situation. They are the False Acceptance Rate and the False Rejection Rate.
Requirement of Hardware: Biometric authentication systems require extra hardware for their systems and thus this is an extra expense for the organization or individual using biometric.
Cheap hardware is the best answer for this problem.
Biometric authentication system is absolutely simple and easy in installing. Hence this particular system is solely utilized many users. The offices or the educational institutes use this system for the attendance purpose as this attendance is often forged by the employees or students. The users of the system do not need to know anything regarding technology as it is very simple to use (Lu et al., 2015). Biometric authentication system even helps in securing the phones, laptops, tablets or any computing devices. Since, the biological traits are unique, it is nearly impossible to forge the data. Moreover, these types of traits or attributes could not be given or transferred to anyone.
Two distinct types of biometric identification systems are present. One of them is based on the behaviour and the other is based on physiological features. The physiological features include fingerprint and face recognition, iris scan, cornea scan and many more. The behavioural features include voice, gait and behaviour of the individual.
There are various advantages of this biometric authentication system. The most significant advantage of this system is that it helps in the identification of the person uniquely and eventually. However, various disadvantages are also present within the biometric authentication system. Several situations occur, where the false negative rates of biometric are more serious than the false positive rates.
Two examples of this type of situations are given below:
The method of encrypting any plain text into the cipher text by shifting the characters or the group of characters to any regular system for constituting a permutation of that plaintext is known as transposition cipher in cryptography. The complete ordering of the units of that plaintext is changes or reordered (Singh, 2013). A bijective function is eventually utilized for encrypting the position of the characters of the plaintext and thus an inverse function is utilized for decrypting those characters’ positions. A specific algorithm is utilized for the purpose of encryption and decryption in transposition cipher.
One of the most simplified and an effective form of the transposition cipher is known as the rail fence cipher. It has got its name from the process of its encryption. In this type of cipher, the plain text to be converted is eventually written downwards, on the series of successive rails within a fence that is imaginary. Then it moves up and again comes down. This goes in a series and finally the plain text is converted to the cipher text and the cipher text is converted to a plain text.
Columnar transposition helps to use to the algorithm as many times as required for encryption. Thus, with the columnar transposition, the encryption could be done easily and promptly.
After using algorithms for Caesar cipher and substitution for George’s company, the cipher text could be decrypted.
Plain text: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE
Substitution key: 234
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
Encrypted Text |
N |
T |
J |
W |
K |
H |
X |
K |
|
Numeric value |
14 |
20 |
10 |
23 |
11 |
8 |
24 |
11 |
|
Substitution Key |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
|
Decoded from the substitution cipher |
12 |
17 |
6 |
21 |
8 |
4 |
22 |
8 |
|
Shifting as Caeser cipher |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
|
Decoded from Caeser cipher |
9 |
14 |
3 |
18 |
5 |
1 |
19 |
5 |
|
Decoded Text |
I |
N |
C |
R |
E |
A |
S |
E |
|
Encrypted Text |
A |
M |
K |
||||||
Corresponding numeric value |
1 |
13 |
11 |
||||||
Substitution Key |
4 |
2 |
3 |
||||||
Decoded from substitution cipher |
23 |
11 |
8 |
||||||
Shifting as Caeser cipher |
3 |
3 |
3 |
||||||
Decoded from caeser cipher |
20 |
8 |
5 |
||||||
Decoded Text |
T |
H |
E |
Encrypted Text |
W |
W |
U |
J |
J |
Y |
Z |
T |
X |
Corresponding numeric value |
23 |
23 |
21 |
10 |
10 |
25 |
26 |
20 |
24 |
Substitution Key |
4 |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
Decoded from substitution cipher |
19 |
21 |
18 |
6 |
8 |
22 |
22 |
18 |
21 |
Caeser cipher shift |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
Decoded from caeser cipher |
16 |
18 |
15 |
3 |
5 |
19 |
19 |
15 |
18 |
Decoded Text |
P |
R |
O |
C |
E |
S |
S |
O |
R |
Encrypted Text |
M |
W |
K |
X |
Z |
K |
U |
H |
E |
Corresponding numeric value |
13 |
23 |
11 |
24 |
26 |
11 |
21 |
8 |
5 |
Substitution Key |
4 |
2 |
3 |
4 |
2 |
3 |
4 |
2 |
3 |
Decoded from substitution cipher |
9 |
21 |
8 |
20 |
24 |
8 |
17 |
6 |
2 |
Shifting Caeser cipher |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
3 |
Decoded from caeser cipher |
6 |
18 |
5 |
17 |
21 |
5 |
14 |
3 |
25 |
Decoded Text |
F |
R |
E |
Q |
U |
E |
N |
C |
Y |
Hence, the decrypted text for the provided text of NTJWKHXK AMK WWUJJYZTX MWKXZKUHE is
INCREASE THE PROCESSOR FREQUENCY.
References
Andress, J. (2014). The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
Bhagavatula, C., Ur, B., Iacovino, K., Kywe, S. M., Cranor, L. F., & Savvides, M. (2015). Biometric authentication on iphone and android: Usability, perceptions, and influences on adoption. Proc. USEC, 1-2.
De Gramatica, M., Labunets, K., Massacci, F., Paci, F., & Tedeschi, A. (2015, March). The role of catalogues of threats and security controls in security risk assessment: an empirical study with ATM professionals. In International Working Conference on Requirements Engineering: Foundation for Software Quality (pp. 98-114). Springer, Cham.
Frank, M., Biedert, R., Ma, E., Martinovic, I., & Song, D. (2013). Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE transactions on information forensics and security, 8(1), 136-148.
Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. Journal of medical systems, 39(3), 32.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.
Singh, G. (2013). A study of encryption algorithms (RSA, DES, 3DES and AES) for information security. International Journal of Computer Applications, 67(19).
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), 217-224.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.
Xu, H., Zhou, Y., & Lyu, M. R. (2014, July). Towards continuous and passive authentication via touch biometrics: An experimental study on smartphones. In Symposium On Usable Privacy and Security, SOUPS (Vol. 14, pp. 187-198).
We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.
Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.
Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.
Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.
Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.
Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.
We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.
Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.
You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.
Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.
Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.
You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.
You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.
Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.
We create perfect papers according to the guidelines.
We seamlessly edit out errors from your papers.
We thoroughly read your final draft to identify errors.
Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!
Dedication. Quality. Commitment. Punctuality
Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.
We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.
We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.
We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.
We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.