ITC595 Assignment 2: Security Fundamentals
Answer 1: ATM is an acronym for Automatic Teller Machine which enables customers to use services of the bank without requiring help from the cashier or bank teller.
• Confidentiality: It prevents data to be accessed and used by the illegitimate entity.
Importance: Important to perform business transactions, important for securing personal information of the customers.
Example: ATM PIN is important for accessing the ATM and can be used for attaining confidentiality.
• Integrity: It is a technique used for preventing any alteration or modification in data transferred from source to destination.
Importance: Important for ensuring that information sent by the sender is the same as received by the receiver.
Example: When ATM PIN of ATM card is changed by the user at one ATM machine located at one place and trying to access the account from other ATM machine at another location. The integrity is required to be maintained at each machine such that other account details like amount of cash, balance etc are not changed by changing the PIN.
• Availability: It is a technique used for ensuring that data or services of the user are always available to him.
Importance: Important because if the customer’s data will not be available to him, then it will not be possible for him to perform any operation or function.
Example: In case of ATM card is available to the user, but ATM PIN is not available to him then, user will not be able to draw out cash from ATM or will not be able to perform any other operation.
Answer 2: Maximum number of PIN’s that are required= 624
A total number of PIN’s=5x5x5x5x5=625.
Fake biometrics: Some biometric device users believe that someone can generate their fake biometric identity. E.g. In Iris Recognition, contact lenses can be used illegitimately.
Solution: Multi-factor authentication
Hygiene: In palm biometric or fingerprint biometric system, various people place their hand on these devices for the identification process and at the same time they share their germs with each other. Due to this, some people become reluctant to use biometric systems.
Solution: Ensure hands are clean or implement Face recognition, retina recognition etc.
Environmental factors: In Voice recognition biometric system, surrounding noise can interrupt the authentication process.
Solution: Educating people under which they should use biometric system.
Answer 4: Two situations
• When a legitimate user tries to unlock his phone using fingerprint biometric, but not able to unlock it. This might create a problem for the user in accessing data of his own mobile phone.
• When user cannot provide evidence of his identity when required.
X=letter or alphabet (a=0)
(b=1), (c=2), ….. so on.
For encryption: e(x) = (x+k) (mod 26)
E(x)=function of encryption
For decryption: d(x) = (x-k) (mod 26)
D(x)=function of decryption
X=value of character
Key used: 234
When cipher text is converted: NTJWKHXK AMK WWUJJYZTX MWKXZKUHE.
Identical value is received because weak key 234 is used which is a multiple of 26 such as 52, 78 and so on.