Reference no: EM133042624

Security fundamentals

Learning outcome 1: be able to justify security goals and the importance of maintaining the secure computing environment against digital threats.

Learning outcome 2: be able to explain the fundamental concepts of cryptographic algorithms.

Learning outcome 3: be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats.

Learning outcome 4: be able to compare and contrast foundational security policies and models that deal with integrity and confidentiality.

Task

This assessment aims to develop and gauge student understanding of the key topics covered so far by answering the following questions. Answering these questions will help you build some understanding for the next assessment item as well as for the entire subject. It is expected that answers to the assignment questions be succinct (i.e. precise and concise) with all sources of information fully referenced as per APA referencing style. You have to reference the text book and any additional material you have used in your answers.

Note that the guide for APA referencing is provided in the resources section of Interact site of this subject.

Problem 1
Automated Teller Machines (ATM) are designed so that users will provide a personal identification number (PIN) and a card to access their bank accounts. Give examples of confidentiality, integrity and availability requirements associated in such a system and describe the degree of importance for each requirement.

Problem 2
A thief broke into an Automated Teller Machine (ATM) using a screwdriver and was able to jam the card reader as well as breaking five keys from the keypad. The thief had to halt the process of break-in and hide, as a customer approached to use the ATM. The customer was able to successfully enter their ATM card, punch in the 4 digit PIN and was able to draw out some cash.

Since the card reader was jammed, the customer was however not able to withdraw the ATMcard, and drove off to seek some help. In the meantime, the thief came back and decided to try to discover the customer's PIN so that he can steal money from the customer. You are required to calculate the maximum number of PINs that the thief may have to enter before correctly discovering the customer's PIN?

Problem 3
Thinking about bio-metric authentication, list three reasons why people may be reluctant to use bio-metrics. Describe various ways of how to counter those objections.

Problem 4
In bio-metric authentication, false positive and false negative rates can be tuned according to the requirement, and they are often complementary i.e. raising one lowers the other. Describe two circumstances where false negatives are significantly more serious than false positives.

Problem 5
Transposition is one known method of encrypting the text. What can be one way that a piece of cipher text can be determined quickly if it was likely a result of a transposition? Utilisingsome of the decryption techniques (substitution and others) covered in the subject so far, you are required to decipher (find the plain text) the cipher text that will be proviced to you closer to the assessment due date via the subject site. In order to present your solution, you need to demonstrate and explain the steps taken to decipher this text.