In: Computer Science
1) Consider an automated teller machine (ATM) in which users
provide a personal identification number (PIN). Discuss what
confidentiality, integrity, availability, authenticity, and
non-repudiation refer to in this type of service.
2) Discuss how design principles of abstraction, modularity, and
layering help with security.
Hi, Lets dive into the answer,
PART 1
Confidentiality
when we hear about confidentiality the first thing that comes into our mind is protecting information from disclosing it to unauthorized parties. In the modern world, information is one of the most valuable thing such as personal information, credit card details, bank statements, government documents, etc. Everyone needs to make their sensitive information secret, protecting such type of information is a part of information security. thus for an ATM things need to be in confidential are
i) the security pin and the bank details are most sensitive data it must be encrypted with some secured algorithm while communicating with bank
ii) the transmission channel must be secured so that no one attacks/accessing the data(man in the middle attack).
iii) personal details like bank statements must be very much secured so that authorized person can only view such data, for example, some ATMs implements 2 step verification for accessing the user profiles.
Integrity
Integrity refers to protecting the data being modified by any of the unauthorized parties. The data is valuable only if it is correct. In ATM the integrity involves in maintaining the consistency, accuracy, and trustworthiness of the data. the data or information must be secured so that it must not be changed while communicating. It must implement the access controls and permissions so that no unauthorized persons alter the data. data integrity codes must be sent with sensitive data to ensure that the code that is sent is received by the receiver. error codes can be been used to verify the integrity of the data
Availability
Availability ensures that authorized individuals are able to access the information when they needed. Information is said to be valuable only if the right people are accessing it. the factors that affect the availability may be some time some attacks that deny a server on servicing a request(Denial of service attack). Become unavailable may because of some attacks or natural causes. Back up is a key to limit the damage caused by any natural causes that malfunction the hard drives etc. updating and maintaining the latest O.S and performing hardware repairs immediately when needed will set the environment free of conflicts.
ensuring the best bandwidth for communication and preventing the occurrence of conflicts/bottlenecks are very important. failovers, redundancy, and even high-availability clusters can generate serious problems when hardware issues do occur.
This is a triangle showing the relationship between availability, integrity, and confidentiality.
Authenticity
Authenticity in network security is the assurance of a message, transaction, or any other exchange of information is from the source it claims to be from. It involves the proof of identity. The authenticity is verified through authentication. the proof might be anything that verifies the user, it may be a password/PIN number or anything like key card, etc. A modern biometric system can also be used for authentication. Ensuring the best authenticity and authentication system is one of the important requirement for any ATMs because all other traits are attached with authentication. if authentication fails to authenticate then there is no meaning of security,integrity or confidentiality.
Non-repudiation
It refers to a method of guaranteeing message transmission/ transaction between the user and systems(here, banking server) via encryption and/or digital signature. By using a hash, proof of authentic identifying and data origination will be obtained.
Non-repudiation requires the creation of artifacts and it may be
used for disputing the claims of entities or organizations that
deny being the originator of communication or action. These
artifacts consist of:
i) An identity
ii) The authentication of that identity
iii) proof connecting the identified party to a particular
communication action or transaction.
Digital signatures (combined with other measures) can set-up non-repudiation when it comes to online transactions. if it is crucial to ensure that a party to a contract or a communication can't deny the authenticity of the signature on a document or sending the communication. In this context, non-repudiation refers to the ability to ensure that a party to a contract or communication must accept the authenticity of their signature on a document or the sending of a message.
PART 2
Abstraction
main goal of Abstraction is to handle complexity by hiding unnecessary details from the user. That enables the user to implement more complex logic on top of the provided abstraction without understanding or even thinking about all the hidden complexity. likewise a user doesn't need to bother on how a data is encrypted and how digital signature is implemented on the data while using an atm.thus he/she is only needed to use the functions provided no need to know how the function is working, it is completed hidden to them.
Modularity
Modularity is a measure of the structure of networks. It was designed to measure the strength of division of a network into modules (also called groups, clusters or communities). Networks with high modularity have very dense connections between the nodes within modules. Modularity is introduced to enhance communication in a faster and efficient way. However, it has been shown that modularity suffers a resolution limit and, therefore, it is unable to detect small communities.
Layering
when 2 remote systems communicate, the subtasks like routing, transmission, packeting, routing, digitization are required. layering is referred to as splitting this kind of tasks to different distinct logical layers or functions. the layering is very much analogous to divide and conquer strategy, where a large problem is split into smaller sub-problems, so to solve them easily.
Please feel free to ask any doubts (if any) regarding the answer.