Scribd Logo
Upload

Welcome to Scribd!

  • Consider An Automated Teller Machine

    Uploaded by

    kenneth delos santos
    140 views5 pages
    for student

    Original Title

    Consider an Automated Teller Machine

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    for student

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    140 views5 pages

    Consider An Automated Teller Machine

    Uploaded by

    kenneth delos santos
    for student

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Consider an automated teller machine (ATM) in which users provide a

    personal identification number (PIN) and a card for account access. Give
    examples of confidentiality, integrity, and availability requirements and
    possible threats associated with the system, and in each case, indicate
    the degree of the importance of the requirement

    CONFIDENTIALITY
    • The communication channel between the bank and the automated teller machine must be
    encrypted.

    • for example The personal identification number (PIN) must also be encrypted

    And  ensures that only the right people people who knows the key can read the information. 
     communications channels must be properly monitored and controlled to prevent unauthorized
    access.

    confidentiality is the most important when the information is a record of people’s personal
    activities, such as in cases involving personal and financial information of the users like shoppe
    lazada amazon food panda g cash paypal

    integrity
    banks are more concerned about the integrity of financial records, with confidentiality having
    only second priority. Some bank account holders or depositors leave ATM receipts unchecked
    and hanging around after withdrawing cash.

    information security in the banking system.  protecting information from being modified by
    unauthorized person

     For example, if you were sending an online money transfer for $100, but the information was
    tampered in such a way that you actually sent $10,000, it could prove to be very costly for you.
    Availability
    for example provide a person that are able to accces the information
    when the atm corrupt or having a problem and Backups are also used to ensure
    availability of public and also private information.

    Possible threats associated with the system

     Default passwords not changed

     Equipment sensitivity to moisture and contaminants Equipment sensitivity to


    temperature

     Inadequate classification of information

     Inadequate maintenance

     Inadequate or irregular backup

     Inadequate password management

     Inadequate replacement of older equipment

     Inadequate security awareness

     Incomplete specification for software development

     Insufficient software testing

     Lack of access control policy

     Lack of clean desk and clear screen policy

     Lack of control over the input and output data

     Lack of protection for mobile equipment

     Lack of systems for identification and authentication

     Lack of validation of the processed data

     Uncontrolled download from the Internet

     Uncontrolled use of information systems


     Access to the network by unauthorized persons

     Bomb attack

     Bomb threat

     Compromising confidential information

     Concealing user identity

     Damage caused by a third party

     Destruction of records

     Disaster (human caused)

     Disaster (natural)

     Disclosure of information

     Disclosure of passwords

     Errors in maintenance

     Falsification of records

     Fire

     Flood

     Fraud

     Information leakage

     Interruption of business processes

     Loss of electricity

     Loss of support services

     Malfunction of equipment

     Malicious code
     Misuse of information systems

     Misuse of audit tools

     Social engineering

     Software errors

     Theft

     Unintentional change of data in an information system

     Unauthorized access to the information system

     Unauthorized use of software

     User erro

    How does misinformation, fake news, and trolling mechanisms attacks a certain entity of
    individual? How does it affect the reliability of data and information? Having the CIA Triad as
    the theoretical lens, how can you and the authorities prevent those attacks?

    They can attack by the use of internet ,internet is so broad they can apply misinformation that
    can cause miscommunication of information ,like social media platforms ,offer a rich ground
    for the spread of misinformation.  role misinformation serves is to distract the public eye from
    negative information about a given person and/or bigger issues of policy, which as a result can
    go unremarked with the public preoccupied with fake-news.  In addition to the sharing of
    misinformation for political and monetary gain it is also spread unintentionally. Advances in
    digital media have made it easier to share information, although it is not always accurate. the
    role social media has in distributing misinformation, the lack of internet gatekeepers , Another
    reason that misinformation spreads on social media is from the users themselves. In a study, it
    was shown that the most common reasons that Facebook users were sharing misinformation
    for social motivated reasons, rather than taking the information seriously.

    Fake news can attack by the use fabricated information that manipulate people’s perceptions of
    real facts, events, ,statement and some aspect like social media ,fake news has become a real
    problem in politics, but it’s older and it’s broader.for example of some aspect “clickbait”they
    use this to gain more attention and  encourage visitors to click a target link to a longer story on
    a web page
    They don’t need pictures to be clickbait. For example,

     A Man Falls Down And Cries For Help Twice. The Second Time, My Jaw Drops
     9 Out Of 10 Americans Are Completely Wrong About This Mind-Blowing Fact
     Here’s What Actually Reduces Gun Violence [5]

    Clickbait is a common way that fake news (and any kind of content) is spread. Clickbait depends
    on creating a “curiosity gap,” an online cliffhanger of sorts that poses headlines that pique your
    curiosity and lead you to click the link and read on.  The gap between what we know and what
    we want to know compels us to click. To an extent, the more outrageous a teaser message is,
    the more successful clickbait may be.

    the act of leaving an insulting message on the internet in order to annoy someone is could troll


    some people they didn’t know that but in the other place trolling someone have go to jail

    because of the other people that didn’t know they limitation some site or information is having
    a limit to minimize the number of people that can access through internet .
    By the used of the CIA triad I used this to maximixe security of data, objects and resources are
    protected from unauthorized viewing and other access and minimize who can access the data is
    protected from unauthorized changes to ensure that it is reliable and correct and limit and
    required the person that can only access important information if needed.

    You might also like