1. Confidentiality The customer to access their account

1. Confidentiality

The customer to access
their account using the automated teller machine (ATM) by insert ATM card and
enter personal identification number (PIN). Therefore, the personal
identification number (PIN) must be encrypted and treat it strictly as confidential
to prevent risk of compromise of account during transaction. Furthermore, Bank should
encrypt the communication channel between ATM host system and bank server to
protect information of confidential.

Degree of importance: High.

2. Integrity

The
customer’s integrity of account record and of individual transaction must
protect to ensure the record and transaction without altered by unauthorized
persons in a way that is not detectable by authorized persons. The unauthorized
person can alter data or amount of bank transaction over the internet,
Therefore, customer account must be associated with the card if transaction
performed via the automated teller machine (ATM).

Degree of importance: High.

 

3.
Availability

In Singapore, bank
provides automated teller machine (ATM) to customer to withdraw money in
wherever of island wide and whenever they want. Therefore, the system must be
able to be available 99.9% of the time to provide easy access so that customer
able to withdraw money from ATM with he/she ATM card and individual PIN. Otherwise
the unavailability of this service will cause embarrassment to the customer.  

Degree of importance: Moderate

The
message confidentiality is not provided and can be read at the destination if
the message authentication that do not rely on encryption. Appended an
authentication tag to each message for transmission is one of approaches to message
authentication without encryption.  However,
some scenario is preferred with message authentication without confidentiality.
We discuss one of scenario at below.

The
scenario description:

1.
Alice wants to broadcast a message concerning to sell she’s laptop in website
and she must broadcast in plaintext with an authenticity tag. Since there have
only one destination to check for authenticity which more cheap and reliable.

2.
In fact, Alice will do not mind others to know the information of laptop. In opposite,
she more delighted if getting more people to know that to sold it faster.

3.
On the other hand, Alice will need to use an authentication mechanism to
request information from potential buyer and verifies that information with the
authentication server and relays a response to the potential buyer to give then
access to check that authentic message.     Active
attacks are any attempt to modify of the data stream, create a false stream and
destroy system. There can be subdivided into four types of active attacks.

1. Masquerade

A
masquerade may be attempted when one entity pretends to be a particular user of
a system to gain access to personal computer information. if an authorization
process is not fully protected, the masquerade attack can carry out
transactions/ interaction through perpetrated using stolen user ID and password,
spot the gaps in program or bypassing the authentication mechanism.

The
masquerade can be prevented through create a message authentication to assured
original message is from the alleged sender to receiver. 

 

2. Replay  

An
attacker captures the authenticated information (such as: sharing key) by spies
the conversation between sender and receiver. After that, the attacker gives
the sharing key to proof of his identity and authenticity by contact the
receiver.

The
replay attack can prevent by time-checking. The server only accepts request if
they are close enough to current via compare timestamps of requests with
current time.

 

3. Modification of message

The
attacker will attempt some portion of message from sender and altered it. The
message will be re-ordered the message to suit his needs and re-send to
receiver.

The
important data able to protect by create a message authentication code combines
with hash function and secret key. The attacker cannot modify data without
changing hash.  

 

4. Denial of service

The
attacker attempt to disrupt or overload the network to prevent legitimate users
from accessing the service. It may generate heavy traffic of false interaction
when the attacker sends excessive message asking the network to authenticate
requests that have invalid return address.

Install
antivirus and update firewall for computer regularly to protect against the
attack from attacker. The server configuration can help the network
administrator to block out unauthenticated users by harden the firewall
policies.

 

However,
the wide variety of potential physical, software and network vulnerabilities,
the active attack become quite difficult to prevent. The goal is to detect
active attack and to recover faster from any disruption instead of prevention. A
security mechanism is a process that provide specific techniques defined in
X.800 to counter security attack by detect, prevent or recover. The functions
required not only support by single mechanism. However, the mechanisms may be
implement into the appropriate protocol layer to provide some of OSI security
service. These specific security mechanisms include: encipherment, digital
signatures, access controls, data integrity, authentication exchange, traffic
padding, routing control and notarization. 
  

1. Encipherment

Converting
or subsequent recovery of the data into a not readable form are implement by
mathematical algorithms depend on an algorithm and zero or more key of
encryption. The encipherment algorithms can be implement in either reversible or
irreversible. The reversible encipherment define in two general classification
which is symmetric (secret key) and asymmetric (public key).

 

2. Digital signature

This
mechanism allows a recipient to verify the message as well as the integrity of
data by apply hash function and encryption algorithms for purpose to against
forgery. The public key cryptography is a term of digital signature implement together
for verification.

 

3. Access control

These
mechanisms may determine and enforce the access right of the entity via using
the authenticated identity of or capabilities of an entity. The access control
function will reject the entity attempts when use a resource of unauthorised or
resource of authorised with improper access. In additional, the incident report
will be generating an alarm for the purpose of recording as a part of a
security audit trail.

 

4. Data integrity

This
mechanism is using to assure the integrity of message. the aspects of data
integrity divide to two, there are the integrity of a single data unit or field
and the integrity of a stream of data units or field. For the integrity of a
single data unit involves two processes, one at sending entity and one at the
receiving entity. The manipulation detection may lead to recover action at higher
layer due to mechanism alone unable protect against the replay of single data
unit.

 

5. Authentication exchange  

This mechanism intended that means of information
exchange to ensure the identity of an entity. Use of authentication information
is one of the technique which applied to authentication exchange such as the
receiving entity checked the password provide by a sending entity.

6.
Traffic padding

Traffic padding mechanisms provide various levels of
protection to frustrate traffic analysis attempts by insertion of bits into
gaps in a data stream.

 

7.
Routing control

 Routing control
allows between sender and the receiver to selection and continuously changing
different available routes when breach of security is suspected.

 

8.
Notarization

This mechanism to assure properties of a data exchange
for the receiver involve a use of trusted third party to store the request of
sender and prevent the denying such a request later from sender.  

1.
The sender and receiver should keep the secret key as confidential to ensure
protection with effective as well as assumed the algorithm is to be known. The
security need to keep only the key secret not algorithm secret. That means is,
a message decrypt on the basic of ciphertext plus knowledge of encrypt or
decrypt algorithm.

 

2.
This feature of symmetric encryption is what makes it good in business so that manufacturer
can much easier to produce and develop low-cost chip implementations of data
encryption algorithms. However, maintaining the secrecy of the key is the main
security problem that need to be concern due to these chips are widely
available into a quantity of product.

 

3.
To prevent approach of “Known-algorithm, unknown key” for use of symmetric
encryption, there need a sufficient strong algorithm of encryption so that ciphertexts
or key unable to discover by decipher the ciphertext even an adversary has a complete
knowledge. Usually, the requirement should be state in strong from: the
ciphertext should not be decrypt or the key discover by opponent if several
ciphertexts to process together with plaintext in each ciphertexts.   

 

4.
All encryption algorithms are using two general principle of substitution and
transposition as a type of operation for transforming plaintext to ciphertext.
The function of substitution is mapping each element in the plaintext such as
group of bits or letter into another element. In other hand, the function of
transposition is re-arranged the element in the plaintext.

 

5.
 Compare with stream cipher that only
encrypting one bit at a time, the block cipher is a more prefer method of
symmetric encryption to encrypt a block of text that applies by a deterministic
algorithm with a symmetric key. The data encryption standard (DES), Triple DES
(3DES) and advanced encryption standard are three most important symmetric
block ciphers in this section to focus on.  1.
Key can be choice by user A after that deliver the key to user B physically.

2.
Key can be choice by a third party after that deliver the key to user A and user
B physically.

3.
User A could previous key to user B to encrypt a new key if they have
communicated previously.

4.
The third-party C can relay key between user A and user B if third-party C have
an encrypted communication with user A and user The aid of diagram shows a message
authentication that use a technique of hash function without encryption. This
technique provides communicating parties – user A and user B to share a common
secret value SAB is coded
into the message. In additional, because it is no tied to any conventional key algorithm,
so it considers as a secret value not a secret key. 

 

User
A does the following to send out message:

Step 1: Compute the message with hash

Secret
Value

Actual
Data

Timestamp

Sequence
Number

 

Step 2: Send out the message

Actual
Data

Timestamp

Sequence
Number

Hash

 

The system implements to compute the hash function
over the combination of the secret value and the message MDM  = H (SAB || M)2  when user A wish to send a message to user B.
In next step, after compute the message with hash and it then sends M || MDM
to user B.

Moreover, it able to re-compute H (SAB ||
M) since user B possesses a SAB as well as verify MDM by using
the actual data, timestamp, sequence number received, secret value that share between
user B with user A by computing the hash and check whether the hash value send it
is the same.  

Furthermore, the attacker is hard to modify the intercepted
message since the secret value itself is not sent out. It is also not possible for
an attacker to generate a message of modified if the secret value keeps in secrecy.
This hash techniques provide a authentication but not for confidentiality.