Consider an automated teller machine (atm) in which users provide a personal identification number (pin) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
Answers
Confidentiality requirement:
The communication media between ATMs and the bank must be encrypted
PIN encrypted (where it is stored)
Integrity Requirement
The action taken by the ATM must be related to the account related to the card
Availability requirements
The system is able to serve at least X-synchronous users at any time
The system must be available at 99.9% time
Explanation:
ATMs have become a common scenario nowadays, in fact it has become one of the easiest ways to access cash in one’s account. To maintain the secrecy and security , the user has to enter the PIN which is a kind of their identification and once the right number of entered, the user can access the cash. This number is only known to the user and should not be shared with anyone. It is also advisable not to write this PIN number anywhere and just memories it.