Q1. Conduct a risk and threat analysis for a mobile phone service, taking into account that calls are transmitted over a radio link between mobile phone and base station, and that with international roaming subscriber can use the service in so-called visited networks when travelling abroad. Consider the subscriber’s and network operators’ view point analysis?
Before we go into the risk and threat analysis of this scenario, we first clarify how a mobile phone service (cellular service) works and what are visited networks.
The term cellular refers to the fact that a geographical area is partitioned into a number of geographic coverage areas, known as cells. Each cell contains a base station, which transmits signals to and receives signals from, the mobile station in its cell. The coverage area of cell depends on many factors, including the transmitting power of the base station, the transmitting power of mobile station and the height of base station antennas. Each base station is connected to a wide area network.
Roaming refers to the concept of using the service in a location instead of home network. It can be use by communication terminal or else just by using the subscriber identity in the visited network.
Risk and Threat analysis of mobile phone service:
Network operator’s perspective:
Internet Security Attacks:
As all base stations are connected to WAN (internet). There is a risk of hacker attacks to the base station server, if the proper security mechanism is not implemented.
Physical damage to the Base station:
Natural disaster like earthquake and flood can make damage to the base station.
As all the communication between the base station and mobile phone is done through radio channels and the voice and data through these channel travel in the form of electromagnetic signals, it is easy for a hacker to capture such type of communication or redirect a call to wrong destination.
Bad weather Conditions:
Bad weather condition is also a threat of unavailability of the service for network operators.
If the subscriber is using the GPRS service for internet connectivity through cell phone then his mobile phone is vulnerable to security attacks.
If in any area the base station does not cover the area properly, then subscriber in that area may face network congestion i.e. network busy problem.
The phenomena of communication disclosure are also a threat for subscriber as discussed above.
Q2. Bank customers can withdraw cash from the automated teller machines (ATM) using a cash card and a personal identification number (PIN). Conduct a risk and threat analysis for this application, both from the customers’ and banks’ viewpoints.
Risk and Threat Analysis of ATM machine:
Risk and threat analysis of ATM scenario with the perspective of Bank and customer can be divided into two categories. These are
We first differentiate between physical and logical threat and risk belonging to both perspectives.
The risks and threats that are belonging to physical assets fall into this category. Bank can face physical risks like Earth quake, Fire, Flood or any other factor that can damage the ATM machine or administrator of machine. Physical threats with perspective to bank can be rob case, damage to the building in protest situations etc. the physical risks with the user perspective can be lost of ATM card, damage to the card etc.
The risks and threats that are belonging to logical assets i.e. data and information fall into this category. The logical risks and threats with the bank perspective can be security attacks on the server, corruption of data etc. the logical risks and threats with the user perspective can be pin code forgotten, pin code stolen.
Now we briefly discuss these risks and threats with perspective to both perspectives.
ATM machine become damaged:
This risk lies under physical category. ATM machine can be damaged by some natural disaster i.e. earthquake, fire, and flood. The ATM machine can also be damaged in a Rob case.
If the bank has not implemented the proper information security policies and security management system to secure its data than the server upon which the ATM is operated would be vulnerable to security attacks.
Administrator become unavailable:
This risk can belong to physical category as well as to logical category. The administrator is the person who administer the server and which has the super password of that server. From physical point of view the sudden death of administrator, sudden job quitting are the risks for bank. From logical point of view administrator forget the password or he can not properly implement the security policies are risks to the bank.
Some times it happen in real life that and ATM machine malfunction e.g. a customer that has more than ten thousands rupees in his account, perform a cash withdrawal transaction of five thousands rupees. When he issue the command of cash with drawl, the machine process his request, return his ATM card and without providing cash, deduct the requested money from the customer account balance and issue the receipt of transaction. The affected customer than complaint to the bank representative, and the bank representative guide him to write an application and this application send to headquarter branch for complete verification. (This happen to me last year with NBP ATM). So malfunctioning of machine is a risk as well as work overhead for the bank.
The risk and threat related to ATM card and pin code with perspective to user can be as follows.
This is the most common risk factor of this scenario. Almost all people put their ATM card n wallet. If in any accident somebody losses wallet, he also loses the ATM card
Card damaged or scratched badly:
This risk factor is not so common but it likely to happen, if the card is not protected carefully by the user. This risk factor lies under physical category.
Pin code forgotten:
Forgetting the pin code is a risk under logical category. If a user that is not sure what is his pin code tries to perform a transaction and provide wrong pin code tree times than his card will be captured by ATM machine.
The risk of machine malfunctioning directly affects the user. So the risk of machine malfunctioning is related to bank perspective as well as to user perspective.
Pin code disclosure:
Some time it happens that ATM card user give his ATM card to somebody like his colleague or friend for some transactions. For this case there is always a risk that his colleague or friend keep remember his pin code and whenever he acquire his ATM card try to make an illegal transaction.
There are minimal chances of this risk. Suppose somebody is in middle of a transaction and at that time power failure occur and there is no backup solution like UPS. Take another view, suppose the system is already running on a UPS and a customer is in middle of a transaction and UPS battery power become empty. There may be some more cases of incomplete transaction, suppose somebody is in middle of transaction and the issuer server become down.
Q3. Medical records pose particular security problems. Assume your medical records can be accessed on-line. On the other hand, this information is sensitive and should be protected from disclosure. On the other hand, in an emergency it is highly desirable that whoever treats you has access to your records. How would you use prevention, detection and recovery to secure your records?
Before we go into the scenario of securing medical records, we first look that what is the concept of prevention, detection and recovery in an information security environment.
Prevention: take measures that prevent your assets from being damaged
Detection: take measures so that you can detect when, how, and by whom an asset has been damaged
Recovery: take measures so that you can recover your assets or to recover from a damage to your assets.
Implementing security plans and technologies to protect online medical records systems is paramount health data security issue today. Patients have an important role in addressing privacy and security concerns.
At organizational level online a medical record (online medical information system) is vulnerable to both authorized and no authorized users. Authorize user can misuse their privileges to perform unauthorized action (such as browsing through other patients record). No authorized users (outsider) can break in with the intent of malicious and damaging action.
Adequate protection of online medical information systems depend on both technology and organizational practices for privacy and security issues. There are three basic elements of data security, all of which should be considered. These are confidentiality, integrity and availability.
To keep online medical record safe prevention techniques can be used. The common techniques can be
Username password credentials:
The basic mechanism for protecting any personal information on the web is user name password credential. As password guessing is so common in these days, we need a more secure prevention technique in order to protect the medical records.
Two Way Authentications:
Two-way authentication refers to two parties authenticating each other .more specifically, it refers to a client or user authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others’ identity. In web environment two way authentications is often known as site-to-user authentication. Some hardware devices can also be used for two-way-authentication such as smart card. In our example of medical records this technique can work as, when doctor want to access record of a patient, the system (server) first must initiate a challenge to check whether it is right user to access the requested information and same in case of user.
Strong Authentication Tools:
Third party tools for strong authentication can be used to secure online medical records. This idea works well in term of security but it is costly to implement.
Intrusion prevention systems can also be used to secure online information data in organizations that are responsible for storing that data.
In detection technique we take such measures that we can detect by whom, when and how data was damaged. Following mechanism can be used to implement this technique.
Auditing Login Attempts:
In any online medical information system if we implement the auditing of login attempts to the system, it will be useful to detect any unauthorized access attempt to the system.
Intrusion Detection System can be used to detect any unauthorized activity that attempt to gain access to the Medical information system. We can use IDS of any vendor depending upon our requirements.
Third party Software:
Third party software like Anti virus can also be used to detect the damage to the system. Anti virus can also provide all information regarding type of attack, source of attack and time of attack. It can also be helpful to mitigate other security issues.
If all security parameters are bypassed by the hacker and done damage to the system, then there should be some recovery techniques to recover the whole asset or to recover the asset from danger. Following techniques can work:
Always perform a backup of information daily. If any case the information has been damaged then we can recover all the information from the last backup i.e. the most recent backup before the damage occurs.
Third Party Software:
Third party software like antivirus can also recover assets from the damage. So, if want to recover from a damage to the system this option can work better.
Cite This Work
To export a reference to this article please select a referencing style below: