Amit Fianl Project
-
Upload
omprakash-yadav -
Category
Documents
-
view
222 -
download
0
Transcript of Amit Fianl Project
-
8/7/2019 Amit Fianl Project
1/10
Question no. 1: Provide a critical review of TWO named biometric technologies and devicesthat can be used by SME (Small and Medium Enterprises) for workstation authentication.
[40 marks]
Answer:
The word biometric derived from the Greek word bioswhich means life and metrikoswhich
means measure. Biometric technology is a automated technique, which is used for identifying a
person based on some of his biological characteristics. The biological characteristics evolve as
behavioral characteristic namely voice pattern i.e. distinctive to each person and as fingerprints
also.
The biometric technology also plays a very prominent role for workstations authentication of
small medium enterprises. In small medium enterprises, mostly two technique of biometric are
more appropriate for work station authentication, which are:-
1. Fingerprint technique2. Face recognition
1. Fingerprints technique: - Fingerprint techniques used for the personal identification ofperson, especially this technique have been using for more than 100 years for criminal
investigation. In small medium enterprise as a workstation authentication, fingerprint
technique has gone through distinctive mode, which are as follows:-
a. Digital Scanning Technique: - By making use of software, the imprint of
fingerprint picked up on touchpad, and then it with number of imprint.
b. Laser Technique: - This technique is more reliable because, with the use of laser
we can take fingerprint from different surfaces.
c. Traditional Technique: - In this technique, we use resinous polymer powder that
is used for taking imprint by using oils which are left in hand.
d. Bullet Fingerprint Technique: - its an important technique because even
eradicating fingerprint by any source, probably with the help of this technology
can envisage the fingerprint.
Biometric Fingerprint Matching Structure:
Data Acquisition
Compression
Decompression
Matcher
Decision Maker
Feature Extraction
Biometrics
Database
-
8/7/2019 Amit Fianl Project
2/10
Fingerprint to Binary Convergent Technique:-
Pre-process Minutiae extraction Template
Enrollment of minutia point 33,11,4,1
25,18,2,0,
18,12,0,1
13,27,2,0
75,4,8,0
10011001
10101001
10010011
11010100
10100110
Fingerprint Structure Design:
Fingerprint is a automatic recognizing verification system which consist of four part:
1. User interface
2. System database
3. Enrollment database
4. Authentication model
The verification model is used to verify the persons identities, who want to logon the system.
For the verification process the individual have to lay his finger on scanner, after putting finger
on scanner, the system lifts the fingerprint of an individual. After taking imprints, the system
matches the minutiae patron by extracting the imprint into minutiae patron in the database the
design.
2. Face Recognition: - Face recognition technique is the most active technique and suitablemethod in the biometric field to identify other people. Face recognition technique scans
the ignorant object which are generally unseen by natural eyes. This technique evolve the
shape of facial characteristics i.e. chin, nose, eyes, lips and eyebrows etc. for the
verification of identity, system breaks image into many component.
Face recognition structure: -
-
8/7/2019 Amit Fianl Project
3/10
Biometric False Acceptation Rate Method
We can get the acceptation rate through this following formula:
FAR =
1
N
N
n=1
FAR(n)
Where N as average of all FAR
Biometric false Rejection Rate Method
The following way can be used for Rejection Rate:
FRR =
1
N
N
n=1
FRR(n)
Where, N is average ofFRR (n)
Use of Face Recognition Device & Fingerprint for Small medium Enterprise
1. Fingerprint Time attendance system
2. Door entry system
3. ATM machine use
4. Face Scan Time attendance system
-
8/7/2019 Amit Fianl Project
4/10
5. Banking Industry
6. PC & network access control.
Question No.2: Review the following site: www.nationwide.co.ukfrom a trust perspective. You
do not need to open an account or register simply engage in "shallow navigation" of parts of the
site that are easily accessible by any member of the public. What tangible and intangible methods
does this site use so as to support consumer trust?
Answer:
The www.nationwide.co.ukis the website/web address of nationwide bank. As regards a trust
perspective the webpage of nationwide.co.uk contains all information relating to bank and define
its product and service. The website is providing good satisfaction to customer by giving the
answer of the customer queries.
Trust: As a trust perspective we can say that without trust we cannot make good relationship
with customer without creation of trustee relationship we can deal with customer regarding any
business. The following things may be source of trust: -
1. Image: the information relating to product and services describe the efficiency of company
which build the positive image and establish trust.
2. Physical Thread: the webpage should not contain any fake information which creates
disbelief among parties. Website should not display any threat such as fraud to customertaking contact details & registration number.
3. Ethics: the webpage should follow ethnic identity, rules & regulation relating to banking
transaction should be mention clearly.
4. Law: for the lawfulness, website should give the registration number & FSA registration to
seeking applicant.
The following are the tangible method & intangible method which are used by the bank website
to building customer trust: -
Tangible method:
-
8/7/2019 Amit Fianl Project
5/10
Home: home button state the overall history of bank which wins the customer loyalty by
explaining its overall history of business.
Image: the images are displaying on the bank website explaining good relation with
bank.
Colour: Colour theme ofwebsite also very charming & attractive.
Logo: Logo is the main element for any company because it describes the mission &vision of the company. The logo of nationwide bank creating trust among its customer
Search tool: Search tool of website is also very frequent. It search website element very
quickly.
Registration Number: the website showing its registration information very clearly
which state that its not a fake also.
B2C: business to consumer matter on website explaining kinship to customer.
Customer Button: describe that how much organization is faithful to its customer andalso responsibility of bank.
Branch link: show the chain of organization and also describe multiple branch &
connectivity with them.
Tangible
MethodHome
Image
Colour
Logo
Search toolRegistrationInformation
B2C
ComplaintButton
Branch link
-
8/7/2019 Amit Fianl Project
6/10
Intangible Method:
Brand: brand creates the popularity in the market. Brand may be identified by logo & name of
the company.
Attracting Ads: this website, advertising attractive ads such as low interest loan rate, easy
process of loan etc..
Contact details: if someone wants to direct contract with bank for query then he can easilycontact to organization.
Product tools: specified with complete product & service information.
Design: Design & format of presenting way of information is stylish and logical.
Animations: website consist with animations theme explaining specific feature i.e. credit cards.
Question No.3: Provide a critical account of role RSA cryptography in the specific context ofthe SSL/TLS client server protocol (*). How likely is it that an eavesdropper (Eve) can
successfully intercept and decode a secret message exchanged between Alice (an on-line
customer) and Bob (an E-service provider) during an SSL/TLS session using a specially
constructed super-computer or similar device? Assume RSA has been chosen as the cipher by
both Alice and Bob.
Intengible
MethodBrand
AttractingAds
Contectdetails
Producttools
Design
Animations
-
8/7/2019 Amit Fianl Project
7/10
Answer:
RSA Algorithm
In all of the encryption method the RSA algorithm is different method. For the encryption and
decryption the same key is used by RSA algorithm. These key are divided into two tasks in theRSA algorithm. Initially, RSA algorithm produce digital key in which two huge prime number
exist. After this RSA module break these key again into two huge numbers.
RSA is a part of cryptography method which is used for authentication and encryption. It
develops in 1977.
SSL/TSL protocol with RSA
TSL/SSL protocol with RSA algorithm is trustable algorithm. In RSA algorithm these protocol
apply widely. At the time of connection numerous protocol are used by TSL/SSL protocol. For
encryption algorithm, the TSL/SSL protocol develop standard platform on the internet. CipherSuites are used by these protocols where cipher suites consist of many asymmetrical or
symmetrical keys.
Client Server
Client Hello
ServerHello
*Certificate
*ServerKey Exchange
*Certificate Request
ServerHello Done
*Certificate
Client Key Exchange
*Certificate Verify
[ChangeCipherSpec]
Finished
[ChangeCipherSpec]
Finished
SSL/TLS Handshake
-
8/7/2019 Amit Fianl Project
8/10
Optional message is evolved by client. Initially client transmit hello message for giving support
to cipher suits. Server setup connection for sending hello message to server. The client
exchanged messages apply by the RSA session with the combination of postmaster-Secret and
encryption value. Cipher-Space is changed by the message sequence and also it finished thesign at the Handshakes end.
Example: Gurpret and Jesus as RSA
Gurpret transfer encrypted message to Jesus. Gurpret create digital signature s reproducing: s
=md mod n. d and n. Gurpret personal key. Jesus transmit M and S to Jesus. To make certainty of
signature Jesus recovered: m=se
mod n, e and n is her public key. But if someone who know the
key then he can easily decrypt the message.
Special Server Hacking
Due to Bad Version Oracle (B.V.O.) the special server hacking takes place of it. In the original
algorithm for covering numerous methods we use SSL/TSL protocol. The speed of 67.7 call per
second attained by Bad Version Oracle for RSA 1024 bit key in the real time hacking.
RSA one way function:
For computing forward direction and inverse direction one way function is a very easy process.
We can explain it with the help of following example. Inverse direction take years where
computation forward direction take few second. Mainly, this function is used by RSA.
Question No. 4: Distinguish between a mono-alphabetic substitution cipher and a poly-
alphabetic substitution cipher. Illustrate your answer with two brief examples (showing that you
understand how to use both methods) using the following plain-text fragment
Answer:
Substitution cipher is a method of cryptography which contain original letter unchanged but
interchange plain text into symbols, letter or number. Here Im discussing about two type of
substitution ciphers which are as follows:-
1. Mono-alphabetic Substitution Cipher
2. Poly-alphabetic Substitution Cipher
-
8/7/2019 Amit Fianl Project
9/10
Mono-alphabetic Substitution Cipher: - For conceal words of plain text the single cipher
alphabets are used in mono-alphabetic substitution cipher.
Component of mono-alphabetic substitution cipher:-
1.K
ey Phrase Cipher: - it does not include Z & Y. Hence its a 24 letter cipher only,which can be swapped by more than single plain text.
2. Multilateral Forms: - this type of cipher contains two or more letter.
3. Shift Cipher: - it altered to prearranged number into plaintext alphabet. These alphabets
took place for letter which takes three steps with alphabet.
4. Random Substitution Cipher: - Random substitution cipher does not use normal plain
text. It uses random cipher texts which are same to text words.
5. Multilateral variation: - multilateral variation cipher contains lengths of cipher unit
more than one word.
6. Geometric Ciphers: - for replacing words it apply pattern of geographic.
7. Alphanumeric Ciphers: -alphanumeric ciphers change alphabet by applying number.
Poly-alphabetic Substitution Cipher
Poly-alphabetic substitution ciphers also known as multiple substitutions because it applies
many ciphers in replacement alphabet.
Parts of poly-alphabetic substitution cipher
1. Algebraic Ciphers: for text, algebraic ciphers use numerical value.
2. Key Progression: it gives key instruction for improvement of encryption method.
3. Fractionating Ciphers: fractionating ciphers use solo columnar transposition for
modifying Polybius square.
4. Disks: for decryption & encryption with metal disks this method use symbols, alphabets
& numbers.
5. Poly-graphic Ciphers: numerous character can be encrypt in one time by poly-graphic
cipher method.
6. Tableaux: for poly-alphabetic encryption tableaux method use numerous alphabets.
7. Variations of vigeneres table: it is linked with blasie de vigenere.
-
8/7/2019 Amit Fianl Project
10/10