Post on 26-Dec-2015
Physical Security
By
Pallavi WankhedeISQS 6342
Physical Security
Sub-divisions of Physical Security
Means of implementing physical security
Merits and demerits of different physical security measures
Importance of Physical Security
Sections of Physical Security
Physical Security
Physical Controls Technical Controls
Physical Controls
Physical Controls
Location
Construction
Physical Barriers
Physical Surveillance
Technical Controls
Technical ControlsPersonal Access Controls
Technical Surveillance
Ventilation
Power Supply
Fire Detection and Suppression
Shielding
Natural Disasters
Physical Controls Location and Environment
Visibility Accessibility Propensity for Environmental Problems
Physical Controls Construction
Composition of construction materials Evaluation of fire rating Security of doors Load and weight bearing ratings of the
ceilings Location of water and gas lines valves Location of fire detection and
suppression devices
Physical ControlsPhysical Barriers
Physical Barriers can be employed in the form of locks and alarms
LocksPreset Locks
Cipher Locks
Biometric Locks
Multicriteria LocksDevice Locks
Preset and Cipher locks
Preset Locks Key and Knob combinations Least Secure
Cipher Locks Programmable More Expensive More secure and flexible
Cipher Locks
Cipher lock card reader Cipher lock keypad
Reads swiped keycard Reads entered numerical combinations
Options offered by Cipher Locks
Door Delay – Alarm triggered if door is held or propped open for long
Key override – Combination can be set into lock to be used during emergency or for supervisory needs
Master Keyring – Allows supervisors to change access codes and other features
Hostage Alarm – Hostaged employee can enter specific code to notify security personnel
Biometric Locks
Biometric Systems
Fingerprints
Palm prints
Hand Geometry
Eye Scans
Signature Dynamics
Voiceprints
Biometric Systems
Fingerprints and palm printsRidges and swirls scanned by an optical
scanner and compared to an archival file of fingerprints
Hand GeometryLength and width of hand and fingers
scanned by the optical scanner and compared to archival data
Biometric Systems
Eye scansRetinal scans Iris scans
Signature Dynamics and VoiceprintsMotions performed when signing observed Inflection, pitch and intonation of one’s voice
used
Fooling biometric techniques
Exhibit false positive and false negative identifications
Use of gummy fingers Signature forgery
DNA Analysis is a more promising method for ensuring security
Multicriteria and Device Locks
Multicriteria Locks Combine strength of two or more locks
Example : specific key/card, thumb print and PIN number or password
Device Locks Used to secure computer hardware and network
devices Example : cable locks, switch controls, slot locks, port
controls, cable traps, etc
CompuLock is a versatile system which not only prevents unauthorized access to the interior of the computer case, but also the common theft of the mouse and keyboard
Cable Lock consists of a vinyl coated steel cable that attaches PCs. laptops, printers, etc to stationary objects
Drive lock prevents unauthorized use of 3.5" and 5.25" floppy drives, CD-recorders and players, tape streamers and removable drives.
It prevents accidental or intentional insertion or removal of floppy disk, CD-ROM, etc.
This type of lock will help prevent your PC's or server's processor chip, memory chips and other internal components from being stolen
Other Physical Barriers
FencingControl access to entrancesCost Benefit analysis required
LightingUse of flood lights, street lights, etcUsed to deter intrudersProvide safe environment for personnel
Physical Surveillance
Various intrusion detection systems and physical protection measures require human action.
Security guards can patrol facilities while guard dogs with refined sense of smell and hearing can be used to detect intruders.
Technical ControlsPersonnel Access Controls
Password or PINs Identification cards Biometric Systems Social Engineering Attack Piggybacking
Password and PINs
Use of cipher locks needs users to enter password or personal identification number (PIN)
A potential attacker could easily watch an authorized user entering his personal information into the keypad and gain entry later
Identification cards
Safeguard against unauthorized use Use of smart card Proximity readers
User Activated – transmission of sequence of values to reader
System Sensing – no action required to gain access
Technical Surveillance
Camera monitoring SystemMore prevalentCamera records activity within critical
areasAllows security personnel to assess
whether area is compromised upon or not
Ventilation and Power Supply
Positive pressurizationVentilation technique that forces air
outward from a facility to help guard against dust and other pollutants
Protection against Power FailureUninterruptible power supply (UPS)
Standby systemsOnline systems
Backup sources such as generator
Fire Detection and Suppression
Type of Fire Elements of
Fire
Suppression Method
Common combustibles
Wood, paper, etc Water or soda acid
Liquid Petroleum Products and coolants
Halon (or replacement) gas, CO2 or soda acid
Electrical Electrical equipment and wiring
Halon (or replacement) gas or CO2
Shielding & Natural Disasters
Surrounding the devices/ wires with metallic shielding can suppress the stray electronic signals
Common, Cost effective If facility and surrounding area is susceptible
to natural disasters, locate elsewhere else ensure safeguards such as flood drainage, lightning rods, reinforced building, etc.
Importance of Physical Security
Physical security measures protect the computer from climate conditions, as well as from intruders who use or attempt to use physical access to the computer to break into it.
PC Security Assistance
National Computer Security Center
ATTN: C42
9800 Savage Rd.
Ft. Meade, Md. 20755 - 6000
ReferencesSecurity+ In Depth – Paul Campbell, Ben Calvert and Steven BoswellNetworking Services and Information Technology – The University of Chicago“PC Data Is Vulnerable To Attack,” PC Vol 4 Number 15, July 23, 1985, pp 33-36.Department of Defense Trusted Network Evaluation Criteria, 29 July 1985, Draft.Personal Computer Security Considerations (National Computer Security Center) December 1985, NCSC -WA-002-85www.gunlockinfo.comhttp://www.compelson.com/locks.htmwww.extremetech.comwww.techtv.com