1 / 31

Physical Security By Pallavi Wankhede ISQS 6342

Physical Security By Pallavi Wankhede ISQS 6342. Physical Security. Sub-divisions of Physical Security Means of implementing physical security Merits and demerits of different physical security measures Importance of Physical Security. Sections of Physical Security. Physical Security.

elmer
Download Presentation

Physical Security By Pallavi Wankhede ISQS 6342

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Physical Security By Pallavi Wankhede ISQS 6342

  2. Physical Security • Sub-divisions of Physical Security • Means of implementing physical security • Merits and demerits of different physical security measures • Importance of Physical Security

  3. Sections of Physical Security Physical Security Physical Controls Technical Controls

  4. Physical Controls Physical Controls Location Construction Physical Barriers Physical Surveillance

  5. Technical Controls Personal Access Controls • Technical Controls Technical Surveillance Ventilation Power Supply Fire Detection and Suppression Shielding Natural Disasters

  6. Physical ControlsLocation and Environment • Visibility • Accessibility • Propensity for Environmental Problems

  7. Physical ControlsConstruction • Composition of construction materials • Evaluation of fire rating • Security of doors • Load and weight bearing ratings of the ceilings • Location of water and gas lines valves • Location of fire detection and suppression devices

  8. Physical ControlsPhysical Barriers • Physical Barriers can be employed in the form of locks and alarms • Locks Preset Locks Cipher Locks Biometric Locks Multicriteria Locks Device Locks

  9. Preset and Cipher locks Preset Locks • Key and Knob combinations • Least Secure Cipher Locks • Programmable • More Expensive • More secure and flexible

  10. Cipher Locks Cipher lock card reader Cipher lock keypad Reads swiped keycard Reads entered numerical combinations

  11. Options offered by Cipher Locks • Door Delay – Alarm triggered if door is held or propped open for long • Key override – Combination can be set into lock to be used during emergency or for supervisory needs • Master Keyring – Allows supervisors to change access codes and other features • Hostage Alarm – Hostaged employee can enter specific code to notify security personnel

  12. Biometric Locks Biometric Systems Fingerprints Palm prints Hand Geometry Eye Scans Signature Dynamics Voiceprints

  13. Biometric Systems • Fingerprints and palm prints • Ridges and swirls scanned by an optical scanner and compared to an archival file of fingerprints • Hand Geometry • Length and width of hand and fingers scanned by the optical scanner and compared to archival data

  14. Biometric Systems • Eye scans • Retinal scans • Iris scans • Signature Dynamics and Voiceprints • Motions performed when signing observed • Inflection, pitch and intonation of one’s voice used

  15. Fooling biometric techniques • Exhibit false positive and false negative identifications • Use of gummy fingers • Signature forgery DNA Analysis is a more promising method for ensuring security

  16. Multicriteria and Device Locks • Multicriteria Locks • Combine strength of two or more locks • Example : specific key/card, thumb print and PIN number or password • Device Locks • Used to secure computer hardware and network devices • Example : cable locks, switch controls, slot locks, port controls, cable traps, etc

  17. Cable Lock consists of a vinyl coated steel cable that attaches PCs. laptops, printers, etc to stationary objects CompuLock is a versatile system which not only prevents unauthorized access to the interior of the computer case, but also the common theft of the mouse and keyboard

  18. Drive lock prevents unauthorized use of 3.5" and 5.25" floppy drives, CD-recorders and players, tape streamers and removable drives. • It prevents accidental or intentional insertion or removal of floppy disk, CD-ROM, etc.

  19. This type of lock will help prevent your PC's or server's processor chip, memory chips and other internal components from being stolen

  20. Other Physical Barriers • Fencing • Control access to entrances • Cost Benefit analysis required • Lighting • Use of flood lights, street lights, etc • Used to deter intruders • Provide safe environment for personnel

  21. Physical Surveillance Various intrusion detection systems and physical protection measures require human action. Security guards can patrol facilities while guard dogs with refined sense of smell and hearing can be used to detect intruders.

  22. Technical ControlsPersonnel Access Controls • Password or PINs • Identification cards • Biometric Systems • Social Engineering Attack • Piggybacking

  23. Password and PINs • Use of cipher locks needs users to enter password or personal identification number (PIN) • A potential attacker could easily watch an authorized user entering his personal information into the keypad and gain entry later

  24. Identification cards • Safeguard against unauthorized use • Use of smart card • Proximity readers • User Activated – transmission of sequence of values to reader • System Sensing – no action required to gain access

  25. Technical Surveillance • Camera monitoring System • More prevalent • Camera records activity within critical areas • Allows security personnel to assess whether area is compromised upon or not

  26. Ventilation and Power Supply • Positive pressurization • Ventilation technique that forces air outward from a facility to help guard against dust and other pollutants • Protection against Power Failure • Uninterruptible power supply (UPS) • Standby systems • Online systems • Backup sources such as generator

  27. Fire Detection and Suppression

  28. Shielding & Natural Disasters • Surrounding the devices/ wires with metallic shielding can suppress the stray electronic signals • Common, Cost effective • If facility and surrounding area is susceptible to natural disasters, locate elsewhere else ensure safeguards such as flood drainage, lightning rods, reinforced building, etc.

  29. Importance of Physical Security • Physical security measures protect the computer from climate conditions, as well as from intruders who use or attempt to use physical access to the computer to break into it.

  30. PC Security Assistance • National Computer Security Center ATTN: C42 9800 Savage Rd. Ft. Meade, Md. 20755 - 6000

  31. References • Security+ In Depth – Paul Campbell, Ben Calvert and Steven Boswell • Networking Services and Information Technology – The University of Chicago • “PC Data Is Vulnerable To Attack,” PC Vol 4 Number 15, July 23, 1985, pp 33-36. • Department of Defense Trusted Network Evaluation Criteria, 29 July 1985, Draft. • Personal Computer Security Considerations (National Computer Security Center) December 1985, NCSC -WA-002-85 • www.gunlockinfo.com • http://www.compelson.com/locks.htm • www.extremetech.com • www.techtv.com

More Related