ADCS Chapter 6 Physical Security "Life's like a boom-a-rang. The more good you throw out, the more you receive in return." -- Josh S. Hinds Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to email me at sitizai@hotmail.com Your cooperation is very much appreciated ! CS262/0898/V1 Chapter 6 - 1 ADCS Chapter 6 Physical Security TOPICS • Introduction • Perils – Natural – Human Vandals – Interception • Unauthorised Access and Use • Natural Disasters • Resumption after Crisis • Intruders • Disposal of Sensitive Media • Control of Access to Computers • Biometrics CS262/0898/V1 Chapter 6 - 2 ADCS References • Book (available at the Informatics library) • Notes (available at IVC) CS262/0898/V1 Chapter 6 - 3 ADCS Introduction • Used to describe protection provided outside the computer system from: – Direct attack (guards, locks, fences) – Less direct disaster • Many good physical security measures result from just good common sense. CS262/0898/V1 Chapter 6 - 4 ADCS Perils • Natural – Can be flooded, burned and destroyed by earthquakes, storms and tornadoes – As computers are sensitive to operating environment, excessive heat or inadequate power is also a threat. – Since these perils cannot be prevented or predicted, controls should focus on limiting damages and recovering from disaster. CS262/0898/V1 Chapter 6 - 5 ADCS Perils • Natural – Issues to be considered in physical security regarding disaster recovery include: • The cost of replacing equipment • The speed with which equipment can be replaced. • The need for available computing power and • The cost of difficulties in replacing data and programs. CS262/0898/V1 Chapter 6 - 6 ADCS Perils • Human Vandals – Computers and media are more sensitive and easy for destruction – Attacker can be people off the street, disgruntled employees, bored operators (do for excitement) or saboteurs. – These attack implementation would not attract attention until the attack has been completed. – Attack can be: • Crude (use axes by unskilled vandal, often being seen and stopped • Subtle (short circuit PC ) CS262/0898/V1 Chapter 6 - 7 ADCS Perils • Interception – One of the serious problem with computer system. – This attack requires no direct connection - read data from computer away from the organisation – Person needs only a moderate knowledge of electronics for this attack. CS262/0898/V1 Chapter 6 - 8 ADCS Unauthorised Access and Use • Distributed computing system becomes more prevalent, protecting them is difficult and more important. • Interception is one form of unauthorised access (is a passive attack). • Protection is needed both to prevent unauthorised access and to verify users identity. CS262/0898/V1 Chapter 6 - 9 ADCS Natural Disasters • It is impossible to prevent natural disasters. • But possible to reduce the damage they inflict. • Examples; flood, fire, lighting, earthquakes, power loss and heat. • The following sections provides a brief and basic suggestions to minimise the loss or damage from natural disaster: CS262/0898/V1 Chapter 6 - 10 ADCS Natural Disasters • Fire and Smoke: – Install smoke detectors near equipment and check them periodically. – Keep fire extinguishers in and near computer rooms, and be sure every one knows they are there. – Enforce no-smoking policies; these are also important to controlling smoke, another hazard to computers. CS262/0898/V1 Chapter 6 - 11 ADCS Natural Disasters • Climate: – Keep temperatures approximately at 10-26 degrees Celsius. – Keep the humidity level at 20-80 percent. – Equip heating and cooling systems with air filters to protect against dust. CS262/0898/V1 Chapter 6 - 12 ADCS Natural Disasters • Earthquakes and Vibration: – Keep computers away from glass windows and high surfaces. – Be sure that if strong vibration occurs, other objects won’t fall on computers. • Water (Flood): – Install a water sensor on the floor near computer. – If computer does get wet, let it dry thoroughly before attempting to turn it on again. CS262/0898/V1 Chapter 6 - 13 ADCS Natural Disasters • Electricity: – Computer will suffer if it gets too much or too little electricity. – For best results, install an uninterruptable power supply (UPS). – Install a line filter on computer’s power supply. CS262/0898/V1 Chapter 6 - 14 ADCS Natural Disasters • Lightning: – If a lightning storm hits, try to turn off the computer and unplug it. Lightning generates an enormous power surge. – Protect the backup from the magnetic field created by the lightning. CS262/0898/V1 Chapter 6 - 15 ADCS Resumption After Crisis • The key to successful recovery is adequate preparation. • Computing systems are easily replaced by the off-the-shelf systems. • Data and locally developed programs are more vulnerable. • Need to use recovery methods backup, off-site backup, cold site and hot site. CS262/0898/V1 Chapter 6 - 16 ADCS Intruders • Authorised access prevents knowledgeable users. • Another class of unauthorised access is the physical presence of people who are not even users (unauthorised visitors) • Unauthorised visitors can cause three problems: 1. Theft of machinery or data 2. Destruction of machinery and 3. Viewing of sensitive data CS262/0898/V1 Chapter 6 - 17 ADCS Intruders • Hints for keeping Intruders Out: – Dropped ceilings: Be sure the walls extend above the dropped ceiling so intruders can’t climb over the walls. – Raised floors: Be sure the walls extend down beyond the raised floor so intruders can’t crawl under the raised floor. – Air ducts: Be sure the air ducts are small enough to intruders can’t crawl through them. – Glass walls: They are too easy to break and easily get access to sensitive information. So, don’t use glass wall – Network connections: Intruders can cause damage by unplugging or cutting cables, also opens up the possibility of wiretapping. So, hide the n/w connection CS262/0898/V1 Chapter 6 - 18 ADCS Disposal of Sensitive Media • A draft copy of a confidential report and magnetic media and even printer ribbon may disclose sensitive data. • Several ways to destroy data on all form of media are (from unauthorised visitor): – Draft copy - shredders (machine which tears paper into very small pieces) – Magnetic media - overwriting magnetic media, degaussor (device used to erase magnetic media). – Printer ribbon - dispose it and do not leave it unattended CS262/0898/V1 Chapter 6 - 19 ADCS Control of Access to Computers • There is no secure access control systems for stored program or data. • Need to use add-on access control packages developed for low degree of protection. • Network access control makes sure network hosts continually assure the authenticity of other hosts on network. • Examples – Mainframe data access control software, – Microcomputer access control hardware/software, – Store file encryptors and network penetration detectors. CS262/0898/V1 Chapter 6 - 20 ADCS Environmental Issues • Computers require proper environment conditions to function correctly at peak efficiency • However, always over-looked • Frequently elusive challenges are: 1) Power problems - power overage, power underage, power quality 2) Electrostatic Discharge (ESD) problems 3) Electromagnetic Interference (EMI) problems 4) Radio Frequency (RFI) problems 5) Climate problems CS262/0898/V1 Chapter 6 - 21 ADCS Environmental Issues 1) Power problems – Line Voltage: • Alternating current (AC) is the main power to computer devices • Has 110 volts and change polarity 60 times a second (60 Hertz) • Deviation from the values creates computer devices problems CS262/0898/V1 Chapter 6 - 22 ADCS Environmental Issues • Power Overage – Too much power is coming into the computer in two forms: • Power Spike - power level rises above normal levels and drops back to normal in less than one second Voltage Time CS262/0898/V1 Chapter 6 - 23 ADCS Environmental Issues • Power Surge - power level rises above normal levels and stays there for more than one or two seconds. More damaging than spikes Voltage Time CS262/0898/V1 Chapter 6 - 24 ADCS Environmental Issues • Surge Protectors – Special electronic circuit monitors the incoming voltage level – Trips a circuit breaker when the voltage is over voltage threshold – Problems: • The threshold set is too high to be safe • By the time circuit breaker trips, some over voltage has gotten to the power supply of computer and damaging it • Surge protectors doesn’t protect against power surges and spikes lower then the threshold CS262/0898/V1 Chapter 6 - 25 ADCS Environmental Issues • Line Conditioners – Uses several electronic circuit to “clean” all power coming into it – Uninterruptible Power Supply (UPS) uses a battery and power inverter to run the computer equipment CS262/0898/V1 Chapter 6 - 26 ADCS Environmental Issues • Power Underage – Power level drop below the standard voltage – Types of problem: • Sag • Brownout • Blackout CS262/0898/V1 Chapter 6 - 27 ADCS Environmental Issues • Sag – An inverted spike – Occur when power levels drop below normal and rise back to normal within a brief of time (usually less than a second) – e.g. a light flicker off and then on although the computer might reboot Voltage Time CS262/0898/V1 Chapter 6 - 28 ADCS Environmental Issues • Brownout – Occurs when power drops below normal levels for several seconds or longer – An inverted surge – e.g. the light in room will dim for a short while and then come back to full brightness Voltage Time CS262/0898/V1 Chapter 6 - 29 ADCS Environmental Issues • Blackout – A total loss of power for several seconds/minutes/hours Voltage Time CS262/0898/V1 Chapter 6 - 30 ADCS CS262/0898/V1 Chapter 6 - 31 ADCS CS262/0898/V1 Chapter 6 - 32 ADCS Environmental Issues • Power Quality – Indicates that stray frequencies have entered the power supply through the power cord – Can cause strange problems (e.g. intermittent reboots or hangs) and damage power supply – Detected using oscilloscope – UPS and Line Conditioner used to avoid it CS262/0898/V1 Chapter 6 - 33 ADCS Environmental Issues 2) Electrostatic Discharge (ESD) problem – Occurs when two items with dissimilar static electrical charges are brought together – Static electrical charges will “jump” from the item with more electrons and it is seen as an electrical spark – It can damage electronic components bcoz the several thousand electrons moving thru delicate circuit junctions of silicon chips render the chip useless – E.g. Walking across a nylon carpet in cotton socks created an immense static charge. If we are using the computer, the static charge may jump from our finger to the keyboard and may damage the device CS262/0898/V1 Chapter 6 - 34 ADCS Environmental Issues 3) Electromagnetic Interference (EMI) problem – Occurs when magnetic fields intersect network or computer cables, causing interfering in that cable – e.g. motors, transformer - source of EMI – It’s a mistake to run network cable thru an elevator shaft or thru a ceiling that hides a bank of transformers in fluorescent light – Protected by: • Using shielded cable or fibre optic • Moving cable far away from EMI source CS262/0898/V1 Chapter 6 - 35 ADCS Environmental Issues 4) Radio Frequency Interference (RFI) problem – Occurs when radio signals interfere with the normal operation of electronic circuits – e.g. television and radio transmitters, radios and cellular phones – To protect, we can use: • Shielded network cables shielded twisted-pair (STP), coaxial cable - to reduce the effect • Fibre-optic - immune to EMI and RFI but more expensive CS262/0898/V1 Chapter 6 - 36 ADCS Environmental Issues 5) Climate Problems – Computer devices are very sensitive to temperature extremes and can fail prematurely – Environment should be roughly the same as human beings – Keep temperature at 70 F (10-26 degrees Celsius) consistently and humidity between 40 and 60 percent – Excessive heat can damage electronic components – But it’s challenging as computer devices constantly generate heat CS262/0898/V1 Chapter 6 - 37 ADCS Environmental Issues – To maintain the condition: • Provide special climate controlled network room • Never put servers in a network closet without ventilation • Never put an electronic device in front of a heart source CS262/0898/V1 Chapter 6 - 38 ADCS Biometrics • Is the use of unique characteristics to provide positive personal identification: – Physiological - physical traits that are direct part of our body, study of how bodies of living things and their various parts work (e.g. fingerprint, retina) – Behavioural - based upon of what we do, structure / formation objects (language, animal) - voice pattern, signature – Morphological - based upon of movement of our activities, e.g. keystroke pattern) CS262/0898/V1 Chapter 6 - 39 ADCS Biometrics • Systems available today (current) examine: – Fingerprints – Handprints – Retina patterns – Voice patterns – Signature – Keystroke patterns. CS262/0898/V1 Chapter 6 - 40 ADCS Biometrics • Devices proposed (future): – Footprints – Lip prints – Wrist vein patterns – Brainwaves – Skin oil characteristics – Facial geometry – Weight / gait patterns CS262/0898/V1 Chapter 6 - 41 ADCS Biometrics • Surveys indicate that in order of effectiveness, biometrics devices rank as follows (most secure to least secure). – Retina pattern devices – Finger print devices – Hand print devices – Voice pattern devices – Keystroke pattern devices – Signature devices • In order of personal acceptance, the order is just the opposite. CS262/0898/V1 Chapter 6 - 42 ADCS Biometrics • Retina Patterns: – Everybody has a unique retinal vascular pattern. – Examine the unique characteristics of an individual’s retina and use that information to determine the access. – System uses an infrared beam to scan retina and produces digital profile of blood vessel patterns in the retina. – Newer systems also perform iris and pupil measurements. – Of all the biometrics system, retina system are the most threatening one. CS262/0898/V1 Chapter 6 - 43 ADCS Biometrics • Fingerprints: – Everybody has a unique set of fingerprints. – Examine the unique characteristics of an individual’s fingerprints and use that information to determine the access. – System will scan the fingerprint information to the computer for analysis. – Sophisticated systems performs a three dimensional analysis of fingerprint including pulse. – Slower than other types of biometrics systems. – Burns and other physical problems can affect the system’s ability to match fingerprints. CS262/0898/V1 Chapter 6 - 44 ADCS Biometrics • Handprints: – Everybody has a unique handprints. – Examines the unique measurements of hand and use that information to determine the access. – Handprint information is is digitised and compared against a stored handprint template. – Handprint systems are said to be less reliable than fingerprint systems. CS262/0898/V1 Chapter 6 - 45 ADCS Biometrics • Voice Patterns: – Everybody has a unique vocal and acoustic pattern. – Examine phonetic and linguistic patterns and use that information to determine the access. – System converts the acoustic strength of a speaker’s voice into component frequencies and analyse how they are distributed. – Their ability to work properly depends to some extent on the physical condition of the larynx. – Respiratory diseases, injuries stress and background noises may affect the system’s ability to match a voiceprint. CS262/0898/V1 Chapter 6 - 46 ADCS Biometrics • Keystrokes Patterns: – Everybody has a unique pattern or rhythm of typing. – Examine the speed and timing of typing during the login process, and compare it to the keystroke template stored. – It may win wide acceptance, because keystroke verification may be built in ordinary login process. CS262/0898/V1 Chapter 6 - 47 ADCS Biometrics • Signature and Writing Patterns: – Everybody has a unique signature and signature-writing pattern. – System converts signature into a set of electrical signals that store the dynamics of the signing process. – Also analyse various timing characteristics, such as pen-in-air movements that are unique. – Very well accepted and also much cheaper than any other biometrics systems. CS262/0898/V1 Chapter 6 - 48