PHYSICAL SECURITY
BY
Josef Onuoha
CS 996

Outline
• Goals of Physical Security
• Perimeter and Building protection
• Access Controls
• Distributed Processing
• Stand-alone Systems and Peripherals
• Environment and Life Safety Controls
• Tamper Resistance

Goals of Physical Security
• Prevent unauthorized access to equipment, installations, material, and documents
• Safeguard against espionage, sabotage, damage, and theft
• Safeguard personnel

Perimeter Protection
• Standoff distance
– The maintained distance between where a vehicle bomb is allowed and the target
• Exclusive Standoff Zone
– Vehicles are not allowed within perimeter unless they have been searched and cleared
• Nonexclusive Standoff Zone
– Established when a facility or location permits a mixture of trucks and cars.
– Includes inner and outer perimeters

Perimeter Protection

Perimeter Protection
• Speed Control
– Controls the speed of vehicles used for bombs

Perimeter Protection
• Vehicle barriers

Perimeter Protection
• Perimeters should also protect against
Standoff weapons such as riffles, shot guns, pistols
• Primary defense is to obstruct Line Of
Sight (LOS) from vantage point outside the site
– Use a Predetonation Screen

Perimeter Protection

Perimeter Protection
• Surveillance
– aggressors remain outside of controlled areas and try to gather information from within those areas
– Designers must eliminate or control vantage points from which aggressors can surveil or eavesdrop on assets or operations.
• Trees, bushes, fences, other buildings etc

Perimeter Protection

Perimeter Protection
• Lighting
– Discourage or deter attempts at entry by intruders.
– Prevent glare that may temporarily blind the guards.
– Different types
• Continuous, standby, movable
– Different applications
• Entrances, Parking areas, Critical areas
• Staffing
– Security Guards
– Patrols
– Dogs

Building Protection
• A Sensitive Compartmented Information
Facility (SCIF) is an accredited area, room, group of rooms, buildings, or installation where Sensitive
Compartmented Information (SCI) may be stored, used, discussed, and/or processed
• We now focus on construction requirements of a SCIF

Building Protection
• Vault Specifications

Building Protection
• Vault Specification (cont)
– minimum compressive strength of 3000 psi after 28 days of aging for class A
– 5/8-inch diameter steel rein- forcing bars laid
6 inches on centers
– In seismic areas, 6-inch or thicker RC will be used.

Building Protection
• Walls
– The walls will be of either reinforced concrete in excess of four inches thick or solid masonry
(stone or brick) in excess of eight inches thick
• Floors
– The floor and ceiling selected for a Secure
Area will be at least a four inch thickness of concrete

Building Protection
• Entrances
– A Secure Area will be equipped with a GSA
Class 6 vault door
• Windows
– It is preferable that Secure Area be windowless . Accessible windows, where required, will be secured with bars, installed as specified in the requirements

Building Protection
• Barred Window Specifications for SCIF
– Type of Installation
• Type A: Requires a steel frame with steel bars welded on it to be bolted to the inside of the facility window frame
• Type B: Requires imbedding the ends of steel bars in the masonry window frame of the facility
• Type C: Requires a grillwork of steel bars to be imbedded in the masonry walls immediately adjacent to the facility window frame

Building Protection
• Sound Attenuation for SCIF
– The SCIF walls, windows, floor and ceiling, including all openings, should provide sufficient sound attenuation to preclude inadvertent disclosure of conversation
– Must meet the following SCT:
• Executive Suite 45+
• Briefing Rooms 45+
• Auditoriums 50+

Building Protection
• Telephone Security for SCIF
– Telephone cables and wires which penetrate a facility's perimeter will enter the facility through one opening and be placed under control at the interior face of the perimeter
– The number of telephone instruments servicing a SCIF will be limited to those operationally necessary

Interior Intrusion Detection
Systems
• Structural vibration sensors
– Detects energy due to hammering, drilling, etc
• Point sensors
– Detects close proximity to an object.
• Passive ultrasonic sensors
– detect acoustical energy
• Volumetric Motion sensors
– Detects intruder motion within the interior of a protected volume

Exterior Intrusion Detection
Systems
• Fence sensors
– Detects penetration generated by mechanical vibrations and stresses in fence fabric and posts
• LOS sensors
– generate a beam of energy and detect changes in the received energy that an intruder causes by penetrating the beam.

Alarms
• Requirements
– perimeter doors will be equipped with high security balanced magnetic door switches.
– Vault doors will be equipped with heat detectors and balanced magnetic switches.
– The interior spaces not continually occupied by authorized personnel will be protected by motion detection alarms.
– vents and ducts over six inches will be alarmed.
– Windows less than 18 feet from ground level will be alarmed

Alarms
• Types
– Motion alarm detectors
• Overt body motion walking through the protected areas at the rate of one step per second for four seconds, in areas protected by ultrasonic, microwave, and other motion detection devices
– Door Switches
• Actual opening of doors (or windows or other openings using door switches) which are protected by balanced magnetic door switches.

Alarms
• Types (cont)
– Capacitance Alarms
• Attempts to push hands, arm, or legs through the protected area (air ducts or vents); to touch an item being protected (door, window, wall, etc.); or to move protected objects (security containers).
– Tamper Switches
• Removal of the covers for sensors, alarm control units, day/night switches, and end of the line supervision control units should cause an alarm regardless of the status of the overall system

Physical Access Control
• Designate restricted area: Facilitates enforcement

Physical Access Control
• Locks
– Preset Locks and Keys
• Typical door looks
– Programmable Locks
• Mechanical (Cipher Locks)
• Electronic (Keypad Systems): Digital Keyboard
– Number of Combinations
– Number of Digits in Code
– Frequency of Code Change

Physical Access Control
• Cards
– Photo-ID cards
– Wireless Proximity readers
– Magnetic Strip cards
– Smart Cards
• Often Require Use of PIN Number with Card
• Readers: Card Insertion, Card Swipe & Proximity

Physical Access Control
• DOD Smart Cards (Common Access Cards)

Physical Access Control
• Biometric Devices
– Fingerprint/Thumbprint Scan
– Retina Scan
– Hand Geometry
– Facial Recognition
– Voice Verification
– Problems
• Cost
• Speed
• Accuracy

Physical Access Control
• Typical verification times for entry-control devices

Physical Access Control
• Visitor identification and control
– Visitors, Cleaning teams, Civilians in work areas after normal work hours, Government contractors
• Personnel
– Position Sensitivity Designation
– Management Review of Access Lists
– Background Screening/Re-Screening
– Termination/Transfer Controls
– Disgruntled Employees

Physical Access Control
• Movement Control
– Escorts
– Two-person rule

Distributed Computing
• Threats
– To Confidentiality
• Sharing Computers
• Sharing Diskettes
– To Availability
• User Errors
– To Data Integrity
• Malicious Code
• Version Control

Physical security of Distributed
Computing
• Office Area Controls
– Entry Controls
– Office Lay-Out
– Property controls
– Electronic Media Controls
– Clean-Desk Policy
– Space protection devices
• Heat/Humidity considerations

Stand-alone Systems and
Peripherals
• PC Physical Control
– Cable locks
• Vinyl-covered steel cable anchoring the PC or peripheral to desk
– Port controls
– Devices that secure data ports (such as USB ports) and prevent their use

Stand-alone Systems and
Peripherals
• PC Physical Control (cont)
– Switch Controls
• A cover for the on/off switch, which prevents a user from switching off the file server’s power
– Peripheral switch controls
• Lockable switches that prevent a keyboard from being used
– Electronic Security Boards
• Boards inserted into an expansion slot in the PC and force a user to enter a password when the unit is booted

Environment and Life safety
Controls
• Environment considerations to physical security include the following
• Electric Power
• RFI, EMI
– Implement TEMPEST
• Humidity
– Humidity of < 40% increases static elec. Damage potential
• Emergency power off controls
• Voltage monitoring/recording
• Surge protection

Environment and Life safety
Controls
• Electric Power (cont)
– Backup power
• Backup feeders, UPS
– Emergency power generators

Environment and Life safety
Controls
• Temperature
– Temperatures When Damage Occurs
• Paper Products:
• Computer Equipment:
• Disks:
• Magnetic Media:
350 o
175 o
150 o
100 o
• Fire detection
– Heat-sensing
– Flame-actuated
– Smoke-actuated
– Automatic dial-up fire alarm

Environment and Life safety
Controls
• Fire Extinguishing Systems
– Wet pipe
– Dry pipe
– Deluge
• Suppression mediums
– Halon
• Excellent for vaults, equipment cabinets, etc
– Carbon IV Oxide
• Great for unattended facilities. Potentially dangerous

Information System Centers
• Site selection
– Low visibility
– Low natural disaster threat
– Easy access to external services such as police, fire, hospitals, etc

Information System Centers
• Infrastructure
– Servers, switches, routers, should be placed in looked racks and looked rooms
– Wiring and cables should be routed through walls, floors, etc to avoid tampering
– Uninterrupted power supply should exist for computing facility

Tamper Resistance
• A device is said to be tamper-resistant if it is difficult to modify or subvert, even for an assailant who has physical access to the system.
• Specialized materials used to make tampering difficult
– One-way screws, epoxy encapsulation, trox
• Closely tied to tamper detection and response

Tamper Detection
• The ability of a device to sense that it is under physical attack and includes
– Switches to detect opening of device covers
– Sensors to detect changes in light or pressure within the device
– Barrier to detect drilling or penetration of physical boundary
– Paint

Tamper Response
• Tamper Response is the counter measure taken upon the detection of tampering
• Ex.: Erase memory, shutdown/disable device, enable logging
• This is especially very important in the case of cryptographic keys stolen or lost
• This is especially very important in the case of cryptographic keys stolen or lost
– Computational errors introduced into a smart card can deduce the values of cryptographic keys hidden in the smart card
– layers of a chip can be uncovered by etching, discerning chip behavior by advanced infrared probing, and reverse-engineering chip logic

OPSEC
• Operations security (OPSEC) is an analytic process used to deny an adversary information - generally unclassified
• Trains people on the handling of information
• We can apply OPSEC in our daily lives
– “What could an adversary glean from the knowledge of this activity?”

Resources
• Physical Security Requirements For NSA/CSS Sensitive
Compartmented Information Facilities
• FM 3-19.30 Physical Security, Department of the Army
• AR 380-5 Appendix H Classified document and Material
Storage
• Smart Card/Common Access Card Program http://www.donebusiness.navsup.navy.mil/portal/page?_pageid=36,747
50,48_72991&_dad=pebiz&_schema=PEBIZ