cpp study course protection of assets manual physical security
TRANSCRIPT
CPP Study CourseCPP Study Course
Protection of Assets ManualProtection of Assets Manual Physical SecurityPhysical Security
Vulnerability
• Define the problem.– Kind of threats or risks.– Likelihood or probability of threat.– Impact or effect on assets.
• Loss Event Profile– Security counter measure should be provided if – It will cause an actual loss measurable by some standard– The loss is not speculative in the sense that nonoccurrence
would realize a gain– Loss Event Probability or Frequency
Vulnerability (Cont.)
• Loss Event Probability or Frequency– Probability Factors
• Physical Environment• Social Environment• Political Environment• Historical Experience • Criminal State-of-Art
– Application of Probability Factors Analyses• Check List• Risk Matrix
Vulnerability (Cont.)
• Probability Ratings– Virtually Certain– Highly Probable– Moderately Probable– Improbable– Probability Unknown
• Rating Symbols• Loss Event Criticality
Vulnerability (Cont.)• Kinds of Costs to be considered
– Direct– Money– Negotiable Instruments
• Property• Information
• Indirect• Reputation• Goodwill• Loss of Employees• Morale of Employees
Vulnerability (Cont.)• Criticality Ratings
– Fatal– Very Serious– Moderately Serious– Relatively Unimportant– Seriousness Unknown
• Preparing a Solution– Logically look at what must occur for threat to happen– Leverage attack point
Vulnerability (Cont.)• Solving the Problem• Countermeasures
– Countermeasures Criteria• Validity• Degree of Reliability• Approximate Cost• Delay or Required time to implement
Vulnerability (Cont.)
• Economic Justification of Security– Cost Avoidance– Loss Control– Asset Recoveries– Measuring Return on Expenditures
Barriers
• Have Security in depth – Layers of security to delay and deter Natural
• Water• Mountains • Marshes• Deserts • Other Terrain difficult to traverse
Barriers (Cont.)
“Structural Barrier physically and psychologically deters or discourages the undetermined, delays the determined, and
channels the flow of the traffic through entrances.”
Barriers (Cont.)
• Structural Barriers– Building Surfaces
• Roofs, Floors and Walls– Building Openings
• Doors• Windows• Drives • Grills • Utilities into and out of area
– Metal, including drawn wire– Masonry
Barriers (Cont.)
• Glass– Electrically Conductive Glass – Rough or patterned Glass– Mirrors and Transparent Mirrors– Tempered Glass– Laminated Glass– Bullet-Resisting Glass– Wired Glass– Acrylic Glass (plexiglass) (polycarbonate)
Perimeter Barriers
• Perimeter Barriers– Chain Link Fencing
• Outriggers• Privacy slats
– Barbed Wire• Concertina Wire• Barbed Tape
– Expanded Metal and Welded wire Fabric
Locking• Mechanical Lock
–Warded Lock–Lever Locks–Pin Tumbler Lock–Interlocking Pins–Multiple Axes Tumblers–Wafer Tumbler
• Key Accountability“The use of a single Grand Master combination for any
mechanical locking system is not a sound security practice.”
–Electromagnetic Lock –Electro-Mechanical Locks (breakaway strikes)–Electronic Lock (Crash bars)–Dial Type Combination Locks (Safe Locks)
Alarm sensors
• Alarm sensors– Perimeter or point of entry– Area– ObjectOr
• Electro-mechanical– Foil– Switches– Wire and Screen Detectors– Pressure Mats
Alarm sensors (Cont.)
• Sound wave-Microwave– Ultrasonic Detectors
• Capacitance (Safe Detection Mainly)• Vibration (Typically installed inside of safe or controlled areas.) • Audio (Glass break detectors)• Light (Infra-red Beam detectors)• Other
– Pressure – Thermal– Chemical
Sensor Integration
• Types of Systems– Local Alarm– Central Station– Direct Connection– Proprietary
Engineering Design• Protection Improvement• Patrol Reduction• CCTV and Personal Reduction• The Automated Security System• Centrally- Controlled Systems• Control Center Equipment• Costs• Personnel Control
– Identification– Access
• Monitoring Sensors• Supervision of Protection Personnel• Time and Attendance Recording• Programming the Computer
Engineering Design (Cont.)• System Expansion• The Control Center• Emergency Power
– Standby Power– Continuous Power
• The System Design Task– System Objective– System and Subsystem Task Relationship
• The Vulnerabilities Analysis• Determination of Functional Countermeasures
– Countermeasures Network Relationships• Subsystem Importance• Complete Functional Statement
Engineering Design (Cont.)
– Development of a Complete Functional Specification• Elements of a Typical Functional Specification
– General Requirements– Bid or Cost Proposal– Relevant Standards– Subsystem Description– Summaries of Devices– Alternate Approaches
– Evaluation of Proposals Responsive to Functional Specification
– Selection of the Supplier and Negotiation of the System Contract
Communications• Line Protection• Wire Transmission of Alarm and Audio Signals
– Loop– Point to Point– Multiplexing
• Optical Fiber• Video Transmission by Wire
• Radio– Radio-Telephone– Cellular Telephone– Radio Interference– Microwave Transmissions
• Light• Interconnection• Communication Security
Communications (Cont.)
• Scramblers– Frequency inverters– Bandsplitters– Rolling Bandsplitters– Frequency or Phase Modulators– Masking– Vocoder– Rolling Codes– Digital Coding and Encryption
Identification
• To include or exclude someone or something from a group (employee, police officer , welfare recipient)
• To grant or Deny admittance• To Issue or Withhold material or information• To permit, Deny or qualify in some way a privilege
Identification (Cont.)• Security Applications of Access Control
– Permit or deny entrance to or presence in a given place.– Increase or reduce the rate or density of movement to,
from or with in a defined place.– Protect persons, materials, or information against
unauthorized observation or removal.– Prevent injury to persons or damage to things.
• Performance Requirements – It is valid.– It is reliable– It is easy to use.– It should be resistive to surreptitious substitution or
counterfeiting.– It should be rugged and long-lived.
Identification (Cont.)
• Performance Criteria– It should be physical adequate.– It should be valid and reliable– If mechanical or electro-mechanical, it should be easily
maintained.• Manual Access Control Systems
– Personal Recognition• Prior Familiarity• Opportunity to observe• Frequency of observation• Verifiable Authorization• Controllable
Identification (Cont.)• Document Criteria
– Obviously distinctive– Resistive to surreptitious changes
• Watermark• Laminate the document.• Holograms
• Document Criteria Cont.)– Unique to the authorized holder
• Photograph• Description of holder
– Positive if coded or access– Adaptable for display wearing.– Of limited valid period.
Access Control
• Automated Personnel Identification and Control– A device or artifact which can be possessed, such as a key
or coded card – Information which can be remembered, such as a personal
identification number (PIN) and/or– A uniquely personal characteristic, such as a fingerprint,
voice pattern, signature characteristics or retinal vascular pattern - the biometric approach.
Access Control (Cont.)
• Coded Card System Elements– The card or token.– The sensing or point of entry device.– The control processor– The communications links between those two:and– The local or central database.
Access Control (Cont.)• Magnetic Stripe
– ANSI/ ISO 7810 and 7811/2• Track 1 used by International Air Traffic Association
(IATA)• Track 2 used By American Bankers Association
(ABA)– Coercivity
• 300 oersteds (early card system usually)• 4000 oersteds
– Encoded data is read when the card is passed over the reader head.
• Insertion reader• Swipe reader
– Watermark (usually on Track 3 or 4)
Access Control (Cont.)• Magnetic Matrix
– Advantages• Cards and readers are relatively inexpensive• Card codes are user changeable.• The card life is fairly long.• There is a low read error rate
– Disadvantages• Cards can be duplicated.• Interference from other magnetic energy fields
may occur.
Access Control (Cont..)• Optical Matrix (Transparent Bar Code)
– Advantages• Low cost• Difficult to counterfeit• A low read error rate.• Avoidance of electromagnetic interference.• A relatively long life for the card and reader.
– Disadvantages• Cannot be user coded• Vulnerable to obscuring markings on card or
dirt/dust in reader
Access Control (Cont..)• Hollerith Code (Hole Pattern)
– Advantages• very inexpensive• Large coding capacity• No read errors• Not vulnerable to electromagnetic interference
– Disadvantages• Codes not user changeable• Easy to duplicate• Short card life
Access Control (Cont..)
• Electrical Matrix– Advantages
• None– Disadvantages
• Not durable• Easily Decoded • Not user Changeable• Bulky
Access Control (Cont..)
• Capacitance Code– Advantages
• Diffcult to read or counterfeit• Low cost
– Disadvantages• User cannot change codes• Limited data carrying capacity
Access Control (Cont..)
• Proximity Code– Advantages
• Hands-free operation• Low maintenance• Difficult to decode or counterfeit
– Disadvantages• Limited data coding capability.• Bulky• Substantially higher cost per card• Codes are not user changeable
Access Control (Cont..)
• Wiegand Coding– Advantages
• Highly secure and resistive to alteration or counterfeiting.
• Durable cards.• Not vulnerable to radio frequency or
electromagnetic interference.– Disadvantages
• Cards are expensive• Codes not user changeable
Access Control (Cont..)
• Bar Coding– Advantages
• Inexpensive• Cards and readers have long live• A large amount of data can be coded • A low error rate
– Disadvantages• Can be easily decoded and reproduced
Access Control (Cont..)
• BioMetric Access– Fingerprint Identification– Speech Identification– Hand Geometry– Handwriting– Retinal Scan
• Detection of Weapons and Metal – Metal Detectors– X-ray Detectors
• Detection of Explosives– Vapor Trace Detection– Electron Detection
Parking and Traffic Control
• Vehicular Access– Driveways and Ramps– Vehicle Checkpoints
• Locally Operated• Remotely Operated
• Signs and Placards• On-Premises Vehicle Safety• Vehicle Identification and Registration• Identifying Employee Vehicles• Identifying Delivery Vehicles• Identifying General Visitors• The Goal - All Vehicles Identified
Parking and Traffic Control (Cont..)
“It is suggested that as many vehicles as possible be assigned general parking authorization and as few as possible be given reserved parking.”
• General On-Premises Parking– Lot Layout
• Smaller-than-Standard Cars• Larger-than-Standard Vehicles
• Reserved On-Premises Parking– Lot or Area Control– General Areas– Oversubscription– Mechanized Control– Differential Counter– Visitor Parking
Parking and Traffic Control (Cont..)
• Violations and Sanctions• Parking Area Censuses• Personal Safety (Emergency Stations0
Dogs for Protection
• Characteristics of Dog Behavior and Motivation– Senses
• Smell• Hearing• Sight• Touch• Intelligence• Sensitivity
– Over Sensitive Dog– Under Sensitive Dog– Moderately Sensitive Dog
– Energy
Dogs for Protection (Cont..)– Aggressiveness
• Over Aggressiveness• Under Aggressiveness• Moderately Aggressiveness
– Willingness– Motivation
• Dogs are used for– Tracking– Detection of Drugs, Explosives and other substances– Protection or Patrol of an area alone– Protection of and area with handler– Guarding or a holding a person in a location– Aggressive attack
Dogs for Protection (Cont..)
• Care Of Dogs– Kennels
• Noise• Drainage• Water Supply• Fire Protection• Lighting, Ventilation and Heat• Areas Relating to Kennels (Dog Runs)• Sanitation• Maintenance• Feeding Area
Dogs for Protection (Cont..)
• Grooming• Inspections
– Eyes– Ears– Nose– Mouth Feet– Skin and Hair– Limbs– Genitals– Anal Region– Temperature– Body Functions– Attitude