Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 13 – Physical and Infrastructure Security

Physical and Infrastructure Security  now consider physical / premises security  three elements of info system security: logical security - protect computer data logical security - protect computer data physical security - protect systems & access physical security - protect systems & access premises security - protect people / property premises security - protect people / property

Physical Security  protect physical assets that support the storage and processing of information  involves two complementary requirements: prevent damage to physical infrastructure prevent damage to physical infrastructure information system hardwareinformation system hardware physical facilityphysical facility supporting facilitiessupporting facilities personnelpersonnel prevent physical infrastructure misuse leading to misuse / damage of protected information prevent physical infrastructure misuse leading to misuse / damage of protected information

Physical Security Context

Physical Security Threats  look at physical situations / occurrences that threaten information systems: environmental threats (incl. natural disasters) environmental threats (incl. natural disasters) technical threats technical threats human-caused threats human-caused threats  first consider natural disasters

Natural Disasters  tornado  hurricane  earthquake  ice storm / blizzard  lightning  flood

Environmental Threats  inappropriate temperature and humidity  fire and smoke  water  chemical, radiological, biological hazards  dust  infestation

Technical Threats  electrical power is essential to run equipment power utility problems: power utility problems: under-voltage - dips/brownouts/outages, interrupt serviceunder-voltage - dips/brownouts/outages, interrupt service over-voltage - surges/faults/lightening, can destroy chipsover-voltage - surges/faults/lightening, can destroy chips noise - on power lines, may interfere with device operationnoise - on power lines, may interfere with device operation  electromagnetic interference (EMI) from line noise, motors, fans, heavy equipment, other computers, nearby radio stations & microwave relays from line noise, motors, fans, heavy equipment, other computers, nearby radio stations & microwave relays can cause intermittent problems with computers can cause intermittent problems with computers

Human-Caused Threats  less predictable, may be targeted, harder to deal with  include: unauthorized physical access unauthorized physical access leading to other threatsleading to other threats theft of equipment / data theft of equipment / data vandalism of equipment / data vandalism of equipment / data misuse of resources misuse of resources

Mitigation Measures Environmental Threats  inappropriate temperature and humidity environmental control equipment, power environmental control equipment, power  fire and smoke alarms, preventative measures, fire mitigation alarms, preventative measures, fire mitigation smoke detectors, no smoking smoke detectors, no smoking  water manage lines, equipment location, cutoff sensors manage lines, equipment location, cutoff sensors  other threats appropriate technical counter-measures, limit dust entry, pest control appropriate technical counter-measures, limit dust entry, pest control

Mitigation Measures Technical Threats  electrical power for critical equipment use use uninterruptible power supply (UPS) use uninterruptible power supply (UPS) emergency power generator emergency power generator  electromagnetic interference (EMI) filters and shielding filters and shielding

Mitigation Measures Human-Caused Threats  physical access control IT equipment, wiring, power, comms, media IT equipment, wiring, power, comms, media  have a spectrum of approaches restrict building access, locked area, secured, power switch secured, tracking device restrict building access, locked area, secured, power switch secured, tracking device  also need intruder sensors / alarms

Recovery from Physical Security Breaches  redundancy to provide recovery from loss of data to provide recovery from loss of data ideally off-site, updated as often as feasible ideally off-site, updated as often as feasible can use batch encrypted remote backup can use batch encrypted remote backup extreme is remote hot-site with live data extreme is remote hot-site with live data  physical equipment damage recovery depends on nature of damage and cleanup depends on nature of damage and cleanup may need disaster recovery specialists may need disaster recovery specialists

Threat Assessment 1. set up a steering committee 2. obtain information and assistance 3. identify all possible threats 4. determine the likelihood of each threat 5. approximate the direct costs 6. consider cascading costs 7. prioritize the threats 8. complete the threat assessment report

Planning and Implementation  after assessment then develop a plan for threat prevention, mitigation, recovery  typical steps: 1. assess internal and external resources 2. identify challenges and prioritize activities 3. develop a plan 4. implement the plan

Example Policy

Physical / Logical Security Integration  have many detection / prevention devices  more effective if have central control  hence desire to integrate physical and logical security, esp access control  need standards in this area FIPS “Personal Identity Verification (PIV) of Federal Employees and Contractors” FIPS “Personal Identity Verification (PIV) of Federal Employees and Contractors”

Personal Identity Verification

PIV Convergence

Summary  introduced physical security issues  threats: environmental,technical, human  mitigation measures and recovery  assessment, planning, implementation  physical / logical security integration