Understanding Security Basics: A Tutorial on Security Concepts and Technology
-
Upload
amna-jalil -
Category
Education
-
view
179 -
download
0
Transcript of Understanding Security Basics: A Tutorial on Security Concepts and Technology
Overview of the security concepts and thesystems
Need of security expert
One’s own organization Full or part-time contractor
Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset,
such as a person, community, nation, or organization (Biosafety labs)
30 feet clear zone --- from the protectableobject or facility
Void of Trash receptablesAshtrays dumpsters
Restrict, deny or channel pedestrian orvehicular traffic
Not necessarily impenetrable – increase theprobability to detect people & vehicles –trying to get illegal access
Significant deterrent – potential intrudersEnhances visibility for routine patrols &
general staffPermanent lightening – adequate
illumination to Entry points Pathways Parking lots
◊ Often neglected component◊ Support deterrence & delay by providing
concealment from chance and directsurveillance
◊ Purpose – limit visibility from unauthorizedsources
◊ Simple – darkened windows, curtains◊ Complex – walls, coverings even shrubbery
Many shapes and formsSingle hasp lock to very complex systemsInclude: Standard key lock Combination lock Cipher lock Card access control systems including swipe card lock
and biometricCan be tied in electronic security system
• Come in three flavors
Access Control Systems
Security Surveillance
Intrusion Detection Systems (IDS)
ACCESS CONTROL SYSTEMS
Devices designed to limit access --- site,building, room or container
Simple – swipe access system
Complex -- biometrics
SECURITY SURVEILLANCE
Most common – CCTVWhen choosing CCTV
Resolution power and image qualityColor or black & white Zoom capability Transmission mode
INTRUSION DETECTION SYSTEMS (IDS)
Identify unauthorized entryConnected to monitoring system – fall into 3
categories1. Local alarm system – when IDS breached–
sounds an alarm for a local security officer
2. 24-hour central station – usuallycommercially operated – when get alarm,they contact local police
Elements of security systems are the rings –around the resource need to be protected
Each ring supported by security equipmentsand procedures – deter, detect or supportdefeating an adversary by being applied onone or more rings of security
Prevention of action through a fear ofunacceptable consequences
Psychological statePerception of security system – from outside
lookIf PTE feels fear – move to other place
Let’s keep them away from here
o Determination and transmission that an eventhas occurred
o Use of technology – increases capability
Analysis of an event by a person directlyonsite or via technology
Now-a-days – CCTV systems
Necessary --- determination of the validationof alarm & appropriate response
Ability of physical or psychological barriers torestrict movement
Purpose – allow time for an appropriateresponse – make impossible for intruder tocontinue
Level of reaction required to counter anintrusion
Response forces
Unarmed security guards or staff Local police
High level – dedicated armed forces – nuclearstorage areas
To avoid the Probable threat element (PTE)
Hypothetical Scenario
Four Field members of some terrorist agencymeet in the Baltimore in December 2002
2 from New york 2 from Fort WorthTheir Mission: Steal biological material---
used in bioterror attack on US food supply
March 2003 --- Black Angus restaurantAtlanta – target selection
Pre-selection Operations --- 3 locations• Centers for Disease Control and
Prevention in AtlantaCDC
• U.S. Army Medical Research Instituteof Infectious Diseases in MarylandUSAMRIID
• Plum Island Animal Disease Centerin Long Island, New YorkPlum Island
Identification of weaknesses in security – toexploit
Find a location with Poor lighting Weak CCTV system Inconsistent access control system
Began from April to June 2003Observations were recorded and discoveredNew alarm systems at CDCHigh-tech TV systems– throughout complex Barriers – movement hindrance
AssessmentSecurity components – hindered proposed
operation
Occurred from July to August 2003Problems were similar to CDCMany lights & security structures BarriersAccess control procedures
Assessment
Location was too difficult
August through September 2003Many weaknesses were found Numerous gaps in security Doors left open for ventilation Some windows left open overnight Alarms and door sensors not operational Poor lighting Inadequate and broken CCTV
Assessment
Plum Island was selected as target
◊ From September to December 2003
◊ Found a route of entry – A window – leftunlocked most evenings
◊ Daily operations were observer and targetselection was made
Attack was conducted early in January 20041 person – at vehicle – half a mile away3 persons – entered building from windowGained access – cutting hole in drywallTook several vials of hoof and mouth virus
and exitedWhole operation took 70 minutes