Focused On Your Success


The All.Net Security Database


Physical Security Cross Reference
Physical Security Cross Reference


Technologies or issues involved in physical security of information assets.

There is no effective protection without physical protection. Physical protection generally involved preventing or mitigating the effects of physical events that disrupt normal operations of information systems.

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Attack52 - audio/video viewing]
    [Attack3 - cable cuts]
    [Attack38 - device access exploitation]
    [Attack17 - dumpster diving]
    [Attack6 - earth movement]
    [Attack50 - electronic interference]
    [Attack37 - environment corruption]
    [Attack11 - environmental control loss]
    [Attack4 - fire]
    [Attack5 - flood]
    [Attack61 - hangup hooking]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack15 - inadequate maintenance]
    [Attack2 - power failure]
    [Attack12 - relocation]
    [Attack53 - repair-replace-remove information]
    [Attack9 - severe weather]
    [Attack55 - shoulder surfing]
    [Attack40 - simultaneous access exploitations]
    [Attack7 - solar flares]
    [Attack10 - static]
    [Attack13 - system maintenance]
    [Attack49 - van Eck bugging]
    [Attack8 - volcanos]
    [Attack54 - wire closet attacks]
    [Defense62 - analysis of physical characteristics]
    [Defense46 - biometrics]
    [Defense114 - control physical access]
    [Defense3 - detect waste examination]
    [Defense75 - disconnect maintenance access]
    [Defense60 - drop boxes and processors]
    [Defense139 - environmental controls]
    [Defense71 - Faraday boxes]
    [Defense138 - filtering devices]
    [Defense93 - fire doors, fire walls, asbestos suits and similar fire-limiting items]
    [Defense92 - fire suppression equipment]
    [Defense65 - increased or enhanced perimeters]
    [Defense90 - infrastructure-wide digging hotlines]
    [Defense116 - inspection of incoming and outgoing materials]
    [Defense79 - inventory control]
    [Defense67 - jamming]
    [Defense82 - locks]
    [Defense110 - low building profile]
    [Defense111 - minimize traffic in work areas]
    [Defense107 - minimizing copies of sensitive information]
    [Defense42 - multi-person controls]
    [Defense66 - noise injection]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense15 - physical security]
    [Defense77 - physical switches or shields on equipment and devices]
    [Defense112 - place equipment and supplies out of harms way]
    [Defense16 - redundancy]
    [Defense26 - rerouting attacks]
    [Defense140 - searches and inspections]
    [Defense48 - security marking and/or labeling]
    [Defense4 - sensors]
    [Defense115 - separation of equipment so as to limit damage from local events]
    [Defense68 - spread spectrum]
    [Defense103 - standby equipment]
    [Defense64 - tempest protection]
    [Defense73 - trunk access restriction]
    [Defense78 - trusted repair teams]
    [Defense17 - uninterruptable power supplies and motor generators]
    [Defense113 - universal use of badges]
    [Defense2 - waste data destruction]
    [Defense131 - adversary principle (GASSP)]
    [Defense135 - alarms]
    [Defense62 - analysis of physical characteristics]
    [Defense32 - anomaly detection]
    [Defense47 - authorization limitation]
    [Defense46 - biometrics]
    [Defense33 - capture and punishment]
    [Defense137 - choice of location]
    [Defense49 - classifying information as to sensitivity]
    [Defense94 - concealed services]
    [Defense58 - configuration management]
    [Defense91 - conservative resource allocation]
    [Defense96 - content checking]
    [Defense114 - control physical access]
    [Defense99 - deceptions]
    [Defense3 - detect waste examination]
    [Defense13 - detection before failure]
    [Defense87 - disable unsafe features]
    [Defense75 - disconnect maintenance access]
    [Defense118 - document and information control procedures]
    [Defense60 - drop boxes and processors]
    [Defense7 - effective mandatory access control]
    [Defense139 - environmental controls]
    [Defense71 - Faraday boxes]
    [Defense21 - fault isolation]
    [Defense6 - feeding false information]
    [Defense138 - filtering devices]
    [Defense93 - fire doors, fire walls, asbestos suits and similar fire-limiting items]
    [Defense92 - fire suppression equipment]
    [Defense65 - increased or enhanced perimeters]
    [Defense102 - independent computer and tool use by auditors]
    [Defense109 - independent control of audit information]
    [Defense90 - infrastructure-wide digging hotlines]
    [Defense116 - inspection of incoming and outgoing materials]
    [Defense89 - integrity checking]
    [Defense130 - internal control principle (GASSP)]
    [Defense79 - inventory control]
    [Defense67 - jamming]
    [Defense85 - limited sharing]
    [Defense59 - lockouts]
    [Defense82 - locks]
    [Defense110 - low building profile]
    [Defense111 - minimize traffic in work areas]
    [Defense107 - minimizing copies of sensitive information]
    [Defense42 - multi-person controls]
    [Defense66 - noise injection]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense22 - out-of-range detection]
    [Defense69 - path diversity]
    [Defense36 - periodic reassessment]
    [Defense134 - periods processing and color changes]
    [Defense15 - physical security]
    [Defense77 - physical switches or shields on equipment and devices]
    [Defense112 - place equipment and supplies out of harms way]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense12 - properly prioritized resource usage]
    [Defense104 - protection of data used in system testing]
    [Defense122 - protection of names of resources]
    [Defense70 - quad-tri-multi-angulation]
    [Defense11 - quotas]
    [Defense16 - redundancy]
    [Defense101 - regular review of protection measures]
    [Defense23 - reintegration]
    [Defense26 - rerouting attacks]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense51 - secure design]
    [Defense80 - secure distribution]
    [Defense81 - secure key management]
    [Defense83 - secure or trusted channels]
    [Defense48 - security marking and/or labeling]
    [Defense4 - sensors]
    [Defense40 - separation of duties]
    [Defense115 - separation of equipment so as to limit damage from local events]
    [Defense41 - separation of function]
    [Defense133 - simplicity principle (GASSP)]
    [Defense27 - standards]
    [Defense103 - standby equipment]
    [Defense1 - strong change control]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense64 - tempest protection]
    [Defense52 - testing]
    [Defense125 - time, location, function, and other similar access limitations]
    [Defense128 - timeliness principle (GASSP)]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense24 - training and awareness]
    [Defense95 - traps]
    [Defense78 - trusted repair teams]
    [Defense97 - trusted system technologies]
    [Defense17 - uninterruptable power supplies and motor generators]
    [Defense113 - universal use of badges]
    [Defense2 - waste data destruction]