Fri Apr 8 06:49:41 PDT 2016
Management: Physical security: How should physical security be integrated with information protection?
Options:
Option 1: Physical security associated with information and information-related technology is specified and verified by the IP Lead.
Option 2: Location is considered in the placement of information assets and resources.
Option 3: Paths associated with physical attack are analyzed in physical design.
Option 4: Time for paths is analyzed in physical protection analysis.
Option 5: Properties of materials, barriers, and entry and exit processes are analyzed in physical design.
Option 6: Attack graphs are used to analyze physical design.
Option 7: Normal, emergency, forced, and surreptitious entry and exit paths are analyzed in physical design.
Option 8: Emergency situations are analyzed for physical security design.
Option 9: Surveillance systems and sensors are used to detect attacks in time to respond in time to prevent potentially serious negative consequences.
Option 10: Hardening, locking, distance, obstacles, mantraps, and other delay mechanisms are used to slow attacks after detection.
Option 11: Responses are times so as to prevent potentially serious consequences after detection and before the attacker bypasses delays.
Option 12: Times associated with physical and informational analysis are integrated for information protection.
Option 13: Physical analysis includes all modes of movement within the capabilities of the identified threats.
Option 14: Response forces are at levels appropriate to the threat and timing requirements of response.
Option 15: Physical and informational attack graphs, times, responses, and other elements are used in an integrated fashion.
Decision:
Apply ALL techniques applicable based on risk (+ means "or higher", means "or lower").
Risk | Approach | Status |
ALL |
Physical security associated with information and information-related technology is specified and verified by the IP Lead. |
|
Medium+ |
Location is considered in the placement of information assets and resources. |
|
Medium+ |
Paths associated with physical attack are analyzed in physical design. |
|
Medium+ |
Time for paths is analyzed in physical protection analysis. |
|
Medium+ |
Properties of materials, barriers, and entry and exit processes are analyzed in physical design. |
|
Medium+ |
Attack graphs are used to analyze physical design. |
|
Medium+ |
Normal, emergency, forced, and surreptitious entry and exit paths are analyzed in physical design. |
|
Medium+ |
Emergency situations are analyzed for physical security design. |
|
Medium+ |
Surveillance systems and sensors are used to detect attacks in time to respond in time to prevent potentially serious negative consequences. |
|
Medium+ |
Hardening, locking, distance, obstacles, mantraps, and other delay mechanisms are used to slow attacks after detection. |
|
Medium+ |
Responses are times so as to prevent potentially serious consequences after detection and before the attacker bypasses delays. |
|
Medium+ |
Times associated with physical and informational analysis are integrated for information protection. |
|
Medium+ |
Physical analysis includes all modes of movement within the capabilities of the identified threats. |
|
High |
Response forces are at levels appropriate to the threat and timing requirements of response. |
|
High |
Physical and informational attack graphs, times, responses, and other elements are used in an integrated fashion. |
|
The integration of physical security with information security
Basis:
Physical security associated with information and information-related technology is specified and verified by the IP Lead.
Physical security is typically handled by the chief security officer
or other individuals responsible for these issues, however, protection
of content, technology, and systems at the physical level requires
special expertise and is critical to effective protection of the
enterprise. Physical security is also critical for health, safety, and
protection of the environment.
Location is considered in the placement of information assets and resources.
Location is central to physical security issues. Different
locations have different situational characteristics, such as
proximity to natural hazards like earthquakes, tsunamis, volcanos,
hurricanes, floods, lightning strikes, dust, cold, heat, and so
forth. Human hazards are also associated with location, like crime
levels in different neighborhoods, cities, states, nations, and
continents. Even the location inside office spaces leads to higher or
lower profile and susceptibility to attack.
Paths associated with physical attack are analyzed in physical design.
Paths from the initial situation of the attacker to their target
and back to safety have various limitations, like topological limits,
time to penetrate barriers, equipment and skill requirements, and the
number of different ways in and out of areas with and without
detection and response. Paths are altered by diversions and other
active attacks and defenses.
Time for paths is analyzed in physical protection analysis.
Time has long been a central issue in physical protection and is
increasingly becoming a central issue in information
protection. Actions take time, whether in attack or defense, and
physical security has long recognized this in the design and operation
of alarm systems and response regimes. Typically time is measured
against attack graphs.
Properties of materials, barriers, and entry and exit processes are analyzed in physical design.
Properties associated with materials, barriers, and entry and exit
processes have substantial effects on available physical attack
processes, time to penetrate, noise levels, detectability, and so
forth.
Attack graphs are used to analyze physical design.
Attack graphs express the set of sequences of steps in physical
attacks. They are used by attackers and defenders to determine options
for entry and egress (exit) on a step by step basis through the
successive barriers between attacker and target and target and escape
(if planned). Attack graphs are also analyzed for time and equipment
requirements in order to properly stage and time processes.
Normal, emergency, forced, and surreptitious entry and exit paths are analyzed in physical design.
Entry points include normal, emergency, forced, and surreptitious
types and are typically identified with different protective
measures. The entry concern is typically about who goes in, what they
bring with them, if they are allowed, and whether they should be where
they are. Egress (exit) points are similar to entry points except that the
actor is going the other direction and different controls are
required. On exit the concern is generally about who is leaving, if
they should have been there in the first place, what is being removed,
and what was left inside.
Emergency situations are analyzed for physical security design.
Emergency situations lead to different entry and exit processes,
tend to happen at higher rates with higher volume, and are prime
targets for exploitation. This means that the protective process for
emergency situations has to be properly adapted for those processes or
protection will be ineffective during those times. It is often easy to
create an emergency and exploit the altered behaviors.
Surveillance systems and sensors are used to detect attacks in time to respond in time to prevent potentially serious negative consequences.
Surveillance systems include coverage of a range of physical
phenomena including but not limited to audio, visual, temperature,
humidity, proximity, dew point, pressure, air flow, door and window
state, heat, motion, smoke, and chemical presence, absence, and
level. These are connected to alarm systems, centralized or
distributed data collection, analysis, and response capabilities, may
be networked, and operate together with badging and computer-related
identification and authorization systems.
Hardening, locking, distance, obstacles, mantraps, and other delay mechanisms are used to slow attacks after detection.
Hardening of physical structures is widely used to improve protection. Locking systems of many sorts are used in physical
protection. Typically they include keyed, digital, or analog controls
of electrical, mechanical, fluid, or gaseous mechanisms that are
controlled based on time, location, sequence, and situation. They may
have different failsafe features and default settings, may be tamper
evident, and may be redundant in different ways.
Mantraps are sets of access points designed to trap individuals
within them so that if they fail to properly authenticate through the
entire process, they will be unable to leave until forces are able to
respond. They are commonly used in physical security systems to deter
repetitive entry attempts by unauthorized personnel and to catch those
who break part way into or out of a facility.
Responses are times so as to prevent potentially serious consequences after detection and before the attacker bypasses delays.
Response time is a key issue in physical protection. Typically
response times are tuned to mitigation of consequences so that high
consequence events that demand rapid response are located close to
response forces that are present whenever response may be
needed. Response time is degraded by resource consumption and there
are almost no systems designed to have adequate immediate responses to
handle intentional subversion by multiple diversions.
Physical analysis includes all modes of movement within the capabilities of the identified threats.
Analysis should include everything the attackers are capable of
doing. For analytical purposes, this means air, land, sea,
underground, and other approaches as well as times and distances
associated with remotely driven devices, such as rockets, guns, energy
mechanisms, sound mechanisms, and so forth. It also includes
long-term attack methods such as physical alteration of acquisition
and planting of devices in buildings, undersea cables, and so forth.
Response forces are at levels appropriate to the threat and timing requirements of response.
Force on force issues are inherent in any physical security
system. Any defensive force can be overwhelmed by adequate offensive
force and firepower.
Physical and informational attack graphs, times, responses, and other elements are used in an integrated fashion.
Integration of physical and informational attack and defense
mechanisms is necessary in order to understand how attackers and
defender might combine methods. If treated as independent, protection
may either be ineffective o excessive.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved
|