Logo


1. Introduction
  1. Risk Management

  2. Who Are You, and Why Are You Here?

  3. Finding a Solution

2. Problem Definition
  1. What Needs Protecting?

  2. Who is Allowed Where?

3. Methods of Identification
  1. Reliability vs. Cost

  2. Combining Methods to Increase Reliability

  3. Security System Management

4. Access Control
  1. What You Have

  2. What You Know

  3. Who You Are

5. Other Security Systems Elements

  1. Building Design

  2. Piggybacking and Tailgating: Mantraps

  3. Camera Surveillance

  4. Security Guards

  5. Sensors and Alarms

  6. Visitors

6. The Human Element
  1. People: The Weakest Link

  2. People: The Strongest Backup

7. Site Design
  1. Layers

  2. Components

  3. Tactics

8. Controlling Site Access
  1. Entry Control Facility

  2. Zones of an Entry Control Facility

  3. Utilities and Automatition

9. Chosing the Right Solution
  1. Risk Tolerance vs. Cost

  2. Security System Design Considerations

  3. Building Security Design Considerations

Reliability vs. Cost

Methods of identifying people fall into three general categories of increasing reliability — and increasing equipment cost:

  • What you have
  • What you know
  • Who you are

What you have -- Least reliable (can be shared or stolen)

What you have is something you wear or carry — a key, a card, or a small object (a token) that can be worn or attached to a key ring. It can be as “dumb” as an old fashioned metal key or as “smart” as a card having an onboard processor that exchanges information with a reader (a smart card). It can be a card with a magnetic strip of information about you (such as the familiar ATM card); it can be a card or token having a transmitter and/or receiver that communicates with the reader from a short distance (a proximity card or proximity token — Mobil Speedpass® is an example).

What you have is the least reliable form of identification, since there is no guarantee it is being used by the correct person — it can be shared, stolen, or lost and found.

What you know -- More reliable (can’t be stolen, but can be shared or written down)

What you know is a password, code, or procedure for something such as opening a coded lock, verification at a card reader, or keyboard access to a computer. A password/code presents a security dilemma: if it’s easy to remember, it will likely be easy to guess; if it’s hard to remember, it will likely be hard to guess — but it will also likely be written down, reducing its security.

What you know is more reliable than What you have, but passwords and codes can still be shared, and if written down they carry the risk of discovery.

Who you are -- Most reliable (based on something physically unique to you)

Who you are refers to identification by recognition of unique physical characteristics — this is the natural way people identify one another with nearly total certainty. When accomplished (or attempted) by technological means, it’s called biometrics. Biometric scanning techniques have been developed for a number of human features that lend themselves to quantitative scrutiny and analysis:

  • Fingerprint Hand (shape of fingers and thickness of hand)
  • Iris (pattern of colors) Face (relative position of eyes, nose, and mouth)
  • Retina (pattern of blood vessels)
  • Handwriting (dynamics of the pen as it moves)
  • Voice

Biometric devices are generally very reliable, if recognition is achieved — that is, if the device thinks it recognizes you, then it almost certainly is you. The main source of unreliability for biometrics is not incorrect recognition or spoofing by an impostor, but the possibility that a legitimate user may fail to be recognized (“false rejection”).

To receive your Physical Vulnerability Assessment, please submit your payment of $99.00
B E T T E R: Please submit your payment of $999.00 for a complete Physical Vulnerability Assessment or Design covering a single location.
Business Name:
Contact Information:
Email Address:
URL or IP address:
  

Other members of our business group:
Cloud-Security.us | US-scada.com

COPYRIGHT (C) 2000 - 2013 InfoSecPro.com ALL RIGHTS RESERVED