Category: Access Control

Steganography

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze steganography. The discussion also addresses the methods to detect information and possible threats that utilize this method of steganography.

Steganography

It is a method that uses the cryptographic technique to embed secret messages within another message.  The algorithm of steganographic method work by making alterations to the least significant bits of the many bits which make up image files. The changes are minor which does not impact the viewed image.  This method allows communicating parties to hide messages in plain sight. For instance, they might embed a secret message within an illustration on an innocent web page (Abernathy & McMillan, 2016; Stewart, Chapple, & Gibson, 2015). 

The steganographic method is often used to embed secret messages within images or WAV files because these files are often so large that the secret message would be easily missed by even the most observant inspector. This method is used for illegal or questionable activities such as espionage and child pornography. It can also be used for legitimate reasons such adding watermarks to documents to protect intellectual property.  The hidden information is known only to the creator of the file.  If another user later creates an unauthorized copy of the content, the watermark can be used to detect the copy and trace the offending copy back to the source.  The steganographic method is a simple technology to use with free tools openly available on the Internet, such as iSteg tool which requires you specify a text file containing your secret message and an image file that you wish to use to hide the message (Stewart et al., 2015).

Methods for Steganography Detection

Although the message is hidden within an image or WAV files, it can be detected with a comparison between the original file which was used and the file that is suspected with the hidden message.  The hashing algorithm such as MD5, a hash can be created for both files. If the hashes are the same, the file doe does not have a hidden message. However, if the hashes are different, it indicates that the second file has been modified.  The Forensic Analysis technique can retrieve the message.  With respect to the egress monitoring, the organization can periodically capture hashes of internal files which rarely change. For instance, graphics files such as JPEG and GIF files stay the same and do not get changes.  If security experts suspect a malicious insider is embedding additional data within these files and emailing them outside the organization, they can compare the original hashes with the hashes of the files the malicious insider sent out.  If the hashes are different, it indicates the files are different and may contain hidden messages (Stewart et al., 2015).   

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

Stewart, J., Chapple, M., & Gibson, D. (2015). ISC Official Study Guide.  CISSP Security Professional Official Study Guide (7th ed.): Wiley.

Physical Security Consideration

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze the Physical Security consideration when developing and creating an environmental design for a data center, and the reasons for such consideration.  The discussion also analyzes various control access to the data center and the types of access.  The discussion begins with a brief overview of Physical Threats and Physical Security, followed by the Seven Safeguards for Sensitive Computer and Equipment. The discussion also discussed the Internal Security, and the Environmental Physical Security measures.

Physical Threats and Physical Security

The purpose of the physical security is to protect against physical threats (Stewart, Chapple, & Gibson, 2015).  The physical threats include can be either natural-based threats or human-based threats.  In both cases, they must be considered during the design of the data center.  Natural-based threats include flooding, earthquakes, landslides, or volcanoes.  The human-based threats include theft, vandalism, or intentional fire.  Table 1 summarizes a brief list of these physical threats which should be considered during the design of a data center.  Thus, the physical and environmental security should be considered in two domains of security.  The first domain reflects the engineering aspect of the security as well as the management of the security.  The second domain reflects the foundational concepts, investigation and incident management as well as the disaster recovery (Abernathy & McMillan, 2016; Stewart et al., 2015). 

Table 1.  Physical Threats to Data Center Design Consideration.

Thus, the physical security should be the first in a line of defense which should be considered from the selection of the site and the design (Abernathy & McMillan, 2016).  A realistic assessment of the historical natural disaster events of an area should be performed, and cost/benefit analysis must be implemented to determine the most occurring threats and which threats can be addressed and which should be accepted (Abernathy & McMillan, 2016). Moreover, some of these threats are human-based threats such as the explosion and fire whether intentional or accidental, vandalism, and theft.  

All physical security should be based on the “Layered Defense Model” (Abernathy & McMillan, 2016).  The underlying concept of this model is the use of multiple approaches which support each other.  Thus, there is no single point of failure or total dependency on a single physical security concept.  If one tier of defense such as perimeter security fails, another layer will serve as the backup. 

The physical security can be enhanced by applying the following concepts.  The first concept is the Crime Prevention Through Environmental Design (CPTED) which is applied in any building.  This concept addresses the main design of the data center starting from the entrance, landscaping, and interior design.  The purpose of this concept is to create behavioral effects and minimize the crime. There are three main strategies to apply the CPTED during the design of the data center.  The first strategy is the “Natural Access Control,” which applies to the entrance of the building, such as doors, light, fences, and landscaping.  The underlying concept of this first strategy is to minimize the entry points and tight the control over those entry points to develop a “Security Zone” in the building.  The second strategy of the CPTED is “Natural Surveillance,” to maximize the visibility of the data center, and decrease crime.  The third strategy involves the “Natural Territorial Reinforcement” to extend the sense of ownership to the employees by creating a feeling of community in the area.  This strategy is implemented by using walls, fences, landscaping and light design.

The implementation of the strategies of the CPTED and achieving their goals are not always possible, and a security plan must discuss and address these strategies to close any gaps.  Thus, the Physical Security Plan is the second concept in this layered defense model.  The Physical Security Plan should address techniques for issues such as criminal activity deterrents, intruders delay, intruder detection, situation assessment, and intrusion response and disruption. Additional physical security issues include visibility, surrounding area and external entities, accessibility, a construction such as walls, and doors.  The data center should not have any internal compartment such as drop ceiling or partitions as they can be used to gain access and increase the risks.  Separate heating, ventilation and air conditioning (HVAC) for these rooms are highly recommended (Abernathy & McMillan, 2016).

Seven Safeguards for Sensitive Computers and Equipment

With respect to the computers and equipment rooms, the physical access should be controlled to those which contain sensitive servers and critical network gear, by locking these rooms all the time and secured. The design of these rooms which contains sensitive servers and critical networks should consider the following seven safeguards.  The first safeguard is to locate computer and equipment room in the center of the building.  The second safeguard is to make a single access door or point of entry to these computer and equipment rooms. The third safeguard is to avoid the top floor or basement of the building.  The fourth safeguard involves the installation and the frequent test of the fire detection and suppressions systems.  The fifth safeguard involves the installation of raised flooring.  The sixth safeguard is to install separate power supplies for these computer and equipment rooms. The last safeguard involves the use of only solid doors (Abernathy & McMillan, 2016).

Internal Security

While the perimeter security is important, the security within the building is as important, as prescribed in the “Concentric Circle” model.  These security measures affect the interior of the data center, such as doors, door lock types.  There are different types of doors such as vault doors, bullet-resistant door.  With respect to the door lock types, there are various types such as electric locks or cipher locks, and proximity authentication devices which contain Electronic Access Control (EAC). Various types of locks can also be used for protecting cabinets and securing devices such as warded locks, tumbler locks, and combination locks.  Moreover, biometrics can be used to provide the highest level of physical access control and is regarded to be the most expensive to deploy in the data center.  The glass entries are also considered in many facilities and data center in windows, glass doors, and glass walls.  Various types of glass should be considered such as standard glass for a residential area, tempered glass with extra strength, acrylic glass, laminated glass.   With respect to the visitors, there must be a control technique for protection.  Additional physical security measures include the equipment rooms and work areas.  Additional physical security measures should include a restricted work area, media storage facilities, and evidence storage (Abernathy & McMillan, 2016).

Environmental Physical Security

Physical security measures should include environmental security measures to address the availability principle of the CIA triad.  These measures include fire protection, fire detection, fire suppression.  The power supply should be considered in the environmental, physical security measures, including types of outages such as surge, brownout, fault, blackout, and sags.  The environmental, physical security measures should also include preventive measures such as the prevention of static electricity.  HVAC should be considered as part of the environmental, physical security measures as the excessive heating can cause a problem, or humidity can cause corrosion problem with the connections.   The water leakage and flooding should be considered as well (Abernathy & McMillan, 2016). 

In summary, security professionals must consider various techniques for protecting the data center starting from the selecting of the building to the interior security to the environment security.  They consider the CPTED strategies, and the seven safeguards.  The natural access control is a discussion in this discussion, and the security professional must consider these natural control access. 

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

Stewart, J., Chapple, M., & Gibson, D. (2015). ISC Official Study Guide.  CISSP Security Professional Official Study Guide (7th ed.): Wiley.

Biometric Access Control

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze the biometric access control to secure a highly sensitive area of the organization operating environment.  The discussion begins with a brief overview of the Access Control, followed by Biometric Technology, and the Implementation of Biometric System.

Access Control

The Access Control technique whether for the physical asset or logical assets such as sensitive data is to limit and control the access to the authorized users only to access network, system or device.  The Access Control technique involves access type to the network, system or device.  The Access Control is provided to those authorized users through physical and logical controls.  The physical access is to limit access to the physical components such as network, system, or device.  Locks are the most popular physical Access Control technique to prevent access to the data centers including the network devices such as routers, switches and wires, and systems.   Other physical Access Control techniques include guards and biometrics, which should be considered as part of the security measures, based on the assets values, and the need to protect such assets.  The logical Access Control, on the other hand, limits and control the access of the authorized users using software or hardware components.  Examples of the logical Access Control include authentication and encryption.  The implementation of the physical and logical Access Control requires a good comprehension of the requirements, the administration methods of the Access Control, and the assets which will be protected.  Protecting a physical data center is different protecting the data stored in the data center (Abernathy & McMillan, 2016).

Biometric Technology

Biometric technology is physiological or behavioral characteristics.  The physiological characteristics include any unique physical attribute of the user, including iris, retina, and fingerprints.  The behavioral characteristics measure the actions of the user in a situation, including voice patterns, and data entry characteristics.  Biometric technologies as security measures started to be embedded into the operating system such as Apple’s Touch ID technology.  Understanding both physiological and behavioral characteristics must have a priority to ensure the adoption of these technologies for more secure access control.

The physiological characteristics of the Biometric technology employ a biometric scanning device to measure certain information about a physiological characteristic.  The physiological biometric systems include fingerprint, finger scan, hand geometry, hand topography, palm or hand scans, facial scans, retina scans, iris scans, and vascular scans.

The behavioral characteristics of the Biometric technology employ a biometric scanning device to measure the action of the person.  The biometric behavior system includes signature dynamics, keystroke dynamics, and voice pattern or print. 

The security professional must have a good understanding of the following biometric related technology so that they would not struggle during the implementation of such a technology.  These terms include enrollment time, feature extraction, accuracy, throughput rate, acceptability, false rejection rate (FRR), false acceptance rate (FAR), crossover error rate (CER).  Table 1 summarizes each of these terms with a brief description.

Table 1.  Biometric Technology Related Terms.

When using Biometric technology, security professionals often refer to a Zephyr Chart which illustrates the comparative strengths and weaknesses of the biometric system. However, other methods should also be considered to measure the effectiveness of each biometric system, and its level of user acceptance.   Table 2 summarizes popular biometric methods.  The first popular biometric methods ranked by the effectiveness of the most effective method first.  The second popular methods ranked by user acceptance.  As shown in the table, an iris scan is on the top list as an effective method, while voice pattern is at the top of user acceptance method. 

Table 2.  Summary of the Popular Biometric Methods.

Implementation of Biometric System

In accordance to (CSA, 2011), security control must be strategically positioned and conform to acceptable quality standards consistent with prevalent norms and best practices.  Thus, entry points must be secured using Access Control system such as proximity cards/biometric access.  When dealing with Cloud environment, the traditional authentication method for user username and password should not be sufficient.  Organizations and Cloud users must employ strong authentication techniques such as smartcard/PKI, Biometrics, RSA token, and so forth (Sukhai, 2004).  The implementation of Biometric technology provides a more secure layer to access either the physical location where systems, network, and devices are located or to the data which stored in these data centers.  With respect to the user, the user can view it as a convenient method as these biometric methods are part of the bodies which can last as long as the user is authorized to access these facilities and these data.  Since the iris scan seems to be the most effective biometric method, the researcher will employ such a method during the implementation of the Biometric technology.  The iris scan method scans the colored portion of the eye, including all rifts, coronas, and furrows.  It has a higher accuracy than any other biometric scan.

In summary, this discussion discussed and analyzed Biometric Access Control which can be implemented to secure a highly sensitive area of the organization.  The discussion analyzed the Access Control techniques, Biometric Methods, and the Implementation of Biometric Method. The analysis indicates that iris scan is the most effective methods, while voice pattern is ranked at the top of the user acceptance.

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

CSA. (2011). Security guidance for critical areas of focus in cloud computing v2. 1. Cloud Security Alliance, v3.0, 1-76.

Sukhai, N. B. (2004). Access control & biometrics. Paper presented at the Proceedings of the 1st annual conference on Information security curriculum development.

Access Control

Dr. O. Aly
Computer Science

Introduction

The purpose of this discussion it to discuss access control and their three models of DAC, MAC, and RBAC.  The discussion includes the recommendation for each model use and the technique to implement them.

Access Controls

Access controls allow only the authorized users, applications, devices and systems to access the resources of the organization including the information.  Once the vulnerabilities are identified, and the absence or weaknesses of countermeasures are identified, Access Controls are implemented as a countermeasure to these identified vulnerabilities.   Access controls can be implemented to ensure confidentiality by preventing the disclosure of data to unauthorized users.  Access controls can also be used to provide data integrity.  The approach of organizations to information security has a direct impact on the access control strategy.  For instance, organizations can apply the “deny-by-default” strategy instead of “allow-by-default” strategy to enforce much stricter default stance, which denies access by default.  Access controls strategy is also implemented as an additional layer, as the first layer, of a good defense-in-depth security plan (Abernathy & McMillan, 2016).

Access Control Implementation

Access control implementation should be done at every level and area of the information system infrastructure.  However, in the defense-in-depth, more access control is enforced.  Access controls must be included in the security plan to provide confidentiality, integrity, and availability (CIA) for the assets of the organization.  The Access controls are not implemented by the data owner whose role is to deny or approve access rights to the data. The implementation of Access Control strategies is part of the continuous security program life cycle.  As the employees are regarded to be the greatest threat to organizations, access controls must be implemented to protect confidential resources from unauthorized internal access. The process of Access Control involves three main steps; resource identification, users identification, and the relationship between users and resource determination.  It is highly recommended to avoid complexity when implementing Access Control strategy because when it is complex, it becomes hard to implement and manage (Abernathy & McMillan, 2016).

Access Control Techniques

The Access Controls techniques are categorized into seven categories; compensative, corrective, detective, deterrent, directive, preventive, and recovery. While these seven access control categories classify the access controls based on where they fit in time, the types of access control are based on the implementation method.  The types of Access Control involve three types; administrative or management control, logical or technical control, and physical control.  When the defense-in-depth in the organization has a priority, all three types of access control are implemented.   The administrative controls often referred to as “soft controls,” involves the administration of the assets of the organization, and personnel by implementing security policies, procedures, standards, baseline, and guidelines which are established and developed by the management.  Example of these administrative controls includes security awareness training, data classification, and data labeling. The logical or technical controls involves the hardware and software components which are implemented to restrict access.  Example of the logical controls includes firewall, encryption, authentication system, protocols, biometrics, smart cards, password, and so forth.   The physical controls are implemented to protect the facilities and employees of the organization.  Example of the physical controls includes perimeter security, guards, locks, biometrics, cabling, badges, and so forth (Abernathy & McMillan, 2016).

Access Control Models

Organizations can deploy the authorization techniques to control access to systems.  The authorization techniques include various access control models, and access control policies.  The access control model describes the security policy of the organization. Organizations implement access control models to simplify the access control administration by grouping entities which request access to certain objects such as a computer, database, files and so forth. The access control models include eight models including discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC), role-based access control, content-dependent versus context-dependent access control, access control matrix, capabilities table, and access control list.  This discussion is limited to DAC, MAC, and RBAC (Abernathy & McMillan, 2016). 

The DAC model is used in local, and dynamic scenarios, where the owner of an object such as database determines which entities can have access. The access is based on the identity of the entity or users, profile, or role.  The disadvantage of the DAM model is that it can be an administrative burden because the owner grants access privileges to users.  Such a grant must be terminated as soon as the user leaves the organization or the department.  The identity-based access control is categorized as a sub-set of DAC model and is based on the identity of the user or membership of a group. The non-discretionary access control is the opposite of DAC, where access controls are configured by the security administrator or other authority, and the system compares the identity of the user with the access control list of the object (Abernathy & McMillan, 2016).

The MAC is often described as prohibitive because it is based on a security label system.  Labeling is required in MAC because of the importance of security.  When using MAC model, a clearance is a privilege for the users and entities.  The labeling technique is hierarchical.  For commercial organizations, the levels of security labels could be proprietary, confidential, sensitive, and public.  However, for the government or military entities, the level of security labels can be top secret, secret, confidential and unclassified.  When using MAC, the system makes an access decision based on the clearance level comparison with the security label of the object.  MAC is regarded to be more secure than DAC.  However, DAC is more flexible and scalable than MAC (Abernathy & McMillan, 2016).

The RBAC model is used to enforce the minimum privileges for subjects easily, and when one or more role is assigned to each subject.  Access control is defined based on roles which are hierarchical.   The implementation of access control policy for bank tellers, or loan officer is an example of RBAC.  RBAC is not as secure as MAC or DAC because security is based on roles.  RBAC model is commonly used in commercial applications, and its implementation has a much lower cost than the other models of DAC and MAC.  If an organization has a high employee turnover, this model can be a good fit.  There are four approaches for RBAC; non-RBAC, limited-RBAC, hybrid-RBAC, and full-RBAC.  In the non-RBAC sub-model, no roles are used, while in the limited-RBAC, the users are mapped to a single application role.  In the hybrid-RBAC, each user is mapped to a single user accessing multiple systems.  In the full-RBAC, users are mapped to a single role as defined by the security policy, and access to the systems is managed through the organizational roles (Abernathy & McMillan, 2016).

Access Control – Centralized vs. Decentralized approaches

The administration of Access Control can be either centralized or decentralized.  The centralized approach dedicates a central department, or personnel to oversee the access to all resources of the organization.  This approach ensures consistency of the access control application.  However, it can be slow because the central entity must process all access.  The decentralized approach allows the employees who are closest to the resources oversee the access control to these resources.  This approach is good to ensure the access rights to the data they know. However, this approach lacks uniformity and can be hard to implement.  Giving the nature of both approaches, some organization implement a hybrid approach which involves both centralized and decentralized access control, where the centralized access is used for basic access, but granular access to individual assets such as data on a specific server for a department can be handled by the data owner (Abernathy & McMillan, 2016).

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.