Cobb's Guide to PC and LAN Security Part 2 of 3

Chapter

Secure Sites

Defending Sites and Systems

C

obb's Guide to PC & LAN Security, Part 2 of

3

Free

Electronic Edition

,

Creative Commons License

This chapter deals with hardware

-

based site and system access controls, coveringkeys, locks, cards, token

-

based systems, and biometric authentication. Which of thesetechnologies

wdl

be appropriate to your needs depends upon the threats that youface, the value of the assets that you are defendmg, and the resources available forthat defense. The emphasis is on physical devices for controhng access. In the first in

-

stance, these are considered in relation to perimeter or site security, which in practi

-

cal computer-security terms means controlling who is allowed near your systems.Some of the same technology also can be applied to control the use of those sys

-

tems, allowing or preventing system access. For example, you might have to enter afour

-

digit access code to enter your office, then insert an

ID

card into a reader toboot up your personal computer (terms such as

ID

wdl

be defined in a moment).Given the current trend toward system integration in physical security systems, it isconceivable that you would use one card or token to do many things, from enteringthe parking garage in the morning, opening your office door, booting up your

PC

andlogging onto the company network, buying lunch in the company cafeteria, andchecking out of the garage at the end of the day.

Securing the Perimeter

In chapter

4,

I looked at techniques for preventing the theft of computer equipment,

whch

is an important part of what is

calledphysical

security. However, physical se-curity also involves regulating who actually uses your computers. Obviously, the

in-

Secure Sites

21

7

1.

Site access

2.

Office access3. Computer area access

B.

Systemadmin access

Figure

6.1

Diagram of access control.

formation on those computers is going to be a lot more secure if you can control whouses them. The security measures employed to accomplish this vary from the obvi

-

ous and inexpensive to the exotic and expensive. They operate at two levels. First,you need to be able to control who can get near enough to your computers to usethem. Then you need to control what anyone who gets close enough can do whenthey get there (see Figure 6.1).In other words, if you control who can come into the office, you should know all of the potential users. If you further control who can use the computers, you shouldknow who the actual users are. The word

"

should

"

is significant in those last two sen-tences for two reasons. First of all, it is important to recognize that access controlsystems are not 100% effective. Second, the mere fact that you have access controls

in

place

d

act as a major deterrent to computer abuse and misuse.

The basics of access control

Some people credit the Chinese with the first comprehensive access control system.Apparently, around

1000

B.C.,

the Emperor began to require servants at the Imper

-

ial Palace to wear rings engraved with intricate designs that identified areas of thepalace where they were permitted to enter. The premise of site access control re

-

mains the same today. organizations of all sizes use such systems to manage accessto sensitive areas. The three main functions of access control are:

218

Chapter

Six

Allowing access to those who are authorized.Denying access to those who are not authorized.Determining who has used access privileges and when.Consider how the most basic access control system, the locked door and key, han

-

dles these functions. Suppose you are the proprietor of a small business with threeemployees located in a one-room office that has only one door. You give each em-ployee a key to that door, thus authorizing their access to the office. Access to unau

-

thorized persons is denied because they don't have keys. You can determine whenaccess privileges have been used by the fact that people are in the office.Clearly there are a lot of gaps in this site access control system, but it might wellbe entirely adequate for a small organization where there is a high level of trust. Themost obvious gap is that you, as proprietor, will have only limited knowledge of whohas used their access privileges during those times when you are not in the office.The most obvious way to make the system more restrictive is not to give everyone akey. Persons who are not issued a key then will have conditional access, meaningthat they can get

in

only if someone with a key lets them in or lends them a key.The larger the organization and the more complex the space that it occupies, theless reliable the basic locked

-

door-and

-

key system becomes. There are more doors tobe locked and additional levels of authorization beyond the simple

has-key/doesnlt

have

-

key option. Physical key management, which was discussed in chapter

4,

be-comes a serious problem. It gets progressively harder to keep track of who has keysto

whch

locks. Keys can be borrowed, stolen, lost, and copied. The revoking of accessprivileges becomes a very serious problem. For these reasons, many organizationsuse more

sophsticated

systems, based on keys or other technology.

More advanced systems

Various technologies have been applied to address the problems cited earlier. Theseinclude electromagnetic locks, programmable locks, keypads, electronic tokens, andmagnetic stripe cards (see Figure 6.2). Exploring all of these devices in detail is be

-

yond the scope of this text; however, a brief account of each will help you plan fur

-

ther investigations if your responsibilities encompass this field of security now or inthe future (one of the best places to learn more about these systems and stay intouch with the latest developments is

Security

Magazine,

a monthly publication de

-

voted to physical security).All of these technologies provide improved key management, and some allowmore precise control of access privileges (for example, person

X

can enter room

Y,

but not after

6:00

P.

M

.).

Some systems also can track the use of

privileges

(card

nun-

ber 21 was used to enter room

A

at

6:49

A

.M.).

Some even can report attemptedabuse (card number 21 attempted to enter room B after

9

P.M.

on three consecutivenights this week). However, it is important to bear in mind that few access controlsystems actually guarantee the identity of a person using an access privilege. Badgescan be borrowed, and numbers can be shared (see the later section on

biometrics

forways of solving

ths

problem).