Keamanan Sistem (CS4633)

..:: Information Security Controls :

Pertemuan #8
05/10/2006

Fazmah Arif Yulianto

1
 Types of Inf_Sec Controls

Preventive
Physical
Detective
Technical
(logical) Deterrent
Administrative Corrective
(personnel)
Recovery

2
 Terminologies
Preventive controls attempt to avoid the occurrence of
unwanted events
Detective controls attempt to identify unwanted events
after they have occurred
Deterrent controls are intended to discourage
individuals from intentionally violating information
security policies or procedures
Corrective controls either remedy the circumstances
that allowed the unauthorized activity or return conditions
to what they were before the violation
Recovery controls restore lost computing resources or
capabilities and help the organization recover monetary
losses caused by a security violation

3
 Physical Controls: Preventive
To prevent unauthorized personnel from entering
computing facilities (i.e., locations housing computing
resources, supporting utilities, computer hard copy, and
input data media) and to help protect against natural
disasters.
Examples of these controls include:
Backup files and documentation, backup power
Fences, Security guards, Badge systems.
Double door systems, Locks and keys, Biometric access
controls.
Site selection.
Fire extinguishers etc.

4
 Physical Controls: Detective
Warn protective services personnel that
physical security measures are being
violated.
Examples of these controls include:
Motion detectors.
Smoke and fire detectors.
Closed-circuit television monitors.
Sensors and alarms etc.

5
Some types of Physical Security
Barriers: walls, fences, doors, gates etc.
Q: Who or what is the barrier intended to stop, and for
how long?
Locks: day access locks, after-hours locks,
emergency egress locks
Mechanical / electrical
door control system = authentication + door locking
devices
Lock vs lockpicking
Alarms: primarily for letting us know if control is
functioning properly that is, has it been
breached?
Q: who and what is it supposed to detect, and what is
the intended response? 6
 Physical Security (contd)
Lights and cameras: best suited for assessing a
situation a tool to extend the eyes (and
sometimes ears) of the guard force.
A common misuse of cameras is assuming that they
will detect an intruder
Antitheft, Antitamper, and Inventory Controls
Antitamper devices control access to ensure the
integrity of the protected asset
Antitheft devices and inventory controls are intended
to limit movement to a confined area

7
 Backup Files and Documentation
Backup files should be stored far enough
away from the active data or
documentation to avoid destruction by
the same incident that destroyed the
original.
Backup material should be stored in a
secure location constructed of
noncombustible materials, including two-
hour rated fire walls.
Backups of sensitive information should
have the same level of protection as the
active files of this information
8
 Backup Power
Backup power is necessary to ensure that
computer services are in a constant state
of readiness and to help avoid damage to
equipment if normal power is lost.
For short periods of power loss, backup
power is usually provided by batteries.
In areas susceptible to outages of more
than 1530 min., diesel generators are
usually recommended.
9
 Fire extinguisher
Automatic water sprinkler: beware of the risk of
water damage to computing equipments
Carbon dioxide extinguishing systems were
developed: save for equipments, lethal for
human
Halon extinguisher: usually harmless to
equipment and less dangerous to personnel
than carbon dioxide.
At a concentration of about 10%, Halon extinguishes
fire and can be safely breathed by humans
High cost
10
 Biometric Access Controls
Biometrics used for identification include
fingerprints, handprints, voice patterns,
signature samples, and retinal scans.
Because biometrics cannot be lost, stolen,
or shared, they provide a higher level of
security than badges.
Biometric identification is recommended
for high-security, low-traffic entrance
control.
11
 More on biometrics
Every person has unique
physiological, behavioral,
and morphological
characteristics that can be
examined and quantified.
Biometrics is the use of
these characteristics to
provide positive personal
identification.

12
 Some Biometric Performances
Fingerprint Scan: False rejection rate = 9.4%; False
acceptance rate = 0; Average processing time = 7
seconds
Retinal scan: FRR = 1.5%; FAR = 1.5%; APT = 7
seconds
Palm scan: FRR = 0; FAR = 0.00025%; APT = 2-3
seconds
Hand geometry: FRR = 0.1%; FAR = 0.1%; ATP = 2 to 3
seconds
Facial recognition: ATP = 2 seconds
Voice verification: FRR = 8.2%; FAR = 0.4%; ATP = 2 to
3 seconds
13
14
 A basic role of physical security

to keep unwanted people /

things out,
and to keep insiders honest

15
 Technical Controls: Preventive
To prevent unauthorized personnel or programs
from gaining remote access to computing
resources.
Examples of these controls include:
Access control software.
Antivirus software.
Library control systems.
Passwords.
Smart cards.
Encryption.
Dial-up access control and callback systems. etc.
16
 Technical Controls: Detective
Warn personnel of violations or attempted
violations of preventive technical controls.
Examples of these include:
Audit trails
Intrusion detection expert systems

17
 Access Control Software
To control sharing of data and programs between users.
In many computer systems, access to data and
programs is implemented by access control lists that
designate which users are allowed access.
Access control software provides the ability to control
access to the system by establishing that only registered
users with an authorized log-on ID and password can
gain access to the computer system.
After access to the system has been granted, the next
step is to control access to the data and programs
residing in the system.
The data or program owner can establish rules that
designate who is authorized to use the data or program

18
 Access Controls
One among central issues in security
Specify what users can do, what
resources they can access, and what
operations they can perform on a system
The effectiveness of access control rests
on the proper user authentication and on
the correctness of the authorizations

19
An idealized model

20
 Audit Control
Concern a posteriori analysis of all the
request and activities of users in the
system requires logging
Useful as/to:
Deterrent/pencegah
Find out about possible attempted or actual
violations
Determining possible flaws in the system
Hold users accountable for their actions

21
 Control over access
More security is not necessarily less
access. That is, controlled access does
not equal denied access
Practically all controls fall somewhere in
between providing complete access and
total denial. Thus, it is the level of control
over access not the amount of access
that provides security.

22
 Layered Defense

BREADTH

DEPTH

DETERRENCE
23
 Layered Defense: Breadth
A single type of control rarely
eliminates all vulnerabilities
suppose one decides to control read access
to data by using a log-on password. But the
log-on password does not afford protection if
one sends the data over the Internet. A
different type of control (i.e., encryption)
would therefore provide the additional
coverage needed.

24
 Layered Defense: Depth
To be realistic with security, one must believe in
failure Any given control is not perfect and will
fail, sooner or later.
Adds layers of additional access controls as a
backstop measure.
Example: The password will not stay secret
forever embrace the common dictum,
something you have, something you know, and
something you are. (password, smartcard,
fingerprint)

25
 Layered Defense: Deterrence
Simply putting enough controls in place
that the cost or feasibility of defeating
them without getting caught is more than
the prize is worth.
Examples: surveillance cameras, activity
logging

26
 Password
Passwords are used to verify that the user
of an ID is the owner of the ID.
Fixed passwords that are used for a
defined period of time are often easy for
hackers to compromise
Choosing good passwords?
One-time password:
Time-synchronized type
Challenge type
27
28
Administrative Controls: Preventive
Personnel-oriented techniques for controlling peoples
behavior to ensure the confidentiality, integrity, and
availability of computing data and programs.
Examples of preventive administrative controls include:
Security awareness and technical training.
Separation of duties.
Procedures for recruiting and terminating employees.
Security policies and procedures.
Supervision.
Disaster recovery, contingency, and emergency plans.
User registration for computer access.

29
 Administrative Controls: Detective
To determine how well security policies and
procedures are complied with, to detect fraud,
and to avoid employing persons that represent
an unacceptable security risk.
This type of control includes:
Security reviews and audits.
Performance evaluations.
Required vacations.
Background investigations.
Rotation of duties
30
31
 References
Harold F. Tipton, Types of Information
Security Controls, Information Security
Management Handbook, 5th ed., Harold F.
Tipton & Micki Krause (editor), 2004, pp.
113-135
Ravi S. Sandhu & Pierangela Samarati,
Access Control: Principles and Practice

32