xid-37552792_2.pdf - COS30015 and COS80013Security Aug-17...

This preview shows page 1 - 7 out of 26 pages.

The preview shows page 5 - 7 out of 26 pages.
COS30015 and COS80013SecurityAug-171COS80013 Internet SecurityCOS30015 IT SECURITYWeek 2Physical SecuritySlide 2
COS30015 and COS80013SecurityAug-172Slide 3Research material• Textbooks:GoodrichChapter 2• Netcasts:Security Now211, 213, 137, 90, 94, 291Risky Business240, 163. 159, 129, 73, 70, 52, 51IT and Internet Security © J Hamlyn-Harris, Faculty of SET, SwinburneSlide 4LocksPin tumbler locks (easy to pick)Radial locks (computers)Wafer locks (medium security)Combination locks (low security)Electronic locks– mag stripe, RFID, keypad, biometric– easy to change combination– easy to monitorIT and Internet Security © J Hamlyn-Harris, Faculty of SET, Swinburne
COS30015 and COS80013SecurityAug-173Slide 5Access controlLocks require Access Control Policies– who has which key– how are keys issued, returned, disabled– what happens when someone leaves– lost/stolen keys– master keysIT and Internet Security © J Hamlyn-Harris, Faculty of SET, SwinburneSlide 6Lock pickingLocks are a deterrent– Not a security controlPicks – easy to make• Pick-guns• Bump-keys• RakingDrilling out the tumbler• ImpressioningBrute forceIT and Internet Security © J Hamlyn-Harris, Faculty of SET, Swinburne
COS30015 and COS80013SecurityAug-174Picking techniquesTradition picking• RakingBump KeyPick gunDefences:IT and Internet Security © J Hamlyn-Harris, Faculty of SET, SwinburneSlide 7Slide 8Side channel attacksRemove the hingesCut through the doorEnter through the roof (tiles, vents, manhole)Enter through emergency exits, windowsSocial engineering– deliveries– tail-gating– Ask nicely!IT and Internet Security © J Hamlyn-Harris, Faculty of SET, Swinburne
COS30015 and COS80013SecurityAug-175IT and Internet Security © J Hamlyn-Harris, Faculty of SET, SwinburneSlide 9More Access Controls• BarcodesMag stripeSmart cards-hacking-how-easy-is-it-6130SIM cards• RFID– Key fobs (hopping codes)– PassportsSlide 10BiometricsMeasures a human characteristic and compares features of it to those stored in a database.• Requires:– Universal – everyome must have the characteristic.Distinctive – characteristic must be different for everyonePermanent – characteristic must not change with timeCollectable – must be possible to collect featues of characteristic easily. – Low False-positive /false-negative rate– Hard to forgeIT and Internet Security © J Hamlyn-Harris, Faculty of SET, Swinburne
COS30015 and COS80013SecurityAug-176Slide 11Biometrics• SignatureFace, fingerprint, retina, irisVein scanners, handprintsVoice, odour, gaitAll are problematic. Fingerprint probably the best.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 26 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Three
Professor
NoProfessor
Tags

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture