Physical Security: Historical perspectives and operations

copyright, Dr. C.T. Johnson, Capitol College

1

PHYSICAL SECURITY

INTRODUCTION

Dr. Craig T. JohnsonProfessor


2

Today’s Discussion Topics

• Principles of basic physical security

• Establishing the baseline

• Defining what is security and how to protect assets

• Review the Khobar Towers case study


3

TYPES OF SECURITY

• PHYSICAL • PROCEDURAL• PERSONNEL • CONSTRUCTION• TECHNICAL • TRANSPORTATION

• INFORMATION


4

OUR FOCUS WILL BE…

PHYSICAL SECURITY


5

BASIC PHYSICAL SECURITY

“That part of security concerned with physical measures designed to safeguard

personnel; to prevent unauthorized access to equipment, installations, material, and documents; and to

safeguard against espionage, sabotage, damage, and theft.”

US Army Field Manual 3-19.30Physical Security

Brought to you by the US Army, the sweetest smelling army in the world!


6

BASIC PHYSICAL SECURITY

• Definition: “A means of preventing unauthorized entry of persons into a premises, and the prevention of loss due to all kinds of crime associated with uncontrolled access.”


7

TYPES OF SECURITY AREAS

• PRINCIPLES OF SAFEGUARDING

• CRITICAL & RESTRICTED AREAS

• SECURITY- CONTROLLED AREAS


8


(DEFINED) - I• Principles of Safeguarding

– Guarding against force or surreptitious entry

– Protecting material, equipment or information

– Protecting classified areas

– Protecting unclassified areas


9


(Defined) - II• Critical & Restricted Areas

– Degree of Criticality

– Degree of Restricted Area


10


(Defined) - III• Security – Controlled Areas

– Exclusion Areas

– Limited Areas

– Control Areas


11

PHYSICAL SECURITY

Terms, History, Risk

IAE-684 “COMPLEMENTARY SECURITY”


12

HISTORICAL EXAMPLES

• Vassal states’ walls joined during Qin Dynasty creating “10,000 li (5k km) Great Wall”– Built to hold off Hsiung Nu tribes (Huns)

• Denial and avoidance security– Kept invaders out for 1,000 years

– Eventually overcome from within• http://ce.eng.usf.edu/pharos/wonders/Forgotten/greatwall.html

• http://www.enchantedlearning.com/subjects/greatwall/• http://www.jpl.nasa.gov/radar/sircxsar/gwall.html


13

HISTORICAL EXAMPLES

• THE “GREAT WALL OF CHINA”, EMPEROR CHINN OF CHINA BUILT THE “GREAT WALL” TO GUARD AGAINST THE BARBARIANS FROM THE NORTH.

• DENIAL AND AVOIDANCE SECURITY


14

HISTORICAL EXAMPLES

• World’s first bank vaults

• Access control & asset protection– Assured ascension of deceased to the gods

• Security modernization project underway– Night vision CCTV cameras

http://www.culturefocus.com/pyramids-7.htm


15

HISTORICAL EXAMPLES

• Mesa Verde (“green table”) in Colorado, occupied 600-1300 A.D.

• Center of San Juan Anasazi (Pueblo) culture

• Cliff dwellings with ladders for access control– Defense Theory– Internal strife due to drought?

• Difficult access with natural obstacles

• http://www.nps.gov/meve/mvnp/smvf/p50.htm• http://www.nps.gov/meve/index.htm• http://www.abqjournal.com/venue/travel/heritage_mesaverde.htm


16

HISTORICAL EXAMPLES• Masada (“fortress”), built by Rome-appointed King Herod

• Captured during Revolt of the Jews– Held 2 years– Last stronghold of Jews

• http://www.mfa.gov.il/mfa/go.asp?MFAH0dp00

• http://faculty.smu.edu/dbinder/masada.html

http://www.mfa.gov.il/mfa/go.asp?MFAH0dp00

http://www.mfa.gov.il/mfa/go.asp?MFAH0dp00


17

HISTORICAL EXAMPLES - cont

• “MASADA” OF ISRAEL; KING HERODS FORTRESS ON THE RED SEA WAS CAPTURED BY JEWISH ZEALOTS AND HELD TWO YEARS AGAINST THREE ROMAN LEGIONS


18

What is Risk Management?

The process of selecting and implementing security countermeasures to achieve an acceptable level of

risk at an acceptable cost


19

What is Risk?

Risk level is a combination of two factors:Impact of loss -The value placed on an asset by its owner and the consequence of an undesirable event on that asset.

Probability of undesirable event -The likelihood that a specific vulnerability will be exploited by a particular threat.

Risk is the potential for

damage or loss of an asset


20

What is an Asset?

The asset may have value to an adversary, as well as to the owner, although the

values may differ.

An asset is anything of value: people information equipment facilities activities/operations


21

What is Impact?

Impact is the amount of loss or damage that can be expected, or may be

expected, from a successful attack on an

asset.


22

What is Threat?

Threat can also be defined as the intention to undertake actions detrimental to assets

Threat is any indication, circumstance, or event with the potential to cause the loss of

or damage to an asset.


23

What is an Adversary?

Intelligence services, extremists, terrorists, criminals, and private interests groups

Any individual, group, organization, or

government that conduces activities,or has the intention and capability to conduce activities detrimental to

valued assets


24

Vulnerabilities

Vulnerabilities can result from, but are not limited to, the following:

building characteristics equipment properties personal behavior locations of people, equipment, and buildings operational procedures and personnel practices

Vulnerabilities - Any weakness that can be exploited by an adversary to

gain access to an asset


25

RISK“1. Hazard; danger; peril; exposure to loss, injury, or destruction.”

Webster’s 1913 Dictionaryhttp://www.hyperdictionary.com/dictionary/risk

“The potential for realization of unwanted, adverse consequences to human life, health, property, or the environment; estimation of risk is usually based on the expected value of the conditional probability of the event occurring times the consequence of the event given that it has occurred.”

Society for Risk Analysishttp://www.sra.org/gloss3.htm#RThe probability of loss

Factor of threat and vulnerability (Risk=Threat x Vulnerability)


26

RISK ANALYSIS

• Risk analysis must be a constant, comprehensive, integrated function of the security organization

“A detailed examination including risk assessment, risk evaluation, and risk management alternatives, performed to understand the nature of unwanted, negative consequences to human life, health, property, or the environment; an analytical process to provide information regarding undesirable events; the process of quantification of the probabilities and expected consequences for identified risks.”

Society for Risk Analysis

http://www.sra.org/gloss3.htm#R


27

RISK ANALYSIS

WILL LOSS OCCUR?WEAKNESS IN PERSONNELPROCEDURES OF PHYSICAL

PLANT

PERPETRATER

RISKGAIN


28

RISK vs. GAIN EQUATION• The rational human threat can

be deterred by countermeasures or a lack of vulnerability

• Personal risk for the bad guy– Capture Physical harm

Low risk + High gain

low hanging fruit

High risk + High or low gain

go next door


29

RISK MANAGEMENT

Four basic steps:

1.Asset identification2.Threat/Vulnerability Assessment3.Risk Analysis4.Countermeasure evaluation/implementation

The process is iterative!


30

Risk Management at a Glance

AssessAssets

1

AssessThreats

2

AssessVulnerabilities

3

AssessRisks

4Determine

CountermeasureOptions

5

Make RMDecisions

Benefits Analysis

Cost Analysis

Monitor

ImplementT & E


31

Relationship of Risk Management Practices to Achieving Benefits

Critical Success Factors1. Senior management support & involvement 2. Focal points3. Define procedures4. Experts involved

Process1. Identify & rank critical assets and operations & estimate potential damage of loss2. Identify threats & likelihood of threats materializing3. Identify exploitable vulnerabilities4. Determine Risk5. Identify cost effective mitigating countermeasures6. Obtain risk management decisions7. Develop/Implement action plans8. Test/Evaluate countermeasures9. Monitor changes in risk factors/repeat process

Tools1. Tables/Matrices2. Questionnaires3. Standard formats4. Software to facilitate documentation and analysis5. Lists of threats, controls, vulnerabilities

Benefits1. Assurance that the greatest risks have been identified and addressed2. Increased understanding of risks3. Mechanism for reaching consensus4. Support for needed controls5. Means for communicating results

5. Units responsible6. Assessment scope limited 7. Document & maintain results


32

Critical Success Factors

1. Senior management support & involvement 2. Focal points3. Define procedures 4. Experts involved 5. Units responsible6. Assessment scope limited 7. Document & maintain results


33

Process1. Identify & rank critical assets and operations & estimate potential damage of loss2. Identify threats & likelihood of threats materializing3. Identify exploitable vulnerabilities4. Determine Risk5. Identify cost effective mitigating countermeasures6. Obtain risk management decisions7. Develop/Implement action plans8. Test/Evaluate countermeasures9. Monitor changes in risk factors/repeat process


34

Tools1. Tables/Matrices2. Questionnaires3. Standard formats4. Software to facilitate documentation and analysis5. Lists of threats, controls, vulnerabilities


35

Benefits1. Assurance that the greatest risks havebeen identified and addressed2. Increased understanding of risks3. Mechanism for reaching consensus4. Support for needed controls5. Means for communicating results


36

THREATDefined

• A force or event that could cause loss– Environmental/natural

•Acts of God (or some higher power)•Weather

– Human•Unintentional (error)•Intentional (penetration, theft, espionage)


37

THREAT• Environment can cause as great or

greater loss than humans but are more predictable

• Human threats present the greatest challenge to the security professional– If threat is rational, deterrence is possible

– No countermeasure will deter an irrational human“It is unlikely that measures can be devised

that can eliminate entirely the multitude of diverse dangers that may arise, particularly

when the President is traveling…”Warren Commission Report,

1964


38

THREAT (DEFINED)

• AN OUTSIDE FORCE THAT COULD CAUSE A LOSS TO THE ORGANIZATION. THE THREAT CAN BE NATURAL AS IN A HURRICANE OR EARTHQUAKE OR IT MAY BE HUMAN SUCH AS A BURGLAR OR TERRORIST.


39

THREAT(DEFINED – II)

• ENVIRONMENTAL THREATS ARE THOSE NATURAL OCCURING EVENTS THAT ARE INHERENT WITH THE GEOGRAPHICAL LOCATION, WEATHER CONDITIONS OR SIMPLY “GOD’S WILL”.

• THESE ENVIRONMENTAL THREATS CAN CAUSE AS GREAT A LOSS AS A HUMAN HOWEVER, THEY ARE MUCH MORE PREDICTABLE.


40

THREAT(DEFINED – III)

• HUMAN THREATS PRESENT THE GREATEST CHALLENGE TO THE SECURITY PROFESSIONAL. IF THE HUMAN THREAT IS EXPECTED TO BE A RATIONAL THINKING PERSON THEN THE THREAT CAN BE DETERRED.

• HUMAN IS NOT RATIONAL NO COUNTERMEASURE WILL DETER THE INDIVIDUAL


41

BASIC PHYSICAL SECURITYPROTESTORS

MOTHERNATURE

DISGRUNTLEDEMPLOYEE

THEFT

TERRORIST

FIRE

CRIMINALS


42

THE THREE “D’S”

Modern Security programs are predicated on a theory of controlling access to valuables by employing countermeasures that will:– DETER– DELAY– DETECT


43

THE THREE “D’S”• Deterrence:

– Creating the appearance that the Risk of Entry would be greater than the personal gain.

• Delay:– Slowing access through the use of Physical barriers

• Detection:– The ability of the protector to Detect an attempted or actual entry into a protected area.


44

DETERRENCE – IHistorical perspective

• Creating the appearance that the risk of entry would be higher then the possible gain.

• A deterrent does not have to be real to be effective!


45

DELAY – II Historical perspective

• Preventing or slowing access through the use of physical barriers.

• Most often used method for security

• Historically, moats, sentry towers & castles were used

• Modern systems call for fences, walls and bollards.


46

DETECTION - III• The ability of the protector to detect or sense an attempted or actual entry into the protected area.

• Detection systems do not physical stop the intrusion!

• A response is critical to prevent loss of valuables

Impact or Risk

Threat or Vulnerability

Suggested Scales

Low M edium High CriticalRange 1-3 4-13 14-49 50-100M id-point

2 5 25 71

Low M edium High CriticalRange .01-.24 .25-.49 .50-.74 .75-1.00M id-point

.12 .37 .62 .87


48

The Rating by DefinitionI & R .T & .V50-100

14-49

4-13

1-3

.75-1.00

.50-.74

.25-.49

.01-.24With the scales being so big or wide, it would be hard for you to assign a

number to the rating if you did not use the degree of rating like H/C


49

The Degrees of Impact

CriticalityDegree

HighMediumLow

H/CHigh

MediumLowHigh

MediumLow

LM/M

L/H

Low is low enoughThe value of low is only three numbers 1-3 for

Impact and Risk


50

The Degrees of Threat & Vulnerability

CriticalityDegree

HighMediumLow

H/CHigh

MediumLowHigh

MediumLow

M/LM/M

L/H

HighMediumLow


51

Bottom LineWhen using the degrees with the

rating, assignment of numbers becomes much easier. Using this method will allow for repeatable and consistent our assessments. This method also builds creditability with others that must be convince with the analysis

Always obtain consciences on your definitions and ensure you are assigning the the ratings correctly.


52

WHERE ARE MY VULNERABILITIES?

How do we define them???


53

VULNERABILITY(DEFINED)

“…IS DEFINED AS THE STRENGTH OR WEAKNESS OF DEFENSE.”


54

IDENTIFY ADVERSARY THREATS

• Lessons learned from past adversaries

• Determine adversary pathways to your assets

• Use the asymmetrical perspective by view your assets through the eyes of your adversary.


55

Security Breaches at the

Los Alamos Lab

Presented byFormer student Mr. Albert Reel

2006


56

History of Los Alamos• Los Alamos Lab was created in 1943 in the middle of World War II

• Manhattan Project– Fat Man– Little Boy

• July 16, 1945 First Atomic Bomb was detonated.


57

Past Espionage• During World War II there were three known individuals that engaged in Espionage Efforts at the Los Alamos Lab– Klaus Fuchs– Theodore Hall– David Greenglass


58

Klaus Fuchs

• German Expatriate and Emigrated to the United Kingdom to escape Nazis

• He worked on Implosion Problems in Los Alamos

• Delivered sketches of Fat Man to the Soviet Union

• Spent 14 Years in Wormwood Scrubbs Prison


59

Theodore Hall• Graduated From Harvard at the age of 18

• On vacation walked into the Soviet Embassy to volunteer to work for the Russians

• Never arrested by the FBI• Little is known or what information he gave to Soviet Union


60

David Greenglass• US Army enlisted personnel trained as a machinist

• Brother of Ethel Rosenberg• Rosenberg’s recruited David to become part of their espionage ring

• Supplied Soviets with drawings of parts to Fat Boy


61

Security Lapses• Wen Ho Lee

– Held Q clearance which granted him access to Top Secret information

– Between 1980 and December 23, 1998– First thought to be spying for the People’s Republic of China

– Charged 59 counts for Mishandling Classified Information

– Release from Jail in 2000


62

Security Lapses

• In 2000 FBI investigate missing hard drives

• Drives belonged to the Alamos Nuclear Emergency Research Team

• Found days later behind a copy machine


63

Security Lapses • 2004 the Los Alamos Lab was shut down after an inventory showed they were missing two computer disk containing nuclear secrets discovered missing

• Sloppy inventory controls were blamed as the culprit as it was determined that no disks missing

• Following this incident, that Lab instituted a 5 year program to migrate to an environment without the use of computer disks


64

Security Lapses• Jessica Lynn Quintana

– During a methamphetamines laboratory drug bust by law enforcement, officials in New Mexico found Top Secret documents from the National Laboratory

– Over 1000 pages of classified documents were discovered

– Suspect removed classified documents, computer hardware from vault type rooms

– In 2006, Quintana plead guilty to knowingly removing documents


65

Conclusion• National security breeches such as these can greatly harm the United States

• All aspects of security are important– These systems weren’t “hacked”– Careless errors and gross incompetence reasons for security lapses

• Everyone must be security conscience


66

PROVOCATIVE QUESTION

How do we stop the threat???


67

PHYSICAL SECURITY – III(EXECUTION)

CONCENTRIC CIRCLES


68

BASIC PHYSICAL SECURITY - THEORY

• ANY COUNTERMEASURE CREATED BY MAN CAN BE DEFEATED

• MULTIPLE LAYERS OF DIFFERENT TYPES OF COUNTERMEASURES ARE THE MOST EFFECTIVE

• NUMBER AND TYPES OF LAYERS ARE FLEXIBLE ACCORDING TO THREAT TO THE VALUABLES

• A GOOD “RISK ASSESSMENT” IS CRITICAL


69

BASIC PRINCIPLESTYPES OF “LAYERS”

• THE “RINGS” OR “LAYERS” ARE THE “DEFENSE IN DEPTH” COUNTERMEASURES WITH EACH RING COMPLEMENT THE OTHER

• FOR EXAMPLE, VIBRATION SENSORS ON FENCES OR WALLS WILL DELAY & DETECT

• KNOWLEDGE OF SUCH SENSORS CAN DETER INTRUDERS AND ADD VALUE TO SYSTEM


70

HISTORICAL IMPLICATIONS

• PROTECTION WAS FIRST CONSIDERATION FOR ANCIENTS

• WALLS AND BARRIERS MEANT SECURITY & PROTECTION

• SAVEHAVENS AND SECURED AREAS WERE IMPORTANT

• GUARD AGAINST THE EXTERNAL ENEMIES OUTSIDE THE CITIES


71

DEPLOYING COUNTER-MEASURES

PASSIVE & ACTIVE SENSORS SECURITY PERSONNEL


72

After Countermeasures!To find out the benefit in Risk reduction• Go back to your Vulnerability rating• Look at your new CM’s

• Re-evaluate the Vulnerability • Look at the definitions again• The Rating should be REDUCED

• Mark the new Vulnerability Rating and Value

• Go back, do the math again for that line• Impact x Threat x New Vulnerability Value = New Risk• You should now have a new Risk Value – The NEW Risk Value should be lower

• Convert NEW Risk Value to Linguistic Rating

You should have lowered your Risk for that single event line.


73

PHYSICAL SECURITY DEPLOYMENTCONCENTRIC RINGS

Five Rings

ASSETS


74

Perimeter Zone

Base Camp

Warfighter Zone

Tactical Zone

Detection ZoneIntelligence Zone

Warning

Detection

Assessment

Delay/Denial

Response

Investigation/Follow-up

C2C2

The Force Protection World Tactical View


75

Integrated Commandand Control

Civil/FacilityEngineers

SecurityForce

InvestigativeServices Intelligence

Communi-cations -

ElectronicsMedical Logistics

Force ProtectionSituation Awareness

Command and Control Capability

CounterIntelligence

SourcesSpecialSystems

OrganicSensors

Camera fence

InstallationSecuritySystems

IntelligenceSources

SurveillanceSources

ReconnaissanceSources

Allied/CoalitionHost Country

Sources

“Force ProtectionIntegrated Information

Infrastructure”Functions

Sources

Responses

A Systems Approach to Security Decision Making

Key Terms & Definitions

Analytical Risk Management


77

What is a Risk Assessment?

Establishes the basis for countermeasurerecommendations

The process of evaluating threat to and vulnerabilities of an asset

to give an expert opinion on the

probability of loss or damage and its impact

I x (.T x .V) = R


78

What is a Countermeasure?

Countermeasure costs may be monetary, but also non-monetary (e.g., reduced operational effectiveness, adverse publicity, poor working conditions, political consequences)

* May also affect threat and/or impact

A countermeasure is an action taken or a physical entity principally* used to reduce

or eliminate one or more vulnerabilities.


79

What is a Cost-Benefit Analysis?

Part of the Risk Management decision-making process in which the costs and

benefits of each alternative are compared and the most appropriate

alternative is selected Minimize cost Maximize risk reduction

Discussion of Key Terms & Definitions

Questions & Comments


81

DEBRIEFING OF KhOBAR TOWERS CASE

STUDY• How might the terrorist acts been mitigated?

• How should responsibility be allocated?

• What’s your recommendation re BG Schwalier?

• Lessons learned that can relate to IT INFOSEC catastrophic events?


82

ReferencesHarris, S. (2005). CISSP Exam Guide (3rd ed.), Emeryville, CA: McGraw-Hill/Osborne

Miller, L. & Gregory, P. (2002). CISSP for Dummies, Hoboken, NJ: Wiley Publishing, Inc.

Pfleeger, C., & Pfleeger, S. (2003). Security in Computing (3rd ed.), Upper Saddle River, NJ: Prentice Hall Professional Technical Reference.

Russell, D, & Gangemi, G.T. (1991). Computer Security Basics, Sebastopol, CA: O’Reilly & Associates.

Tung, B. (2006). The Moron's Guide to Kerberos, Version 2.0. Retrieved November 9, 2006 from http://www.isi.edu/~brian/security/kerberos.html

http://www.isi.edu/~brian/security/kerberos.html

http://www.isi.edu/~brian/security/kerberos.html


83

References • Thomas, Ryan and Cook (May 15, 2007) Guilty Plea in Los Alamos Security Breach abc NEWS http://abcnews.go.com/TheLaw/story?id=3177289

• Associated Press (October 25, 2006) Classified document found in drug raid USA Today http://www.usatoday.com/news/nation/2006-10-24-los-alamos-documents_x.htm

• Associated Press (October 25, 2006) New Details Emerge in Los Alamos Case CBS NEWS http://www.cbsnews.com/stories/2006/10/24/national/main2122004.shtml

http://abcnews.go.com/TheLaw/story?id=3177289

http://www.usatoday.com/news/nation/2006-10-24-los-alamos-documents_x.htm

http://www.usatoday.com/news/nation/2006-10-24-los-alamos-documents_x.htm

http://www.cbsnews.com/stories/2006/10/24/national/main2122004.shtml

http://www.cbsnews.com/stories/2006/10/24/national/main2122004.shtml


84

References• www.ietf.org/html.charters/cat-charter.html

• www.nrl.navy.mil/CCS/people/kerberos-faq.html

• www.mit.edu/afs/athena.mit.edu/astaff/project/kerberos/www/papers.html

• “A History of National Security” Los Alamos National Laboratory http://www.lanl.gov/history/index.shtml (March 20, 2008)

http://www.ietf.org/html.charters/cat-charter.html

http://www.ietf.org/html.charters/cat-charter.html

http://www.nrl.navy.mil/CCS/people/kerberos-faq.html

http://www.nrl.navy.mil/CCS/people/kerberos-faq.html

http://www.mit.edu/afs/athena.mit.edu/astaff/project/kerberos/www/papers.html



http://www.lanl.gov/history/index.shtml

http://www.lanl.gov/history/index.shtml

Physical Security: Historical perspectives and operations

Documents