copyright, Dr. C.T. Johns on, Capitol College 1 PHYSICAL SECURITY INTRODUCTION Dr. Craig T. Johnson Professor
copyright, Dr. C.T. Johnson, Capitol College
1
PHYSICAL SECURITY
INTRODUCTION
Dr. Craig T. JohnsonProfessor
copyright, Dr. C.T. Johnson, Capitol College
2
Today’s Discussion Topics
• Principles of basic physical security
• Establishing the baseline
• Defining what is security and how to protect assets
• Review the Khobar Towers case study
copyright, Dr. C.T. Johnson, Capitol College
3
TYPES OF SECURITY
• PHYSICAL • PROCEDURAL• PERSONNEL • CONSTRUCTION• TECHNICAL • TRANSPORTATION
• INFORMATION
copyright, Dr. C.T. Johnson, Capitol College
5
BASIC PHYSICAL SECURITY
“That part of security concerned with physical measures designed to safeguard
personnel; to prevent unauthorized access to equipment, installations, material, and documents; and to
safeguard against espionage, sabotage, damage, and theft.”
US Army Field Manual 3-19.30Physical Security
Brought to you by the US Army, the sweetest smelling army in the world!
copyright, Dr. C.T. Johnson, Capitol College
6
BASIC PHYSICAL SECURITY
• Definition: “A means of preventing unauthorized entry of persons into a premises, and the prevention of loss due to all kinds of crime associated with uncontrolled access.”
copyright, Dr. C.T. Johnson, Capitol College
7
TYPES OF SECURITY AREAS
• PRINCIPLES OF SAFEGUARDING
• CRITICAL & RESTRICTED AREAS
• SECURITY- CONTROLLED AREAS
copyright, Dr. C.T. Johnson, Capitol College
8
TYPES OF SECURITY AREAS
(DEFINED) - I• Principles of Safeguarding
– Guarding against force or surreptitious entry
– Protecting material, equipment or information
– Protecting classified areas
– Protecting unclassified areas
copyright, Dr. C.T. Johnson, Capitol College
9
TYPES OF SECURITY AREAS
(Defined) - II• Critical & Restricted Areas
– Degree of Criticality
– Degree of Restricted Area
copyright, Dr. C.T. Johnson, Capitol College
10
TYPES OF SECURITY AREAS
(Defined) - III• Security – Controlled Areas
– Exclusion Areas
– Limited Areas
– Control Areas
copyright, Dr. C.T. Johnson, Capitol College
11
PHYSICAL SECURITY
Terms, History, Risk
IAE-684 “COMPLEMENTARY SECURITY”
copyright, Dr. C.T. Johnson, Capitol College
12
HISTORICAL EXAMPLES
• Vassal states’ walls joined during Qin Dynasty creating “10,000 li (5k km) Great Wall”– Built to hold off Hsiung Nu tribes (Huns)
• Denial and avoidance security– Kept invaders out for 1,000 years
– Eventually overcome from within• http://ce.eng.usf.edu/pharos/wonders/Forgotten/greatwall.html
• http://www.enchantedlearning.com/subjects/greatwall/• http://www.jpl.nasa.gov/radar/sircxsar/gwall.html
copyright, Dr. C.T. Johnson, Capitol College
13
HISTORICAL EXAMPLES
• THE “GREAT WALL OF CHINA”, EMPEROR CHINN OF CHINA BUILT THE “GREAT WALL” TO GUARD AGAINST THE BARBARIANS FROM THE NORTH.
• DENIAL AND AVOIDANCE SECURITY
copyright, Dr. C.T. Johnson, Capitol College
14
HISTORICAL EXAMPLES
• World’s first bank vaults
• Access control & asset protection– Assured ascension of deceased to the gods
• Security modernization project underway– Night vision CCTV cameras
copyright, Dr. C.T. Johnson, Capitol College
15
HISTORICAL EXAMPLES
• Mesa Verde (“green table”) in Colorado, occupied 600-1300 A.D.
• Center of San Juan Anasazi (Pueblo) culture
• Cliff dwellings with ladders for access control– Defense Theory– Internal strife due to drought?
• Difficult access with natural obstacles
• http://www.nps.gov/meve/mvnp/smvf/p50.htm• http://www.nps.gov/meve/index.htm• http://www.abqjournal.com/venue/travel/heritage_mesaverde.htm
copyright, Dr. C.T. Johnson, Capitol College
16
HISTORICAL EXAMPLES• Masada (“fortress”), built by Rome-appointed King Herod
• Captured during Revolt of the Jews– Held 2 years– Last stronghold of Jews
• http://www.mfa.gov.il/mfa/go.asp?MFAH0dp00
• http://faculty.smu.edu/dbinder/masada.html
copyright, Dr. C.T. Johnson, Capitol College
17
HISTORICAL EXAMPLES - cont
• “MASADA” OF ISRAEL; KING HERODS FORTRESS ON THE RED SEA WAS CAPTURED BY JEWISH ZEALOTS AND HELD TWO YEARS AGAINST THREE ROMAN LEGIONS
copyright, Dr. C.T. Johnson, Capitol College
18
What is Risk Management?
The process of selecting and implementing security countermeasures to achieve an acceptable level of
risk at an acceptable cost
copyright, Dr. C.T. Johnson, Capitol College
19
What is Risk?
Risk level is a combination of two factors:Impact of loss -The value placed on an asset by its owner and the consequence of an undesirable event on that asset.
Probability of undesirable event -The likelihood that a specific vulnerability will be exploited by a particular threat.
Risk is the potential for
damage or loss of an asset
copyright, Dr. C.T. Johnson, Capitol College
20
What is an Asset?
The asset may have value to an adversary, as well as to the owner, although the
values may differ.
An asset is anything of value: people information equipment facilities activities/operations
copyright, Dr. C.T. Johnson, Capitol College
21
What is Impact?
Impact is the amount of loss or damage that can be expected, or may be
expected, from a successful attack on an
asset.
copyright, Dr. C.T. Johnson, Capitol College
22
What is Threat?
Threat can also be defined as the intention to undertake actions detrimental to assets
Threat is any indication, circumstance, or event with the potential to cause the loss of
or damage to an asset.
copyright, Dr. C.T. Johnson, Capitol College
23
What is an Adversary?
Intelligence services, extremists, terrorists, criminals, and private interests groups
Any individual, group, organization, or
government that conduces activities,or has the intention and capability to conduce activities detrimental to
valued assets
copyright, Dr. C.T. Johnson, Capitol College
24
Vulnerabilities
Vulnerabilities can result from, but are not limited to, the following:
building characteristics equipment properties personal behavior locations of people, equipment, and buildings operational procedures and personnel practices
Vulnerabilities - Any weakness that can be exploited by an adversary to
gain access to an asset
copyright, Dr. C.T. Johnson, Capitol College
25
RISK“1. Hazard; danger; peril; exposure to loss, injury, or destruction.”
Webster’s 1913 Dictionaryhttp://www.hyperdictionary.com/dictionary/risk
“The potential for realization of unwanted, adverse consequences to human life, health, property, or the environment; estimation of risk is usually based on the expected value of the conditional probability of the event occurring times the consequence of the event given that it has occurred.”
Society for Risk Analysishttp://www.sra.org/gloss3.htm#RThe probability of loss
Factor of threat and vulnerability (Risk=Threat x Vulnerability)
copyright, Dr. C.T. Johnson, Capitol College
26
RISK ANALYSIS
• Risk analysis must be a constant, comprehensive, integrated function of the security organization
“A detailed examination including risk assessment, risk evaluation, and risk management alternatives, performed to understand the nature of unwanted, negative consequences to human life, health, property, or the environment; an analytical process to provide information regarding undesirable events; the process of quantification of the probabilities and expected consequences for identified risks.”
Society for Risk Analysis
http://www.sra.org/gloss3.htm#R
copyright, Dr. C.T. Johnson, Capitol College
27
RISK ANALYSIS
WILL LOSS OCCUR?WEAKNESS IN PERSONNELPROCEDURES OF PHYSICAL
PLANT
PERPETRATER
RISKGAIN
copyright, Dr. C.T. Johnson, Capitol College
28
RISK vs. GAIN EQUATION• The rational human threat can
be deterred by countermeasures or a lack of vulnerability
• Personal risk for the bad guy– Capture Physical harm
Low risk + High gain
low hanging fruit
High risk + High or low gain
go next door
copyright, Dr. C.T. Johnson, Capitol College
29
RISK MANAGEMENT
Four basic steps:
1.Asset identification2.Threat/Vulnerability Assessment3.Risk Analysis4.Countermeasure evaluation/implementation
The process is iterative!
copyright, Dr. C.T. Johnson, Capitol College
30
Risk Management at a Glance
AssessAssets
1
AssessThreats
2
AssessVulnerabilities
3
AssessRisks
4Determine
CountermeasureOptions
5
Make RMDecisions
Benefits Analysis
Cost Analysis
Monitor
ImplementT & E
copyright, Dr. C.T. Johnson, Capitol College
31
Relationship of Risk Management Practices to Achieving Benefits
Critical Success Factors1. Senior management support & involvement 2. Focal points3. Define procedures4. Experts involved
Process1. Identify & rank critical assets and operations & estimate potential damage of loss2. Identify threats & likelihood of threats materializing3. Identify exploitable vulnerabilities4. Determine Risk5. Identify cost effective mitigating countermeasures6. Obtain risk management decisions7. Develop/Implement action plans8. Test/Evaluate countermeasures9. Monitor changes in risk factors/repeat process
Tools1. Tables/Matrices2. Questionnaires3. Standard formats4. Software to facilitate documentation and analysis5. Lists of threats, controls, vulnerabilities
Benefits1. Assurance that the greatest risks have been identified and addressed2. Increased understanding of risks3. Mechanism for reaching consensus4. Support for needed controls5. Means for communicating results
5. Units responsible6. Assessment scope limited 7. Document & maintain results
copyright, Dr. C.T. Johnson, Capitol College
32
Critical Success Factors
1. Senior management support & involvement 2. Focal points3. Define procedures 4. Experts involved 5. Units responsible6. Assessment scope limited 7. Document & maintain results
copyright, Dr. C.T. Johnson, Capitol College
33
Process1. Identify & rank critical assets and operations & estimate potential damage of loss2. Identify threats & likelihood of threats materializing3. Identify exploitable vulnerabilities4. Determine Risk5. Identify cost effective mitigating countermeasures6. Obtain risk management decisions7. Develop/Implement action plans8. Test/Evaluate countermeasures9. Monitor changes in risk factors/repeat process
copyright, Dr. C.T. Johnson, Capitol College
34
Tools1. Tables/Matrices2. Questionnaires3. Standard formats4. Software to facilitate documentation and analysis5. Lists of threats, controls, vulnerabilities
copyright, Dr. C.T. Johnson, Capitol College
35
Benefits1. Assurance that the greatest risks havebeen identified and addressed2. Increased understanding of risks3. Mechanism for reaching consensus4. Support for needed controls5. Means for communicating results
copyright, Dr. C.T. Johnson, Capitol College
36
THREATDefined
• A force or event that could cause loss– Environmental/natural
•Acts of God (or some higher power)•Weather
– Human•Unintentional (error)•Intentional (penetration, theft, espionage)
copyright, Dr. C.T. Johnson, Capitol College
37
THREAT• Environment can cause as great or
greater loss than humans but are more predictable
• Human threats present the greatest challenge to the security professional– If threat is rational, deterrence is possible
– No countermeasure will deter an irrational human“It is unlikely that measures can be devised
that can eliminate entirely the multitude of diverse dangers that may arise, particularly
when the President is traveling…”Warren Commission Report,
1964
copyright, Dr. C.T. Johnson, Capitol College
38
THREAT (DEFINED)
• AN OUTSIDE FORCE THAT COULD CAUSE A LOSS TO THE ORGANIZATION. THE THREAT CAN BE NATURAL AS IN A HURRICANE OR EARTHQUAKE OR IT MAY BE HUMAN SUCH AS A BURGLAR OR TERRORIST.
copyright, Dr. C.T. Johnson, Capitol College
39
THREAT(DEFINED – II)
• ENVIRONMENTAL THREATS ARE THOSE NATURAL OCCURING EVENTS THAT ARE INHERENT WITH THE GEOGRAPHICAL LOCATION, WEATHER CONDITIONS OR SIMPLY “GOD’S WILL”.
• THESE ENVIRONMENTAL THREATS CAN CAUSE AS GREAT A LOSS AS A HUMAN HOWEVER, THEY ARE MUCH MORE PREDICTABLE.
copyright, Dr. C.T. Johnson, Capitol College
40
THREAT(DEFINED – III)
• HUMAN THREATS PRESENT THE GREATEST CHALLENGE TO THE SECURITY PROFESSIONAL. IF THE HUMAN THREAT IS EXPECTED TO BE A RATIONAL THINKING PERSON THEN THE THREAT CAN BE DETERRED.
• HUMAN IS NOT RATIONAL NO COUNTERMEASURE WILL DETER THE INDIVIDUAL
copyright, Dr. C.T. Johnson, Capitol College
41
BASIC PHYSICAL SECURITYPROTESTORS
MOTHERNATURE
DISGRUNTLEDEMPLOYEE
THEFT
TERRORIST
FIRE
CRIMINALS
copyright, Dr. C.T. Johnson, Capitol College
42
THE THREE “D’S”
Modern Security programs are predicated on a theory of controlling access to valuables by employing countermeasures that will:– DETER– DELAY– DETECT
copyright, Dr. C.T. Johnson, Capitol College
43
THE THREE “D’S”• Deterrence:
– Creating the appearance that the Risk of Entry would be greater than the personal gain.
• Delay:– Slowing access through the use of Physical barriers
• Detection:– The ability of the protector to Detect an attempted or actual entry into a protected area.
copyright, Dr. C.T. Johnson, Capitol College
44
DETERRENCE – IHistorical perspective
• Creating the appearance that the risk of entry would be higher then the possible gain.
• A deterrent does not have to be real to be effective!
copyright, Dr. C.T. Johnson, Capitol College
45
DELAY – II Historical perspective
• Preventing or slowing access through the use of physical barriers.
• Most often used method for security
• Historically, moats, sentry towers & castles were used
• Modern systems call for fences, walls and bollards.
copyright, Dr. C.T. Johnson, Capitol College
46
DETECTION - III• The ability of the protector to detect or sense an attempted or actual entry into the protected area.
• Detection systems do not physical stop the intrusion!
• A response is critical to prevent loss of valuables
Impact or Risk
Threat or Vulnerability
Suggested Scales
Low M edium High CriticalRange 1-3 4-13 14-49 50-100M id-point
2 5 25 71
Low M edium High CriticalRange .01-.24 .25-.49 .50-.74 .75-1.00M id-point
.12 .37 .62 .87
copyright, Dr. C.T. Johnson, Capitol College
48
The Rating by DefinitionI & R .T & .V50-100
14-49
4-13
1-3
.75-1.00
.50-.74
.25-.49
.01-.24With the scales being so big or wide, it would be hard for you to assign a
number to the rating if you did not use the degree of rating like H/C
copyright, Dr. C.T. Johnson, Capitol College
49
The Degrees of Impact
CriticalityDegree
HighMediumLow
H/CHigh
MediumLowHigh
MediumLow
LM/M
L/H
Low is low enoughThe value of low is only three numbers 1-3 for
Impact and Risk
copyright, Dr. C.T. Johnson, Capitol College
50
The Degrees of Threat & Vulnerability
CriticalityDegree
HighMediumLow
H/CHigh
MediumLowHigh
MediumLow
M/LM/M
L/H
HighMediumLow
copyright, Dr. C.T. Johnson, Capitol College
51
Bottom LineWhen using the degrees with the
rating, assignment of numbers becomes much easier. Using this method will allow for repeatable and consistent our assessments. This method also builds creditability with others that must be convince with the analysis
Always obtain consciences on your definitions and ensure you are assigning the the ratings correctly.
copyright, Dr. C.T. Johnson, Capitol College
52
WHERE ARE MY VULNERABILITIES?
How do we define them???
copyright, Dr. C.T. Johnson, Capitol College
53
VULNERABILITY(DEFINED)
“…IS DEFINED AS THE STRENGTH OR WEAKNESS OF DEFENSE.”
copyright, Dr. C.T. Johnson, Capitol College
54
IDENTIFY ADVERSARY THREATS
• Lessons learned from past adversaries
• Determine adversary pathways to your assets
• Use the asymmetrical perspective by view your assets through the eyes of your adversary.
copyright, Dr. C.T. Johnson, Capitol College
55
Security Breaches at the
Los Alamos Lab
Presented byFormer student Mr. Albert Reel
2006
copyright, Dr. C.T. Johnson, Capitol College
56
History of Los Alamos• Los Alamos Lab was created in 1943 in the middle of World War II
• Manhattan Project– Fat Man– Little Boy
• July 16, 1945 First Atomic Bomb was detonated.
copyright, Dr. C.T. Johnson, Capitol College
57
Past Espionage• During World War II there were three known individuals that engaged in Espionage Efforts at the Los Alamos Lab– Klaus Fuchs– Theodore Hall– David Greenglass
copyright, Dr. C.T. Johnson, Capitol College
58
Klaus Fuchs
• German Expatriate and Emigrated to the United Kingdom to escape Nazis
• He worked on Implosion Problems in Los Alamos
• Delivered sketches of Fat Man to the Soviet Union
• Spent 14 Years in Wormwood Scrubbs Prison
copyright, Dr. C.T. Johnson, Capitol College
59
Theodore Hall• Graduated From Harvard at the age of 18
• On vacation walked into the Soviet Embassy to volunteer to work for the Russians
• Never arrested by the FBI• Little is known or what information he gave to Soviet Union
copyright, Dr. C.T. Johnson, Capitol College
60
David Greenglass• US Army enlisted personnel trained as a machinist
• Brother of Ethel Rosenberg• Rosenberg’s recruited David to become part of their espionage ring
• Supplied Soviets with drawings of parts to Fat Boy
copyright, Dr. C.T. Johnson, Capitol College
61
Security Lapses• Wen Ho Lee
– Held Q clearance which granted him access to Top Secret information
– Between 1980 and December 23, 1998– First thought to be spying for the People’s Republic of China
– Charged 59 counts for Mishandling Classified Information
– Release from Jail in 2000
copyright, Dr. C.T. Johnson, Capitol College
62
Security Lapses
• In 2000 FBI investigate missing hard drives
• Drives belonged to the Alamos Nuclear Emergency Research Team
• Found days later behind a copy machine
copyright, Dr. C.T. Johnson, Capitol College
63
Security Lapses • 2004 the Los Alamos Lab was shut down after an inventory showed they were missing two computer disk containing nuclear secrets discovered missing
• Sloppy inventory controls were blamed as the culprit as it was determined that no disks missing
• Following this incident, that Lab instituted a 5 year program to migrate to an environment without the use of computer disks
copyright, Dr. C.T. Johnson, Capitol College
64
Security Lapses• Jessica Lynn Quintana
– During a methamphetamines laboratory drug bust by law enforcement, officials in New Mexico found Top Secret documents from the National Laboratory
– Over 1000 pages of classified documents were discovered
– Suspect removed classified documents, computer hardware from vault type rooms
– In 2006, Quintana plead guilty to knowingly removing documents
copyright, Dr. C.T. Johnson, Capitol College
65
Conclusion• National security breeches such as these can greatly harm the United States
• All aspects of security are important– These systems weren’t “hacked”– Careless errors and gross incompetence reasons for security lapses
• Everyone must be security conscience
copyright, Dr. C.T. Johnson, Capitol College
67
PHYSICAL SECURITY – III(EXECUTION)
CONCENTRIC CIRCLES
copyright, Dr. C.T. Johnson, Capitol College
68
BASIC PHYSICAL SECURITY - THEORY
• ANY COUNTERMEASURE CREATED BY MAN CAN BE DEFEATED
• MULTIPLE LAYERS OF DIFFERENT TYPES OF COUNTERMEASURES ARE THE MOST EFFECTIVE
• NUMBER AND TYPES OF LAYERS ARE FLEXIBLE ACCORDING TO THREAT TO THE VALUABLES
• A GOOD “RISK ASSESSMENT” IS CRITICAL
copyright, Dr. C.T. Johnson, Capitol College
69
BASIC PRINCIPLESTYPES OF “LAYERS”
• THE “RINGS” OR “LAYERS” ARE THE “DEFENSE IN DEPTH” COUNTERMEASURES WITH EACH RING COMPLEMENT THE OTHER
• FOR EXAMPLE, VIBRATION SENSORS ON FENCES OR WALLS WILL DELAY & DETECT
• KNOWLEDGE OF SUCH SENSORS CAN DETER INTRUDERS AND ADD VALUE TO SYSTEM
copyright, Dr. C.T. Johnson, Capitol College
70
HISTORICAL IMPLICATIONS
• PROTECTION WAS FIRST CONSIDERATION FOR ANCIENTS
• WALLS AND BARRIERS MEANT SECURITY & PROTECTION
• SAVEHAVENS AND SECURED AREAS WERE IMPORTANT
• GUARD AGAINST THE EXTERNAL ENEMIES OUTSIDE THE CITIES
copyright, Dr. C.T. Johnson, Capitol College
71
DEPLOYING COUNTER-MEASURES
PASSIVE & ACTIVE SENSORS SECURITY PERSONNEL
copyright, Dr. C.T. Johnson, Capitol College
72
After Countermeasures!To find out the benefit in Risk reduction• Go back to your Vulnerability rating• Look at your new CM’s
• Re-evaluate the Vulnerability • Look at the definitions again• The Rating should be REDUCED
• Mark the new Vulnerability Rating and Value
• Go back, do the math again for that line• Impact x Threat x New Vulnerability Value = New Risk• You should now have a new Risk Value – The NEW Risk Value should be lower
• Convert NEW Risk Value to Linguistic Rating
You should have lowered your Risk for that single event line.
copyright, Dr. C.T. Johnson, Capitol College
73
PHYSICAL SECURITY DEPLOYMENTCONCENTRIC RINGS
Five Rings
ASSETS
copyright, Dr. C.T. Johnson, Capitol College
74
Perimeter Zone
Base Camp
Warfighter Zone
Tactical Zone
Detection ZoneIntelligence Zone
Warning
Detection
Assessment
Delay/Denial
Response
Investigation/Follow-up
C2C2
The Force Protection World Tactical View
copyright, Dr. C.T. Johnson, Capitol College
75
Integrated Commandand Control
Civil/FacilityEngineers
SecurityForce
InvestigativeServices Intelligence
Communi-cations -
ElectronicsMedical Logistics
Force ProtectionSituation Awareness
Command and Control Capability
CounterIntelligence
SourcesSpecialSystems
OrganicSensors
Camera fence
InstallationSecuritySystems
IntelligenceSources
SurveillanceSources
ReconnaissanceSources
Allied/CoalitionHost Country
Sources
“Force ProtectionIntegrated Information
Infrastructure”Functions
Sources
Responses
copyright, Dr. C.T. Johnson, Capitol College
77
What is a Risk Assessment?
Establishes the basis for countermeasurerecommendations
The process of evaluating threat to and vulnerabilities of an asset
to give an expert opinion on the
probability of loss or damage and its impact
I x (.T x .V) = R
copyright, Dr. C.T. Johnson, Capitol College
78
What is a Countermeasure?
Countermeasure costs may be monetary, but also non-monetary (e.g., reduced operational effectiveness, adverse publicity, poor working conditions, political consequences)
* May also affect threat and/or impact
A countermeasure is an action taken or a physical entity principally* used to reduce
or eliminate one or more vulnerabilities.
copyright, Dr. C.T. Johnson, Capitol College
79
What is a Cost-Benefit Analysis?
Part of the Risk Management decision-making process in which the costs and
benefits of each alternative are compared and the most appropriate
alternative is selected Minimize cost Maximize risk reduction
copyright, Dr. C.T. Johnson, Capitol College
81
DEBRIEFING OF KhOBAR TOWERS CASE
STUDY• How might the terrorist acts been mitigated?
• How should responsibility be allocated?
• What’s your recommendation re BG Schwalier?
• Lessons learned that can relate to IT INFOSEC catastrophic events?
copyright, Dr. C.T. Johnson, Capitol College
82
ReferencesHarris, S. (2005). CISSP Exam Guide (3rd ed.), Emeryville, CA: McGraw-Hill/Osborne
Miller, L. & Gregory, P. (2002). CISSP for Dummies, Hoboken, NJ: Wiley Publishing, Inc.
Pfleeger, C., & Pfleeger, S. (2003). Security in Computing (3rd ed.), Upper Saddle River, NJ: Prentice Hall Professional Technical Reference.
Russell, D, & Gangemi, G.T. (1991). Computer Security Basics, Sebastopol, CA: O’Reilly & Associates.
Tung, B. (2006). The Moron's Guide to Kerberos, Version 2.0. Retrieved November 9, 2006 from http://www.isi.edu/~brian/security/kerberos.html
copyright, Dr. C.T. Johnson, Capitol College
83
References • Thomas, Ryan and Cook (May 15, 2007) Guilty Plea in Los Alamos Security Breach abc NEWS http://abcnews.go.com/TheLaw/story?id=3177289
• Associated Press (October 25, 2006) Classified document found in drug raid USA Today http://www.usatoday.com/news/nation/2006-10-24-los-alamos-documents_x.htm
• Associated Press (October 25, 2006) New Details Emerge in Los Alamos Case CBS NEWS http://www.cbsnews.com/stories/2006/10/24/national/main2122004.shtml
copyright, Dr. C.T. Johnson, Capitol College
84
References• www.ietf.org/html.charters/cat-charter.html
• www.nrl.navy.mil/CCS/people/kerberos-faq.html
• www.mit.edu/afs/athena.mit.edu/astaff/project/kerberos/www/papers.html
• “A History of National Security” Los Alamos National Laboratory http://www.lanl.gov/history/index.shtml (March 20, 2008)