O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Author
Richard Kibbey
Presented by:
Amna Jalil (04)
CDC 8th National Biosafety Symposium,
Atlanta, Georgia, 2004
Overview of the security concepts and the
systems
 Need of security expert
 One’s own organization
 Full or part-time ...
Security is the degree of resistance to, or
protection from, harm. It applies to
any vulnerable and valuable asset,
such a...
Consist of equipment, policies
and procedures that support
each of the elements of security
Clear Zones
Barriers
Lighting
Shrouds
Locks
Electronic Security Systems
Guard forces
30 feet clear zone --- from the protectable
object or facility
Void of
 Trash receptables
 Ashtrays
 dumpsters
 Restrict, deny or channel pedestrian or
vehicular traffic
 Not necessarily impenetrable – increase the
probability to d...
Significant deterrent – potential intruders
Enhances visibility for routine patrols &
general staff
Permanent lightenin...
Activated by Sensors – activate the lights
when penetrated
Can activated by
 Timers
 Manually
◊ Often neglected component
◊ Support deterrence & delay by providing
concealment from chance and direct
surveillance
◊ Pu...
Many shapes and forms
Single hasp lock to very complex systems
Include:
 Standard key lock
 Combination lock
 Cipher...
• Come in three flavors
Access Control Systems
Security Surveillance
Intrusion Detection Systems (IDS)
ACCESS CONTROL SYSTEMS
Devices designed to limit access --- site,
building, room or container
Simple – swipe access syst...
SECURITY SURVEILLANCE
Most common – CCTV
When choosing CCTV
 Resolution power and image quality
 Color or black & whit...
INTRUSION DETECTION SYSTEMS (IDS)
Identify unauthorized entry
Connected to monitoring system – fall into 3
categories
1....
3. Propriety alarm systems – controlled and
monitored within the facility
Response forces
Balance between use of security technology &
properly trained security staff
Elements of security systems are the rings –
around the resource need to be protected
Each ring supported by security eq...
Rings of
Security
Deter
Detect
Assess
Delay
Respond
Deny
Prevention of action through a fear of
unacceptable consequences
Psychological state
Perception of security system – fr...
o Determination and transmission that an event
has occurred
o Use of technology – increases capability
Analysis of an event by a person directly
onsite or via technology
Now-a-days – CCTV systems
Necessary --- determinatio...
Ability of physical or psychological barriers to
restrict movement
Purpose – allow time for an appropriate
response – ma...
Level of reaction required to counter an
intrusion
Response forces
 Unarmed security guards or staff
 Local police
Hi...
Ability to oppose or negate the effects of an
action
Final chance to defeat an adversary
To avoid the Probable threat element (PTE)
Hypothetical Scenario
Four Field members of some terrorist agency
meet in the...
Hypothetical Scenario
March 2003 --- Black Angus restaurant
Atlanta – target selection
 Pre-selection Operations --- 3 locations
• Centers for...
 Identification of weaknesses in security – to
exploit
Find a location with
 Poor lighting
 Weak CCTV system
 Inconsis...
Began from April to June 2003
Observations were recorded and discovered
 New alarm systems at CDC
 High-tech TV system...
Occurred from July to August 2003
Problems were similar to CDC
 Many lights & security structures
 Barriers
 Access c...
August through September 2003
Many weaknesses were found
 Numerous gaps in security
 Doors left open for ventilation
...
◊ From September to December 2003
◊ Found a route of entry – A window – left
unlocked most evenings
◊ Daily operations wer...
Attack was conducted early in January 2004
1 person – at vehicle – half a mile away
3 persons – entered building from w...
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Understanding Security Basics: A Tutorial on Security Concepts and Technology
Próximos SlideShares
Carregando em…5
×

Understanding Security Basics: A Tutorial on Security Concepts and Technology

1.730 visualizações

Publicada em

Understanding Security Basics: A Tutorial on Security Concepts and Technology

Publicada em: Educação
  • Entre para ver os comentários

Understanding Security Basics: A Tutorial on Security Concepts and Technology

  1. 1. Author Richard Kibbey Presented by: Amna Jalil (04)
  2. 2. CDC 8th National Biosafety Symposium, Atlanta, Georgia, 2004
  3. 3. Overview of the security concepts and the systems  Need of security expert  One’s own organization  Full or part-time contractor
  4. 4. Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, community, nation, or organization (Biosafety labs)
  5. 5. Consist of equipment, policies and procedures that support each of the elements of security
  6. 6. Clear Zones Barriers Lighting Shrouds Locks Electronic Security Systems Guard forces
  7. 7. 30 feet clear zone --- from the protectable object or facility Void of  Trash receptables  Ashtrays  dumpsters
  8. 8.  Restrict, deny or channel pedestrian or vehicular traffic  Not necessarily impenetrable – increase the probability to detect people & vehicles – trying to get illegal access
  9. 9. Significant deterrent – potential intruders Enhances visibility for routine patrols & general staff Permanent lightening – adequate illumination to  Entry points  Pathways  Parking lots
  10. 10. Activated by Sensors – activate the lights when penetrated Can activated by  Timers  Manually
  11. 11. ◊ Often neglected component ◊ Support deterrence & delay by providing concealment from chance and direct surveillance ◊ Purpose – limit visibility from unauthorized sources ◊ Simple – darkened windows, curtains ◊ Complex – walls, coverings even shrubbery
  12. 12. Many shapes and forms Single hasp lock to very complex systems Include:  Standard key lock  Combination lock  Cipher lock  Card access control systems including swipe card lock and biometric Can be tied in electronic security system
  13. 13. • Come in three flavors Access Control Systems Security Surveillance Intrusion Detection Systems (IDS)
  14. 14. ACCESS CONTROL SYSTEMS Devices designed to limit access --- site, building, room or container Simple – swipe access system Complex -- biometrics
  15. 15. SECURITY SURVEILLANCE Most common – CCTV When choosing CCTV  Resolution power and image quality  Color or black & white  Zoom capability  Transmission mode
  16. 16. INTRUSION DETECTION SYSTEMS (IDS) Identify unauthorized entry Connected to monitoring system – fall into 3 categories 1. Local alarm system – when IDS breached– sounds an alarm for a local security officer 2. 24-hour central station – usually commercially operated – when get alarm, they contact local police
  17. 17. 3. Propriety alarm systems – controlled and monitored within the facility
  18. 18. Response forces Balance between use of security technology & properly trained security staff
  19. 19. Elements of security systems are the rings – around the resource need to be protected Each ring supported by security equipments and procedures – deter, detect or support defeating an adversary by being applied on one or more rings of security
  20. 20. Rings of Security Deter Detect Assess Delay Respond Deny
  21. 21. Prevention of action through a fear of unacceptable consequences Psychological state Perception of security system – from outside look If PTE feels fear – move to other place Let’s keep them away from here
  22. 22. o Determination and transmission that an event has occurred o Use of technology – increases capability
  23. 23. Analysis of an event by a person directly onsite or via technology Now-a-days – CCTV systems Necessary --- determination of the validation of alarm & appropriate response
  24. 24. Ability of physical or psychological barriers to restrict movement Purpose – allow time for an appropriate response – make impossible for intruder to continue
  25. 25. Level of reaction required to counter an intrusion Response forces  Unarmed security guards or staff  Local police High level – dedicated armed forces – nuclear storage areas
  26. 26. Ability to oppose or negate the effects of an action Final chance to defeat an adversary
  27. 27. To avoid the Probable threat element (PTE) Hypothetical Scenario Four Field members of some terrorist agency meet in the Baltimore in December 2002  2 from New york  2 from Fort Worth Their Mission: Steal biological material--- used in bioterror attack on US food supply
  28. 28. Hypothetical Scenario
  29. 29. March 2003 --- Black Angus restaurant Atlanta – target selection  Pre-selection Operations --- 3 locations • Centers for Disease Control and Prevention in AtlantaCDC • U.S. Army Medical Research Institute of Infectious Diseases in MarylandUSAMRIID • Plum Island Animal Disease Center in Long Island, New YorkPlum Island
  30. 30.  Identification of weaknesses in security – to exploit Find a location with  Poor lighting  Weak CCTV system  Inconsistent access control system
  31. 31. Began from April to June 2003 Observations were recorded and discovered  New alarm systems at CDC  High-tech TV systems– throughout complex  Barriers – movement hindrance Assessment Security components – hindered proposed operation
  32. 32. Occurred from July to August 2003 Problems were similar to CDC  Many lights & security structures  Barriers  Access control procedures Assessment Location was too difficult
  33. 33. August through September 2003 Many weaknesses were found  Numerous gaps in security  Doors left open for ventilation  Some windows left open overnight  Alarms and door sensors not operational  Poor lighting  Inadequate and broken CCTV Assessment Plum Island was selected as target
  34. 34. ◊ From September to December 2003 ◊ Found a route of entry – A window – left unlocked most evenings ◊ Daily operations were observer and target selection was made
  35. 35. Attack was conducted early in January 2004 1 person – at vehicle – half a mile away 3 persons – entered building from window Gained access – cutting hole in drywall Took several vials of hoof and mouth virus and exited Whole operation took 70 minutes

×