Scribd
Upload
152 views

Chapter 4 Physical and Logical Security

1) The document discusses physical and logical access controls. Physical access controls regulate physical access to computing resources, while logical access controls regulate digital access through identification, authentication, authorization, and access. 2) Common physical access controls include locks, alarms, and video surveillance to restrict access to computer equipment. Logical access controls include passwords, biometrics, access control lists, group policies, and account restrictions to manage digital access to systems and data. 3) Both physical and logical controls are important for security. Physical controls prevent unauthorized physical access, while logical controls prevent unauthorized digital access through software and network threats. Together they aim to prevent damage, misuse, theft or loss of information systems and data.

Uploaded by

yonas hussen
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
152 views

Chapter 4 Physical and Logical Security

1) The document discusses physical and logical access controls. Physical access controls regulate physical access to computing resources, while logical access controls regulate digital access through identification, authentication, authorization, and access. 2) Common physical access controls include locks, alarms, and video surveillance to restrict access to computer equipment. Logical access controls include passwords, biometrics, access control lists, group policies, and account restrictions to manage digital access to systems and data. 3) Both physical and logical controls are important for security. Physical controls prevent unauthorized physical access, while logical controls prevent unauthorized digital access through software and network threats. Together they aim to prevent damage, misuse, theft or loss of information systems and data.

Uploaded by

yonas hussen
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

1

Chapter 4

Physical and Logical Security


Access Control
2

 It is a security technique used to regulate who or what


can view or use resources in a computing environment,
or
 The process by which resources or services are granted
or denied on a system.

 There are four standard access control models used to


enforce access control
 Identification, Authentication, Authorization, and
Access
Cont’d………..
3

1. Identification
 The action or process of identifying someone.

 A user accessing a computer system would present


identification, such as a username.

2. Authentication
 The act of confirming the truth of an attribute of a
single piece of data claimed true by a user.
 Checking the user’s credentials to be sure that they
are authentic and not fabricated
Cont’d……..
4

3. Authorization
 Process of granting or denying a user to access a
secure system.

4. Access
 Being able to get to (usually having permission to
use) particular data on a computer.
 Users are granted access
 to only certain services or applications in order to
perform their duties
Cont’d……….
5
Cont’d………..
6

 The methods used to implement access control are


divided into two broad categories;
 Physical access control and

 Logical access control


Physical Access Controls
7

 It is used to regulate who is and is not able to view or


use resources in a computing environment.
 It is also called infrastructure security
 It primarily protects computer equipment
 Prevent unauthorized users from gaining physical
access to equipment to use, steal, or vandalize it.
 It includes computer security, door security, video
surveillance, and physical access logs to ensure that
hardware is secure.
 It is as important as logical security
Cont’d……….
8

 Physical security involves two complementary


requirements
 Prevent damage to physical infrastructure: IS
hardware, physical facility, supporting facilities,
personnel
 Prevent physical infrastructure misuse leading
to misuse/damage of protected information
(e.g., vandalism, theft, copying, unauthorized entry)
Cont’d……….
9

Physical Security Threats


 Physical situations and occurrences that threaten
information systems;
 Natural and Environmental threats (e.g., flood, heat)

 Technical threats (e.g., virus)

 Human-caused threats (e.g., damaging of files)


Cont’d………..
10

 How physical access security can be achieved?


 Enforcement of Policies and Procedures relating to
management and security.
 Place computer equipment in locked rooms and
restrict access to authorized personnel
 Cancellation of access privileges on termination of
employment
 Require proper employee ID

 Constant monitoring of the premises

 Proper execution of procedures for Visitor


Management
Cont’d………..
11

 Use a security alarm system


 Restrict access to secured private telephone and PCs.

 Install locks on PCs.

 Restrict access of off-line programs, data and


equipment
 Locate hardware and other critical system
components away from hazardous materials.
 Install fire and smoke detectors and fire
extinguishers that do not damage computer
equipment
Physical Access Controls
12
Logical Access Controls
13

 Tools used for identification, authentication,


authorization, and accountability in computerized
information systems.
 Protects computer-based data from software-based and
communication-based threats.
 Protection of assets using non-physical means

 Logical access controls;

– Passwords

– Biometric identification

– Compatibility tests
Physical VS Logical
14

Physical Access Logical Access


Controls Controls
Cont’d………
15
Cont’d…………
16

 Objectives of Logical Access Controls;


 Execution of security policies and procedures

 Avoidance of conflict of duties of personnel having


security roles
 Approvals, Authorization and Documentation of
access of new employees
 Cancellation of access of terminated employees
performed in a timely manner
 Periodical Review of user access roles and rights

 Enforcement of access password complexity


parameters in all systems
Cont’d………..
17

 Logical access control includes


 Access control lists,

 Group policies,

 Account restrictions, and

 Passwords
Cont’d……….
18

Access control list (ACL)


 A set of permissions attached to an object.
 Specifies which subjects are allowed to access the
object and
 What operations they can perform on it.

 These lists are most often viewed in relation to files


maintained by operating system.
Cont’d…………
19

Group Policies
 A Microsoft Windows feature that provides centralized
management and configuration of computers and
remote users.
 Group Policy is usually used in enterprise
environments to restrict user actions that may pose a
security risk.
 Group Policy settings are stored in Group Policy

Objects (GPOs)
Cont’d………..
20

Account restrictions
 Time of day restrictions

 Limit when a user can log on to a system


 Can be set through a Group Policy
 Can also be set on individual systems
 Account expiration

 The process of setting a user’s account to expire

 Orphaned accounts are user accounts that remain


active after an employee has left an organization
 Can be controlled using account expiration
Cont’d……….
21

Passwords
 The most common logical access control
 Sometimes referred to as a logical token
 A password should never be written down

 Must be of a sufficient length and complexity so that


an attacker cannot easily guess it
22

The End!

Thank you!

You might also like