to applying controls, organizations plan for business continuity in case of a disaster, and they periodically audit their information resources to detect possible threats. You will study these topics in the next section as well.
Physical Controls
Physical controls prevent unauthorized individuals from gaining access to a company’s facili-ties. Common physical controls include walls, doors, fencing, gates, locks, badges, guards, and alarm systems. More sophisticated physical controls include pressure sensors, temperature sensors, and motion detectors. One shortcoming of physical controls is that they can be incon-venient to employees.
Guards deserve special mention because they have very diffi cult jobs, for at least two rea-sons. First, their jobs are boring and repetitive and generally do not pay well. Second, if guards perform their jobs thoroughly, the other employees harass them, particularly if they slow up the process of entering the facility.
Organizations also implement physical security measures that limit computer users to acceptable login times and locations. These controls also limit the number of unsuccessful login attempts, and they require all employees to log off their computers when they leave for the day. In addition, they set the employees’ computers to automatically log off the user after a certain period of disuse.
Access Controls
Access controls restrict unauthorized individuals from using information resources. These controls involve two major functions: authentication and authorization. Authentication con-fi rms the identity of the person requiring access. After the person is authenticated (identicon-fi ed),
4.5
113
SECTION 4.5 Information Security Controls
the next step is authorization. Authorization determines which actions, rights, or privileges the person has, based on his or her verifi ed identity. Let’s examine these functions more closely.
Authentication. To authenticate (identify) authorized personnel, an organization can use one or more of the following methods: something the user is, something the user has, some-thing the user does, and/or somesome-thing the user knows.
Something the user is, also known as biometrics, is an authentication method that exam-ines a person’s innate physical characteristics. Common biometric applications are fi ngerprint scans, palm scans, retina scans, iris recognition, and facial recognition. Of these applications, fi ngerprints, retina scans, and iris recognition provide the most defi nitive identifi cation. The following example shows how powerful biometrics can be for identifi cation purposes.
Example
The Biometric Identifi cation Project of India
India has vast numbers of anonymous poor citizens. To address this problem, the nation insti-tuted its Unique Identifi cation Project, also known as Aadhaar, which means “the foundation”
in several Indian languages. The goal of the Unique Identifi cation Project is to issue identifi -cation numbers linked to the fi ngerprints and iris scans of every single person in India. This process will ultimately encompass some 1.2 billion people who speak more than 300 languages and dialects. The biometrics and the Aadhaar identifi cation number will serve as a verifi able, portable, and unique national ID.
This project seeks to remedy a key problem that relates to poor people. The Indian gov-ernment does not offi cially acknowledge the existence of many poor citizens because these
CORPORATE LAN (INTRANET) Company’s gate Building door
ID System Encryption Access password Authentication Access password Personal ID
Firewall
Denial-of-service protection Intrusion detection system Anti-malware software ID System
(card or biometric)
PC
Smartphone
iPad
Internet PHYSICAL CONTROLS
ACCESS CONTROLS
ACCESS CONTROLS
COMMUNICATIONS CONTROLS Human
guard
Employee or attacker in
office Employee
or attacker
Remote employee or attacker
©fatihhoca / iStockphoto
©Sergey Titov / iStockphoto
FIGURE 4.2 Where defense mechanisms are located.
114 CHAPTER 4 Information Security
individuals do not possess birth certifi cates and other offi cial documentation. Therefore, they cannot access government services to which they are entitled, nor can they open bank accounts. For example, in mid-2012, fewer than half of Indian households had an associated bank account. The rest of households are “unbanked,” meaning they must stash their savings in cash around their homes.
Aadhaar went into operation in September 2010, when offi cials armed with iris scanners, fi ngerprint scanners, digital cameras, and laptops began registering the fi rst few villagers as well as slum dwellers in the country’s capital city, Delhi. The government plans to enter 600 million people into its biometric database by 2014.
Each individual record contains 4–8 megabytes. Consequently, the database will ultimately hold roughly 20 petabytes. A database of this scale is unprecedented, and managing it will be extraordinarily diffi cult. One of the most daunting challenges confronting the project is to ensure that each record in the database is matched to one and only one person. For this process, Aadhaar must check all 10 fi ngerprints and both irises of each person against those of everyone else in the country. Using 10 prints and both irises boosts the accuracy rate to 99 percent. How-ever, in a country the size of India, 99 percent accuracy means that 12 million people could end up with faulty records.
Additionally, Aadhaar faces enormous physical and technical challenges: reaching millions of illiterate Indians who have never seen a computer, persuading them to have their irises scanned, ensuring that their scanned information is accurate, and safeguarding the resulting massive amounts of data. Another problem is that civil libertarians object to the project on privacy grounds.
As an example of the potential impact of this project, consider Kiran, a poor citizen of India.
She thinks she is 32, but she is not sure. She has no birth certifi cate or ID of any kind—no driver’s license, no voting card, nothing at all to document her existence. When she was 24, she left her home in a destitute farming village and ended up in a Delhi slum. She and her children were among the fi rst individuals to have their personal information entered into the Aadhaar system.
The fi rst thing Kiran plans to use her Aadhaar number for is to obtain a city government card that will entitle her to subsidized groceries. “I’ve tried very hard to get one before, but they wouldn’t give it to me because I couldn’t prove I live in Delhi,” she explains. In sum, the Aadhaar project should enable millions of poor Indian citizens to access government services that previously were out of reach to them.
Sources: Compiled from S. Rai, “Why India’s Identity Scheme Is Groundbreaking,” BBC News, June 5, 2012; E. Hannon,
“For India’s Undocumented Citizens, An ID at Last,” NPR.org, March 1, 2012; “World’s Biggest Biometric ID Scheme Forges Ahead,” BBC News India, February 12, 2012; M. Magnier, “India’s Biometric ID Number Plan Divided by Bureaucracy,” Los Angeles Times, January 28, 2012; B. Turbeville, “Cashless Society: India Implements First Biometric ID Program for All of Its 1.2 Billion Residents,” Infowars.com, January 12, 2012; V. Beiser, “Identifi ed,” Wired, September 2011; www.iaadhaar.com, accessed February 29, 2012.
Questions
1. Describe the problems that India is facing in implementing this biometric identifi cation system.
2. Describe the benefi ts that India hopes to gain in implementing the biometric identifi cation system.
3. Describe the benefi ts that the biometric identifi cation system should provide to India’s impoverished citizens.
Something the user has is an authentication mechanism that includes regular identifi cation (ID) cards, smart ID cards, and tokens. Regular ID cards, or dumb cards, typically have the person’s picture and often his or her signature. Smart ID cards have an embedded chip that stores pertinent information about the user. (Smart ID cards used for identifi cation differ from smart cards used in electronic commerce, which you learn about in Chapter 7. Both types of card have embedded chips, but they are used for different purposes.) Tokens have embedded chips and a digital display that presents a login number that the employees use to access the organization’s network. The number changes with each login.
115
SECTION 4.5 Information Security Controls
Something the user does is an authentication mechanism that includes voice and signature recognition. In voice recognition, the user speaks a phrase (e.g., his or her name and depart-ment) that has been previously recorded under controlled conditions. The voice recognition system matches the two voice signals. In signature recognition, the user signs his or her name, and the system matches this signature with one previously recorded under controlled, moni-tored conditions. Signature recognition systems also match the speed and the pressure of the signature.
Something the user knows is an authentication mechanism that includes passwords and passphrases. Passwords present a huge information security problem in all organizations. Most of us have to remember numerous passwords for different online services, and we typically must choose complicated strings of characters to make them harder to guess. Security experts examined the frequency and usage of passwords belonging to 500,000 computer users. They found that each person had an average of 6.5 passwords that he or she used for 25 different online accounts. Unfortunately, as you see in the chapter’s closing case, passwords (even strong passwords) are terribly vulnerable to attack.
All users should use strong passwords, which are diffi cult for hackers to discover. The basic guidelines for creating strong passwords are:
• They should be diffi cult to guess.
• They should be long rather than short.
• They should have uppercase letters, lowercase letters, numbers, and special characters.
• They should not be recognizable words.
• They should not be the name of anything or anyone familiar, such as family names or names of pets.
• They should not be a recognizable string of numbers, such as a Social Security number or a birthday.
Unfortunately, strong passwords are more diffi cult to remember than weak ones. Conse-quently, employees frequently write them down, which defeats their purpose. The ideal solu-tion to this dilemma is to create a strong password that is also easy to remember. To achieve this objective, many people use passphrases.
A passphrase is a series of characters that is longer than a password but is still easy to memo-rize. Examples of passphrases are “maytheforcebewithyoualways” and “goaheadmakemyday.”
A passphrase can serve as a password itself, or it can help you create a strong password. You can turn a passphrase into a strong password in this manner. Starting with the last passphrase above, take the fi rst letter of each word. You will have “gammd.” Then, capitalize every other letter to create “GaMmD”. Finally, add special characters and numbers to create “9GaMmD//*”. You now have a strong password that you can remember.
To identify authorized users more effi ciently and effectively, organizations frequently imple-ment more than one type of authentication, a strategy known as multifactor authentication.
This system is particularly important when users log in from remote locations.
Single-factor authentication, which is notoriously weak, commonly consists simply of a password. Two-factor authentication consists of a password plus one type of biometric identi-fi cation (e.g., a identi-fi ngerprint). Three-factor authentication is any combination of three authen-tication methods. In most cases, the more factors the system utilizes, the more reliable it is.
However, stronger authentication is also more expensive, and, as with strong passwords, it can be irritating to users.
Authorization. After users have been properly authenticated, the rights and privileges they have on the organization’s systems are established in a process called authorization. A privilege is a collection of related computer system operations that a user is authorized to perform. Com-panies typically base authorization policies on the principle of least privilege, which posits that users be granted the privilege for an activity only if there is a justifi able need for them to perform that activity.
116 CHAPTER 4 Information Security