|
Physical Information Security
Physical information security is the intersection, the common ground between physical security and information security. It primarily concerns the protection of tangible information-related assets such as computer systems and storage media against physical, real-world threats such as unauthorized physical access, theft, fire and flood. It typically involves physical controls such as protective barriers and locks, uninterruptible power supplies, and shredders. Information security controls in the physical domain complement those in the logical domain (such as encryption), and procedural or administrative controls (such as information security awareness and compliance with policies and laws). Background Asset are inherently valuable and yet vulnerable to a wide variety of threats, both malicious (e.g. theft, arson) and accidental/natural (e.g. lost property, bush fire). If threats materialize and exploit those vulnerabilities causing incidents, there are likely to be adverse im ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Physical Security
Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect persons and property. Overview Physical security systems for protected facilities are generally intended to: * deter potential intruders (e.g. warning signs, security lighting and perimeter markings); * detect intrusions and monitor/record intruders (e.g. intruder alarms and CCTV systems); and * trigger appropriate incident responses (e.g. by security guards and police). It is up to security designers, architects and analysts to balance security controls agains ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Erasure
Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by using zeros and ones to overwrite data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable and achieves data sanitization. Ideally, software designed for data erasure should: #Allow for selection of a specific standard, based on unique needs, and #Verify the overwriting method has been successful and removed data across the entire device. Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to the data disk sectors and make the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data erasure removes all information wh ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Anti-computer Forensics
Anti-computer forensics or counter-forensics are techniques used to obstruct forensic analysis. Definition Anti-forensics has only recently been recognized as a legitimate field of study. Within this field of study, numerous definitions of anti-forensics abound. One of the more widely known and accepted definitions comes from Marc Rogers of Purdue University. Rogers uses a more traditional "crime scene" approach when defining anti-forensics. "Attempts to negatively affect the existence, amount and/or quality of evidence from a crime scene, or make the analysis and examination of evidence difficult or impossible to conduct."Rogers, D. M. (2005). Anti-Forensic Presentation given to Lockheed Martin. San Diego. One of the earliest detailed presentations of anti-forensics, in Phrack Magazine in 2002, defines anti-forensics as "the removal, or hiding, of evidence in an attempt to mitigate the effectiveness of a forensics investigation".The Grugq (2002). Phrack Magazine. A more abbrev ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Physical Security
Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect persons and property. Overview Physical security systems for protected facilities are generally intended to: * deter potential intruders (e.g. warning signs, security lighting and perimeter markings); * detect intrusions and monitor/record intruders (e.g. intruder alarms and CCTV systems); and * trigger appropriate incident responses (e.g. by security guards and police). It is up to security designers, architects and analysts to balance security controls agains ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Paper Shredder
A paper shredder is a mechanical device used to cut sheets of paper into either strips or fine particles. Government organizations, businesses, and private individuals use shredders to destroy private, confidential, or otherwise sensitive documents. Invention The first paper shredder is credited to prolific inventor Abbot Augustus Low, whose patent was filed on February 2, 1909. His invention was however never manufactured because the inventor died prematurely soon after filing the patent. Adolf Ehinger's paper shredder, based on a hand-crank pasta maker, was the first to be manufactured in 1935 in Germany. Supposedly he created a shredding machine to shred his anti-Nazi leaflets to avoid the inquiries of the authorities. Ehinger later marketed and began selling his patented shredders to government agencies and financial institutions converting from hand-crank to electric motor. Ehinger's company, EBA Maschinenfabrik, manufactured the first cross-cut paper shredders in 1959 and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Preventive Maintenance
The technical meaning of maintenance involves functional checks, servicing, repairing or replacing of necessary devices, equipment, machinery, building infrastructure, and supporting utilities in industrial, business, and residential installations. Over time, this has come to include multiple wordings that describe various cost-effective practices to keep equipment operational; these activities occur either before or after a failure. Definitions Maintenance functions can defined as maintenance, repair and overhaul (MRO), and MRO is also used for maintenance, repair and operations. Over time, the terminology of maintenance and MRO has begun to become standardized. The United States Department of Defense uses the following definitions:Federal Standard 1037C and from MIL-STD-188 and from the Department of Defense Dictionary of Military and Associated Terms * Any activity—such as tests, measurements, replacements, adjustments, and repairs—intended to retain or restore a func ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Password Manager
A password manager is a computer program that allows users to store and manage their passwords for local applications and online services. In many cases software used to manage passwords allow also generate strong passwords and fill forms. Password manager can be delivered as a one of or mixed of: computer application, mobile application, web browser extension, web based service, portable software for USB units. A password manager assists in generating and retrieving complex passwords, storing such passwords in an encrypted database, or calculating them on demand. Depending on the type of password manager used and on the functionality offered by its developers, the encrypted database is either stored locally on the user's device or stored remotely through an online cloud storage. Password managers typically require a user to generate and remember one "master" password to unlock and access information stored in their databases. Modern password managers increase security usi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bank Vault
A bank vault is a secure space where money, valuables, records, and documents are stored. It is intended to protect their contents from theft, unauthorized use, fire, natural disasters, and other threats, much like a safe. Unlike safes, vaults are an integral part of the building within which they are built, using armored walls and a tightly fashioned door closed with a complex lock. Historically, strongrooms were built in the basements of banks where the ceilings were vaulted, hence the name. Modern bank vaults typically contain many safe deposit boxes, as well as places for teller cash drawers and other valuable assets of the bank or its customers. They are also common in other buildings where valuables are kept such as post offices, grand hotels, rare book libraries and certain government ministries. Vault technology developed in a type of arms race with bank robbers. As burglars came up with new ways to break into vaults, vault makers found new ways to foil them. Modern vau ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Safes
A safe (also called a strongbox or coffer) is a secure lockable box used for securing valuable objects against theft or fire. A safe is usually a hollow cuboid or cylinder, with one face being removable or hinged to form a door. The body and door may be cast from metal (such as steel) or formed out of plastic through blow molding. Bank teller safes typically are secured to the counter, have a slit opening for dropping valuables into the safe without opening it, and a time-delay combination lock to foil thieves. One significant distinction between types of safes is whether the safe is secured to a wall or structure or if it can be moved around. A less secure version (only suitable for petty cash) is usually called a cash-box. History The first known safe dates back to the 13th century BC and was found in the tomb of Pharaoh Ramesses II. It was made of wood and consisted of a locking system resembling the modern pin tumbler lock. In the 16th century, blacksmiths in south ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Encrypted
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is possible to decrypt the message without possessing the key but, for a well-designed encryption scheme, considerable computational resources and skills are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorized users. Historically, various forms of encryption have been used to aid in cryptography. Early encryption techniques were often used in military ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Security
Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves: * identifying inform ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Leakage
Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. In other words: Information leakage occurs when secret information correlates with, or can be correlated with, observable information. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack encryption codes could see when messages are transmitted, even if he could not read them. Risk vectors A modern example of information leakage is the leakage of secret information via data compression, by using variations in data compression ratio to reveal correlations between known (or deliberately injected) plaintext and secret data combined in a single compressed stream. Another example is the key leakage that can occur when using some public-key systems when cryptographic nonce values used in signing operations are insufficiently random. Bad randomness cannot protect proper ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
