Enhancing The Physical Security Of Computing Devices
Importance of Physical Security for Computing Devices
Discuss about the Cyberphysical Security in Networked Control.
In the past few years, the security in the computing devices has been increased from the traditional protection of material assets, from physical damage such as fire, water or theft. There have been several instances, which has increased the necessity for improving the physical security of computing system. In computing system, physical security refers to the barrier placed on the computing system, which prevents unauthorized access to the data and the information. The security system also comprises the logical security, which refers to the logical algorithms and software, which prevents unauthorized access to the data (Stolfo et al., 2008). In environmental security, the computing system is protected by different approaches such as guards, cameras and access policies (Kumar, Singh & Jayanthi, 2016).
The physical security of the computing devices has also become important as the computing system is moving out of the environmentally secure places into public places. Furthermore, the motivation to attack the computing system is increasing as the reward for attacking the system is also increasing. In this regard, the following research paper evaluates various security devices, which are used to enhance the security of the computing system. This can be achieved by keeping all the computing devices updated. This involves using anti-virus software as this software gives the ability to have automatic updates. All the devices should be legally authorized so that files can be downloaded from secure links. It is important to install malware protection on the devices so that security is maintained. The user activity of all the devices is recorded so that there are little chances of leakage of data. The sensitive data is kept away from all the wireless sniffing.
The research carried out in the project focuses on monitoring the safety approaches used in protecting the computing system. In the present research paper, the primary research question is what are the different aspects of security in the design of the computing system?
The safety and security professionals have to give attention to the specifications of the computer system requirements and the different security measures needed for the system. The security professionals have to give importance to the system design and development of software system for the safety demonstration. There are several methods of document requirement, design and implementation, which can be used to establish the safety standards of the computing system.
Methods of Improving Physical Security
The safety standards encompass the content and the guidelines for maintaining the safety of the computing devices. The cybersecurity standards are developed to protect the cyber security environment of the organization. It set the security standards in the form of published materials which can be used to uplift the safety of the cyber environment. The safety equipment includes the network devices, software, processes abs the services, which protect the cyber environment of the user. The environment includes networks, software, processes, information in storage and transit (Griffor, 2016).
According to (Gregory, Lemmon, Veitenheimer, Jacobs & Ainsworth, 2015), it is important to follow safety measures in computing device to keep the security tight. It is suggested that devices should be kept patched as unpatched devices can give rise to vulnerabilities in the machine that can future exploit the machine. There are various software’s that are available to keep the devices protective, thus it is recommended to ensure safety of devices updated software must be used. They scan the devices and remove the virus from the devices automatically. They also check the devices regularly so that viruses do not penetrate in the system. To make sure that devices are secure, backups are necessary to protect the devices from all the unexpected condition (Monte, 2015). Backup plans are scheduled on regular basis so that devices and information could be retrieved at time of failure. To make sure that devices are secured a proper access control should be granted. The security of devices is important thus to make sure it is secure authorized access control is designed. So, that only valid users can access the devices and there are no chances of security breach. It is also suggested that the connection shod also be secured through which devices are connected. The files should be transferred from one device to another by secure file transfer options only (Firerescue, 2017). There are various firewalls options available to protect all the files as it thoroughly scans the device and file from viruses.
In the view of (Muhsin, Hwang & Triman, 2018), to assure safety of all the computing devices they should be updated to the latest development. There are few steps that must be undertaken to secure the computing devices it was suggested that firewalls need to be checked as they act as a barrier for any criminal activity to take place. In case of crashes or failures data backups are very beneficial as they assure functionality of devices will not be affected. In today’s time computers are attacked by spyware, viruses and many other threats. To assure safe computing various practices need to be followed to secure all the devices. This can be achieved by keeping all the computing devices updated. This involves using anti-virus software as this software gives the ability to have automatic updates. It is also recommended that strong passwords need to be maintained. Strong passwords assure that data and devices are secure as it can be hacked. All the devices should be legally authorised so that files can be downloaded from secure links. It is important to install malware protection on the devices so that security is maintained. The surfing of all the devices is recorded so that there are chances of leakage of data. The sensitive data is kept away from all the wireless sniffing.
Documenting Requirements for Safety Standards
According to (Keyes, 2016) it is suggested that passwords should be strong and should be kept in such a way that it can’t be easily guessed. Additionally the storage and sensitive information should be less so that there no chances of security breaches. Apart from that the user should be aware about all the possible scams. The information should also be protected while transferring the data through internet or email. Computing devices can be secured by using anti-viruses and patching the devices by keeping it updated. The devices should have a filter that stops all the files and application to be downloaded from unknown source. The backup copies of files or data are kept so that it is not willing to lose.
According to (Ventola, 2014), data access should is assigned to make sure that passwords are protecting. The power strip should be used to avoid the loss of data and computing devices due to power failure. The antivirus software act as safeguard for computing devices as it avoids viruses to hit and destroy the devices. According to the research it can be stated that it is important to secure all the computing devices this could be done by enabling file extensions. The file extension helps in figuring if viruses have entered the devices via email or attachments. The computing devices should be kept updated to the latest version so that security features are strong. Keeping all the computing devices updates avoid the changes of security breach as they have advances in built security features (Hsiao, et. al, 2017).
The research methodology is an important aspect of the research, which sheds light on the research methods utilized in the research to collect the data. In the present section, the interview method is taken for the data collection. In this method, an interview is conducted with ten computer and network security experts. The researcher asks the questions related to the research subject and synthesizes relevant information from the data. The interview is a qualitative data collection tool. It collects the data, which cannot be analyzed through statistical forms. The interview data is analyzed through qualitative data analysis method such as thematic analysis.
The defense system falls into three categories, namely, preventing intrusion, detecting intrusion and detecting noninvasive attacks. The detection method must be chosen according to the type of security required (Khurana, Hadley, Lu, &Frincke, 2010). In the following section, different types of security equipment and their impact on security of the organization has been identified.
Practices for Ensuring Safe Computing
Tamper resistant: it is a bank vault technology, in which a one inch mild steel case is used to enclose the cash box. These systems are used to resist theft in the automated teller machine. Another approach is to attach the driver to different layers, separate them or penetrate the protection.
Single Chip coating: The single chip coating is used to prevent attack on a single chip. In this technology, the surface of the chip should not be probed and the coating should be applied so that it will not damage the chip.
Insulator based substrates: Several times, the attacker can intrude the protective coating using the IR LASER technique; therefore, the bulk silicon should be replaced with a non-transparent material.
Special semiconductor topographies: This technology is used to prevent the scanning of the electron microscope and pico-probing attacks. These attacks can be occurring in the presence of chemical machining or other techniques. In this technique, a chip is designed so that it does not impact the critical structures. Further, it does not impact the active layers of the device.
Tamper evident: The tamper evident system is designed so that it prevents the attack on sensitive information. These systems are designed so that the entry will reduce the evidence in the physical audit (Stajano& Anderson, 2002).
Brittle Packages: In this technology, the devices are sealed in a ceramic glass or frangible material. Once the attacker tries to steal the information by intruding the package, the glass packages shatter or cracks ad leave evidence.
Holographic Tape: The holographic tape refers to the technology, in which a holographic image is printed on the surface of the tape. It is similar to holographic images published on the credit card. These types of cards are difficult to forge. It is designed so that if an attempt to theft is made, it will get damaged. It intensifies the security of the project (Sandberg, Amin and Johansson, 2015). However, in the recent times, there have been several attacks in which the hologram of the security measures has been intensified.
Tamper Responding Sensor Technology: The tamper sensors encompass several types of devices, which can detect different types of intrusion.
Voltage sensors: The voltage sensors can be used to detect or design the power delivery for the operations of organization. It assures that there is appropriate operations of the circuit and monitors different types of power supplies. If there is an external voltage, then it is considered as an attack and an appropriate response should be monitored.
Importance of Research Methodology for Collecting Data
Probe sensors: The probe sensors refer to active tamper barriers and individual designs which impact the resistance of the tamper. The probe sensors comprise of active tamper barriers. In this technology, there are individual designs which can intensify the security of the computing system. These designs are less costly; however, they cannot be manufactured easily.
Wire sensors: In this technology, a thin wire is wrapped around the package, which is needed to be protected. It forms a potted form, which can prevent intrusion. The wire should be highly resistant to the distributed resistance so that any small changes in the operations can be identified (Kizza, 2017).
Printed Circuit Board Sensors: The sensors are similar to the wire sensor and should be designed at a low cost. In this technology, it is important that the spaces between the lines are regulated and the copper metal offers less security.
Stressed Glass with Piezo-Electric Sensor: In this technology, a glass is used along with, piezo-electric sensor for identifying pressure due to the glass break. The force breaks the glass, which induce a large signal from the piezo-electric device, which is attached to the glass.
Motion Sensors: The motion sensors are used to analyze the motion in an area or box. The motion sensors are used in pairs as there are several instances in which they cause false positives or miss the intrusions.
Ultra-sonic: There are several ultra-sonic sensors, which have the similar strengths and weaknesses; however, they can work efficiently at high frequencies. In this system, it is important to manufacture the walls with non-metallic material as several materials remains transparent at these frequencies. It can create false positive outside the protected region.
Acceleration sensors: the acceleration sensors are used to detect movement and high frequency vibration. They are used to prevent theft and identifying the instances of drilling or hammering into the devices (Kumar, Singh and Jayanthi, 2016).
Micro-switches: The micro-switch motion sensors use mercury to detect motion in the country. The mercury is low in cost and less sensitive to failures. The mercury switch is cost effective and more prone to failures.
There are several security methods, which are used for maintaining the security of the system. It is a commercial field and is in the development stage. The major findings of the interview regarding the equipment in maintaining the physical security of the devices has been discussed:
Tamper resistant: The tamper resistant system has a bank vault system. In this system, the outer case design is developed with an automated teller machine. The security system needs steel and robust materials so reduce the extent of attack on the security system of the organization. It is heavy equipment and it resists theft by the physical weight. The major issue with the temper resistant devices is that the owner may not be aware of the breach until break-in is discovered (Alani, 2016).
Different Types of Security Equipment and Their Impact on Security
The tamper resistant physical security is the easiest security measure and the steel cases and locks used for the security are very easy to apply. The physical implementation of the devices requires a certain level small size in features and complexity. However, it is no longer a disadvantage as several sophisticated means of identifying the technology have been developed.
The tamper responding system commonly uses the burglar alarm approaches in which an intrusion is detected followed by a response to protect the theft of the asset. Mostly, the response comprises of sounding an alarm. The tamper responding systems are designed to manage the break-in at a sensitive location. The tamper resistance systems are not designed to prevent an attack; however, it will ensure that the break-in becomes soon acknowledged (Bradley, 2006).
High Technology Attacks: There are also certain high technology attacks, which uses advanced technology to intrude the security system of the organizations. These attacks require a typical level of skills and, which are not available to the common attacker. The business community is beginning to embrace the superior skills of the attackers and improving the security standards.
Probe attacks: The probe attacks are the most common high technology attack. In this attack, the conductors are directly attached to the circuit, which increases the access to the information and provide information through the system under attack (Amoroso, 2012).
Passive probes: The passive probes can be considered as logical analyzed probes, which are used to watch or record the information from the circuits. The passive probes can be terminated from the active circuit, which can prevent detection and interference in the system under attack.
Energy Probes: The energy probes refer to the electron beams, ion beams and the beam of lights, which can read or write content on the microchips or ICs (Subashini&Kavitha, 2011). They also have the capability to change the content of the storage.
Machining Methods: The process of machining is to remove the material so that the circuitry beneath the potting can be accessed. If the protection covering is removed, the attackers can easily access the system. The probe attack tries to perform the machining operation without leaving any evidence or tripping a sensor (Stallings et al., 2012).
Mechanical Machining: The method removes the physical material in a very little time. There are certain disadvantages such as there is little feedback and the cut on the computing device is very deep. If the cutter is conductive, then it will impact the functioning of the equipment.
Tamper Resistant Technology
Water machining: The water machining is a precise method, which can be used to remove the metal with precision. The metal remover can be non-conductive; therefore, it is very effective for every metal except the soft metals. The water machining equipment is very large. Therefore, it is not efficient in the situations, where cost and size of the equipment is a major concern.
In this research, deductive approach will be used to solve the research issue. This approach will be used to develop the hypothetical framework for completing the research phenomenon. Furthermore, both primary and secondary data collection will be used to obtain the reliable and valid outcome. In this way, primary data will be collected through interview and secondary data would be collected from different journal articles, books and online and offline websites (Stallings et al., 2012).
In this research study, sample method will be used by an investigator in order to assess the feasible respondents from the targeted population. For this research, the probability sampling method would be selected by a researcher to provide the similar probability to respondents to obtain the reliable outcome. Under this technique, simple random sampling method will be used by a researcher to decline the chances of biasness from investigation (Amoroso, 2012). For conducting the interview, 10 network security experts will be selected from different companies of Australia.
Randomly assign respondents to different design treatment and control in a research study is an experimental design. The experiment will be run in different phases where, each phases corresponding to increase in size of problem. Test problem of each size will be randomly selected as it would be not possible to pool truly random distribution within a non-artificial domain (Bradley, 2006).
The key part of generating a quasi-experimental design is to address the variables. The quasi-independent variable will be x-variable that can be manipulated to affect a dependent variable. X variable is generally grouping variable at distinct level where grouping means two or more groups like two groups creating alternative solutions. The predicted result is the dependent variable that is denoted as y-variable (Subashini&Kavitha, 2011).
Under the time series assessment, the dependent variable is estimated over time for any changes that may exists. In this research, once the variable will be defined and identified then the process should be applied and differences in group should be assessed (Amoroso, 2012).
Quasi-experiments will be beneficial for this research as it uses pre-post testing. It indicates that there are different test done earlier before any data are gathered in the research. After that, actual experiment is performed with the post test outcome recorded (Subashini&Kavitha, 2011).
Single Chip Coating
Under the experiment with random sample, network safety experts have same probability of being selected in interview. As such, random sample makes sure that both control groups and experimental are equivalent. Under the quasi-experimental design, questionnaire will be allocated as per the random selection method (Alani, 2016).
In order to ensure safety of all the computing devices the phishing scams should be avoided and user should be aware of all the suspicious mails and messaged. The attacks can be minimized by keeping track of all the cybercriminal attempts that tries to leak all the personal information. The use if web browsers also increase the chances of security risk. Thus it is important to keep the security system updated and make sure that all the browser and software is updated. The security of computing device is also affected by the websites client is visiting or files that are downloaded from untrusted sources. It is also suggested that devices should not be left unattended as there are chances that someone else uses the personal information. Thus to secure all the computing devices they should be kept locked so that only authorized users can access the data. Devices store many sensitive information thus it is important to remove all the sensitive files from your system by storing them on cloud. The utilization if internet browsers likewise increment the odds of security chance. Hence it is vital to keep the security framework refreshed and ensure that all the program and programming is refreshed. The security of registering gadget is additionally influenced by the sites customer is going by or documents that are downloaded from untrusted sources. It is likewise proposed that gadgets ought not to be left unattended as there are chances that another person utilizes the individual data. Thus the information should always be encrypted when storing or transmitting sensitive data from one device to other. The information on social media should be kept limited so that data should not be disclosed. There are several security methods, which are used for maintaining the security of the system. It is a commercial field and is in the development stage.
After the detection of the security attack, there are various types of security response, which can be implemented for maintaining the security of the computing device. There are several aspects in maintaining the security without interference to the design of the equipment.
The Gantt chart demonstrates the time period which will be required for completing the research. The project would be start with the focusing on different safety approaches used in protecting the computing system. After that, project will be focus on another activity such as theoretical content and research methodology that will be required to systematically complete the research objectives. The another essential activity of this research is sample preparation to choose the respondents from large population in order to gather the information regarding safety approaches used in protecting the computing system. Subsequently, critical assessment of outcome will be performed (Amoroso, 2012). In the last, completion of research report will be demonstrated in the front of supervisor.
Insulator Based Substrates
Conclusion
It can be concluded that the physical security devices are effective in maintaining the security of the computing devices. The physical security devices are technical means to measure the physical security of a device. With the sensitive and the amount of data, the level of security for the data is increased. With the increase of data, the motivation of developing physical means, which can extract sensitive information, is increased. The system design is used to meet the need of protecting the sensitive information.
When the technology is developed, the design point and the performance of the system should be constantly analyzed. The technology should be used to protect the data from the adversaries and other individuals. In the present several technologies have been developed, which can be used to protect the hardware, software and electronic data from any kind of theft. These systems are also used to protect the system from any kind of disruption or misdirection. In the physical security measures, the physical access to the system hardware is prevented so that there is no unauthorized network access, malicious data injection. There has been malpractice by operators in which intentional or accidental intrusion to the secure data is prohibited. It can be concluded that devices store many sensitive information therefore it is important to remove all the sensitive files from the system by storing them on cloud. The utilization of internet browsers likewise increment the odds of security chance. Hence it is important to keep the security framework refreshed and ensure that all the program and programming is well-secured. The security of registering gadget is additionally influenced by the sites customer is going by or documents that are downloaded from untrusted sources. It is likewise proposed that gadgets ought not to be left unattended as there are chances that another person utilizes the individual data. Thus the information should always be encrypted when storing or transmitting sensitive data from one device to other. The information on social media should be kept limited so that data should not be disclosed.
References
Alani, M. M. 2016. Elements of cloud computing security: A survey of key practicalities. Springer International Publishing.
Amoroso, E. G. 2012. Cyber attacks: protecting national infrastructure. Elsevier.
Bradley, T. 2006. Essential Computer Security: Everyone’s Guide to Email, Internet, and Wireless Security. Elsevier.
Firerescue. 2017. Safety measures for computer users. [Online].https://www.firerescue1.com/fire-products/Data-Management/tips/289773-Safety-measures-for-computer-users/ [accessed on: 15 June 2018].
Gregory, T. L., Lemmon, A. N., Veitenheimer, J. M., Jacobs, J. R. and Ainsworth, M. E. 2015. U.S. Patent No. 9,002,679. Washington, DC: U.S. Patent and Trademark Office.
Griffor, E. 2016. Handbook of System Safety and Security: Cyber Risk and Risk Management, Cyber Security, Threat Analysis, Functional Safety, Software Systems, and Cyber Physical Systems.Syngress.
Hsiao, H. C., Shuo, D. E. N. G., Salamat, B., Gupta, R., & Das, S. M. 2017. U.S. Patent No. 9,832,211. Washington, DC: U.S. Patent and Trademark Office.
Keyes, J. 2016. Bring your own devices (BYOD) survival guide. Auerbach Publications.
Khurana, H., Hadley, M., Lu, N., & Frincke, D. A. 2010.Smart-grid security issues. IEEE Security & Privacy, 8(1).
Kizza, J. M. 2017. Guide to computer network security. Springer.
Kumar, G. D., Singh, M. K., and Jayanthi, M. K. 2016. Network Security Attacks and Countermeasures.IGI Global.
Monte, M. 2015. Network attacks and exploitation: A framework. John Wiley & Sons.
Muhsin, B., Hwang, S., & Triman, B. C. 2018. U.S. Patent No. 9,877,650. Washington, DC: U.S. Patent and Trademark Office.
Sandberg, H., Amin, S., and Johansson, K. H. 2015. Cyberphysical security in networked control systems: An introduction to the issue. IEEE Control Systems, 35(1), 20-23.
Stajano, F., & Anderson, R. 2002. The resurrecting duckling: security issues for ubiquitous computing. Computer, 35(4), supl22-supl26.
Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. 2012. Computer security: principles and practice (pp. 978-0). Pearson Education.
Stolfo, S. J., Bellovin, S. M., Hershkop, S., Keromytis, A. D., Sinclair, S., and Smith, S. W. (Eds.). 2008. Insider attack and cyber security: beyond the hacker (Vol. 39). Springer Science & Business Media.
Subashini, S., & Kavitha, V. 2011. A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11.
Ventola, C. L. 2014. Mobile devices and apps for health care professionals: uses and benefits. Pharmacy and Therapeutics, 39(5), 356.