Security

Instructions

For this assignment, you will play the role of the person charged with providing security services at a private sector entity of your choosing. In your introduction, offer pertinent information regarding this organization (i.e. operations, services, employees, internal and external resources, identified threats and hazards, etc.). Then, as it relates to core responsibilities and identified areas of risk, provide appropriate details and examples regarding detection systems that would be employed at this location, as well as the role integrated identification technology with play as well.

Technical Requirements

  • Your paper must be at a minimum of 5 pages (the Title and Reference pages do not count towards the minimum limit).
  • Scholarly and credible references should be used. A minimum of five (5) scholarly sources are required.
  • Type in Times New Roman, 12 point and double space.
  • Students will follow the current APA Style as the sole citation and reference style used in written work submitted as part of coursework. 
  • Points will be deducted for the use of Wikipedia or encyclopedic type sources. It is highly advised to utilize books, peer-reviewed journals, articles, archived documents, etc.

Overview

As noted in last weeks lesson, technology plays a major role is how security is provided in todays ever-changing environment; specifically related to detection activities. This week, our focus discussion moves beyond when an individual has been detected; but in the ways they can be recognized and identified in a way to determine whether they have a valid reason in being there or not. Therefore, some foundational principles regarding access control will be addressed, as well as how technology plays a role in these additional efforts as well. Credentialing through the use of codes and cards, biometrics and the many forms they can take, as well as digital enhancements made to Closed Circuit Television systems (known as intelligent CCTV) provide numerous options to the security industry. The challenge for security administrators will be to include these technologies in a continuous, coordinated manner.

Introduction

In order to successfully apply and take full advantage of technology related to surveillance activities, a model must be developed and heeded. When viewed as a continuum, one end would find those efforts related to detection, while on the other deals with identification. Various approaches have been developed that can be integrated into such a model; each one incorporating the underlying components of detection, recognition, and identification. Each one represents the primary stages of the overall process.

Detection

The first of these, detection, was dealt with last week, so little attention will be directed towards this component. Yet as was discussed, various sensors (i.e. point, line, area) are used to sense the presence of an object or person when entering the field of view of applicable devices. At present, there are various methods used to detect presence or movement. As noted in Chapter 7 of Security Science: The Theory and Practice of Security, some examples include the background subtraction method, using disparity templates of images, classifying objects and matching their motion, as well incorporating edge information and skin tones. For additional details and information concerning applicable resources, this text should be consulted.

Recognition

In order to properly place the component of recognition within the overall security paradigm, a specific certain parameters must be established in which to compare the object to. For this, a number of visual perception models have been formulated to aid in the process of recognition. For instance, the template theory asserts that certain patterns are developed are developed over time, stored, and then utilized to identify certain objects. Then there those that are known as feature theories, which as the name implies states that certain characteristics of an object are identified and compared against those that have been stored or input in memory. Yet another is the computational theory; a rather intricate concept that incorporates shadows, textures, and other features in both two and three dimensional sketches and models to aid in the recognition process. Yet at their basis, these share certain commonalities, and that is that certain traits and attributes are compared with a particular class or category that has been developed. Each of these theories has their own limiting factors and capabilities, so their applicability to a certain environment must be clearly understood (Smith & Brooks, 2012).

Identification

The last of the three components to be touched upon deals with the principle of identification. Once an object has been detected and recognized, it must then be distinguished from others in a unique fashion. Traits of both a physiological and behavioral nature can be used here; where both bodily features and social posture can aid in making proper identification. While more traditional means can be employed in an attempt to verify the identification of a person (i.e. passport or drivers license, reciting certain bits of information such as place of birth, mothers maiden name, etc.), taking advantage of technology requires that such efforts be carried out within the confines of an overall system. For instance, biometric features require the correspondence of certain characteristics with those that are found in a database; therefore, this and similar actions must be completed within a similar structure.

Attention will now be directed towards just some of the many tools that can be used by security practitioners related to integrated identification technology.

Tools Used By Security Practitioners Related to Integrated Identification Technology

Access Control

Previously, we have discussed the layered approach that is a primary component of the defense-in-depth strategy, and noted how access control plays a major role in this overall effort. Therefore, an overarching access control system (ACS) should be employed related to a facility or complex in which security is required. This system can incorporate a host of individual components, whether that is signage, security staff, or using technology in the form of codes, automated electronic access controls, and the like. Generally speaking, an ACS will first require entry into a certain area via a locking system; where various means (credentials, readers, etc.) are then used to verify identification. It must be noted that an ACS must be incorporated in and work in tandem with other systems related to security, elevators, fire and life safety, software management if they are to function together in a seamless manner.

Credentials

Credentialing a person within an ACS adheres to three basic principles; something you have (e.g. access card), something you know (e.g.. password), or something you are (e.g. biometric feature).

Codes and Cards

The use of codes and cards in order to confirm the identification of an individual is commonplace in society today and is used in a host of settings. Yet here at the outset, it must be understood that using these methods to positively identify is not fool-proof, and must be used in conjunction with other forms of authorization if total security is to be achieved. There are vulnerabilities related to the fact that these methods can be compromised in some form or fashion, or that there are limiting factors related to personal identification numbers (PINs) and passwords as well. However, this does not negate the positive way in which they can aid in providing needed security.

With respect to codes, (whether in the form of a PIN, password, or encryption key), from a theoretical point of view, level of security is determined by a number of factors. These include possible code combinations, as well as the ability of the user to keep such information secure. With respect to cards, a number of options are available to very identification. Proximity cards, drivers licenses, ID badges and the like are routinely used to gain access to a certain area. As listed and described in Security Science: The Theory and Practice of Security, there are a host of cards that have been determined worthy of being part of an overall security access control system. These include but not limited to the following:

  • Infrared cards
  • Holographic cards
  • Optical cards
  • Magnetic stripe cards
  • Wiegand effect
  • Proximity cards
  • Smart cards

Each has their own unique features, capabilities, and modes of operation, so again, the security administrator must consider these factors and employ what best suits their organizations needs.

Biometrics

As previously noted, even though codes and cards serve as a great aid in verifying the credential of an individual, they fall short in making a positive identification. Therefore, they offer limited security as they can only rely upon the information being provided and can easily be altered. However, individualized characteristics can validate identification, where physical and behavioral characteristics can greatly enhance this process. Known as biometrics (which comes from the Greek words bio life and metric to measure), using such features greatly enhances the overall concept of identification and can aid in authorizing whether a person should enter a building/area or not. These technologies can be used in a host of situations that include computers and related systems, financial accounts, records related to human resources, communication systems, as well as producing profiles tailored to those who have disabilities in an effort to enrich mobility of the disabled. If placed in a corporate setting, these technologies can be used to maintain accountability related to both employees and vendors and how transactions are maintained (Asha & Chellappan, 2012). As is the case with technology in general, biometrics is a field that is ever in a state of progression; meeting new-found needs and applications.

Types of Biometric Identification

As highlighted, the characteristics associated with biometrics can either be physical or behavioral in nature. From a physical standpoint, fingerprints have (and continue) to be used by law enforcement and other agencies to verify identification. Transitioning from inks and powders to sensors and glass plates, trained users can obtain and store digital images of the thumb, fingers and palm. Yet other physical characteristics noted by Smith & Brooks (2012) can serve as biometric identifiers, those that include:

  • Finger length
  • Vein pattern on underside of wrist
  • Vein pattern on back of hand
  • Knuckle creases formed when gripping a bar
  • Fingertip structure related to blood vessel pattern
  • Hand topography
  • Shape or ear and lip

In regards to those that are behavioral in nature, these include the pattern of ones voice, characteristics related to the eyes (retina scans and iris recognition), as well as patterns and dynamics related how an individual signs their name (not the signature itself, but the underlying pressure in providing it), types on a keyboard (style and rhythm), or even their manner of speech. Still others have been classified as biometric IDs, such as facial recognition, body odor, and even the manner in which a person moves and walks.

Biometric System

As has been the case throughout this study, individual components related to security must work together within an overall system if they are to achieve their objectives. The same holds true for biometrics, as each individual device must work in concert with the other parts found within the overall security program.

Within a biometric system, there are three primary components needed if information is to be obtained and authorization granted. These include a device used to acquire a signature, scan, or any of the other biometrics signatures that have been noted. Secondly, there must be a way to process and compare the information obtained, and lastly, there must be a way in which this biometric identification interfaces with the access control system. As it relates to obtaining information from an individual, the security administrator must be familiar with the various sensors, extractors, templates, and matchers needed to carry this function out. When it comes to choosing which biometric identifier might be most appropriate, there will be a host of issues to consider (associated costs, level of security desired, anticipated number of identifications, etc.), but whatever is selected should possess the following qualities:

  • Universal-all persons should have the distinguishing factor
  • Permanent-characteristics should not fluctuate over time
  • Distinctive-characteristics obtained should vary as much as possible between individuals
  • Robust-repeated applications of a particular individual should repeatedly produce same results
  • Accessible-easy to present to the sensor
  • Acceptable-should be perceived as non-intrusive by the user
  • Difficult to circumvent-problematic for an imposter to trick the system (Smith & Brooks, 2012)

As can be seen, biometrics can play a major role in verifying the identification of an individual. However, its use must be approached with a healthy dose of awareness and caution as it relates to privacy concerns and the fear that storage of such data and records could be an infringement on personal rights. There are also fears that biometric technology could be used to monitor the movements of an individual as well, so as it relates to this matter, forewarned is forearmed. However, proactive steps can be taken to address this issue by controlling access, storage, and use of this information, as well as providing requisite training for those who do deal utilize it.

CCTV Technology

The last issue related to integrated identification technology is not a single piece of technology, but an overall system that incorporates a variety of cameras, lenses, monitors and components to transmit information and images. CCTV Technology, or as is noted in Security Science: The Theory and Practice of Security, Intelligent CCTV, can serve as a force multiplier for those charged with providing security. As it relates to certain environments and applications, it is simply not feasible for security personnel to cover a given area or provide attention as needed. Therefore, these systems can be a one stop shop as they can combine video coverage with alarm capabilities related to perimeter protection, intrusion detection and access control.

The first step is perhaps one of the most vital, and that is designing the system in the first place. Appropriate attention must be directed towards overall system needs given the operating conditions that currently exist. A team approach should be taken when assessing requirements; those that relate to function, operations, supporting infrastructure, as well as those related to video retention. A thorough survey of the site will offer insight regarding how the system itself should be designed and applied to the environment under consideration. A number of individual features will play a major role as well, such as lighting that must work in concert with cameras (which of course would determine location of each), and how power will be distributed regarding the operation of these components. Obviously, licensed electricians and engineers acquainted with these applications should be consulted. Also, as technology evolves, the manner in which video is transmitted changes as well, where it seems that something new today is outdated tomorrow (maybe an exaggeration, but not too far off). The point is, scalability and affordability must be balanced with a view of present and future needs. The system as a whole must be reliable, but realizing that it must also be maintained and upgraded as needed.

As noted previously, an Intelligent CCTV system is made up of various components; comprised of various types of cameras, lenses, housing and mounts, video monitors, switchers and multiplexers, video recorders, the wired transmission that connects all of these devices together, as well as a manner in which to store the data they produce. For a detailed look at all of these, you are encouraged to review the document produced by DHS, System Assessment and Validation for Emergency Responders (SAVER): CCTV Technology Handbook. Likewise, the student should refer to Chapter 7 of Security Science: The Theory and Practice of Security as well regarding some additional aspects of CCTV technology known as video content analysis (VCA), video analytics (VA), and video motion detection (VMD). These applications provide enhanced capabilities that offer a host of options for the security administrator in order to meet their specific needs.

Conclusion

In this lesson, we have looked closely at some of the primary components of a security management system; specifically the manner in which technology proves advantageous in recognizing and identifying an individual once detected. The capabilities and options are numerous, and the security professional must conduct due diligence in determining what might best suit their specific needs. Yet suffice it to say, technology is a great tool if it is utilized and harnessed in the proper manner.

Next week, we will look at some specific topics from the perspective of management. These include the management of knowledge and information that can contribute to enhanced security, the management of intelligence with respect to probable threats and hazards, as well as managing the various activities that collectively allow an organization to provide its essential services in an uninterrupted manner.

References

Asha S. & Chellappan, C. (2012). Biometrics: An overview of the technology, issues and applications. International Journal of Computer Applications. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.736.1587&rep=rep1&type=pdf

Department of Homeland Security: Science and Technology. (2013). System Assessment and Validation for Emergency Responders (SAVER): CCTV Technology Handbook. Washington, D.C. : Government Printing Office.

Smith, C., & Brooks, D. J. (2012). Security Science: The Theory and Practice of Security. Burlington: Butterworth-Heinemann.