2 cissp ® Official Study Guide Eighth Edition

Download 19,3 Mb.

Pdf ko'rish

bet	387/881
Sana	08.04.2023
Hajmi	19,3 Mb.
	#925879

1 ... 383 384 385 386 387 388 389 390 ... 881

Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Proximity Readers

Smartcards
Smartcards
are credit-card-sized IDs, badges, or security passes with an embedded mag-
netic strip, bar code, or integrated circuit chip. They contain information about the autho-
rized bearer that can be used for identification and/or authentication purposes. Some
smartcards can even process information or store reasonable amounts of data in a memory
chip. A smartcard may be known by several phrases or terms:
■
An identity token containing integrated circuits (ICs)
■
A processor IC card
■
An IC card with an ISO 7816 interface
Smartcards are often viewed as a complete security solution, but they should not be
considered complete by themselves. As with any single security mechanism, smartcards are
subject to weaknesses and vulnerabilities. Smartcards can fall prey to physical attacks, logi-
cal attacks, Trojan horse attacks, or social-engineering attacks. In most cases, a smartcard
is used in a multifactor configuration. Thus, theft or loss of a smartcard does not result
in easy impersonation. The most common form of multifactor used in relation to a smart-
card is the requirement of a PIN. You’ll find additional information about smartcards in
Chapter 13, “Managing Identity and Authentication.”
Memory cards
are machine-readable ID cards with a magnetic strip. Like a credit card,
debit card, or ATM card, memory cards can retain a small amount of data but are unable
to process data like a smartcard. Memory cards often function as a type of two-factor
control: the card is “something you have” and its personal identification number (PIN)
is “something you know.” However, memory cards are easy to copy or duplicate and are
insufficient for authentication purposes in a secure environment.
Proximity Readers
In addition to smart/dumb cards, proximity readers can be used to control physical access.
A
proximity reader
can be a passive device, a field-powered device, or a transponder. The
proximity device is worn or held by the authorized bearer. When it passes a proximity
reader, the reader is able to determine who the bearer is and whether they have authorized
access. A passive device reflects or otherwise alters the electromagnetic field generated by
the reader. This alteration is detected by the reader.
The passive device has no active electronics; it is just a small magnet with specific properties
(like antitheft devices commonly found on DVDs). A field-powered device has electronics that
activate when the device enters the electromagnetic field that the reader generates. Such devices
actually generate electricity from an EM field to power themselves (such as card readers that
require only that the access card be waved within inches of the reader to unlock doors). A tran-
sponder device is self-powered and transmits a signal received by the reader. This can occur
consistently or only at the press of a button (like a garage door opener or car alarm key fob).

410
Chapter 10
■
Physical Security Requirements
In addition to smart/dumb cards and proximity readers, physical access can be man-
aged with
radio-frequency identification (RFID)
or biometric access control devices. See
Chapter 13 for a description of biometric devices. These and other devices, such as cable
locks, can support the protection and securing of equipment.

Download 19,3 Mb.

Do'stlaringiz bilan baham:

1 ... 383 384 385 386 387 388 389 390 ... 881