Running head: PHYSICAL SECURITY MECHANISMS 1

Mapping Logical Security Strategies to Services and Physical Mechanisms

Wayne A. Fischer

University of San Diego

CSOL 520 Summer 2019 Assignment 5

June 21, 2019

Professor Thomas Plunkett

Author Note

This paper shows a table based on the implementation of the SABSA® model. In this

table there are seven security strategies from the SABSA® Logical Security Architecture layer

and list security strategies associated with them. These then map the security strategies to the

security services, and finally associate them with physical security mechanisms and provide

rationale for the choices.

Running head: PHYSICAL SECURITY MECHANISMS 2

Logical Security Strategies and Services, and Physical Mechanisms

Security Strategies Logical Security Physical Security Rationale for Choices

Services Mechanisms
Prevention Entity Security Directory Directory replication was selected as a strategy for preventing
Services: Directory Replication the loss of availability and to improve performance and
Services resilience of the directory service. Directory Services are a
critical piece of most infrastructures. So adding replication will
enable the benefits mentioned as well as additional benefits
specified such as balances between enquiries and a replication
strategy per Sherwood et all (Sherwood, Clark, & Lynas, 2005,
pp. 372-3).
Detection and Intrusion Detection Alarms According to Öğüt, the Base Rate fallacy assumes Intrusion
Notification Detection alarms are typically benign and so in response system
security officers either ignore alarm signals or turn off the IDS
(Öğüt, 2013). A better response to alarms is to analyze and add
additional constraints to triggers or lower their severity. In my
experience it is critical that security professionals not become
complacent but rather work through issues by including
mitigating controls or ensuring alarms provide value.
Containment Physical Security Locked rooms for Nearly all security protections can be defeated if an attacker has
servers, operations access to communication and/or servers. Maintaining locked
and communications rooms for servers and operations and communications
equipment provides a barrier against insider threats and external
attackers causing harm and is still a core security strategy
(Covington, 2016).
Event Collection Audit Trails Event logs Event logs are needed to determine if systems are operating
and Event Tracking effectively, as well as determine what went wrong when
security controls or systems fail. Without meaningful and
accurate event logging, most system administrators and
PHYSICAL SECURITY MECHANISMS 3

application programmers are unable to quickly identify root

causes when systems do not act as expected.
Recovery and Disaster Recovery Data Restoration When a disaster occurs from any number of physical, human, or
Restoration Procedures natural consequences, the ability to quickly recover data and
return to normal operations can reduce risks to an organization.
Not only should backups be performed, but they should also be
tested, but they should also have written procedures. People
tend to forget things in a crisis so having tested and written data
restoration procedures ensures that mistakes are not made and
that the process goes smoothly under pressure.
Assurance Security Real-time system The ability to identify threats, system failures, and other
Monitoring monitoring and incidents as they happen reduces the amount of harm which can
alarms occur. Real-time monitoring systems reduce the time to
respond by system admins and security administrators to limit
damage. These also provide a higher availability level because
when systems begin to, or do, fail then system administrators
can be notified more rapidly allowing the organization to return
to normal operations more quickly.
Prevention Entity Security Registration The registration procedure is an important step for Entity
Services: Entity Procedure Security Services because it reduces the chances of giving new
Registration personnel too much authorization and it allows organizations to
quickly get a new person all the required authorizations they
require for work. It also allows unique naming schemas to be
used for services and persons and ensures that they conform to
system standards. Without this procedure, chaos may quickly
ensue and critical steps in registration may be missed.
Table 1. Mapping of SABSA Model Logical Security Strategies, Services, and Physical Mechanisms
Running head: PHYSICAL SECURITY MECHANISMS 4

References

Covington, R. C. (2015, June 23). Physical security: The overlooked domain. Retrieved from

https://www.csoonline.com/article/2939322/physical-security-the-overlooked-

domain.html

Öğüt, H. (2013). The configuration and detection strategies for information security systems.

Computers & Mathematics with Applications, 1234-2153.

Sherwood, J., Clark, A., & Lynas, D. (2005). Enterprise Security Architecture - A Business-

Driven Approach. Boca Raton: CRC Press.