of 105
7/28/2019 Chapter-1 Access Control Systems & Methodology
1/105
Chapter-1 Access control Systems & Methodology
Page 1 of105
IDS :
Intrusion Detection Systems (IDS) :
An IDS gathers and analyses from within a computer or network, to identify the possibleviolations of security policy, including unauthorized access, as well as misuse.
An IDS also referred to as a packet-sniffer which intercepts packets travelling along variouscommunication mediums and protocols usually TCIP/IP.
The packets are analysed after they are captured. An IDS evaluates a suspected intrusion once it has taken place and signals an alaram.Three ways to detect an intrusion:
o Signature Recognition- it is also known as misuse detection. Signature recognitiontries to identify events that misuse a system.
o Anomaly detection:- it detects the intrusion based on the fixed behaviroalcharacterstics of the users and components in a computer system.
o Protocol Anomoly Detection: - in this type of detection, models are built on TCP/IPprotocols using their specfications.
Tripwire is a system integrity verifiers that monitors system files and detects changes by an intruder.
7/28/2019 Chapter-1 Access Control Systems & Methodology
2/105
Chapter-1 Access control Systems & Methodology
Page 2 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
3/105
Chapter-1 Access control Systems & Methodology
Page 3 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
4/105
Chapter-1 Access control Systems & Methodology
Page 4 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
5/105
Chapter-1 Access control Systems & Methodology
Page 5 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
6/105
Chapter-1 Access control Systems & Methodology
Page 6 of105
Honey pots , Padded Cells systems and Vulnerability analysis complement IDS to enhance an
organizations ability to detect intrusion.
Honey pot Systems : Event Triggers, Sensitive monitors, Event loggers.
IDS serve as monitoring mechanisms, watching activities, and making decisions about the whether
the observed events are suspicious.
Firewall serve as Barrier Mechanisms.
IDS look at security policy violations dynamically. IDS are analogous to security monitoring cameras.
Vulnerability analysis systems take a static view of symptoms.
IDS detected and reported : System scanning attacks, DOS attack, system Penetration attacks.
Honey pots and Padded Cells systems have Legal Implications.
Classification of IDS: Network-based IDS, Host-based IDS, Application- based IDS.
Signature-based IDS- is the primary technique used by commercial systems to analyse events to
detect attacks.
7/28/2019 Chapter-1 Access Control Systems & Methodology
7/105
Chapter-1 Access control Systems & Methodology
Page 7 of105
Anomaly-based IDS- the subject of much research and is used in a limited form by a number of IDS.
Firewalls are complement to IDS.
Respond is the most important part of IDS and containment. Reporting is the last step in the IDS and
containment process.
The process engine is the heart of the IDS.
A Mutation engine is used to proliferate polymorphic virus.
IDS and Firewall do INTERACT.
IDS detects a DOS attack.
A major issue with IDSFalse-positive notification with Anamoloy-based IDS.
IDS Can do Report alteration to data files, Trace user activity, interpret system logs and Recognize
a known type of attack.
Audit Trails : If audit trails have been designed and implemented to record appropriate information,
they can assist in IDS. Intrusions can be detected in real time, by examining audit records as they are
created or after the fact.
Access control techniques:
7/28/2019 Chapter-1 Access Control Systems & Methodology
8/105
Chapter-1 Access control Systems & Methodology
Page 8 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
9/105
Chapter-1 Access control Systems & Methodology
Page 9 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
10/105
Chapter-1 Access control Systems & Methodology
Page 10 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
11/105
Chapter-1 Access control Systems & Methodology
Page 11 of105
Role-based access control: Excessive turnover of employees.e.g. Bank Teller,doctor,nurse,
manager. Its an eg. of NON-DAC. It is based on job duties concept.
7/28/2019 Chapter-1 Access Control Systems & Methodology
12/105
Chapter-1 Access control Systems & Methodology
Page 12 of105
Rule-based access control: Rule-based and MAC are the same since they are based on
specific rules relating to the nature of the subject and object. It is based on access rules.
Discretionary Access Controls:
7/28/2019 Chapter-1 Access Control Systems & Methodology
13/105
Chapter-1 Access control Systems & Methodology
Page 13 of105
is a means of restricting access to objects based on the identity of subjects and/or groups to
which they belong. A DAC model uses access control matrix where it places the name of
users(subjects) in each row and the names of objects(file or programs) in each column of a
matrix. It treats users and owners are the same.
Access is based on the authorization granted to the user, It uses access control list, It uses grant andrevoke access to objects.
An access control matrix is placing the name of Users in each row and the names of ojbects
in each column.
Example of objects are : records, programs, pages, files, directories etc. An access control
matrix describes an association of objects and subjects for authentication of access rights.
Identity-based policy and User-directed policy are eg. DAC.
ACLs: ACLs techniques provide a straightforward way of granting and denying access to for
a specified user. An ACL is an object associated with a file and containing entries specifying
the access that individual users or groups of users have to the file.Access control list is most
commonly used in the implementation of an access control matrix.
Mandatory Access Controls :
A MAC restrict access to objects based on the sensitivity of the information contained in the
objects and the formal authorization(i.e.clearence) of ojbects to access information of such
sensitivity.it uses security labels. Simplest to amdiminster. A security label or access control
mechanism is supported by MAC.Security Labels are very strong form of access control.
e.g. Rule-based policy e.g. MAC.
Access Control Mechanisms:
Logical ( passwords and encryption)
7/28/2019 Chapter-1 Access Control Systems & Methodology
14/105
Chapter-1 Access control Systems & Methodology
Page 14 of105
Physical(keys and tokens) Administrative(forms and procedures) controls . Directive,preventive,detective,corrective and recovery controls are controls by action. Management , operational , and technical controls are controls by nature.
Non-DAC: Lattice security model is based on non-DAC.
Access to computer facilities and records is limited to authorized personnel on an as needed
basis.
Principle of Least Privilege: Appropriate Privileges.
Each user(subject) is granted the lowest clearance needed to perform authorized tasks.it most
closely linked to. Integrity.
Security features:
The granularity of privilege The time bounding of privilege Privilege inheritance
Consistent with the Principle of Least Privilege:
Re-authorization when employees change positions Users have little access to systems.
Users have significant access to systems.
Authorization creep: occurs when employees continue to maintain access rights for
previously held positions within an organization and it is a security vulnerability.
I&A techniques:
7/28/2019 Chapter-1 Access Control Systems & Methodology
15/105
Chapter-1 Access control Systems & Methodology
Page 15 of105
Password ManagementPreventive control.
A virtual password is a password computed from a passphrase that meets the requirements of
the password storage(e.g.56 bits for DES).
User IDs and Passwords are first line of defence against potential security threats ,risks orlosses to the network.
Use of login IDs and passwords is the most commonly used mechanism for providing static
verification of a user.
Using password advisors is the most effective method for password creation.
A more simple and basic login controls include : validating username and password.
Password secrecy cannot be tested with automated vulnerability testing tools.
Use randomly generated characters password selection procedure would be the most difficult
to remember.
Password can be stored in password file preferably encrypted.
Password sharing , password guessing and password capturing are the most commonly used
methods to gain unauthorized access..
7/28/2019 Chapter-1 Access Control Systems & Methodology
16/105
Chapter-1 Access control Systems & Methodology
Page 16 of105
Access Control Mechanisms:
Logical Access Control: e.g. Passwords, PINs and encryption.
Computer based access controls are called logical access controls. It helps to protect.
Availability- Operating system and other systems software from unauthorizedmodification or manipulation.(and there by help to ensure the systems integrity and
availability).
The integrity and availability of information by restricting the number of users andprocesses with access.
Confidential information from being disclosed to unauthorized individuals. Logical access control mechanisms rely on physical access controls- Application
system access controls, operating system access controls, Utility programs are heavily
dependent on logical access controls to protect against unauthorized access.
Physical Access Control:
Administrative Access control:
7/28/2019 Chapter-1 Access Control Systems & Methodology
17/105
Chapter-1 Access control Systems & Methodology
Page 17 of105
FAR/FRR/CERgood measure of performance of biometric-based identification and
authentication technique.Type-I error is false rejection and Type-II error is false acceptance
of imposters.
Kerberosidentification and authentication technique involves a ticket that is linked to a
userspassword to authenticate a system user. The Key-distribution-server is a major
vulnerability with Kerberos.56bit size.
Pre-authentication is required to thwart attacks against a Kerberos security server.
Kerberos uses a trusted third party, Kerberos is a credential-based authentication system,
Kerberos uses symmetric-key cryptography.
Kerberos is a(n): Ticket-oriented protection system.
A replay attackrefers to the recording and retransmission of message packets in the
network.it can be prevented by using packet time-stamping.
Kerberos can prevent playback(replay)attack.
Most to least protection against replay attacks:
Challenge response, one-time password, password and PIN, and Password only.Kerberos used : Managing encryption keys, Managing centralized access rights, Managing
access permissions.
7/28/2019 Chapter-1 Access Control Systems & Methodology
18/105
Chapter-1 Access control Systems & Methodology
Page 18 of105
Kerberos based authentication system would reduce the risk of impersonation in an
environment of networked computer systems.
Authentication services can best provided by Kerberos.(defacto standard)
Weakness of Kerberos:
Subject to dictionary attacks Every network application must be modified.
Strength of Kerberos:
Works with an existing security systems software Intercepting and analysing network traffic is difficult. The major advantage of a SSO- goes beyond convenience.
Secure RPC and SPX provides a robust authentication mechanism over distributed
environments.
SecureID: Is a token from RSA , inc.
Authentication mechanisms: what the user knows, what the user has, what the user is.
7/28/2019 Chapter-1 Access Control Systems & Methodology
19/105
Chapter-1 Access control Systems & Methodology
Page 19 of105
A more reliable authentication device is a : Smart card system.
An example of drawback of smart card includesA means of gaining unauthorized access.
Smart card: as a means of access control, as a medium for storing and carrying the
appropriate data , a means of access control and data storage.
Robust Authentication: is provided byKeberos , One-Time Passwords,Challenge-
response exchanges, Secure RPC and Digital Certificates.
Address-based access mechanisms : creates a security problem. It use IP source addresses,
wich are not secure and subject to IP address spoofing attacks. The IP address deals wih
Identification.
Location-based: where the user is authentication techniques is impossible to forge.it deals
with physical address.its used for continuous authentication.
Token-based: token as a means of identification and authentication.
Web-based access mechanisms:uses a secure protocols to accomplish authentication.
Password and PINs are vulnerable to guessing , interception, or brute force attack.
7/28/2019 Chapter-1 Access Control Systems & Methodology
20/105
Chapter-1 Access control Systems & Methodology
Page 20 of105
Biometrics can be vulnerable to interception and replay attacks.
Biometric system:
user identification and authentication techniques depend on reference profiles or templates.
Impersonation attacks involving the use of physical keys and biometric checks are less
likely due to the need for the network attacker to be physically near the biometric equipment.
Protective Measures is effective against multiple threats: Access Logs,Encryption,Audit
Trails.
Security mechanisms is least efficient and least effective: Recurring password.(weak securitymechanisms).
Cryptography authentication techniques require additional work in administering the security.
Access Controls:
Physical access controls:
Operating system access controls:
Communication system access controls:
Application system access control most specific.
7/28/2019 Chapter-1 Access Control Systems & Methodology
21/105
Chapter-1 Access control Systems & Methodology
Page 21 of105
There are trade-offs among controls. A security policy would be most useful in
Access versus confidentiality. Technical controls versus procedure controls.
Controlling access to the network is provided byIdentification and authentication pair ofhigh-level system services.
Authentication is a protection against fraudulent transactions:
The validity of message location being sent. The validity of workstations that sent the message. The validity of the message originator.
Identification techniques provide strong user authentication:
What the user is (PIN+combined with fingerprint) for high dollar transactions. What the user has(bank automated teller machine card) What the user knows
Access Control Models:
The ClarkWilson Security model :
providing data integrity for common commercial activities.
Separation of duties concept. An access triple subject, program and data.
Biba Security Model:
7/28/2019 Chapter-1 Access Control Systems & Methodology
22/105
Chapter-1 Access control Systems & Methodology
Page 22 of105
Integrity model in which no subject may depend on a less trusted object, including another subject.
Take-Grant Security: Access rights
Chinese Wall: Access control problem.
Bell-Lapadula model:
security clearance and sensitivity classification. It deals with *-Property (No-write down is
allowed).it addresses confidentiality by describing different security levels of security classifications
7/28/2019 Chapter-1 Access Control Systems & Methodology
23/105
Chapter-1 Access control Systems & Methodology
Page 23 of105
for documents. These classification levels from least sensitive to most insensitive , include
Unclassifed, confidential , secret and Top Secret.
Bell-Lapadula model and information flow models are used to protect the confidentiality of classified
information.
7/28/2019 Chapter-1 Access Control Systems & Methodology
24/105
Chapter-1 Access control Systems & Methodology
Page 24 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
25/105
Chapter-1 Access control Systems & Methodology
Page 25 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
26/105
Chapter-1 Access control Systems & Methodology
Page 26 of105
Access Control definitions:Access control mechanisms: Identification, authentication, authorization and accountability.
Authorization comes after authentications.
Static authentication: uses reusable passwords , which can be compromised by replay attacks.
Robust authentication : includes one-time passwords and digital signatures, which can becompromised by session hijacking.
7/28/2019 Chapter-1 Access Control Systems & Methodology
27/105
Chapter-1 Access control Systems & Methodology
Page 27 of105
Continuous authentication protects against impostors(active attacks) by applying a digital
signature algorithm to every bit of data that is sent from the claimant to the verifier. It
Prevents session hijacking.
Two-factor authentication: A two-factor authentication uses two different kinds of evidence. Foreg. , A challenge-response token card typically requires both physical possession of the
card(something you have , one factor) and a PIN(something you know, another factor).
Tokens and Firewalls: Token provides a strong authentication for centralized authentication servers
when used with firewalls. For basic authentication, User IDs, Password and account numbers are
used for internal authentication. Centralized authentication servers such as
RADIUS,TACACS/TACACS+ can be integrated with token-based authentication to enhance
administration security.
Accountability: The concept of individual accountability drives the need for many security
safeguards, such as unique (user) identifiers, audit trails and access authorization rules.Accountability means holding individual user responsible for their actions. Due to several problems
with passwords they are considered to be the least effective in exacting accountability. The most
effective controls for exacting accountability include a policy, authorization scheme, identification
and authentication controls, access controls, audit trails, and audtiting .
User Account Administration: An inherent risk is associated with logical access which is difficult to
prevent or mitigate but can be identified via a review of audit trails. The risk associated withMissed
authorized access. Properly authorized access , as well as misused authorized access, can use audit
trail analysis. While users cant be prevented from using resources to which they have legitimate
access authorization, audit trail analysis is used to examine their actions. Unauthorized access
attempts whether successful or not can be detected through the analysis of audit trails.
Many computer systems provide maintenance accounts. These special login accounts normally
preconfigured at the factory with preset, widely known weak passwords. It is critical to change these
passwords or otherwise disable the accounts until they are needed. If the account is to be used
remotely, authentication of the maintenance provider can be performed using call-back
confirmation. This helps ensure that remote diagnostic activities actually originate from an
established phone number at the vendor site. Other techniques can also help ,including encryption
and decryption of diagnostic communications, strong identification and authentication
techniques, such as smart tokens and remote disconnect verifications.
Access control Administration: The separation of duties principle , the least privilege principle;that is , users and processes in a system should have the least number of privileges and for the
minimal period of time necessary to perform their assigned tasks. The authority and capacity to
perform certain functions should be separated and delegated to different individuals. The principle is
often applied to split the authority to write and approve monetary transactions between two
people. It can also be applied to separate the authority to add users to a system and other system
administrator duties from the authority to assign passwords, conduct audits, and perform other
security administrator duties.
Penetration Tests:The correct sequence:
Inform the management about the test Develop a test plan
7/28/2019 Chapter-1 Access Control Systems & Methodology
28/105
Chapter-1 Access control Systems & Methodology
Page 28 of105
Conduct the test Report the test results.
In terms of IS security, a penetration is defined as Attacks plus breach.
Tiger Teams are NOT true:
They prove that a computer system is secure. They are substitute for methodical testing.
Tiger Teams are True :
They can be effective when insider work is suspected. They represent another independent attack on the system. If the system has not been thoroughly tested prior to tiger team testing , it is a waste of
effort and money because the approach will be effective.
The tiger team test will get the attention of management. It provides a second lines ofdefence.
Fraud:
Separation of duties, job rotation, and mandatory vacations are management controls that can
help in preventing fraud.
Separation of duties: The greatest control exposure in a microcomputer(PC) environment is
a Lack of separation of duties.
The objective of separation of duties is that: NO one person has complete control over a
transaction or an activity.
7/28/2019 Chapter-1 Access Control Systems & Methodology
29/105
Chapter-1 Access control Systems & Methodology
Page 29 of105
Program library controls allow only assigned programs to run in production and eliminate the
problem of test programs accidently entering the production environment. They also separate
production and testing data to ensure that no test data are used in normal production. This
practice is based on the Separation of duties principle.
Administrative Control: Lack of centralized function for PC acquisition, Lack ofcentralized function for PC disposition, Lack of distributed policies and procedure are
administrative control such as PC acquisition policies and procedures.
7/28/2019 Chapter-1 Access Control Systems & Methodology
30/105
Chapter-1 Access control Systems & Methodology
Page 30 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
31/105
Chapter-1 Access control Systems & Methodology
Page 31 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
32/105
Chapter-1 Access control Systems & Methodology
Page 32 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
33/105
Chapter-1 Access control Systems & Methodology
Page 33 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
34/105
Chapter-1 Access control Systems & Methodology
Page 34 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
35/105
Chapter-1 Access control Systems & Methodology
Page 35 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
36/105
Chapter-1 Access control Systems & Methodology
Page 36 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
37/105
Chapter-1 Access control Systems & Methodology
Page 37 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
38/105
Chapter-1 Access control Systems & Methodology
Page 38 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
39/105
Chapter-1 Access control Systems & Methodology
Page 39 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
40/105
Chapter-1 Access control Systems & Methodology
Page 40 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
41/105
Chapter-1 Access control Systems & Methodology
Page 41 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
42/105
Chapter-1 Access control Systems & Methodology
Page 42 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
43/105
Chapter-1 Access control Systems & Methodology
Page 43 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
44/105
Chapter-1 Access control Systems & Methodology
Page 44 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
45/105
Chapter-1 Access control Systems & Methodology
Page 45 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
46/105
Chapter-1 Access control Systems & Methodology
Page 46 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
47/105
Chapter-1 Access control Systems & Methodology
Page 47 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
48/105
Chapter-1 Access control Systems & Methodology
Page 48 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
49/105
Chapter-1 Access control Systems & Methodology
Page 49 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
50/105
Chapter-1 Access control Systems & Methodology
Page 50 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
51/105
Chapter-1 Access control Systems & Methodology
Page 51 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
52/105
Chapter-1 Access control Systems & Methodology
Page 52 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
53/105
Chapter-1 Access control Systems & Methodology
Page 53 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
54/105
Chapter-1 Access control Systems & Methodology
Page 54 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
55/105
Chapter-1 Access control Systems & Methodology
Page 55 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
56/105
Chapter-1 Access control Systems & Methodology
Page 56 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
57/105
Chapter-1 Access control Systems & Methodology
Page 57 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
58/105
Chapter-1 Access control Systems & Methodology
Page 58 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
59/105
Chapter-1 Access control Systems & Methodology
Page 59 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
60/105
Chapter-1 Access control Systems & Methodology
Page 60 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
61/105
Chapter-1 Access control Systems & Methodology
Page 61 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
62/105
Chapter-1 Access control Systems & Methodology
Page 62 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
63/105
Chapter-1 Access control Systems & Methodology
Page 63 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
64/105
Chapter-1 Access control Systems & Methodology
Page 64 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
65/105
Chapter-1 Access control Systems & Methodology
Page 65 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
66/105
Chapter-1 Access control Systems & Methodology
Page 66 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
67/105
Chapter-1 Access control Systems & Methodology
Page 67 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
68/105
Chapter-1 Access control Systems & Methodology
Page 68 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
69/105
Chapter-1 Access control Systems & Methodology
Page 69 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
70/105
Chapter-1 Access control Systems & Methodology
Page 70 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
71/105
Chapter-1 Access control Systems & Methodology
Page 71 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
72/105
Chapter-1 Access control Systems & Methodology
Page 72 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
73/105
Chapter-1 Access control Systems & Methodology
Page 73 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
74/105
Chapter-1 Access control Systems & Methodology
Page 74 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
75/105
Chapter-1 Access control Systems & Methodology
Page 75 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
76/105
Chapter-1 Access control Systems & Methodology
Page 76 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
77/105
Chapter-1 Access control Systems & Methodology
Page 77 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
78/105
Chapter-1 Access control Systems & Methodology
Page 78 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
79/105
Chapter-1 Access control Systems & Methodology
Page 79 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
80/105
Chapter-1 Access control Systems & Methodology
Page 80 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
81/105
Chapter-1 Access control Systems & Methodology
Page 81 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
82/105
Chapter-1 Access control Systems & Methodology
Page 82 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
83/105
Chapter-1 Access control Systems & Methodology
Page 83 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
84/105
Chapter-1 Access control Systems & Methodology
Page 84 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
85/105
Chapter-1 Access control Systems & Methodology
Page 85 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
86/105
Chapter-1 Access control Systems & Methodology
Page 86 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
87/105
Chapter-1 Access control Systems & Methodology
Page 87 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
88/105
Chapter-1 Access control Systems & Methodology
Page 88 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
89/105
Chapter-1 Access control Systems & Methodology
Page 89 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
90/105
Chapter-1 Access control Systems & Methodology
Page 90 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
91/105
Chapter-1 Access control Systems & Methodology
Page 91 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
92/105
Chapter-1 Access control Systems & Methodology
Page 92 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
93/105
Chapter-1 Access control Systems & Methodology
Page 93 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
94/105
Chapter-1 Access control Systems & Methodology
Page 94 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
95/105
Chapter-1 Access control Systems & Methodology
Page 95 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
96/105
Chapter-1 Access control Systems & Methodology
Page 96 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
97/105
Chapter-1 Access control Systems & Methodology
Page 97 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
98/105
Chapter-1 Access control Systems & Methodology
Page 98 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
99/105
Chapter-1 Access control Systems & Methodology
Page 99 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
100/105
Chapter-1 Access control Systems & Methodology
Page 100 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
101/105
Chapter-1 Access control Systems & Methodology
Page 101 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
102/105
Chapter-1 Access control Systems & Methodology
Page 102 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
103/105
Chapter-1 Access control Systems & Methodology
Page 103 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
104/105
Chapter-1 Access control Systems & Methodology
Page 104 of105
7/28/2019 Chapter-1 Access Control Systems & Methodology
105/105
Chapter-1 Access control Systems & Methodology