The usage of information technology implies the replacement of physical systems with digital systems: we use information technology because some properties of software, such as high speed, low cost and high accuracy, are more desirable than the corresponding properties of physical systems. Unfortunately, digital systems are not uniformly more secure than physical systems and automation can have a negative effect on the confidentiality, integrity and availability of information. Specifically, the Internet helps to spread information,which makes it harder to keep it confidential. The increased connectivity caused by the Internet makes organizations become “de-perimeterized‿: the physical barriers that once separated them are breaking down. We observe however that there is no extensive and structured body of knowledge on the differences between physical and digital systems and the way that de-perimeterization takes place. Obtaining this knowledge becomes more important now that physical and digital systems are merging in the Internet of Things:only when we understand the differences between physical and digital systems can we truly design secure combinations such as smart buildings with cameras and door locks operable by mobile phone. Developing this knowledge starts with a simple conceptual framework: systems range from being completely physical to completely automated. The former only use physical security mechanisms, whereas the latter only use digital security mechanisms. In between these lies a mixed category of hybrid systems, which can use both digital and physical security mechanisms. Following this framework we study the security of physical, digital and hybrid systems in four domains: access control, voting in elections, IT infrastructure and rights management. We begin with investigating the underlying properties of physical and digital systems: characteristics of a physical or digital object that, under specific conditions, have positive or negative effects on security. In total we present twenty physical and five digital security properties. These properties are then used to identify the differences between physical and digital security in each case. Next we examine vii viii hybrid systems to understand how to combine physical and digital security, and what the trade-offs are between these two. Finally, these results are used to create two methods that help improve information security: A method for assessing security risks of physical, digital and hybrid systems. This method is built around security properties: they are used to understand the security of existing systems (by identifying the properties and how they could change) or to design new systems (by building in those properties and conditions that have positive effects on security). A method for assessing the security of hybrid systems through security patterns. These patterns are reusable designs that show how to combine physical and digital security optimally. We present a total of thirteen patterns that are useful both to design and to evaluate the security of hybrid systems. Both methods were tested successfully in a focus group meeting with security experts.
|Doctor of Philosophy
|3 Jun 2015
|Place of Publication
|Published - 3 Jun 2015
- Physical and Digital Security Mechanisms