Theory of entropic security decay: The gradual degradation in effectiveness of commissioned security systems

As a quantitative auditing tool for Physical Protection Systems (PPS) the Estimated Adversary Sequence Interruption (EASI) model has been available for many years. Nevertheless, once a systems macro-state measure has been commissioned (Pi) against its defined threat using EASI, there must be a means of articulating its continued efficacy (steady state) or its degradation over time. The purpose of this multi-phase study was to develop the concept and define the term entropic security decay. Phase one presented documentary benchmarks for security decay. This phase was broken into three stages; stage one presented General Systems Theory (GST) as a systems benchmark for the study. Stage two applied the writings from stage one to physical security, and stage three presented a benchmark for considering physical system decay. Phase two incorporated the pilot study towards validating the feasibility of undertaking the main study and refining interview instrumentation. Phase three executed the main study, extracting and presenting security experts (N=6) thoughts, feelings and experiences with the phenomenon of security decay. Phase four provided the interpretative analysis, responding to the study’s research question

Physical security professional’s body of knowledge: A cultural domain analysis of physical security’s knowledge structure

The study undertook a cultural domain analysis to articulate physical security’s knowledge system, isolating the fundamental knowledge units and building their structure. This applied a multiphase approach, (a) a literature critique, (b) expert interviews, (c) quantitative validation, and (d) focus group analysis. Findings demonstrate this knowledge comprises a broad matrix of task related knowledge categories, ranging from diagnosing risk, professional inference using security theories and principles, to treatment via engineering knowledge supported by professional attributes

Physical Security Barrier Selection: A Decision Support Analysis

Physical security controls aim to reduce risk through their ability to systematically deter, or detect, delay and respond against deviant acts within a risk context. Holistically the aim is to increase the difficulty and risks while reducing the rewards associated with an act of deviance as captured in Clarke’s Situational Crime Prevention (SCP) framework. The efficacious implementation of such controls commensurate with the risk context requires a considered undertaking referred as informed decision‐making. Informed decision‐making is effective when a suitable choice is made accordant with base rate data that achieves its defined objectives within costs versus benefits framework. The study examined the feasibility of developing a decision support tool to enhance the selection of a suitable barrier fence system, in‐line with defence in depth to increase the efforts and risks, and reduce the rewards associated with unlawful access. The study found that a decision support tool can be developed comprising of the various contextual inputs and their relationships in achieving a contextually suitable barrier fence system, as a result enhancing the selection of situational crime prevention elements

Physical Security Barrier Selection: A Decision Support Analysis

Physical security controls aim to reduce risk through their ability to systematically deter, or detect, delay and respond against deviant acts within a risk context. Holistically the aim is to increase the difficulty and risks while reducing the rewards associated with an act of deviance as captured in Clarke’s Situational Crime Prevention (SCP) framework. The efficacious implementation of such controls commensurate with the risk context requires a considered undertaking referred as informed decision‐making. Informed decision‐making is effective when a suitable choice is made accordant with base rate data that achieves its defined objectives within costs versus benefits framework. The study examined the feasibility of developing a decision support tool to enhance the selection of a suitable barrier fence system, in‐line with defence in depth to increase the efforts and risks, and reduce the rewards associated with unlawful access. The study found that a decision support tool can be developed comprising of the various contextual inputs and their relationships in achieving a contextually suitable barrier fence system, as a result enhancing the selection of situational crime prevention elements

Understanding the vulnerabilities in Wi-Fi and the impact on its use in CCTV systems

Modern surveillance devices are increasingly being taken off private networks and placed onto networks connected via gateway to the Internet or into Wi-Fi based local area wireless networks (LAWN). The devices are also increasingly using IPv4 and IPv6 network stacks and some form of embedded processing or compute built in. Additionally, some specialist devices are using assistive technologies such as GPS or A-GPS. This paper explored the issues with use of the technologies in a networked environment, both wireless and internetworked. Analysis of these systems shows that the use of IP based CCTV systems carries greater risk than traditional CCTV systems, primarily due to the exposure to IP based vulnerabilities. Furthermore, Wi-Fi based IP CCTV systems are additionally susceptible to remote, physical denial of service attacks due to the broadcast nature of wireless communication systems. Interception of traffic is possible with IP based systems, and again, Wi-Fi IP based CCTV systems are more susceptible due to protocol vulnerabilities and lack of processing power. The paper concludes that more research is needed in this area to identify and classify generic vulnerabilities that these systems are vulnerable to, and to present a framework which can be used to mitigate the risk of adopting these systems

Divergence of Safety and Security

© 2020, The Author(s). Safety and security have similar goals, to provide social wellness through risk control. Such similarity has led to views of professional convergence; however, the professions of safety and security are distinct. Distinction arises from variances in concept definition, risk drivers, body of knowledge, and professional practice. This chapter explored the professional synergies and tensions between safety and security professionals, using task-related bodies of knowledge. Findings suggest that safety and security only have commonalities at the overarching abstract level. Common knowledge does exist with categories of risk management and control; however, differences are explicit. In safety, risk management focuses on hazards management, whereas security focuses on threat mitigation. Safety theories consider health impacts and accidents, whereas security crime and crime prevention. Therefore, safety and security are diverging as distinct professions

Does a weak security discourse provide opportunity for security deviance to flourish?

In the years since the tragedy of 9/11 the term security has become a much used and abused term. As the war on terrorism has evolved, politicians of all persuasions played the security card to change law and legislation ostensibly to protect the community. Those whom provide the security assume that freedoms lost by the wider community in the name of security are in fact a fair price to pay for that security. In this environment the security discourse is diminished and this provides an opportunity for security deviance to emerge. This research used a selection of publically reported examples of security misconduct to examine and define the construct security deviance. Security deviance being the misuse and abuse of security policy, processes and mechanisms for unauthorised benefit or gratification

Defence in depth, protection in depth and security in depth: A comparative analysis towards a common usage language

A common language with consistency of meaning is a critical step in the evolution of a profession. Whilst the debate as to whether or not security should be considered a profession is ongoing there is no doubt that the wider community of professionals operating in the security domain are working towards achieving recognition of security as a profession. The concepts of defence in depth, protection in depth and security in depth have been used synonymously by different groups across the domain. These concepts represent the very foundation of effective security architecture are hierarchical in nature and have specific meaning. This paper through comparative analysis clearly defines the difference between and establishes the hierarchy such that a common understanding can be achieved

Security, control and deviance: Mapping the security domain and why it matters

Security is one of the foundations on which a stable and cohesive society is built. It is this security that allows citizens to go about their daily lives with freedom and certainty,affording them the ability to make their own choices as to what they do. Yet it may be argued that security is a concept that is misunderstood and perceived in a myriad of ways by the various stratum of society. Since the tragic events of 9 September 2001, security has become a much used and abused term. Law and legislation have been changed and enacted to protectand control the community. Personal rights and freedoms have been given up, wars have been waged and it may be argued by some, police states have emerged out of democracy in the name and pursuit of security. In this period,the global community has witnessed massive growth of global security organisation and the rise and legitimization of its cousin the global private military company. Yet there is remarkably little consensus as to what security is, what constitutes the security domain and just how much freedom should be traded in a free and democratic culture in pursuit of this nebulous concept that is security. The purpose of this paper is to establish a roadmap for domain exploration which focuses attention on the complex and often contradictory nature of security. Notwithstanding scholarly difference and interpretation of the context of security, and the lack of a singularly acceptable definition of security and ignoring the argument that security is so broad as to lack meaning, the authors will assert that security is a legitimate and necessary construct, with specific concerns.This position is framed within the argument that the alternative of non-security(Manunta, 1998) is not acceptable in the context of a civilised world.This paper is presented in four parts, beginning with a discussion of the domain in general. In the second part the concept of security deviance will be discussed before finally proposing a way forward for domain research and discourse.Then, the structural relations, indicating the depth and embedded nature of security in a modern society, will be presented to articulate the opportunities for security deviance in a modern society

Defence in Depth, Protection in Depth and Security in Depth: A Comparative Analysis Towards a Common Usage Language

A common language with consistency of meaning is a critical step in the evolution of a profession. Whilst the debate as to whether or not security should be considered a profession is ongoing there is no doubt that the wider community of professionals operating in the security domain are working towards achieving recognition of security as a profession. The concepts of defence in depth, protection in depth and security in depth have been used synonymously by different groups across the domain. These concepts represent the very foundation of effective security architecture are hierarchical in nature and have specific meaning. This paper through comparative analysis clearly defines the difference between and establishes the hierarchy such that a common understanding can be achieved