First Advisor

Busch, Michael W.

College

College for Professional Studies

Degree Name

MS Computer and Information Systems

School

School of Computer & Information Science

Document Type

Thesis - Open Access

Number of Pages

73 pages

Abstract

Information in any modern organization is a very important topic. A company's information is arguably the single most important asset a company owns. Loss or compromise of the corporate information assets can lead to serious financial impact on a company's bottom line. Currently most corporate information is stored on network storage devices. These storage devices provide quick and easy access to the information from anywhere in the world. These same storage devices can also expose the information to its greatest vulnerability, attack by a hostile entity. The current network security best practice calls for a strategy named 'Defense in Depth' This strategy uses a series of defensive layers to secure the network and the data it contains. There is a realization that no single defensive technology is one hundred percent effective. Samples of external looking defenses include firewalls, anti-virus gateways, proxy servers, virtual private networks (VPN), and complex passwords. The design of these protective measures serves to protect the network from attack by parties outside of the local area network. In additional to the external defenses, there are also internal defense mechanisms as well. These include locking the server room door, complex passwords, file encryption, network access restrictions, and keeping the user database up to date. One often overlooked technology when designing the network security system is physical access to the company's facilities. The goal of physical access control is to manage who goes where within an organization and when they go there. In addition, a defensive technology can provide physical intrusion detection and notification to the appropriate security personnel. If a specific individual is not within the facility, he/she should not be attempting to log in to the network. This project developed and demonstrated a non-typical approach to the management architecture for a physical Access Control System (ACS). It examines the minimum set of requirements necessary to manage an access control system as well as focuses on using a user interface (UI) that a network administrator is familiar with. It is felt that removing the "unknown and complex" interface normally associated with physical access control software, companies will be more willing to add this additional layer of defense to their network security design. The project utilizes Microsoft© Active Directory (AD) as the primary user interface. It also utilizes the Windows© event logging service to provide the user with event and alarm messages in a human readable format. A data store consisting of Microsoft SQL Server database dedicated to the management of the hardware sub-system.

Date of Award

Summer 2006

Location (Creation)

Denver, Colorado

Rights Statement

All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes. The materials may not be downloaded in whole or in part without permission of the copyright holder or as otherwise authorized in the “fair use” standards of the U.S. copyright laws and regulations.

Share

COinS