ho verifier FIGURE 97.7 Depiction of hardware controls access to the internal card circuitry is protected by tamper-proof (self-destructive)sealing. Use of the card is controlled by password access. Because of the vulnerability of passwords to compromise by disclosure or various forms of information tapping, and because of the vulnerability of loss of carried items(e.g, ROM keys, magnetic stripe cards), biometric devices have been developed to measure human characteristics in ways that are resistant to counter feiting. These devices include signature verifiers(for examining the velocity, acceleration, and pressure char acteristics imparted during signing as a function of time), fingerprint and palmprint readers(for examining print pattern characteristics, for example, with the flesh applied to a glass platen), voice verifiers(which evaluate speech characteristics, usually in response to system prompts), hand geometry(including some three-dimen- sional aspects), eye retina vessel pattern examination(through infrared reflection), and typing rhythm assess ment(for user keyboard inputs) 6, Systematic cracker attacks on dial-up computer ports frequently include searches for modem tones followed attempts to guess passwords. In response, port protection devices(PPDs)enhance dial-up security. The basic feature of many PPDs is that no modem tone is provided until an additional security barrier(or barriers is overcome. Most PPDs require a code before computer port connection. Some also identify the user by the code entered disconnect the call dial the number at which the user is expected to be(typically using a separate line to avoid dial-in intercept of the outgoing call Personal computer(PC)security is of contemporary interest because these relatively new tools have con- tributed to a set of security vulnerabilities that differs substantially from conventional computer security concerns. For example, PC users may be more naive about security in general, PC hardware and software and administrative controls are generally more primitive, the PC physical environment is generally less controlled, and PCs are generally more easily misused(e.g, company PCs used for personal benefit An additional hardware security topic is associated with TEMPESt (a program to assess the potential for data processing equipment to inadvertently generate"compromising emanations"that convey information to a surreptitious remote sensor). Although originally of concern because of requirements to protect government and military classified data, industrial espionage is now also a concern. Various forms of protection can be sed, such as electromagnetic shielding, physical separation of processing equipment from potential adversary locations, fiber-optic communication, and encrypted data transmission. Some commercial equipment has beer certified by nSa to have low emanations Network Security Many business, informational, and scientific interchanges take place nationally and internationally over net works under computer control. Management of network security is exacerbated by physical dispersal and security philosophy disparity. For example, network adversaries may be harder to identify and locate than local c 2000 by CRC Press LLC© 2000 by CRC Press LLC access to the internal card circuitry is protected by tamper-proof (self-destructive) sealing. Use of the card is controlled by password access. Because of the vulnerability of passwords to compromise by disclosure or various forms of information tapping, and because of the vulnerability of loss of carried items (e.g., ROM keys, magnetic stripe cards), biometric devices have been developed to measure human characteristics in ways that are resistant to counter￾feiting. These devices include signature verifiers (for examining the velocity, acceleration, and pressure char￾acteristics imparted during signing as a function of time), fingerprint and palmprint readers (for examining print pattern characteristics, for example, with the flesh applied to a glass platen), voice verifiers (which evaluate speech characteristics, usually in response to system prompts), hand geometry (including some three-dimen￾sional aspects), eye retina vessel pattern examination (through infrared reflection), and typing rhythm assess￾ment (for user keyboard inputs). Systematic cracker attacks on dial-up computer ports frequently include searches for modem tones followed by attempts to guess passwords. In response, port protection devices (PPDs) enhance dial-up security. The basic feature of many PPDs is that no modem tone is provided until an additional security barrier (or barriers) is overcome. Most PPDs require a code before computer port connection. Some also identify the user by the code entered, disconnect the call, and dial the number at which the user is expected to be (typically using a separate line to avoid dial-in intercept of the outgoing call). Personal computer (PC) security is of contemporary interest because these relatively new tools have con￾tributed to a set of security vulnerabilities that differs substantially from conventional computer security concerns. For example, PC users may be more naive about security in general, PC hardware and software and administrative controls are generally more primitive, the PC physical environment is generally less controlled, and PCs are generally more easily misused (e.g., company PCs used for personal benefit). An additional hardware security topic is associated with TEMPEST (a program to assess the potential for data processing equipment to inadvertently generate “compromising emanations” that convey information to a surreptitious remote sensor). Although originally of concern because of requirements to protect government and military classified data, industrial espionage is now also a concern. Various forms of protection can be used, such as electromagnetic shielding, physical separation of processing equipment from potential adversary locations, fiber-optic communication, and encrypted data transmission. Some commercial equipment has been certified by NSA to have low emanations. Network Security Many business, informational, and scientific interchanges take place nationally and internationally over net￾works under computer control. Management of network security is exacerbated by physical dispersal and security philosophy disparity. For example, network adversaries may be harder to identify and locate than local FIGURE 97.7 Depiction of hardware controls