SECURITY ACCESS CONTROL EFFECTIVENESS DESIGN
South Africa’s infrastructure has faced a barrage of security attacks that has led to the promulgation of the Critical Infrastructure Protection Act (CIPA) No. 8 of 2019. Residual risk (i.e., that which remains after the threats have been mitigated) must be assessed for the critical infrastructure security system as part of the total security system design. One area that requires attention is access control. This paper demonstrates how to approach such a design, with a particular focus on the effectiveness of the access control system and how to choose the biometric or digital key (such as access cards) system. The approach starts by defining access control events that in turn are used to define access control effectiveness in respect of the probability of invalid access and of anomaly detection. The theoretically derived results are validated by a simulation. Based on these models, guidance is provided for the design of access control for critical infrastructure.
How to Cite
LicenseAuthors who publish in the Journal agree to the following terms:
- Authors retain copyright and grant the Journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this Journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the Journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this Journal.