Biomedical Engineering Reference
In-Depth Information
ACCESS
DAMAGE
Intentional or
Negligent
Authorized
Unauthorized
Accidental
Avoidance
Avoidance
Avoidance
Deterrence
Deterrence
Prevention
Detection
Detection
Recovery
Repair
Correction
Prevention of Misuse
Prevention of Damage
Detection of Misuse or Damage
Backup and Recovery
Repair
Correction
Figure F.1
Measures for controlling access, misuse, and damage.
It should be noted that in Figure F.1 an
additional step, repair, has been added to the
sequence of security functions. When unauthorized
access is detected, after invoking security measures
to prevent further similar intrusions, an attempt
should be made to recover from the intrusion and
to repair or replace damaged or compromised secu-
rity controls. As an extreme example, if attempted
physical access results in an injured guard and
a damaged door, it is necessary to replace the
guard and repair the door to restore access security.
Correction, as shown in Figure F.1, is different
from repair in that it involves changing preventa-
tive measures to make them more effective rather
than fixing existing measures.
Avoidance and deterrence of damage refers to
cases in which the damage is caused by an event
other than access, such as a fire in the elec-
trical wiring, a burst pipe causing a flood, or
an earthquake. Securing a facility against such
damage involves such activities as equipment and
facility inspections and worker training. To secure
a system against intentional damage or accidental
damage caused by negligence, all the avoidance
