When designing an access system, which will need some restrictions to access some parts of the system, i would apply defense in depth to control the access to the site.
Defense in depth
This technique uses end to end security layered approach in order to protect the system form intruders. The objective of this type of approach is to create security dormains and it sdoes separate them using different types of security controls. Failure in one of the layers is mitigated by other available layers of controls.
This approach recommends several principles and it include the following;
1. Defend in multiple places
This is done to resist all types of attacks whether inside or outside attacks and it focus on three defense focus:
2. Build layered defenses
- Defend the networks and infrastructure.
- Defend the computing environment
- Defend enclave boundaries
This is employed between the adversary and the target of the attack and each obstacle should have a unique protection and means of detecting attacks.
3. Use robust components
Specify the strengths and assurance of each component as a function of its value
4. Deploy an IDS OR IPS
This will help in detecting and preventing intrusions as well as analyzing and correlating the results accordingly.
5. Employ robust key management
Employ robust encryptions that support all incorporated information assurance technology than the user PC