CS406: Information Security

Overview

• All electronic devices emit electrical signals. These signals can hold important information, and if an attacker buys the right equipment and positions himself in the right place, he could capture this information from the airwaves and access data transmissions as if he had a tap directly on the network wire.

Countermeasure

• Tempest: Tempest is the name of a program, and now a standardized technology that suppresses signal emanations with shielding material. Vendors who manufacture this type of equipment must be certified to this standard. In devices that are Tempest rated, other components are also modified, especially the power supply, to help reduce the amount of electricity that is used unlike the normal devices which have just an outer metal coating, referred to as a Faraday cage. This type of protection is usually needed only in military institutions, although other highly secured environments do utilize this type of safeguard.
  • Tempest Technologies: Tempest technology is complex, cumbersome, and expensive, and therefore only used in highly sensitive areas that really need this high level of protection. Two alternatives to Tempest exist
    • White Noise: White noise is a uniform spectrum of random electrical signals. It is distributed over the full spectrum so that the bandwidth is constant and an intruder is not able to decipher real information from random noise or random information.
    • Control Zone: Some facilities use material in their walls to contain electrical signals. This prevents intruders from being able to access information that is emitted via electrical signals from network devices. This control zone creates a type of security perimeter and is constructed to protect against unauthorized access to data or compromise of sensitive information.