Care Security Systems has been in business for over 25 years. We are proud of our reputation as a provider of cutting-edge technology in the field of integrated security systems. Our core competencies include: Video Surveillance, Access Control, Visitor Management, Lobby Turnstiles, Parking Gates and Fire and Burglar Alarm systems.
At Care, the core values of integrity, honesty, and dedication form the foundation of our business practice. Whether it involves designing a system that is right for you, meeting deadlines, dealing promptly and efficiently with issues as they arise, or treating each client as a friend, you know that you can rely on us.
One of the most important components of our success is the outstanding level of customer service that we provide. Time and again, we have exceeded the expectations of our customers. At Care, we really do care. We treat each and every client as our single most important customer whose project becomes the focal point of our entire organization.
Satisfied, happy customers are our best advertisement. And, in fact, the vast majority of our new clients come from referrals by our existing customers. But don’t take our word for it. Visit our Project Portfolio to learn what we have done for other companies like yours.
The process of granting or denying specific requests:
1) for obtaining and using information and related information processing services; and
2) To enter specific physical facilities (e.g. Federal buildings, military establishments, and border crossing entrances).
Access Control Lists (ACLs)
A register of:
1) Users (including groups, machines, processes) who have been given permission to use a particular system resource, and
2) The types of access they have been permitted.
Account Management, User
1) the process of requesting, establishing, issuing, and closing user accounts;
2) Tracking users and their respective access authorizations; and
3) Managing these functions.
Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.
The process of establishing confidence in user identities electronically presented to an information system.
Hardware or software-based mechanisms that force users to prove their identity before accessing data on a device.
A measurable, physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and handwriting samples are all examples of biometrics.
The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g. patterns.)
An automated system capable of:
1) Capturing a biometric sample from an end user;
2) Extracting biometric data from that sample;
3) Comparing the biometric data with that contained in one or more reference templates;
4) Deciding how well they match; and
5) Indicating whether or not an identification or verification of identity has been achieved.
The method of taking a biometric sample from an end user
A digital representation of information which at least:
1) Identifies the certification authority issuing it,
2) Names or identifies its subscriber,
3) Contains the subscriber’s public key,
4) Identifies its operational period, and
5) Is digitally signed by the certification authority issuing it.
A comprehensive assessment of the management, operational and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
An object that authoritatively binds an identity (and optionally, additional attributes) to a token possessed and controlled by a person.
A set of subjects, their information objects, and a common security policy.
Dynamic Host Configuration Protocol (DHCP)
The protocol used to assign Internet Protocol (IP) addresses to all nodes on the network.
Electronic Key Entry
The entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device. (The operator of the key may have no knowledge of the value of the key being entered.)
A cryptographic key that has been encrypted using an approved security function with a key encrypting key, a PIN, or a password in order to disguise the value of the underlying plaintext key.
Any observable occurrence in a network or system.
A gateway that limits access between networks in accordance with local security policy.
The programs and data components of a cryptographic module that are stored in hardware within the cryptographic boundary and cannot be dynamically written or modified during execution.
The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.
A unique data string used as a key in the biometric system to name a person’s identity and its associated attributes.
The set of physical and behavioral characteristics by which an individual is uniquely recognizable.
Identity-Based Security Policy
A security policy based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting access.
The process of affirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information stored in the identity card or PIV system.
The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in the PIV Card or system and associated with the identity being claimed.
An exact bit-stream copy of all electronic data on a device, performed in a manner that ensures the information is not altered.
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. –
An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.
The property that sensitive data has not been modified or deleted in an unauthorized and undetected manner.
Intrusion Detection System (IDS)
Software that looks for suspicious activity and alerts administrators.
An IP address is a unique number for a computer that is used to determine where messages transmitted on the Internet should be delivered. The IP address is analogous to a house number for ordinary postal mail.
A value used to control cryptographic operations, such as decryption, encryption, signature generation or signature verification
A secret that a claimant memorizes and uses to authenticate his or her identity. Passwords are typically character strings
The ability to protect a file using a password access control, protecting the data contents from being viewed with the appropriate viewer unless the proper password is entered.
Personal Identification Number (PIN)
A secret password that a claimant memorizes and uses to authenticate his or her identity. Typically consisting of only decimal digits.
Personal Identity Verification Card (PIV Card)
Physical artifact (e.g., identity card, “smart” card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint representation etc.) such that a claimed identity of the cardholder may be verified against the stored credentials by another person (human readable and verifiable) or an automated process (computer readable and verifiable).
A document that delineates the security management structure and clearly assigns security responsibilities and lays the foundation necessary to reliably measure progress and compliance
A physical entry or exit point of a cryptographic module that provides access to the module for physical signals, represented by logical information flows (physically separated ports do not share the same physical pin or wire).
Individuals who have access to set “access rights” for users on a given system. Sometimes referred to as system or network administrative accounts.
A server that sits between a client application, such as a web browser, and a real server. It intercepts all requests to the real server to see if it can fulfill the requests itself. If not, it forwards the request to the real server.
Access by users (or information systems) communicating external to an information system security perimeter.
Maintenance activities conducted by individuals communicating external to an information system security perimeter.
Used in this guideline to mean a measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.
A recognizable, distinguishing pattern associated with an attack, such as a binary string in a virus or a particular set of keystrokes used to gain unauthorized access to a system.
A public key certificate that contains a public key intended for verifying digital signatures rather than encrypting data or performing any other cryptographic functions
A credit card with a built-in microprocessor and memory that is used for identification or financial transactions. When inserted into a reader, the card transfers data to and from a central computer. A smart card is more secure than a magnetic stripe card and can be programmed to self-destruct if the wrong password is entered too many times.
A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.
The special software within the cryptographic boundary (e.g., operating system, compilers or utility programs) designed for a specific computer system or family of computer systems to facilitate the operation and maintenance of the computer system, and associated programs, and data.
A person gains logical or physical access without permission to a network, system, application, data, or other resource.
Individual or (system) process authorized to access an information system.
The process of affirming that a claimed identity is correct by comparing the offered claims of identity with previously proven information stored in the identity card or PIV system. See Identity Verification.
A subscriber name that has been verified by identity proofing.
Care Security wants to provide answers to your security questions and concerns that are customized just for you. Let us know what you need. We are ready to help.
Ask Us A Question
Read Questions and Answers from our Viewers:
Q: Our medical facility is interested in a video surveillance system that can monitor and alert us to suspicious or potentially dangerous situations as they are happening. We were considering upgrading our cameras and network, but put everything on hold when we learned the costs of video storage? What would you recommend?
A: Storage optimization can bring down these costs in a number of ways:
• Data aging – The older the video, the lower the probability that the video is relevant. Rather than delete the video, the size of the video is reduced so that some evidentiary information is available but the storage costs are minimized.
• Recording schedule (switching from continuous to motion recording over a 24 hr period) – Most facilities have periods of low activity and areas of low activity. Motion analytics can reduce storage greatly. A combination of continuous and motion based recording can ensure that adequate video is recorded while storage is not consumed by video of dark empty stairwells, for example.
• Motion exclusion zones – After an install, a review can be conducted to tune camera settings to exclude areas that are not of interest, to free up storage space.
• Advanced video analytics
Q: We are looking to upgrade and improve the video surveillance system on our college campus. Our problem is monitoring parking areas and walking paths that do not have the best lighting. What can we do to be sure we could obtain usable images for identification purposes?
A: With today’s technology it is possible to obtain clear images even in poorly lit locations. We have special tools that measure existing light. Based on the amount of light present, we can determine the best camera and illumination for your camera. In some cases you can add light by increasing outdoor lighting. When this is not practical, we recommend infra red illumination. In certain circumstances, other forms of illumination are required such as, thermal imaging, or higher end cameras like megapixel cameras that have the ability to enhance available light to provide clear high resolution images.
The material in this question and answer forum is provided for informational purposes only. It is general in nature and is not meant to be relied upon by the reader. Nothing in the site shall constitute professional advice and no professional relationship of any kind is created between the reader and the author.