source code - Gaming Standards Association

Download Report

Transcript source code - Gaming Standards Association

GLI Regulator’s Roundtable
2008
Benefits for Regulators with the G2S
Communication Protocol
GLI Regulator Roundtable Feb 2008
Benefits for Regulators
• This presentation is to introduce you to GSA’s
G2S protocol and the benefits for Regulators
• Big Picture
– Not here to bash SAS
– G2S is SAS’ Replacement
– G2S supports Download
– G2S supports Remote Configuration
– G2S supports Remote Software Validation
GLI Regulator Roundtable Feb 2008
Benefits for Regulators
• More Big Picture
– G2S provides security
– G2S provides better access to regulatory
information
– G2S provides for controls in regulating
download and configuration
– G2S provides a means to limit damage
resulting from counterfeits
GLI Regulator Roundtable Feb 2008
Information for Regulators
• G2S supports the flow of information that makes it
possible to implement the new features and capabilities
• GSA does not write software or develop gaming
applications.
• G2S support for a function does not mean that
applications exist to take advantage of that function
• GSA does not force manufacturers to implement the G2S
protocol - business requirements and Regulatory
requirements force manufacturers to implement G2S
GLI Regulator Roundtable Feb 2008
Security
• G2S requires SSL encryption
– Single session Keys
– Ability to change keys on demand or over time
• G2S secures both ends of the communication link
• Both ends must have a certificate
• Manual process for initial certificate ensures identity of
each endpoint
GLI Regulator Roundtable Feb 2008
Security
• The benefit
– No ease dropping
– No inserted commands
– No open port access
GLI Regulator Roundtable Feb 2008
Security
• More benefits
– All nodes on the network are known as they
must have a certificate
– Allows gaming floor information to be isolated
by certificates when physical isolation is not
possible
– Provides a secure way for a regulator to
remotely monitor a casino floor
GLI Regulator Roundtable Feb 2008
Access to Information
• Current slot floor networks restrict access to
information
– Proprietary protocols make interfaces difficult
– All information comes from a single slot
accounting system
– No visibility to the actual floor data
– Real time access is limited
GLI Regulator Roundtable Feb 2008
Slot Floor Network - Today
GLI Regulator Roundtable Feb 2008
Access to Information
• G2S provides more access to information for
authorized users
– Encrypted information restricts information to
authorized endpoints
– Information is gathered from the EGMs – no
intermediary filters
– Real time access is no problem
– Able to select the information that is sent to
your endpoint
GLI Regulator Roundtable Feb 2008
Slot Floor Network - G2S
Slot Floor System
Config Server Code Download
Vouchers
Regulatory
GLI Regulator Roundtable Feb 2008
Access to Info - Guest Host
• G2S supports a Guest Host function
• A guest host is a server (or service) that is
allowed access to the floor network
• The guest host must have a certificate
– Must be specifically allowed on the network
by the system administrator
– Manual process to initially install the
certificate
– Data is encrypted to and from the guest host
GLI Regulator Roundtable Feb 2008
Guest Host Function
• Each guest host has an IP address
– Guest host is registered with the EGM
– EGM maintains guest host subscription
– EGM send info from event subscriptions to the
guest host’s address
GLI Regulator Roundtable Feb 2008
How to Access the Info
• G2S Guest Host Function
– A guest host has read access to information
– Provides the ability to subscribe to specific
events
– Everything that happens on the floor
generates events
– Events may have associated data or may be
just to announce that an event has occurred
GLI Regulator Roundtable Feb 2008
Slot Floor - G2S
• Each EGM has a separate IP address
• Each host has its own address
EGM
Adding an EGM does not allow
that EGM to “see” info from
EGM
other EGMs
EGM
Switch
EGM
Adding a host works the same way
GLI Regulator Roundtable Feb 2008
What is the Benefit?
• Get you own meters
• Floor status - Determine what doors were
opened, what machines are offline, Which
machines were RAM cleared
• Assist with Responsible Gaming
• Authorize downloads and configuration changes
• Track Progressives and bonuses
• Track GAT results
GLI Regulator Roundtable Feb 2008
Provide Regulatory Controls
• G2S supports the concept of Authorization for
Download and Configuration Changes
• G2S supports one or more authorization hosts
• All authorization hosts must authorize prior to
the change being made
– GLI-21 section 4.10.3 requires storage of game data
prior to download – “Authorization” opportunity
– Also requires doors to be closed during download –
“event” opportunity
GLI Regulator Roundtable Feb 2008
9-1-1 Emergency Response
• G2S Supports the ability to selectively disable bill
acceptance
– Bill acceptor capability is exposed through
G2S
– Disable one bill from the list of supported Bill
– counterfeit $50 notes – disable the
acceptance
– Re-enable when the problem is corrected
• Also the ability to disable coin acceptors
GLI Regulator Roundtable Feb 2008
More Emergency Measures
• G2S supports off-line voucher validation
– A validation Identifier and an associated Seed
are generated and stored in the voucher
database
– The Validation Identifier and the associated
Seed are sent to, and are stored on, the EGM
– An MD5 HASH is generated from the EGM
identifier, the voucher amount, the validation
identifier and the seed.
GLI Regulator Roundtable Feb 2008
Offline Validation
• Offline validation (cont)
– Vouchers have the EGM identifier, the voucher
amount, the validation identifier and the MD5
results printed on it – the seed is NOT printed
on the voucher
– To redeem the offline voucher, the information
on the voucher is entered from a cashier
station
– The seed is retrieved from the voucher
database, the MD5 HASH is re-calculated
GLI Regulator Roundtable Feb 2008
Offline Validation
• Offline Validation (cont)
– If the Calculated MD5 answer matches the
MD5 answer printed on the ticket, the
voucher is valid and may be redeemed
• Nevada technical standard 3.150(11) was
changed to allow offline voucher printing if a
technique such as this is used
GLI Regulator Roundtable Feb 2008
Offline Validation-Benefit
• Allows a secure method of dealing with offline
vouchers
– Reduces the need for manual methods that are not
secure
– Provides for better customer satisfaction
• Offline validation may be custom tuned for your
Jurisdiction
– Number of Authentication numbers/Seed pairs stored
is a settable value
– Seed expiration time is a settable value.
GLI Regulator Roundtable Feb 2008
One Comms Protocol
• Current floor network requires at least two
protocols from the EGM to the host
System
Proprietary
Protocol
SMIB
SAS
EGM
• G2S floor network only has one protocol
System
G2S
EGM
• G2S reduces errors by reducing the number of
protocols. Also, the protocol is published for all
to read and test to.
GLI Regulator Roundtable Feb 2008
GAT
• G2S incorporated GAT into the protocol at the
request of a regulatory jurisdiction
• The GAT implementation in G2S provides for a
more secure and more reliable validation
application than any other remote verification
method available.
– GAT is better than the majority of “at the
EGM” methods as well
GLI Regulator Roundtable Feb 2008
Why GAT?
• ALL the software that implements the GAT
functions is developed by licensed Manufacturers
• ALL software that implements GAT and the
actual verification is contained on the EGM and
is tested and verified by your testing agency –
GLI
• GLI has (or will have) the source code for the
GAT implementations as it is in the EGM
software that they test.
GLI Regulator Roundtable Feb 2008
Why GAT?
• GAT in G2S, does not do any verification
• GAT sends the information to the EGM
– Hash type – CRC, MD5, SHA1, SHA256, etc.
– Seed/Salt – may be used if supported by the
HASHing algorithm.
• GAT returns the resulting answers from the EGM
• Again – the G2S protocol does NOT perform the
verification – it just moves the information
GLI Regulator Roundtable Feb 2008
GAT Features
• Regulators can select a starting seed for
verification
• Regulators can select a “salt”
– Salt is a set of characters pre-pended to the
information to be hashed
– Example info to be hashed “0123456789”
– Salt of “abc” instructs the EGM to HASH
“abc0123456789”
GLI Regulator Roundtable Feb 2008
GAT Features
• Allows regulators to select a start and stop offset
– Allows for targeted verification of a particular
piece of software
• GAT Special function
– Allows custom tuning for particular needs
– RAM dump
– Event Log
GLI Regulator Roundtable Feb 2008
GAT Features
• GAT can be run at the EGM or at a host terminal
• GAT can be run from a host terminal
• GAT can be run from a Regulator’s office
– Needs firewall and VPN to the Casino
– Needs a GAT host and remote terminal
– Security provided by limited command functions
• GAT events keep regulators apprised of GAT
progress
GLI Regulator Roundtable Feb 2008
GAT Events
• G2S_GAE005 Device Configuration Changed by Host
• G2S_GAE006 Device Configuration Changed by Operator
• G2S_GAE101 Verification Queued
• G2S_GAE102 Verification Started
• G2S_GAE103 Verification Complete
• G2S_GAE104 Verification Error
• G2S_GAE105 Verification Result Acknowledged and Passed
• G2S_GAE106 Verification Result Acknowledged and Failed
• G2S_GAE107 Special Function Executed
GLI Regulator Roundtable Feb 2008
GAT Benefit
• Using the GAT functions in G2S it is possible to
verify an entire casino floor from a regulator’s
office
– Casino operators can also run GAT
– Provides Operators more tools to find revoked
software and remove it
GLI Regulator Roundtable Feb 2008
Schema Validation
• A schema provides a definition of all the
commands in G2S
• Each G2S command may be verified by the
schema to have the correct format and values
within specified bounds.
• GLI will be using Schema validation in their
testing
GLI Regulator Roundtable Feb 2008
Schema Validation -Benefit
• Schema validation will catch all misspellings
• Schema validation will catch all commands
missing required values
• Schema validation provides a sieve that strains
out errors in commands
• The result is that these errors will not reach the
field. This means more reliable communication
software
GLI Regulator Roundtable Feb 2008
GSA Benefits
• Regulators can have input into the Protocol
– Meter requirements not currently supported
– Additional events
– Additional HASH algorithms (GAT)
– Etc.
• Regulator advisory committee (RAC) can provide
answers about the protocol
• GSA representatives can visit your jurisdiction to
go over specific regulatory concerns
GLI Regulator Roundtable Feb 2008
Questions
• Questions?
• Contact Info: Marc McDermott
• Email: [email protected]
• Ph: 702-315-4253
GLI Regulator Roundtable Feb 2008