350 likes | 597 Views
GLI Regulator’s Roundtable 2008 . Benefits for Regulators with the G2S Communication Protocol. Benefits for Regulators. This presentation is to introduce you to GSA’s G2S protocol and the benefits for Regulators Big Picture Not here to bash SAS G2S is SAS’ Replacement G2S supports Download
E N D
GLI Regulator’s Roundtable 2008 Benefits for Regulators with the G2S Communication Protocol GLI Regulator Roundtable Feb 2008
Benefits for Regulators • This presentation is to introduce you to GSA’s G2S protocol and the benefits for Regulators • Big Picture • Not here to bash SAS • G2S is SAS’ Replacement • G2S supports Download • G2S supports Remote Configuration • G2S supports Remote Software Validation GLI Regulator Roundtable Feb 2008
Benefits for Regulators • More Big Picture • G2S provides security • G2S provides better access to regulatory information • G2S provides for controls in regulating download and configuration • G2S provides a means to limit damage resulting from counterfeits GLI Regulator Roundtable Feb 2008
Information for Regulators • G2S supports the flow of information that makes it possible to implement the new features and capabilities • GSA does not write software or develop gaming applications. • G2S support for a function does not mean that applications exist to take advantage of that function • GSA does not force manufacturers to implement the G2S protocol - business requirements and Regulatory requirements force manufacturers to implement G2S GLI Regulator Roundtable Feb 2008
Security • G2S requires SSL encryption • Single session Keys • Ability to change keys on demand or over time • G2S secures both ends of the communication link • Both ends must have a certificate • Manual process for initial certificate ensures identity of each endpoint GLI Regulator Roundtable Feb 2008
Security • The benefit • No ease dropping • No inserted commands • No open port access GLI Regulator Roundtable Feb 2008
Security • More benefits • All nodes on the network are known as they must have a certificate • Allows gaming floor information to be isolated by certificates when physical isolation is not possible • Provides a secure way for a regulator to remotely monitor a casino floor GLI Regulator Roundtable Feb 2008
Access to Information • Current slot floor networks restrict access to information • Proprietary protocols make interfaces difficult • All information comes from a single slot accounting system • No visibility to the actual floor data • Real time access is limited GLI Regulator Roundtable Feb 2008
Slot Floor Network - Today GLI Regulator Roundtable Feb 2008
Access to Information • G2S provides more access to information for authorized users • Encrypted information restricts information to authorized endpoints • Information is gathered from the EGMs – no intermediary filters • Real time access is no problem • Able to select the information that is sent to your endpoint GLI Regulator Roundtable Feb 2008
Config Server Code Download Vouchers Slot Floor Network - G2S Regulatory Slot Floor System GLI Regulator Roundtable Feb 2008
Access to Info - Guest Host • G2S supports a Guest Host function • A guest host is a server (or service) that is allowed access to the floor network • The guest host must have a certificate • Must be specifically allowed on the network by the system administrator • Manual process to initially install the certificate • Data is encrypted to and from the guest host GLI Regulator Roundtable Feb 2008
Guest Host Function • Each guest host has an IP address • Guest host is registered with the EGM • EGM maintains guest host subscription • EGM send info from event subscriptions to the guest host’s address GLI Regulator Roundtable Feb 2008
How to Access the Info • G2S Guest Host Function • A guest host has read access to information • Provides the ability to subscribe to specific events • Everything that happens on the floor generates events • Events may have associated data or may be just to announce that an event has occurred GLI Regulator Roundtable Feb 2008
Slot Floor - G2S • Each EGM has a separate IP address • Each host has its own address Adding an EGM does not allow that EGM to “see” info from other EGMs Adding a host works the same way EGM EGM EGM Switch EGM GLI Regulator Roundtable Feb 2008
What is the Benefit? • Get you own meters • Floor status - Determine what doors were opened, what machines are offline, Which machines were RAM cleared • Assist with Responsible Gaming • Authorize downloads and configuration changes • Track Progressives and bonuses • Track GAT results GLI Regulator Roundtable Feb 2008
Provide Regulatory Controls • G2S supports the concept of Authorization for Download and Configuration Changes • G2S supports one or more authorization hosts • All authorization hosts must authorize prior to the change being made • GLI-21 section 4.10.3 requires storage of game data prior to download – “Authorization” opportunity • Also requires doors to be closed during download – “event” opportunity GLI Regulator Roundtable Feb 2008
9-1-1 Emergency Response • G2S Supports the ability to selectively disable bill acceptance • Bill acceptor capability is exposed through G2S • Disable one bill from the list of supported Bill – counterfeit $50 notes – disable the acceptance • Re-enable when the problem is corrected • Also the ability to disable coin acceptors GLI Regulator Roundtable Feb 2008
More Emergency Measures • G2S supports off-line voucher validation • A validation Identifier and an associated Seed are generated and stored in the voucher database • The Validation Identifier and the associated Seed are sent to, and are stored on, the EGM • An MD5 HASH is generated from the EGM identifier, the voucher amount, the validation identifier and the seed. GLI Regulator Roundtable Feb 2008
Offline Validation • Offline validation (cont) • Vouchers have the EGM identifier, the voucher amount, the validation identifier and the MD5 results printed on it – the seed is NOT printed on the voucher • To redeem the offline voucher, the information on the voucher is entered from a cashier station • The seed is retrieved from the voucher database, the MD5 HASH is re-calculated GLI Regulator Roundtable Feb 2008
Offline Validation • Offline Validation (cont) • If the Calculated MD5 answer matches the MD5 answer printed on the ticket, the voucher is valid and may be redeemed • Nevada technical standard 3.150(11) was changed to allow offline voucher printing if a technique such as this is used GLI Regulator Roundtable Feb 2008
Offline Validation-Benefit • Allows a secure method of dealing with offline vouchers • Reduces the need for manual methods that are not secure • Provides for better customer satisfaction • Offline validation may be custom tuned for your Jurisdiction • Number of Authentication numbers/Seed pairs stored is a settable value • Seed expiration time is a settable value. GLI Regulator Roundtable Feb 2008
One Comms Protocol • Current floor network requires at least two protocols from the EGM to the host • G2S floor network only has one protocol • G2S reduces errors by reducing the number of protocols. Also, the protocol is published for all to read and test to. System Proprietary SMIB SAS EGM Protocol G2S EGM System GLI Regulator Roundtable Feb 2008
GAT • G2S incorporated GAT into the protocol at the request of a regulatory jurisdiction • The GAT implementation in G2S provides for a more secure and more reliable validation application than any other remote verification method available. • GAT is better than the majority of “at the EGM” methods as well GLI Regulator Roundtable Feb 2008
Why GAT? • ALL the software that implements the GAT functions is developed by licensed Manufacturers • ALL software that implements GAT and the actual verification is contained on the EGM and is tested and verified by your testing agency – GLI • GLI has (or will have) the source code for the GAT implementations as it is in the EGM software that they test. GLI Regulator Roundtable Feb 2008
Why GAT? • GAT in G2S, does not do any verification • GAT sends the information to the EGM • Hash type – CRC, MD5, SHA1, SHA256, etc. • Seed/Salt – may be used if supported by the HASHing algorithm. • GAT returns the resulting answers from the EGM • Again – the G2S protocol does NOT perform the verification – it just moves the information GLI Regulator Roundtable Feb 2008
GAT Features • Regulators can select a starting seed for verification • Regulators can select a “salt” • Salt is a set of characters pre-pended to the information to be hashed • Example info to be hashed “0123456789” • Salt of “abc” instructs the EGM to HASH “abc0123456789” GLI Regulator Roundtable Feb 2008
GAT Features • Allows regulators to select a start and stop offset • Allows for targeted verification of a particular piece of software • GAT Special function • Allows custom tuning for particular needs • RAM dump • Event Log GLI Regulator Roundtable Feb 2008
GAT Features • GAT can be run at the EGM or at a host terminal • GAT can be run from a host terminal • GAT can be run from a Regulator’s office • Needs firewall and VPN to the Casino • Needs a GAT host and remote terminal • Security provided by limited command functions • GAT events keep regulators apprised of GAT progress GLI Regulator Roundtable Feb 2008
GAT Events • G2S_GAE005 Device Configuration Changed by Host • G2S_GAE006 Device Configuration Changed by Operator • G2S_GAE101 Verification Queued • G2S_GAE102 Verification Started • G2S_GAE103 Verification Complete • G2S_GAE104 Verification Error • G2S_GAE105 Verification Result Acknowledged and Passed • G2S_GAE106 Verification Result Acknowledged and Failed • G2S_GAE107 Special Function Executed GLI Regulator Roundtable Feb 2008
GAT Benefit • Using the GAT functions in G2S it is possible to verify an entire casino floor from a regulator’s office • Casino operators can also run GAT • Provides Operators more tools to find revoked software and remove it GLI Regulator Roundtable Feb 2008
Schema Validation • A schema provides a definition of all the commands in G2S • Each G2S command may be verified by the schema to have the correct format and values within specified bounds. • GLI will be using Schema validation in their testing GLI Regulator Roundtable Feb 2008
Schema Validation -Benefit • Schema validation will catch all misspellings • Schema validation will catch all commands missing required values • Schema validation provides a sieve that strains out errors in commands • The result is that these errors will not reach the field. This means more reliable communication software GLI Regulator Roundtable Feb 2008
GSA Benefits • Regulators can have input into the Protocol • Meter requirements not currently supported • Additional events • Additional HASH algorithms (GAT) • Etc. • Regulator advisory committee (RAC) can provide answers about the protocol • GSA representatives can visit your jurisdiction to go over specific regulatory concerns GLI Regulator Roundtable Feb 2008
Questions • Questions? • Contact Info: Marc McDermott • Email: mmcdermott@gamingstandards.com • Ph: 702-315-4253 GLI Regulator Roundtable Feb 2008