Assignment
The SmurfWare SmurfScanner is a new biometric authentication device to keep non-Smurfs out of the Smurfland network. The biometric device is being dubbed the SmurfScanner by Papa Smurf. The SmurfScanner is a hardware device that scans a user's skin color for blueness.
Since only Smurfs have that unique Saturday morning cartoon blue color, if the device can successfully identify the unique blue, then this will do for making a determination as to whether or not a person really is a Smurf (or at least we make this assumption for the purposes of this exercise, be based in actual fact or not). The SmurfScanner is attached to a PC running MicroSmurf Windoze X via serial port. Along with an all-blue user manual and a blue SmurfWare coffee mug, the SmurfScanner comes with software that allows it to act as the login screen manager in Windoze.
To even get to the login screen, a user's Smurfness has to be established by the SmurfScanner. Once calibrated by the manager application, the SmurfScanner returns whether or not a user is sufficiently blue. SmurfScanner Architecture Component Description Smurfscanner Crypto Helper: Since actual authentication traffic between the scanner and the software has to be encrypted and integrity has to be ensured, the software package provides an API for making encrypted calls, such as IsUserASmurf(), to the SmurfScanner.
The caller gets to decide whether to use the proprietary but extensively tested (by two Smurf crypto experts) SmurfCrypto library or the equally solid MicroSmurf Windoze implementation of crypto. The Helper exists in both the PC and the SmurfScanner hardware to facilitate two-way integrity and privacy.
SmurfScanner Common Command Layer: The SmurfScanner formats higher-level API calls into a format that the serial driver can understand, be they encrypted or not. SmurfScanner Manager: Since this application is rarely used, crypto was deemed unnecessary.
Instead, the Smurfs hard-coded a hash of Smurfette's body weight in milligrams in both the SmurfScanner and the Embedded I/O Manager so that the SmurfScanner's Embedded I/O Manager would recognize that the privileged commands were coming from only the SmurfScanner Manager application. The Manager application appends this hash to every command sent to the scanner. The Smurfs chose this secret method because Smurfette's body weight is a well-known fact with the entire Smurf community but not known at all outside of it.
The Manager application is used to set up the scanner's calibration and to run diagnostics in case it is malfunctioning. The scanner must be calibrated for local light conditions with a sample of Smurf before use. The Manager is also used to initialize the Helper apps on both the PC and the scanner with secrets to allow the integrity and privacy functionality to work.
The secrets are a hash of the system clock. SmurfScanner Embedded I/O Manager: This app sorts encrypted versus unencrypted commands and forwards them to either the Helper or directly to the Logic Layer. Commands are sent directly to the Logic Layer when the I/O Manager recognizes the Smurfette body weight shared secret hash. SmurfScanner Logic Layer: This layer takes the hardware measurement of the user's blueness and compares it to the calibrated value and returns a yes or no, thus performing authentication on a Smurf.
The Logic Layer also does other things like calibrate the scanner based on data received from the Manager app, track usage, and run diagnostics. SmurfScanner Business Application: It is critical to understand the business context in order to estimate impact (in such a way as to answer the "Who Cares?" question). In this case, the SmurfScanner is being used to protect SmurfTunes from use by non-Smurfs. SmurfTunes is set up to deliver Saturday morning cartoon theme songs to SmurfPod personal digital listening devices.
Based on the SmurfWare SmurfScanner description, identify five security threats (types of attacks) that are applicable and provide insight into the vulnerabilities that the threats pose to the SmurfWare SmurfScanner.
Finally, list two security controls (safeguards/ countermeasures) for each threat as it applies to this project.