Category: Building security technology

Digital key management and sharing to be part of mobile operating systems

Article

August Smart Lock press picture courtesy of August

Apple to lead the way with having smart lock and digital key management as part of a smartphone’s operating system.

Apple to add digital key sharing to iOS • NFCW

My Comments

Apple is the first mobile-operating-system developer to integrate the management of digital keys for buildings or cars within its iOS operating system. This includes the ability to share keys to others or revoke shared keys within your iPhone’s user experience.

It is because of an increasing number of security solutions for buildings, vehicles and the like that use your smartphone as a virtual keyring for digital keys.

Previously, what happened with digital keys was that they were dependent on apps specific to a vendor, hotel or similar smart-lock platform and you had to work these keys from that app’s user interface.

This could lead to confusion about apps that you need to use and can get very messy when you have multiple places to think of and you aren’t sure which platform they are associated with. It can also lead to screen clutter associated with the apps and you may find that they take up too much internal storage space especially if you are responsible for many places.

The approach now is to implement the digital wallet functionality offered by Apple Wallet and is part of iOS. As well, you use what the operating system offers to share out keys or revoke shared keys. That means you can use first-party messaging software like Apple iMessage or Apple Mail to share the keys; or you could use third-party messaging software like Signal, WhatsApp or Outlook Mail to share these keys.

Most likely this will be facilitated with the “share / take-further” function offered as part of the operating system, represented in iOS with a square and triangle symbol.

The problem with this functionality is whether there is the ability to limit the shared key’s functionality when you share it out. That is to limit the number of times one can use the key or the time period they can use it for, or even to limit the doors or cars that the particular digital key can open. In some cases, it may also be about implementing multi-factor authentication for these keys.

hen there is the question about what kind of interface that this Apple Wallet key-management ability will support. That is whether to use NFC “touch-and-go” operation, Bluetooth LE wireless-link or similar techniques to link with the door lock or car.

The other issue that will come about is whether Google will integrated this kind of digital key management within Android, whether as part of the digital wallets available as apps for that platform or simply within the operating system. Also it can be about whether regular computers that run desktop operating systems could have this kind of digital key management built in to their operating systems, which can be of benefit for people who manage buildings or vehicle fleets.

It can also include allowing apps and Websites to add or remove digital keys to the smartphone wallet. This will be seen as important for corporate, hotel and delivery use cases where interaction with smart locks is part of a transaction, such as registering the delivery / collection of goods or as part of a time and attendance requirement for home care and allied workers.

What this will be essentially about is to provide a one-stop shop for managing digital keys for locations or vehicles you are responsible for using your smartphone.

Gainsborough TriLock appears now as a smart lock

Articles –From the horse’s mouth

Gainsborough Hardware

FreeStyle TriLock smart lock

Product Page

Product Microsite

Press Release from Allegion (parent company of Gainsborough Hardware)

Video – Click or tap to play on YouTube

My Comments

During the 1990s, a type of residential door lock had come on the market which conveys the look of a mortice lock but has the simple quick installation approach associated with the “bore-through” cylindrical or tubular form factors.

One of these entrance locksets that came about was the Gainsborough TriLock entrance set. This offered double-cylinder “deadlock” security demanded in the Australian market but had the ability for users to just lock the outside handle from the inside by pressing a button.

But Gainsborough Hardware have revised this lockset to become a smart lock. This entrance set, known as the FreeStyle TriLock, has a concealable keypad for users to enter their access codes when they want to enter, no matter whether it is locked from both sides or just the outside. There is an intent behind this lock’s design to allow a householder to replace a TriLock lockset that was on their front door without needing to drill new holes or refinish the door.

As well, it used Bluetooth connectivity with manufacturer-supplied smartphone apps so you can control the lock from your smartphone, including being notified of someone arriving at your home and letting themselves in. Of course, the FreeStyle TriLock allows you to use the traditional metal key to unlock the door, with this existing as a failsafe measure as well as for those of us still comfortable with the traditional key.

This unit can support up to 20 users and has the ability to schedule individual users’ access to your premises. The optional Gainsborough Bluetooth-Wi-Fi network bridge paves the way for remote management of this lockset, something that would pleas holiday-home or short-let premises owners.

There will be the issue of whether this smart lock will “tie in” with other smart-home systems like Amazon Alexa / Google Assistant (Home), Samsung SmartThings and similar platforms. This will be more so as we expect more out of these smart locks beyond letting ourselves and others in to our premises.

Yale uses modules to extend smart-lock functionality

Article

Use of a user-installable module allows these Yale smart locks to work with different connected-home systems

Yale Expands Assure Lock Line With New Smart Lever Lock | Z-Wave Alliance

My Comments

Yale have implemented the smart-lock approach in a very interesting way ever since that company released their Real Living Connected Deadbolt in to the North-American market.

Here, they designed an electronic lock as a basic platform device but built an expansion-interface arrangement in to this lock’s design. Here, users could install a retrofit module in to the battery compartment on the door’s inside to add on Zigbee, Z-Wave or August smart-lock connectivity to their lockset.

This approach has been rolled out to the Assure range of electronic deadbolt locks and lever locksets with the use of the same module type for the whole range. It also applies to the Lockwood Secure Connect product range offered in Australia which is based on the Yale designs.

A similar approach has been implemented in the UK for some of the Yale electronic door locks sold in that market. But the modules used with the UK locksets are different to the North-American modules due to the regional differences that affect how Z-Wave and Zigbee operate and the country’s preferred building-hardware form factors. One of these units is infact designed to replace the outside cylinder on a rim-mounted nightlatch or deadlatch to enable “smart lock” functionality to this common class of door lock.

All these modules are expected to be installed in a “plug-and-play” fashion where they simply add the extra functionality to the lock or bridge it to the smart-home ecosystem once you install the module. After you install these modules in the lockset, the only thing you need to do is to pair them with the smart-home or integrated-security ecosystem.

Even within the same form-factor, the electrical interface for these modules may be varied for later products which can raise compatibility issues. Similarly, some of the home-automation integrators tend to presume that a particular module will only work with their system.

They also work on a particular “Internet-of-Things” wireless interconnection rather than an IP-based home network, requiring them to use a network bridge to work with an online service. This bridge is typically provided as part of a security-and-home-automation ecosystem whether offered by a telco, security services firm or similar company.

What have I liked about this approach is the use of user-installable modules that are designed to work across a particular Yale smart-lock range. Here, these modules interlink with Yale or third-party smart-home setups with the ability to be replaced should you decide to move to a better home-automation system that uses a different Internet-of-Things interface.

It underscores the fact that, once installed, a door lock is expected to be in service for a very long time and this same requirement will be placed upon smart locks. This is even though new smart-home or smart-building technologies will appear on the horizon.

It is similar to how central-heating systems are being enabled for smart-home operation through the use of a room thermostat that has the “smarts” built in to it. These thermostats are designed to be powered by the host HVAC system and connect to that system according to industry-standard wiring practices that have been determined and evolved over a long time.

This approach can be taken further with other devices like major appliances that are expected to serve us for a long time. Even if a manufacturer wants to create an ecosystem around its products and accessories, it needs to keep the specifications for interlinking these products and accessories the same to allow users to implement newer devices in to the system.

It can also work properly with a self-install approach where the customer installs the necessary aftermarket modules themselves or a professional-install approach which involves a technician installing and commissioning these modules. The latter approach can also work well with manufacturers who offer “functionality” or “upgrade” kits that enable the use of these modules.

The ASSA Abloy approach to making sure your smart lock works with the smart-home system by using user-replaceable modules makes sense for this class of product. Here, you are never worried about the smart-lock ability being “out of date” just because you install a home-automation setup that suits newer needs.

What needs to happen with the retrofit approach is that the physical and electrical interface for add-on modules has to be consistent across the product range or device class for the long haul. There also has be be some form of compatibility should any design revisions take place. Similarly, using a common application-level standard can work well with allowing the same device and retrofit module to work with newer systems that adhere to the relevant standards.

These expectations may not really work well with system integrators, telcos and the like who prefer to be the only source for products that work with a smart-home system.

Here, it is the first time I have noticed a smart-home device designed to be upgraded over its long service life.

Delivery-consignment storage to be part of the floorplan

House in Toorak

How is online delivery going to be handled securely when no-one’s at home?

Most of us who buy goods on the Internet are likely to run in to situations where they miss a parcel delivery due to, for example, no-one being at home. This includes situations with families that have teenagers that arrive home earlier than the parents and it is desirable that adults sign for packages that have been delivered.

This can also extend to situations where you need to have a courier collect goods from your place, something I have had to do every time I have finished with review-sample products where I return them to the distributor or PR agency. But it would also apply when you have to return unwanted merchandise to an online retailer or send faulty equipment to a workshop to be repaired, or simply to use a messenger service to run printed documents from your home office to a business partner. Here, you have to make sure someone you trust is at home looking after the consignment until the courier arrives to collect it.

Intercom panel with codepad

These systems may need to be modified to support secure unattended parcel delivery

There has been recent Internet discussion about the Amazon Key product which is a smart-lock ecosystem that allows Amazon couriers to drop off your orders inside your home after you confirm with them that they have your order. The constant issue that was raised was the fact that courier could wander around your home unsupervised after they drop off the order, thus being a threat to your privacy and home security.

But this may raise certain architectural requirements and possibilities to cater for the rise of online deliveries. These requirements and possibilities are about creating secure on-premises storage for these consignments that have been delivered or are to be collected by a courier while you are absent. It is also about making sure that the courier cannot enter your home unsupervised under the guise of dropping off or picking up a consignment.

They will affect how homes are designed whether as a new-build development or as a renovation effort and will affect how apartment blocks and similar developments are designed. It is very similar to the use of specially-installed lock-boxes to keep front-gate or meter-box keys that are only opened by the utility’s meter reader with a special master key when they read your utility-service meter.

Architectural requirements

One of these could be a cabinet or small storeroom located towards the front of your home and used primarily for storage of delivered goods. Of course, you may use these spaces to store items like clean-up tools or solid fuel. Some householders may see a garage or a shed also serve this same purpose.

An alternative would be to implement a small vestibule or porch enclosure with an inner front door and outer front door, Here, these spaces would be secured with a smart lock or access-control system that ties in with secure consignment-drop-off arrangements like what Amazon proposes.

In the case of a vestibule, the inner entry door that leads to the rest of the house would be secured under the control of the household and not be part of these arrangements. This also applies to arrangements where the vestibule opens to other rooms like a home office.

Apartment block in Elwood

Multi-dwelling units like apartment blocks may have to have luggage-locker storage facilities for unattended parcels

For multi-dwelling developments, this could be achieved through the use of a storage facility similar to a cluster of luggage lockers. Here, one or more lockers are shared amongst different apartments on an as-needed basis. In these buildings, they would be located close to or within the mail-room or as a separate storeroom. For those buildings that have multiple entry vestibules for different apartment clusters, it may be plausible to have a group of parcel-delivery lockers in each vestibule.

If your property has a front gate that is normally locked, you may have to use a smart lock or access-control system compliant with the abovementioned secure consignment drop-off arrangements on that gate.

Security requirements for these spaces

All these arrangements would be dependent on a smart lock or access-control system that ties in with the couriers’ or online-delivery platforms’ ecosystems and would be used when you aren’t at home. Such systems would be dependent on consignment numbers that are part of consignment notes or delivery dockets, along with the recipient being notified by the courier of the pending delivery.

But you would be able to have access to these spaces using your own code, card or access token held on your smartphone as expected for all smart-lock setups.

Integration with the courier’s workflow

Such setups would require the household to register them with an online-shopping platform or a courier / messenger platform operated by the incumbent post-office or an industry association. Here, the household would notify whereabouts the secure storage space is on their property

Product delivery

Typically, when you receive a delivery, the courier would ring the doorbell and find that no-one is at home. Or the door is answered by a child and the standing arrangement regarding the chain of custody for deliveries is for the parcel to be received and signed for by a responsible adult.

In this situation, the courier would have to enter details on their handheld terminal about no-one being home. You would then be contacted by email, text messaging or a similar platform regarding the pending delivery and then you use the platform’s companion mobile app or Website to authorise the drop-off of your consignment in the safe storage space.

Then the courier would receive a one-shot authority code which they use to unlock the storage space so they can lodge your parcel there. Once they have delivered the parcel, you would be notified that the parcel is waiting for collection. You would then use your keycode to open up that space to collect your goods when you arrive.

Product collection

There are also times where we require a courier to collect goods from us. This can be situations ranging from returned merchandise, through equipment being collected for repairs, to sending goods out as gifts. In these situations, a responsible adult may not be home to hand over the item and you don’t want to wait around at home or co-ordinate a pickup time for the consignment.

Here, you would organise the consignment paperwork with the courier or the recipient organisation if they are organising the pickup. As part of this, you would receive a consignment number as part of the consignment note, returned-merchandise authorisation or similar document.

Then you would place the goods in the storage space and make sure this is locked. Subsequently you would enter the consignment number in to the smart lock or platform app on your phone or computer. This consignment number works as a one-shot authority code for the courier to open the secure storage space.

When the courier arrives to collect the consignment, they would enter the consignment number in the smart lock to open the storage space in order to collect the goods. Once they have collected the goods, they then lock up the storage space before heading onwards with the consignment. You would then be notified that they have collected the consignment, with the ability to track that parcel as it is on its way.

Issues that need to be raised

Access to a competitive online-retail or parcel-delivery marketplace

It can be easy to bind an unattended-delivery secure-storage platform to an incumbent postal service (including a courier service owned by or a partner with one of these services), or a dominant online retailer like Amazon.

This ends up as a way for the incumbent postal service or dominant online retailer to effectively “own” the online-retail or parcel-delivery marketplace by providing more infrastructure exclusive to their platform. It can also expose antitrust / competitive-access issues where other courier firms or online retailers can’t gain access to self-service unattended-delivery arrangements.

This issue can be answered either through an app-based approach that works with the smart-home / Internet-of-Things ecosystem to interlink with IT systems associated with the goods-delivery industry; or a common platform adopted by the courier / messenger and online-retail industry that integrates unattended-delivery storage as part of the workflow.

Similarly, these systems need to have a level of flexibility such as being able to work with multiple smart locks on the one property. This would be to facilitate a locked gate and / or two or more storage spaces such as a trunk-style cabinet for small items and a larger storeroom for larger consignments; or to provide a private storage space for each dwelling on that property such as a house converted to apartments.

Conclusion

The online retail marketplace has brought about a discussion regarding management and secure storage of consignments that are delivered to unattended addresses.

Finnish building-management systems cop the brunt of cyberattacks

Article

There needs to be a level of cyber-security awareness regarding the design and maintenance of building-automation systems

There needs to be a level of cyber-security awareness regarding the design and maintenance of building-automation systems

Finns chilling as DDoS knocks out building control system | The Register

My Comments

Two apartment buildings in Finland became victims of distributed denial-of-service attacks which nobbled their building-management systems. This caused the buildings’ central heating and domestic hot water systems to enter a “safety shutdown” mode because the remote management systems were in an endless loop of rebooting and both these systems couldn’t communicate to each other. The residents ended up living in cold apartments and having cold showers because of this failure.

What is being realised is that, as part of the Internet Of Things, building-management equipment is being seen to be vulnerable, due to factors like the poor software maintenance and an attitude against hardening these systems against cyber-attacks. Then there is the issue of what level of degraded-but-safe functionality should exist for these systems if they don’t communicate to a remote management computer. This also includes the ability for the systems themselves to pass alarm information to whoever is in charge.

This situation has called out data-security issues with design and implementation of dedicated-purpose “backbone devices” connected to the Internet; along with the data-security and service-continuity risks associated with cloud-based computing. It is also an issue that is often raised with essential services like electricity, gas and water services or road-traffic management being managed by Internet-connected computers with these computers being vulnerable to cyberattack.

One of the issues raised included the use of firewalls that run up-to-date software and configurations to protect these systems from cyberattack.

I would also look at a level of fail-safe operation for building management systems that can be implemented if the Internet link to remote management computers dies; along with the ability to use cellular-telephony SMS or similar technology to send alarm messages to building management during a link-fail condition. The fail-safe mode could be set up for a goal of “safe, secure, comfortable” quasi-normal operation if the building-local system identifies itself as operating in a safe manner.

August responds to its smart lock’s security weaknesses by patching its software

Article August Smart Lock press picture courtesy of August

IoT manufacturer caught fixing security holes | The Register

Here’s what happened when someone hacked the August Smart Lock | CNet

My Comments

The Internet Of Things, along with network hardware focused at consumers and small businesses, has been considered a thorn in the side of people who are involved with data security. This is because of a poor software-maintenance cycle associated with these devices along with customers not installing new software updates for these devices.

Recently, at the DEFCON “hack-a-thon” conference in Las Vegas, a few of the smart locks were found to have software weaknesses that made them vulnerable.

But August, who makes one of these smart locks which are retrofitted to existing “bore-through” single-cylinder tubular deadbolts, answered this issue in a manner that is considered out-of-place for the “Internet Of Things”. Here, they issued software patches to rectify these security issues and offered them as a user-downloadable firmware update.

What is a sad reality for a lot of these devices is that the manufacturer rarely maintains the firmware that runs these devices, if not at all. Some manufacturers think that this practice is about having to “add functionality” to these devices which they would rather do with subsequent models or product generations. But this kind of updating is about making sure that the software ecosystem associated with the product is secure and stable with all the “bugs” ironed out. Similarly, it is also about making sure that the product is complying with industry standards and specifications so as to work properly with other devices.

August uses the latest iterations of their smartphone apps to deploy the firmware updates to their products, typically requiring that you place your phone with the app running near the door that is equipped with these locks.

The computing security industry and computing press congratulated August on responding to the security weakness in its products through a firmware update with “The Register” describing it as being beyond the norm for the “Internet Of Everything”. But they wanted more in the form of them disclosing the nature of the threats in the lock’s firmware in a similar manner to how Microsoft, Google or Apple would disclose weaknesses in their operating-system software.

This issue also is something that is applying to home-network equipment like routers, along with toys and games that connect to the Internet. What is being called out for is a feedback loop where bugs and other software deficiencies in all these devices are called out and a simplified, if not automatic, in-field software-update process takes place whenever newer firmware that answers these problems is released. This also includes the manufacturers disclosing the security issues that have been found and explaining to customers how to mitigate the risks or update the affected software.