RealTime Gaming
Contents
1. e Moving the BitLocker protected drive into a new computer e Upgrading the motherboard to a new one with a new TPM e Losing the USB flash drive containing the startup key when startup key authentication has been enabled RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 15 of 16 AY AN as License Manager User Manual Proprietary Confidential Need to Know Y GAMING Last Update January 2012 e Failing the TPM self test e Having a BIOS or an option ROM component that is not compliant with the relevant Trusted Computing Group standards for a client computer For example a non compliant implementation may record volatile data Such as time in the TPM measurements causing different measurements on each startup and causing BitLocker to start in recovery mode e Changing the usage authorization for the storage root key of the TPM to a non zero value Note The BitLocker TPM initialization process sets the usage authorization value to zero so another user or process must explicitly have changed this value e Disabling the code integrity check or enabling test signing on Windows Boot Manager Bootmgr e Pressing the F8 or F10 key during the boot process e Adding or removing add in cards such as video or network cards or upgrading firmware on add in cards e Using a BIOS hot key during the boot process to change the boot order to something other than the hard drive RealTimeGaming com 2012. 5 Turn on Machine the Cafe Administrator making sure there is an online connection turns on the machine for the first time Assuring there is an online connection is critical because turning on a machine for the first time without an internet connection will automatically trigger a machine wiping process 6 Manage Cashiers the Cafe Administrator can change the passwords of the five cashiers created in step one above in the RTG Stand Alone Casino 7 Manage Cafe the Cafe Cashier can manage the Cafe which implies making deposits into player s account making withdrawals out of a player s account and changing player s passwords 1 The prefix is defined by the system RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 3 of 16 License Manager User Manual 4 jae SI p me om LL A A Proprietary Confidential Need to Know GAMING Last Update January 2012 The chart below shows the process in more detail Master Agent Cafe Admin Cafe Cashier Create New Agent in Agency POS System System automatically creates 100 players lt PREFIX gt 001 lt PREFIX gt 100 5 cashiers lt PREFIX gt 01 lt PREFIX gt 05 x Take machine request Register Site Machine in MCA License Manager requires Agency ID MAC Address Agency IP Install RTG Stand Alone Casino Send Machine to Cafe Wipe Machine POS Cashier RealTimeGaming com 2012 RealTime Gaming All Rights Reserv
3. Managing A SIE sssisian naa a a 8 Status DES CHIDO INS erssccesccesasaraseecerceansanasunesconsemna apes voercaccusnanteenanseniseqacunacaandecnaaunsenasuanecaacnedemecessgenaaseademeceseseneaenasane 10 RSS UES cece careers gee EE E E E NE EE E TEE EE EEE E E E E EEES 12 Appendix 1 Reason Codes that May Trigger an Internal Wipe Process cccccceeeeeeeeeeeeeeeeeeeeseeeeeeeeeees 13 Appendix 2 Events that will Cause BitLocker to Enter Recovery Mode When Attempting to Start the Operanng oyster DIYO Ae ee ne a ee 14 RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 2 of 16 AN 74N iy g a License Manager User Manual m 7 om ELA A Proprietary Confidential Need to Know Ye AMING Last Update January 2012 Overview The RTG Stand Alone Casino is a casino solution which can be deployed to locations Cafes where Internet connections have a non reliable or intermittent behavior The solution requires the installation of a local server on every Cafe making the system resilient to internet communication failures To mitigate security risks associated with the nature of this product local servers include special processes for license installation site registration site activation and even automatic manual site wiping To set up and run the RTG Stand Alone Casino follow these steps 1 Create New Agent and Request Machine the Master Agent in some casinos the Master Agent and Operator roles a
4. 2 RealTime Gaming All Rights Reserved Page 16 of 16
5. a RVE ee RYS Take o dies License Manager User Manual January 2012 AY AN Ys License Manager User Manual Proprietary Confidential Need to Know bd GAMING Last Update January 2012 Table of Contents VOY respecte reset cients bowie yrsetd vcteeret toot se dibe se eelbeise crs tb vetoed meine Smtr etd oes cree aresiers uted aeienettaaroracerersiedvteareteaeenie waite tanines tine esearete 3 My Casio ACCOUNTS escenari e E r ee eee ee eee ee ee eee 5 Logging into MCA www mycasinoaccounts com s sssssssssssssnsnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnmnnn nnmnnn 5 Logging out of MCA www mycasinoaccounts ComM sssssssssssssnsnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nennen nennen 5 Accounts License Manager Syste M eee ee eee ee IE EREIN EFS 5 Accessing the License Manager System sisirin a aa a a a aa aa a a a a aa 5 MOM NUNS eeaeee E E E EEA E eds pe one EE E EE E E E E 6 PD OUT VIDIN sepiroa EErEE ENERE E E aAA A A E 6 What to do if the Casino is not working cceeceeeeeeeeeeeeeeeeeeeneeeeseneeeeeeeeseneeeeeeeeseneeeaseeesenseeeseneseaseeesoneseaesessoneseneees 6 ROO 51 ie a an ee E A E A E A E ee ee E E E E E E E ee ere T Registering a o E eoan i 7 AIVE G a E T ee eee ee ee eee ee ee eee eee 7 PAG UIV ACI Ay SUDO asset coche chistes see cacti te etc re eee E E E cnelmuaumionticnestomataets 7 Manage Site ssiesssrinivcsnmiiennniuirin nenn ei Enna De Ea a aa Ea ee 8
6. as a BIOS upgrade causing the BIOS measurements to change e Forgetting the PIN when PIN authentication has been enabled e Updating option ROM firmware e Upgrading TPM firmware e Adding or removing hardware For example inserting a new card in the computer including some PCMIA wireless cards e Removing inserting or completely depleting the charge on a smart battery on a portable computer e Changes to the master boot record on the disk e Changes to the boot manager on the disk e Hiding the TPM from the operating system Some BIOS settings can be used to prevent the enumeration of the TPM to the operating system When implemented this option can make the TPM hidden from the operating system When the TPM is hidden BIOS secure startup is disabled and the TPM does not respond to commands from any software e Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre boot environment This can prevent the entry of enhanced PINs e Modifying the Platform Configuration Registers PCRs used by the TPM validation profile For example including PCR 1 would result in most changes to BIOS settings causing BitLocker to enter recovery mode Note Some computers have BIOS settings that skip measurements to certain PCRs such as PCR 2 Changing this setting in the BIOS would cause BitLocker to enter recovery mode because the PCR measurement will be different
7. d which is the only time window for reverting the action After clicking Yes the status of the Site will automatically change to Wipe Requested If you click the Cancel button all data entered will be cleared and the system will take you back to the Manage Site page Selecting Other will require a reason to be specified RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 9 of 16 WREALTIME MCSOAMING License Manager User Manual Proprietary Confidential Need to Know Status Descriptions Last Update January 2012 Sites in the system are assigned one of the following statuses Status Registered Installed Activated Activated Suspicious Wipe Requested Wiped Description Indicates the Site is already registered but not installed Not ready to go live Indicates the Site is ready for activation Indicates the Site is in working order Indicates the Site is active but last validation to RTG did not happen when expected and it is still pending This status indicates something is interfering with the regular Site validation or even Site theft or seizure Sites can hold this status for 24 hours maximum before an automatic wipe is triggered Indicates the Site will be wiped once validation time is over Maximum validation time is 1 hour before an automatic wipe is triggered Wiping for a Site displaying this status may still be reverted Indicates the Site was wiped manual
8. d cM RNE Last Update January 2012 2 In the Activate Site page enter the External ID of the Site you wish to activate NOTE If has not been installed it will not be displayed and the system will report item not found 3 Click the Activate Link option NOTE Once activated a Site will be hourly validated by RTG A Site s first activation required an online connection or an automatic wiping process will be triggered To avoid automatic Site wiping make sure to have internet connection for the Site s first power on after activation Manage Site Managing a Site To manage your Site s follow these steps 1 From the License Manager drop down menu select Manage Site 2 Inthe Manage Site page enter the desired search criterion a either one search criterion or a combination thereof to narrow down the search SEARCH CRITERIA External ID Unique identifier assigned to the Site obtained from the Agency System This value is going to be the ID of the machine and will be used as prefix to create the default set of player accounts during installation MCA Address The Media Access Control address MAC address is the physical ID of the Site s network interface card This address must be registered before installing the Site Server for a caf because it will be used by the Site Installer to report installation to the License Server If a Site is not registered when the installation process finishes a
9. e RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 5 of 16 A 74 i g a License Manager User Manual bI A Mi IN Proprietary Confidential Need to Know CAM ING Last Update January 2012 Wiping About Wiping Wiping a process that overwrites the Site data rendering it unusable can be triggered e manually from the Manage Site page in MCA or e automatically if the Stand Alone Site Server is turned on for the first time without an internet connection remember that turning on the Stand Alone Site Server once installed yet not activated will also trigger the wiping process the logged data is proven invalid at various checkpoints tampering is suspected or the Stand Alone Site Server is offline for over 24 hours What to do if the Casino is not working If the POS cashier page or the casino games is not working then the server has likely been wiped either manually or automatically Regardless of the reason that triggered the wiping on the Stand Alone Site Server and if you wish to restart operations contact your Operator both to report the problem and get the delivery time for the replacement equipment In this User Manual the term offline refers to being disconnected from the Internet This time length may be modified Double check with your Operator RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 6 of 16 License Mana
10. e BitLocker to enter recovery mode when attempting to start the operating system drive e Changing any boot configuration data BCD boot entry data type settings with the exception of the following items DESCRIPTION RAMDISKIMAGEOFFSET PASSCOUNT TESTMIX FAILURECOUNT TESTTOFAIL Warning When installing a language pack an additional option in the language pack installation wizard asks if the user wants to apply language settings to All users and system accounts If this option is selected it will change the local computer BCD settings if the user only option is selected BCD settings are not changed This change will result in a modification of a BCD setting to the new locale value If you are using a TPM with BitLocker this is interpreted as a boot attack on reboot and the computer will require that the user enter the recovery password or recovery key to start the computer We recommend that you suspend BitLocker before changing locales or installing a language pack just as you would before making any major computer configuration change such as updating the BIOS e Changing the BIOS boot order to boot another drive in advance of the hard drive e Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD e Failing to boot from a network drive before booting from the hard drive e Docking or undocking a portable computer In some instances depending on the computer man
11. ed Page 4 of 16 Player Request Machine include Agency ID MCA License Manager Receive machine Request Machine Activation Turn on Machine to start operation Hourly validati SEN Make Initial Deposit Make Withdrawal J Make additional deposit Play Quit balance lt 0 Quit balance gt 0 Make additional Deposit j mi ANY GAMING License Manager User Manual Proprietary Confidential Need to Know Last Update January 2012 My Casino Accounts Logging into MCA www mycasinoaccounts com To Log into MCA follow these steps 1 2 3 4 Go to https www mycasinoaccounts com Type your login name into the RSA UserName box supplied to you Type your password into the RSA PASSCODE box supplied to you Press the Submit button Logging out of MCA www mycasinoaccounts com e To Log out of MCA click the Log Out button on the upper right side of screen Accounts License Manager System Accessing the License Manager System To Access the License Manager System in MCA follow these steps e Once you are logged in MCA point to the License Manager menu item in the Horizontal MCA Menu at the top As soon as you hover the mouse pointer over the License Manager option the License Manager menu will drop down LICENSE MANAGER USER MANUALS Register Site License Manager Activate Site Pos Cashier Standalone Installation Guid
12. ger User Manual N REALTIME Proprietary Confidential Need to Know MIS AMWNIAING GAMING Last Update January 2012 Register Site Registering a Site A Site which will be used to host a Stand Alone Casino must be registered into MCA before the RTG Casino can be installed thereon To register a Site in MCA follow these steps 1 From the License Manger drop down menu select Register Site 2 Inthe Register Site page complete the required fields Name Name that identifies the Site _ MAC Address The Media Access Control address MAC address is the physical ID of the Site s network interface card This address must be registered before installing the Site Server for a Cafe because it will be used by the Site Installer to report installation to the License Server MAC address must be used in the XX XX XX XX XX XX format External ID Unique identifier assigned to the Site 3 Then click the Save button NOTE If you click the Cancel button all data entered will be cleared from the fields Activate Site Activating a Site A Site must be registered and installed before it can be activated To activate a Site follow these steps 1 From the License Manager drop down menu select Activate Site Activate Site RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 7 of 16 A 74N ia g a License Manager User Manual S Simai Lh A Proprietary Confidential Need to Know
13. ly or automatically Automatic Wipes are triggered at predefined security compromising conditions For more information on automatic wiping triggers see the About Wiping section above The following page shows changes from one status to another both graphically in diagram and explained in a chart This time length may be modified Double check with your Operator RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 10 of 16 License Manager User Manual Proprietary Confidential Need to Know Last Update January 2012 REALTIME GAM IN G Changes from one status to another are shown in the image below and explained in the chart that follows n Registered IF Site status is Wipe Requested and the action below happens Active Suspicious Site status changes to 1 Registered RTG Stand Alone Casino is installed in Stand Alone Site Installed Server Registered A wipe process is manually requested in MCA Wiped Installed Installed Site is activated in MCA Active Installed a Site is not activated before first power on Wiped b A wipe process is manually requested in MCA 5 Active Regular communication between Site and License Server is Active Suspicious interrupted Active A wipe process is manually requested in MCA Wipe Requested Active a Site Server is turned on for the first time without an internet Wiped connection b the logged data is proven invalid at any of the vario
14. mments 10100 The security policy is not set according installation Something has changed in Windows security policies process which is not permitted 10200 There are users logged in during the token validation Nobody can log in after the casino has been installed process and the machine has been rebooted 10300 The CD is enable on windows DVD or CD drives are disabled by the installation process If for some reason they become active again tampering may be underway and this triggers the wipe 10400 The USB are enabled on windows Same rule applied to CD and DVD but only affects USB storage devices USB keyboard and mouse are permitted 10500 The TMP device is not installed 10600 Drive D is not configured according installation process Drive D must have a determined size and configuration If the system detects changes there it wipes 10700 Drives are not encrypted using BitLocker 10800 The date or time on the machine was changed Wipe gets activated if PC s internal clock gets fast or slow for 10 minutes or more with respect to the clock of the License Server this clock is synchronized with a global server 10900 The token expired 11000 The license server response is Wipe Wipe was manually requested from the administration page of the License Server in MCA 11100 The prerequisite application is not valid Some components used for executing security checks are missing 11200 The casino GUID is not valid The GUID of the machi
15. n automatic wipe action will be triggered Name Name that identifies the Site Status See status descriptions section below This time length may be modified Double check with your Operator RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 8 of 16 ry i License Manager User Manual 4 EELT Cp AN a a ee EE Proprietary Confidential Need to Know 3 Last Update January 2012 DB Size Indicates the actual database usage in MB It must be entered as a range TIP Use to monitor which DBs may be approaching their maximum capacity Click the Search button and the System will generate a list with the Site s that matches your predefined criteria NOTE If you click Search without entering any information External ID MAC Address Status DB Size the System will generate a list of all your sites Manage Site Securing and protecting our data External ID MAC Address Status All v DB Size From To wipe a Site click the Wipe link A Are you sure you want to wipe the site SACAT 2 regression testing If you click Yes due to caching this action will take unrevertable effect in 00 59 17 hh mm ss Reason I 7 Yes Noa On the pop up message select a reason from the drop down damage stolen Then click the Yes button NOTE Clicking Yes will trigger a wiping action which will overwrite the Site s server data rendering unreadable in the time lapse displaye
16. ne couldn t be read from the Registry 11300 Maximum number of retries reached during the first token The first time the machine is rebooted after casino validation installation the system requests the first token to the License Server If no response is received it retries every minute for up to 30 minutes If no valid token has been received after 30 minutes the system self destroys 10071 Security policy execution fail 10072 Users logged validation fail These codes are used when for some reason R l one of the above validations 10100 to 11300 10073 CD disable validation fail raises an exception during execution The 10074 USB disable validation fail system assumes that something is trying to 10075 TMP installed validation fail prevent validations so it triggers the wipe 10076 Drive D configuration fail 10077 Drives encrypted validation fail 10078 Apply firewall rules fail P Page 13 of 16 ry i License Manager User Manual 4 ete AS mlam _ LA A Proprietary Confidential Need to Know GAMING Last Update January 2012 Appendix 2 Events that will Cause BitLocker to Enter Recovery Mode When Attempting to Start the Operating System Drive Taken from _http technet microsoft com en us library ee449438 WS 10 asox BKMK_examplesosrec What causes BitLocker to start into recovery mode when attempting to start the operating system drive The following list provides examples of specific events that will caus
17. re taken on by the same person creates a new agent in the Agency POS system As soon as the new agent is created the system automatically creates e 100 players using the following naming format lt PREFIX gt 001 lt PREFIX gt 100 e 5 cashiers using the following naming format lt PREFIX gt 01 lt PREFIX gt 05 Then the Master Agent sends the Operator a request for a machine This request must include the Agency ID 2 Take Machine Request and Prepare the Machine the Casino Operator e receives the request for a machine form the Master Agent e prepares the machine Server e registers the machine in the MCA License Manager which will require the Agency ID and the MAC Address NOTE Below in this MCA License Manager User Manual there is detailed information on how to register a machine Installs the RTG Stand Alone Casino in the machine e Sends machine to Caf 3 Receive Machine and Request Activation the Cafe Administrator requests the installed machine and requests activation of said machine to the Operator This is critical because turning on a machine which has not been activated will automatically trigger a machine wiping process 4 Activate Machine the Casino Operator activates the machine in the MCA License Manager NOTE Below in this MCA License Manager User Manual there is detailed information on how to activate a machine informs Cafe Administrator that machine has been activated
18. ufacturer and the BIOS the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker This means that if a portable computer is connected to its docking station when BitLocker is turned on then it might also need to be connected to the docking station when RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 14 of 16 AY REALTIME License Manager User Manual Proprietary Confidential Need to Know d GAMING Last Update January 2012 it is unlocked Conversely if a portable computer is not connected to its docking station when BitLocker is turned on then it might need to be disconnected from the docking station when it is unlocked e Changes to the NTFS partition table on the disk including creating deleting or resizing a primary partition e Entering the personal identification number PIN incorrectly too many times so that the anti hammering logic of the TPM is activated Anti hammering logic is software or hardware methods that increase the difficulty and cost of a brute force attack on a PIN by not accepting PIN entries until after a certain amount of time has passed e Turning off the BIOS support for reading the USB device in the pre boot environment if you are using USB based keys instead of a TPM e Turning off disabling deactivating or clearing the TPM e Upgrading critical early startup components such
19. us checkpoints c tampering is suspected d the Stand Alone Site Server is offline for over 24 hours 8 Active If this status is kept for over 24 hours Wiped Suspicious 9 Active A wipe process is manually requested in MCA Wipe Requested Suspicious 10 Active Regular communication between Site and License Server is re Active Suspicious established 11 Wipe Requested A system defined period of time between wiping request and Wiped actual wiping action lapses 12 Wipe Requested A Wipe Requested is reverted by cancelling it in MCA Active RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 11 of 16 AY AN i a s License Manager User Manual Proprietary Confidential Need to Know ad GAMING Last Update January 2012 User Manuals There are three manuals available in PDF format License Manager POS Cashier StandAlone Installation Guide USER MANUALS License Manager POs Cashier Standalone Installation Guide To view a manual click the corresponding on the link in the License Manager drop down menu RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Page 12 of 16 License Manager User Manual Proprietary Confidential Need to Know Last Update January 2012 j REALTIME GAM IN G Appendix 1 Reason Codes that May Trigger an Internal Wipe Process RealTimeGaming com 2012 RealTime Gaming All Rights Reserved Code ID Description Co
Download Pdf Manuals
Related Search