UW Computer Security Research and Course Blog

Housing and Food Services (HFS) houses approximately 5100 students in its numerous residence halls and apartment buildings. To accommodate for easy maintenance and locksmith-free lockout calls while the desk is closed all the halls are master keyed and reside on a giant hoop of metal known as the duty ring. Normally to obtain the duty ring a Resident Adviser/Community Advisor (RA/CA) will check out and sign for the keys at the front desk of the residence hall. The clerk at the front desk requests the RA/CAs staff ID, if the picture on the ID matches the person in front of them, they will file the checkout card away and check the RA/CA in for duty in the Odyssey HMS housing system.

By putting this system in place, HFS attempts to protect the following assets.

1. Access to infrastructure. The duty ring not only contains keys to resident’s rooms but also to bathrooms, breaker rooms, network rooms, etc.
2. Access to resident’s rooms. HFS trusts RA/CAs to only unlock doors with the resident present and consenting.
3. HFS needs to have some record of who has the keys at all times to maintain their image as a professional housing organization. I certainly would not feel safe with the knowledge of a loose master key.

Possible attackers of this system could be anyone with the above knowledge of the duty ring checkout system.

1. Thieves: Residents often have laptops that haven’t been physically secured or registered with UWPD. These high ticket items are easy to carry off and very few if any people would find someone carrying a duffel bag full of laptops suspicious.
2. Feuding RA/CAs: Checking out the duty ring under the identity of another RA/CA and disposing of the ring would likely get the victim fired due to the high cost of re-keying everything.
3. Disgruntled RA: Upon leaving HFS a disgruntled RA could checkout all of the duty rings. The cost of re-keying thousands of locks at $70-$80 each would be a major expense for HFS.

The system however is far from perfect and could likely be attacked in the following ways.

1. The staff ID cards consist of a single picture and black text on a red background. Duplicate, altered or fabricated staff ID cards would be difficult/impossible for the desk clerk to discern from real ones. With a little research on a given residence hall, one can determine the names of all the RA/CAs on staff (often on a poster in the lobby), as well as who is scheduled to be on duty for the night. With these fraudulent cards an attacker could check out the duty ring in the names of other staff members to discredit them or obtain all the duty rings in order to force HFS to re-key every door lock.
2. Since the front desk clerk has no need for the physical ID card, new desk clerks often forget to ask for ID verification.
3. Distraction of the front clerk would also allow an attacker with a hook on the end of a 6 foot or longer pole to retrieve the duty ring from they key rack which is left open and unlocked during desk hours. This could include false fire alarms in which case the key cabinet is left unlocked. The gate that is deployed in front of the office is only meant to keep people from going through however the duty ring can still slip through it.