The new sliding door at the CSE building
I want to start a discussion about the new sliding door we just got. I talked to Karl and he explained how the door works. It seems that the sliding door has two sensors, radar and infrared. The radar sensor can detect movements that are a further away from the door and the infrared can detect the closer movements. Obviously, the once movements are detected, the door will open. Also, for emergency, the two metal frames on each side of the door can be open like a door. During nighttime, the door will only open automatically when someone is leaving the building. Otherwise, a card key access is needed to get into the building. Here are a couple ideas for an adversary to try to get into the building.
-Tailgating: Following another person who has access to get in.
-Steal someone else’s card and use it to get in
-See if you can jam some thin object through the middle and trick the radar that someone might be trying to leave the building.
I want to know what others are thinking about this. I like the new sliding door because now I don’t have to hear the annoying beep when someone didn’t close the door properly when they come in or leave the building at night. However, it seems that it might bring up a few new security issues.
Comment by kingpig
March 2, 2008 @ 6:08 pm
Actually, the point about the thin object is a really good one.
I just went upstairs and managed to quite easily fit my credit card in between the doors. If someone were to take a very slim sheet of metal (about the thickness of a credit card), and slip it through the door, I bet they could push and pull it back and forth enough to set off the sensor. I’d like to try that, but I don’t have a long, thin sheet of metal.
Anyone got some metal?
Comment by Trip Volpe
March 2, 2008 @ 6:47 pm
Hmmm… A glass door with an infrared sensor on the inside?
I wonder if it would be possible to trigger the sensor by shining a heat lamp onto the floor just inside; if the temperature of the floor could be raised enough to cause it to emit (or reflect) sufficient amounts of infrared radiation, presumably that might cause the door to open.
Glass can be made to transmit less infrared by adding materials such as iron; glass that absorbs or reflects infrared is obviously a better thermal insulator, and so might be desirable for interior climate control reasons. I’d be curious to find out what kind of glass is used in the Allen Center doors, and if this was a security issue considered during design.
In any case, I would expect that glass that can block a substantial amount of infrared while remaining completely transparent to visible light would be difficult or expensive to produce; it seems likely that quite a few installations with “securely locked” automatic glass doors might be vulnerable to a focused IR beam attack – after all, allowing a human on the inside to get outside without hassle is a very important accessibility feature, especially under emergency situations.
Perhaps one way to respond to the threat is to also require some kind of motion on the inside before the door will open – however, as felixctc and kingpig have pointed out, if you can slide a long, thin object through the door, this system may be defeated as well.
I guess the moral of the story is that people who live in buildings with glass security doors shouldn’t throw stones – er, well, should probably think a bit more about security in depth, at least. 😉
Comment by duschang
March 2, 2008 @ 7:24 pm
At first, it might seems like the sliding door opens up many new security risks. However, when we examine the threats closely, we will realize that most threats already exists before. For example, tailgating and stolen ID has already been a problem with the original door. If the radar and infrared actually functions “correctly”, the new sliding door will be at least as secure as the old one
Comment by alpers
March 3, 2008 @ 3:03 pm
I just took a little look at the door and there’s a some vulnerabilities that strike me right off the bat.
First off, Trip’s assumption about heat-resistant class seems to be correct, the glass is double-paned with air (typically an inert, low heat-capacity gas like argon) to help the insulation of the building, so shining an IR lamp through the glass may not work. However, the door contains many holes in and around its door jamb, all of which are completely open to the inside (no glass, metal between the outside and inside of the building). Shining an IR lamp (or even a high powered laser that creates heat at its contact point) may be sufficient enough to trip the interior sensor, although the IR source needs to be moving to create the illusion of human movement.
Tailgating seems like a huge issue with automatic doors. There’s no way to forcefully close the doors behind you if someone is attempting to tailgate. With a manual door, you can pull it closed quickly behind you if an adversary is trying to tailgate. With an automatic door, however, the adversary has ample time to slip in the door because of the timed buffer to keep the door open after it notices movement to allow the original user to pass through the doors.
Availability of the door would also be compromised during a power outage. The emergency open feature of the door would have to be engaged, and at that point I’d imagine that there’s no way to close the doors other than to apply force. The emergency pushbar, on the other hand, could just simply disengage the motor from the door, allowing free movement of the door. An earthquake or something similar that disrupts the automatic door’s opening path could also render the door unavailable and possibly damage the doors opening mechanism.
There are also Ethernet issues with the door, but they seem similar to the original vulnerabilities with the old door. 🙂
Comment by kurifodo
March 3, 2008 @ 3:30 pm
One thing to realize also is that there are multiple points of entry into the Allen Building. Namely, if an adversary could get through the old doors, but not the new doors for some reason, then they could always go to the other side of CSE and open the old style doors by the light wall. This goes along with the principle of no security system is stronger than its weakest link.
Also, I thought I would just say I like Trip’s idea of using a heat gun essentially to fool the doors. I would be interested in knowing if this actually works on those doors. Also, I think if I remember right, there are gaps in the top corners of the doors which could allow something small to be inserted from the outside to the inside of the building. This might pose a vulnerability if the adversary had the right tools.
Comment by joyleung
March 3, 2008 @ 11:33 pm
I’ve also noticed on how large the gap is around the door jamb. This probably makes it easy to get all sorts of things into the CS building that you couldn’t get in with the normal doors. Plus, there is a tube (probably containing wires) within easy reach of the gap. I could easily imagine someone cutting those.
Another idea of something an adversary might do with such a convenient opening is pump in smoke which might disrupt the sensor on the door or perhaps trigger the fire alarm.
Does anyone know whether that gap really needs to be there?
Comment by kinme
April 15, 2008 @ 7:31 am
Schneier had a post about this a while back…scary how much people trust technology like this to, in many cases, protect so much! My work employs these on exterior doors and all interior doors, which means trivial access any time for someone smart.
http://www.schneier.com/blog/archives/2006/12/defeating_rfids.html