Securing a UCM Connection - UCM - Products - Comfort Automation/ Security System Forums

Home

Not logged in - Login | Register

Comfort Automation/ Security System Forums > Products > UCM > Securing a UCM Connection

Securing a UCM Connection

Moderated by: slychiu

New Topic

Printer Friendly

Rate Topic

Author	Post

Posted: Thursday Oct 2nd, 2008 02:16 pm

Quote

1^st Post

Tas
Member

Joined:	Monday Feb 11th, 2008
Location:	London, United Kingdom
Posts:	39
Status:	Offline

I am controlling Comfort using an RS232 device which joins a wireless network. The uses are primarily home control and for easy arming of the system at nights. This all works fine but I am wondering how secure it is. If the wireless network were hacked it would be possible to access comfort via it's UCM. I am making the wireless network as secure as possible but I'd really like to make it physically impossible from the comfort end.

Is there a way of restricting what can be performed via a UCM. For example could I prevent a a security off mode change?

Many Thanks,

Tas

Posted: Thursday Oct 2nd, 2008 09:32 pm

Quote

2^nd Post

slychiu
Administrator

Joined:	Saturday Apr 29th, 2006
Location:	Singapore
Posts:	5495
Status:	Offline

The main protection against unauthorised access is the login which is required for the UCM
If there are 5 attempts in succession a Sign in Tamper alarm is generated

Posted: Thursday Oct 2nd, 2008 10:47 pm

Quote

3^rd Post

Tas
Member

Joined:	Monday Feb 11th, 2008
Location:	London, United Kingdom
Posts:	39
Status:	Offline

I can see that this is a good way of protecting against someone who doesn't know the code. The possible attack I am trying to secure against is someone sniffing the network which would give them a valid user code. The problem I have is that via a UCM it seems possible to disarm the system even if that user has no disarm rights in the security configuration feels wrong.

What I'd like to do is restrict the user used bythe remote control so that it cannot disarm the system.

Thanks,

Tas

Posted: Thursday Oct 2nd, 2008 11:00 pm

Quote

4^th Post

mikegriff
Member

Joined:	Saturday Aug 19th, 2006
Location:	United Kingdom
Posts:	103
Status:	Offline

Hi Tas

Surely you are tryiing to do 2 things here

Connect via RS232 all the time internally for control

And provide outside access via the same route

This will aways cause the conflict you have

Surely youre outside access needs to log in to Your local control system

or buy another UCM and use that for your external login

I might be wrong though

Mike

Posted: Friday Oct 3rd, 2008 08:29 am

Quote

5^th Post

Tas
Member

Joined:	Monday Feb 11th, 2008
Location:	London, United Kingdom
Posts:	39
Status:	Offline

Hi Mike,

Thanks for your response but that is not what I am trying to do. I do have other USMs and GSM modeuls but these are secure and I am happy with them.

The problem relates to a single interface between a home control panel and a UCM which is dedicated to this purpose. The interface between these two is wireless and hackable so someone could learn the user code being used and use it to control comfort.

I want a way of restricting what this user code can do. It seems odd to me that a user which doesn't have disarm rights through other means can disarm the system through the UCM.

Last edited on Friday Oct 3rd, 2008 08:31 am by Tas

Posted: Monday Oct 6th, 2008 03:36 am

Quote

6^th Post

slychiu
Administrator

Joined:	Saturday Apr 29th, 2006
Location:	Singapore
Posts:	5495
Status:	Offline

If the user is not allowed to disarm the system via the user authorisation, then he will not be able to use his log in code to disarm the system. A user code which is not authorised to do something will also not be authorised however he/she accesses the system, bu UCM or keypad or telephone

Current time is 08:12 pm

Comfort Automation/ Security System Forums > Products > UCM > Securing a UCM Connection

Top