Hardware Reference
In-Depth Information
Security analysis of the biometric system
How secure is our biometric system? While it does prevent software on the BBB from us-
ing the CryptoCape until a valid fingerprint is accepted, the system is easily defeated by
pulling (or cutting) the line from D2 to SCL. Without the electrical connection, the AT-
mega can't interfere with the I2C bus. However, depending on your installation, an attacker
may have a difficult time physically accessing the hardware. The process of assessing vul-
nerabilities and mitigations to those vulnerabilities is known as threat modeling . In the
previous chapter, the Tor design stated that it can't defend against a global passive ad-
versary. In your implementation of our biometric system, maybe access to the jamming line
is not a threat because you've placed your BBB in an adamantium box. There is no per-
fectly secure system so a threat model helps us understand the strengths, weaknesses, and
assumptions of our system. We'll see more threat modeling in our final two chapters.
Search WWH ::




Custom Search