![]() ![]() The bank employees (aka banker) is a potential adversary who has considerable power.Only the customer should be able to put things in and take things out of the box, so the integrity of it’s contents is also important.Sensitive documents may be stored in the boxes, so confidentiality/privacy of the things customers store in their box is a key security goal.Valuable objects such as gems, precious metals, and currency may be stored in a safety deposit box because of the assumed higher security it offers compared to storing these things at home.Critical legal documents such as wills or deeds may be stored in a safety deposit box in order to protect them from theft or disasters (e.g.I assume that two customers with different boxes cannot be in the room at the same time. If multiple people are listed in the banks’ records for a particular box and provide identification, they can both enter the chamber together. The customer retrieves his key, both leave the chamber and the door is closed behind them. When the customer is finished, he returns the box to its proper location on the shelf and calls for the banker who returns and using the guard key, locks the box back into place, which release both the guard and assigned keys. Then the banker leaves the room closing the transparent door behind her to ensure the customer’s privacy. The guard key is removed from the shelf door while the customer’s key remains in the lock until the box is replaced and locked into place. The banker finds the appropriate shelf location and inserts her guard key and the customer then inserts his key and a small door for the particular shelf is unlocked so that the box can be taken out and brought to a table in the room. ![]() Then, both the banker and customer enter the safety deposit box chamber and the transparent door is closed behind them. Next, an audit trail is maintained by requiring the person who wants to open the box to sign their name and date on a paper list (their identification information and box number information is written by the banker). When the person wants to access the box, I assume the procedure to be as follows: identification is presented and the bank verifies it against a paper list of safety deposit box assignments on file. ![]() According to Wikipedia, some banks are supplementing these mechanisms with a code or biometric access control, however for this review, I assume that only the identifying document, signature, and key are required (and this is my experience with my current bank). driver’s license) and signature and then receives an assigned key. A person requesting to rent a box from a bank initially provides some form of acceptable identification (e.g. Safe(ty) deposit boxes are a common service provided by banks with an established protocol and two-lock system for ensuring security of the valuables stored inside. Beyond that, I was surprised at how interesting something as mundane as a safety deposit box could turn out to be. I was surprised at how stunningly insecure they are (although there may be additional controls I did not know about that banks implement), and am further surprised by the fact that the system is still largely operational. ![]() My review was on safety deposit boxes based on my experience using them. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |