SmartSense Releases

SmartSense 1.2.0

This version introduces two factor authenticator with simultaneous login, forgot password and browser enrollment features.

Compatibility

  • GBDS 4.5.6 or later
  • Database: Compatible with the dump found in the release folder

MD5 Checksum: 53a95a168567282db89e704ce456157c

Setup:

On sphinx.settings table:

Insert into sphinx.settings (NAME,TYPE,VAL) values ('checkDevice', 'APPS', 'false');
  • Name: checkDevice
  • Description: Enables browser enrollment feature (verifies if current browser is the one allowed previously)
  • Type/Range: Boolean
  • Path: settings table of sphinx.settings
  • Default: false
  • Required: No
Insert into sphinx.settings (NAME,TYPE,VAL) values ('forgotPasswordAllowed', 'APPS', 'false');
  • Name: forgotPasswordAllowed
  • Description: Enables forgot password feature (allows user to reset their password if forgotten)
  • Type/Range: Boolean
  • Path: settings table of sphinx.settings
  • Default: false
  • Required: No
Insert into sphinx.settings values ('twoFactorAuthentication', 'APPS', 'true');
  • Name: twoFactorAuthentication
  • Description: Enables two factor authentication
  • Type/Range: Boolean
  • Path: settings table of sphinx.settings
  • Default: false
  • Required: No
Insert into sphinx.settings values ('maxNumberTries', 'APPS', '5');
  • Name: maxNumberTries
  • Description: Sets the maximum number of unsuccessful login attempts a user can make before having their account blocked
  • Type/Range: Integer
  • Path: settings table of sphinx.settings
  • Default: 5
  • Required: No

On server’s config.properties:

gbds.etrUser=system
  • Name: gbds.etrUser
  • Description: Should receive the string “system” as value if the server works with keys mismatch exceptions. It’ll synchronize these types of exceptions after restarting or polling ETR server.
  • Type/Range: String
  • Default: null
  • Required: Yes
codeValidTime=10
  • Name: codeValidTime
  • Description: Maximum duration that the temporary code sent by e-mail is valid for forgot password and browser enrollment flows. The duration is represented in minutes and it’s validated only once, when server starts.
  • Type/Range: Integer
  • Default: 10
  • Required: No
deviceTime=6
  • Name: deviceTime
  • Description: Represents the period of months that a browser’s guid will be valid.
  • Type/Range: Integer
  • Default: 6
  • Required: No
email.host=null
  • Name: email.host
  • Description: E-mail server URL.
  • Type/Range: String (e.g smtp.gmail.com)
  • Default: null
  • Required: Yes
email.host.port=null
  • Name: email.host.port
  • Description: E-mail server port.
  • Type/Range: Integer (e.g 587)
  • Default: null
  • Required: Yes
email.from=null
  • Name: email.from
  • Description: E-mail address that will be used as sender.
  • Type/Range: String (e.g bravonotifier@gmail.com)
  • Default: null
  • Required: Yes
email.password=null
  • Name: email.password
  • Description: Encrypted sender e-mail address password.
  • Type/Range: String (e.g xed3HZAA3+7umD+YFUgz6/AXbqGnMY/oLSRu6355xdA=)
  • Default: null
  • Required: Yes
  • Observation: The encryption method should be the same used for database’s passwordjava -jar encrypt.jar PASSWORD_HERE
ldap.user=null
  • Name: ldap.user
  • Description: User to be used in LDAP service.
  • Type/Range: String (e.g bravoadm)
  • Default: null
  • Required: Yes
ldap.password=null
  • Name: ldap.user
  • Description: LDAP service user’s password.
  • Type/Range: String (e.g Griaule.123)
  • Default: null
  • Required: Yes

New Features

[NF-001][CNF][OPT] Simultaneous login.

With this feature it’s not possible to have the same profile logged more than once in the same application. If an user is already logged and another access happens, using its username and password, the user with the oldest access will be warned and logged out in their next action.

[NF-002][CFN][OPT] Two factor authenticator and max number of tries.

This feature improves a user’s login security if desired by requiring the user to type a 6 digits code from their Google Authenticator app. If it’s their first login, the app will display a QRCode so the user can register a device. For the second login and beyond, it’ll always ask for the numeric code displayed in the registered device.

This feature also sets the maximum number of unsuccessful login attempts a user can make before having their account blocked.

[NF-003][CNF][OPT] Forgot password.

Users now have a new option at login screen that they can reset their password if it was forgotten. After clicking on it, they must inform their username and they will receive an e-mail with a temporary code. After typing the code successfully, they can type a new password, following the rules described in the screen.

[NF-004][CNF][OPT] Browser enrollment.

Users now will be informed that they are attempting to access the application from a new browser if they change the browser they are accessing it. They must return to the previous browser or authenticate the new one, revoking the access from the previous browser. To authenticate the new browser, they must type a code received in their e-mail correctly.

Bug Fixes

[BF-001][SMART-120] Fixed synchronization of transactions performed in GBDS (enrolls, updates and searchers).

There were cases where a GBDS response field was unexpected and as a result the synchronization could break.

[BF-002][SUP-489] Adjusted load balancing pooling for first execution.

Fixed the load balancing pooling affected by first time executions since the parameter poolingLoadBalancing.last from config.properties was empty.

SmartSense 1.1.0

Added Kafka Queue, Transactions List and Transaction View.

Compatibility

  • GBDS 4.2.0 or later
  • Database: Compatible with the dump/upgrade found in the release folder

MD5 Checksum: e12e463f909e5d2f0161c58820a60c36

New Features

[NF-001][SMART-91][UI] New kafka queue page.

[NF-002][SMART-92][EP] Consume API to fetch kafka queue.

[NF-003][SMART-93][EP] Create kafka queue endpoint.

[NF-004][SMART-94] Service to consume kafka queue from GBDS.

[NF-005][SMART-95][DB] Insert notification in new database sphinx.notification_queue.

  • The new columns are as following:
    • notification_id bigint(20) NOT NULL AUTO_INCREMENT
    • notification_timestamp TIMESTAMP NOT NULL
    • operation VARCHAR(255) NULL
    • application_id VARCHAR(255) NULL
    • sender VARCHAR(255) NULL
    • message VARCHAR(255) NULL
    • recipient VARCHAR(255) NULL
    • read_message int NULL
    • PRIMARY KEY (notification_id)

[NF-006][SMART-97][UI] New transaction list page.

[NF-007][SMART-98][EP] Consume API to fetch transaction list from back end.

[NF-008][SMART-99][UI][EP] Added tguid/pguid/keys/labels/biographic filters.

[NF-009][SMART-100][UI][EP] Added date/time filters.

[NF-010][SMART-102][UI] New transaction details page.

[NF-011][SMART-103][UI] Download biometrics from transaction details page.

[NF-012][SMART-104][UI] Add transaction details problems with popover and copy features.

[NF-013][SMART-105][UI] Add processing time with popover and copy features.

Bug Fixes

[BF-001][SMART-109][UI] Fixed transactions list timestamp format.

SmartSense 1.0.0

First version of Smart Sense Web

Compatibility

  • GBDS 4.2.0 or later
  • Database: Compatible with the dump found in the release folder

MD5 Checksum: aa24df36d3f9446c0eeb0f7eeb177437

New Features

[NF-001][SMART-9] Created Nodes List screen and added a search bar, a refresh button and a button to add nodes;

[NF-002][SMART-11] Created Node Details screen and added two tabs, Services and Resources. The first one shows what are the services on that node and their statuses, while the second one shows the node’s hardware information (disk usage, ram usage, transmission rate, etc);

[NF-003][SMART-12] Created Configuration Comparison screen, where the user can select a configuration file and a reference node and compare that configuration file between all nodes;

[NF-004][SMART-13] Created Transaction History screen and added five tabs (Identify, Identify(Latent), Verify, Enroll, Update). On each tab, an interactive Kibana graph is displayed, showing that tab’s data;

For this feature, it is necessary to have ELK installed and configured properly. Also, it is needed to have the following parameters in config.properties:
linkVerify=<link to Kibana dashboard>
linkIdentify=<link to Kibana dashboard>
linkIdentifyLatent=<link to Kibana dashboard>
linkEnroll=<link to Kibana dashboard>
linkUpdate=<link to Kibana dashboard>

[NF-005][SMART-29] Created Port Sweep screen, where the user can select an IP and a list of ports. After that, it will do a port sweep and display the results on a table;

[NF-006][SMART-74] Added English translation