SANS 1718-10-2009 Gaming equipment Part 10 Server-based gaming systems《游戏设备 第10部分 基于服务器的游戏系统》.pdf

1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA

2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any

3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-22039-6 SANS 1718-10:2009Edition 1SOUTH AFRICAN NATIONAL STANDARDGaming equipment Part 10: Server-based gaming systems Published by SABS S

4、tandards Division 1 Dr Lategan Road Groenkloof Private Bag X191 Pretoria 0001 Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS SANS 1718-10 Edition 1 Table of changes Change No. Date Scope Foreword This South African standard was approved by National Committee SABS SC 71G, Information t

5、echnology Gaming, in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. In South Africa all matters relating to gaming, gambling and horse racing are controlled through the following National and Provincial Acts: Eastern Cape Gambling and

6、Betting Act, 1997 (Act No. 5 of 1997) Free State Gambling and Racing Act, 1996 (Act No. 6 of 1996) Gauteng Gambling Act, 1995 (Act No. 4 of 1995) KwaZulu-Natal Gambling Act, 1996 (Act No. 10 of 1996) Mpumalanga Gambling Act, 1995 (Act No. 5 of 1995) National Gambling Act, 2004 (Act No. 7 of 2004) No

7、rthern Cape Gambling and Racing Act, 1996 (Act No. 5 of 1996) Northern Province Casino and Gaming Act, 1996 (Act No. 4 of 1996) The North West Gambling Act, 2001 (Act No. 2 of 2001) Western Cape Gambling and Racing Act, 1996 (Act No. 4 of 1996) The requirements of these Acts and any Regulations prom

8、ulgated in terms of these Acts, as amended from time to time, take precedence over the requirements of this document. Any reference to “legislation”, “national legislation” or “national and provincial legislation“ in this document means reference to the applicable provisions or requirements in the a

9、bove-mentioned Acts or in their Regulations. This document was published in February 2009. SANS 1718 consists of the following parts, under the general title Gaming equipment: Part 1: Casino equipment. Part 2: Limited payout gaming equipment. Part 3: Monitoring and control systems for gaming equipme

10、nt. Part 4: Wagering record-keeping software. Part 5: Local area and wide area jackpot and progressive jackpot equipment. (In course of preparation.) Part 6: Not used. Part 7: Tokens. Part 8: Roulette wheels. Part 9: Central monitoring system for limited payout machines. Part 10: Server-based gaming

11、 systems SANS 1718-10 Edition 1 1 Contents Page Introduction 2 1 Scope 3 2 Normative references 3 3 Definitions and abbreviations 4 3.1 Definitions 4 3.2 Abbreviations . 5 4 General requirements 6 4.1 Requirements for peripheral equipment 6 4.2 Requirements for the games 6 4.3 Time stamping . 6 4.4

12、Requirements for system backup 7 5 Software requirements 7 5.1 Logical security 7 5.2 Changes to parameters . 7 5.3 Reporting capabilities. 7 5.4 Data recovery. 8 5.5 Software control . 8 5.5.1 Software version control 8 5.5.2 Software submission and testing 8 5.5.3 Source code 8 5.6 Software verifi

13、cation. 9 5.6.1 Formal application configuration (FAC) 9 5.6.2 Application software 9 5.6.3 FAC verification description detail. 10 5.6.4 FAC verification methodology . 10 5.6.5 Execution of the FAC verification tool. 11 5.6.6 Failure of FAC verification. 11 5.7 Recovery from master resets. 12 5.8 D

14、ownloadable software and games. 12 SANS 1718-10 Edition 1 2 Introduction The requirements in this part of SANS 1718 are supplementary to and do not replace any of the requirements of relevant Acts (see foreword) or supporting Regulations of the legislative authorities in South Africa. The intention

15、of this part of SANS 1718 is to place sufficient controls on software and operations to ensure that wagering is fair, safe, secure, reliable, and auditable. It is not the intention of this standard to unreasonably mandate a single solution or method of realizing an objective, limit technology applic

16、ation of software, limit creativity and variety of choice, limit marketability, or advantage any supplier or manufacturer of software. Alternative implementations to the requirements contained in this part of SANS 1718 will be considered on a case-by-case basis by the provincial licensing authority

17、(PLA). Situations or considerations arising from evaluation of systems that have not been addressed in this part of SANS 1718 (e.g. owing to omissions or to the use of new technology) will be resolved at the sole discretion of the PLA as part of the approval process. SANS 1718-10 Edition 1 3 Gaming

18、equipment Part 10: Server-based gaming systems 1 Scope This standard gives requirements for all computer system configurations and their associated components used for server-based gaming. The requirements include, but are not limited to a) gaming devices comprised of a collection of conventional ga

19、ming devices or client stations connected to a system for the purposes of downloading games or control programs but capable of operating independently such that the game outcome is determined by the gaming device or client station and not by the system, and b) gaming devices comprised of a server or

20、 system part and client stations that, together, form a single integrated device where the system portion of the game determines the outcomes of the individual games conducted on the client stations and the client stations cannot operate independently from the system. This standard also covers situa

21、tions where the servers might be situated off-site but all player interaction for the purposes of gambling takes place on licensed premises. It does not include additional requirements that might be specified by the PLA for applications where the server is based off-site. NOTE 1 If the regulator per

22、mits such configurations then there might be additional requirements for security of data transfer between the licensed premises and the game server. NOTE 2 A system might be comprised of one or more servers, any server might contain games supplied by different manufacturers, and there might be a se

23、parate server for monitoring and control. However, separate networks for the gaming server(s) and the monitoring and control system are not mandated. It is also not mandated whether the system is to be a single computer server or multiple computer servers. 2 Normative references SANS 1718-1, Gaming

24、equipment Part 1: Casino equipment. SANS 1718-2, Gaming equipment Part 2: Limited payout gaming equipment. SANS 1718-3, Gaming equipment Part 3: Monitoring and control systems for gaming equipment. SANS 1718-9, Gaming equipment Part 9: Central monitoring system for limited payout machines. SANS 8601

25、/ISO 8601, Data elements and interchange formats Information interchange Representation of dates and times SANS 1718-10 Edition 1 4 3 Definitions and abbreviations 3.1 Definitions 3.1.1 advanced funds transfer electronic funds transfer system whereby credits are transferred to or from a player termi

26、nal by any means other than coins, tokens or banknotes 3.1.2 Certification Authority authority appointed to certify all GDs, both hardware and software 3.1.3 critical data data contained in critical memory as follows: a) all metering required by this part of SANS 1718; b) GD or game configuration da

27、ta (or both); c) information that pertains to the last five games (including the current game, if incomplete); d) software state (the last normal state the GD software was in before interruption); e) current credits; and f) information regarding any significant events. NOTE Information pertaining to

28、 the last five games is only required if applicable to that type of GD. 3.1.4 critical memory memory locations for storing critical data 3.1.5 formal application configuration document listing the approved software and parameters for a server-based gaming system and its components by the manufacture

29、r or supplier 3.1.6 gaming device any device used for gaming purposes, including the monitoring and control system, player terminals, host, data controller unit, bank controller or any combination of these, including software 3.1.7 legislation national or provincial Act (see foreword) that deals wit

30、h gambling, gaming, wagering, betting or horse-racing and any regulation or rule made in terms of such Act 3.1.8 master reset intentional memory clear of the RAM and other volatile memory of a GD 3.1.9 memory locations within the GD for storing electronic data, and the data stored therein SANS 1718-

31、10 Edition 1 5 3.1.10 monitoring and control system central monitoring system host, data controller unit, bank controller and communications interface to each player terminal and the connections between them 3.1.11 player terminal client station physical device provided as the interface to the playe

32、r for the purposes of game play or betting and which might include EFT, AFT or cash handling devices 3.1.12 provincial licensing authority body responsible in terms of the relevant legislation (see foreword) for issuing and controlling GD approvals 3.1.13 return to player ratio of total winnings to

33、the total turnover, expressed as a percentage 3.1.14 significant event set of operational conditions to be recorded by the monitoring and control system for GDs during a game, during idle mode or during data interchange with another GD 3.1.15 standard time time according to the time information avai

34、lable from NTP servers maintained by the South African National Metrological Laboratory NOTE Time signals should preferably be derived from the secondary (Stratum 2) server available at http:/www.tock.nml.csir.co.za. More information on synchronizing a personal computers (PC) internal clock with the

35、 NTP server is available at http:/ 3.1.16 test laboratory laboratory whose test results are accepted by the CA 3.1.17 turnover handle monetary value of the total of all cash or credits (or both) staked on game play 3.1.18 win award prize number of credits or monetary value awarded to the player as a

36、 result of a winning combination or combinations at the end of a single play within a game 3.2 Abbreviations AFT: advanced funds transfer CA: Certification Authority CD: compact disk DVD: digital video disk EFT: electronic funds transfer SANS 1718-10 Edition 1 6 EPROM: erasable programmable read-onl

37、y memory FAC: formal application configuration GD: gaming device MCS: monitoring and control system PIN: personal identification number PLA: provincial licensing authority RNG: random number generator RTP: return to player TL: test laboratory 4 General requirements 4.1 Requirements for peripheral eq

38、uipment The requirements for player terminals, including game design and artwork, are contained in SANS 1718-1. The requirements for the monitoring and control system and all communication systems are contained in SANS 1718-3. If the regulator permits server-based gaming technology to be used for th

39、e limited payout machine routes, then reference should be made to SANS 1718-2 for additional requirements for such player terminals and to SANS 1718-9 for the requirements for the connection of these to the central electronic monitoring system. 4.2 Requirements for the games 4.2.1 Games offered for

40、play shall comply with the relevant requirements of SANS 1718-1, but references in SANS 1718-1 to reportable events occurring on a player terminal (e.g. configuration changes) are understood to also refer to such events occurring on or at the server. 4.2.2 Configuration or parameter changes to games

41、 shall not occur while play is in progress. Play shall be deemed to have stopped when there are no credits on the credit meter and where either a cash-out has occurred or there has been no play for at least three minutes. 4.3 Time stamping 4.3.1 All game results, messages, significant events or play

42、er-related information (if applicable) transmitted on the system shall be suitably time stamped in the following format: C C Y Y M M D D h h m m s s . f f Z Where each of the characters with the exception of the last is a substitute for a single digit: CC represents the centuries (19-99), YY represe

43、nts the years (00-99), MM represents the actual month (01-12), DD represents the actual day of the month (01-31), hh represents the actual hour of the day (00-23), mm stands for the minutes of the hour (00-59), ss represents the seconds of the minute (00-59), and ff is an abbreviation for fractions

44、of a second without trailing 0. The Character Z (Zulu Time) stands for Universal Time Coordinated (UTC). The square brackets around fractions of a second (i.e. .ff) denote that the use of this part of the time stamping sequence is optional and depends on the application. SANS 1718-10 Edition 1 7 NOT

45、E This format complies with the requirements of SANS 8601/ISO 8601, Data elements and interchange formats Information interchange Representation of dates and times 4.3.2 All time stamping shall be done in South African standard time as provided by the CSIR National Metrological Laboratory (NML). 4.4

46、 Requirements for system backup 4.4.1 It shall be possible to backup all critical data, comprising financial, audit, security and significant event information, on a daily basis. NOTE The length of time that backups must be retained is defined in legislation (see foreword). 4.4.2 All active componen

47、ts in the system that carry data shall be supplied from uninterruptible power supplies that, in the event of a mains power outage, allows sufficient time for the system to be shut down in an orderly manner without the loss of any data. 5 Software requirements 5.1 Logical security 5.1.1 The operating

48、 system of the computer(s) and applications running thereon shall provide for multi-level password security. 5.1.2 All devices connected to the systems (including operator terminals) shall provide security against illegal or unauthorized access. 5.1.3 All programs and important data files shall only

49、 be accessible by means of passwords. 5.1.4 All PINs and passwords in the system shall be stored in an encrypted, non-reversible form. 5.1.5 Use of the system for development or testing shall be completely logically separated from the live system and its database. 5.1.6 A program shall be available that will list all registered users on the system, including their privilege level. 5.1.7 All data sent over the network shall be encrypted by an algorithm similar to those defined in SANS 18033 Information Technology Security tec