Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
projects:rfid_door_lock [2016/10/06 01:21] jayd |
projects:rfid_door_lock [2016/12/06 11:09] (current) dolf |
||
|---|---|---|---|
| Line 8: | Line 8: | ||
| ===== Introduction ===== | ===== Introduction ===== | ||
| - | Ryan from Pacific Business Services in Dumaguete City asked Project NightOwl, a technology incubator and hacker space at Foundation University, Dumaguete, to develop an RFID-based authentication and authorization system to secure access to their office space. Since NightOwl had already started working on this for their own lab, extending it to a BPO where the internet infrastructure is already provisioned by Foundation University, is feasible. This is an ideal project for NightOwl to take on as it involves Research & Development as well as prototyping based on knowledge and experience present within the team. It also provides the students of Foundation University with an ideal opportunity to get working experience in a product development project for a real client, including the whole project management, quality control and documentation process. Lastly, the client is very interested in the concept of the NightOwl incubator/hackerspace and is extending support by providing additional budget that can be used to buy tools/materials for the NightOwl space. | + | Pacific Business Services in Dumaguete City inquired with Project NightOwl, a technology incubator and hacker space at Foundation University, Dumaguete City, to develop an RFID-based authentication and authorization system to secure access to their office space. Since NightOwl had already started working on this to secure access to the lab space, extending the existing project to matching the requirements or commercial application is the logical next step. |
| + | |||
| + | This is an ideal project for NightOwl to take on as it involves Research & Development as well as prototyping based on knowledge and experience present within the team. It also provides the students of Foundation University with an ideal opportunity to get working experience in a product development project for a real client, including the whole project management, quality control and documentation process. Lastly, the client is very interested in the concept of the NightOwl incubator/hackerspace and is extending support by providing additional budget that can be used to buy tools/materials for the NightOwl space. | ||
| Since this project will be used as part of a commercial operation the quality standards are set much higher than for any prototyping done for internal use. Details are important and bugs are to be solved promptly. Code quality and security are important aspects. | Since this project will be used as part of a commercial operation the quality standards are set much higher than for any prototyping done for internal use. Details are important and bugs are to be solved promptly. Code quality and security are important aspects. | ||
| Line 16: | Line 18: | ||
| * Any software created as part of the project is to be released publicly under an OSS license | * Any software created as part of the project is to be released publicly under an OSS license | ||
| * To ensure that the system can easily be extended at the university the same RFID cards are to be used | * To ensure that the system can easily be extended at the university the same RFID cards are to be used | ||
| + | * Include safety measures in case of calamities | ||
| + | |||
| + | ===== Backlog ===== | ||
| + | * [[projects:rfid_door_lock:backlog:change_reader|Users want to use their FU-issued ID cards for access control]] | ||
| + | * [[projects:rfid_door_lock:backlog:arduino_ethernet|The communication between the doors and the server needs to be done through the network]] | ||
| + | * [[projects:rfid_door_lock:backlog:encryption|The webapplication needs to use encryption to make it more secure]] | ||
| + | * [[projects:rfid_door_lock:backlog:testing|We want to create a testing setup to assure product quality]] | ||
| + | * [[projects:rfid_door_lock:backlog:gorups|Users need to be divided into groups with different permissions]] | ||
| + | * [[projects:rfid_door_lock:backlog:backup_power|Each door needs to have a backup power supply in case of power failure]] | ||
| + | * [[projects:rfid_door_lock:backlog:credentials_cache|Each door needs to contain a cache of recently allowed cards in case of communication failure with the server]] | ||
| + | * [[projects:rfid_door_lock:backlog:powerful_servo|The door lock mechanism needs to be more powerful in order to minimize technical difficulties with the servo]] | ||
| + | * [[projects:rfid_door_lock:backlog:multiple_doors|Different doors/locations need to be controlled from the same application]] | ||
| + | * [[projects:rfid_door_lock:backlog:new_housing|The users want a smaller and nicer looking housing on the doors with access control]] | ||
| + | * [[projects:rfid_door_lock:backlog:different_lock|Users want to leave the room without worrying about the door properly locking]] | ||
| + | |||
| + | |||
| ===== Project Scope and Requirements ===== | ===== Project Scope and Requirements ===== | ||
| - | The overall goal is to provide a secure, easy to use and extensible integrated system of hardware and software for a locking mechanism, RFID based authentication, database driven authorization and a web-based management application of these components, including an audit log. The system should be built securely to prevent unauthorized access and tampering, and be modular so additions to the software and hardware may be made at a later point. | + | The overall goal is to provide a secure, easy to use and extensible integrated system of hardware and software for a locking mechanism, RFID based authentication, database driven authorization and a web-based management application of these components, including an audit log. The system should be built securely to prevent unauthorized access and tampering, and be modular so additions to the software and hardware may be made at a later point. Last but not least safety measures have to be developed to ensure safe operation during emergency situations including, fires, flooding or earthquakes. |
| ==== Software ==== | ==== Software ==== | ||
| Line 36: | Line 54: | ||
| * An RFID scanner that has the same frequency as the FU cards (13.56Mhz) | * An RFID scanner that has the same frequency as the FU cards (13.56Mhz) | ||
| * A network connected controller that is capable of handling authentication, authorization and serving the web application | * A network connected controller that is capable of handling authentication, authorization and serving the web application | ||
| + | * Include a method to open the door quickly from the inside in case of power failure or other calamities | ||
| ==== Possible future additions ==== | ==== Possible future additions ==== | ||
| Line 48: | Line 67: | ||
| Below are the actually required materials for the client. In agreement with Ryan we will later on add extra materials or some equipment to add to our own supply. | Below are the actually required materials for the client. In agreement with Ryan we will later on add extra materials or some equipment to add to our own supply. | ||
| - | ^ Item ^ Links ^ Comments ^ Price (USD) ^ Quantity ^ Total ^ | + | ^ Item ^ Links ^ Comments ^ Price (USD)^ Quantity^ Total^ |
| - | |Raspberry Pi 3 or alternative controller | http://ph.rs-online.com/web/p/processor-microcontroller-development-kits/8968660/ | | 40.95 | 2 | 81.90 | | + | |Raspberry Pi 3 or alternative controller | http://ph.rs-online.com/web/p/processor-microcontroller-development-kits/8968660/ | | 45.00| 2| 90.00| |
| - | |Role of 3D printing filament| https://www.olx.ph/item/3d-printer-filaments-3-0mm-ID6NmZy.html?p=7&h=866709ada5#866709ada5| |25.87 | 1| 25.87 | | + | |Role of 3D printing filament| https://www.olx.ph/item/3d-printer-filaments-3-0mm-ID6NmZy.html?p=7&h=866709ada5#866709ada5| | 30.00.00| 1| 30| |
| - | |5.1V, 1 Output, Micro USB Plug In Power Supply, 2.5A, 13W Official Raspberry Pi Power Supply | http://ph.rs-online.com/web/p/plug-in-power-supply/9098135/| | 9.63| 2 | 19.26 | | + | |5.1V, 1 Output, Micro USB Plug In Power Supply, 2.5A, 13W Official Raspberry Pi Power Supply | http://ph.rs-online.com/web/p/plug-in-power-supply/9098135/| | 12.50| 2| 25.00| |
| - | |RFID Reader | https://www.sparkfun.com/products/10126|13.56-MHz | 29.95| 2 | 59.90 | | + | |RFID Reader | https://www.sparkfun.com/products/10126|13.56-MHz | 35.00| 2| 70.00| |
| - | |Servo | https://www.sparkfun.com/products/9347 | Use the same or stronger as we have at the lab | 13.95 | 2 | 27.90 | | + | |Servo | https://www.sparkfun.com/products/9347 | Use the same or stronger as we have at the lab | 15.00| 2| 30.00| |
| - | |Lock | Dumaguete City,Citi Hardware Store | Lock for a good quality lock, not tampering from the outside, no key outside, possible to interface with servo | 31.08| 1 | 31.08 | | + | |Lock | Dumaguete City,Citi Hardware Store | Lock for a good quality lock, not tampering from the outside, no key outside, possible to interface with servo | 35.00| 1 | 35.00| |
| - | |IFixit Pro Tech Toolkit | https://www.ifixit.com/Store/Parts/Pro-Tech-Toolkit/IF145-307-1 | | 110 | 1| 110 | | + | |IFixit Pro Tech Toolkit | https://www.ifixit.com/Store/Parts/Pro-Tech-Toolkit/IF145-307-1 | | 110.00| 1| 110.00| |
| - | ^Total USD ^ ^ ^ ^ ^ 356^ | + | |Contribution to NightOwl | | | 205.00| 1| 205.00| |
| - | ^Total PHP ^ ^ ^ ^ ^ 17166^ | + | ^Total USD ^ ^ ^ ^ ^ 595.00^ |
| - | + | ^Total PHP ^ ^ ^ ^ ^ 28940.00^ | |
| - | ===== Milestones ===== | + | |
| - | ^ Milestone ^ Title ^ Comments ^ Due date ^ | + | |
| - | | 1. | Draft proposal | discuss and get ok from client. Include budget and planning. | | | + | |
| - | | 2. | Final proposal | | | | + | |
| - | | 3. | Security and privacy evaluation | All physical and electronic vulnerabilities identified and addressed | | | + | |
| - | | 4. | RFID reader and controller design | | | | + | |
| - | | 5. | Management application design | | | | + | |
| - | | 6. | Testing plan | Requirements for testing the system and judge it successful | | | + | |
| - | | 7. | First prototype | Both hardware and software developed and installed | | | + | |
| - | | 8. | First prototype tested and design adjusted | After proper testing, adjust design according to test results | | | + | |
| - | | 9. | Final prototype | Final prototype developed and installed | | | + | |
| - | | 10. | Test period for final prototype completed and evaluated | After a trial period for the customer, evaluate the prototype and adjust design | | | + | |
| - | | 11. | Final version developed and installed | | | | + | |
| - | ===== Work breakdown ===== | + | |
| - | Milestone 1 | + | |
| - | * Research existing (open source) tools and software for reading RFID tags | + | |
| - | * Roughly research different protocols, standards and tools for RFID communication and authentication, resulting in a list with short description of the tools | + | |
| - | * Research rough list of required tools and materials | + | |
| - | * Finalize our list of requirements | + | |
| - | * Make a material list and budget | + | |
| - | * Make a project planning (dates on the milestones) | + | |
| - | * Finalize this project proposal | + | |
| - | * Discuss proposal with client | + | |
| - | * Discuss client requirements | + | |
| - | + | ||
| - | Milestone 2 | + | |
| - | * Adjust proposal | + | |
| - | * Discuss proposal with client and get final OK | + | |
| - | + | ||
| - | Milestone 3 | + | |
| - | * Evaluate potential physical attack vectors (tampering with the hardware) | + | |
| - | * Evaluate potential local software attack vectors | + | |
| - | * Evaluate potential remote software attack vectors | + | |
| - | * Evaluate potential privacy flaws | + | |
| - | * Make software security management plan (signaling and updating security updates) | + | |
| - | + | ||
| - | Milestone 4 | + | |
| - | * Study different standards and protocols regarding RFID/NFC authentication | + | |
| - | * Research the possibilities for the connection of the controller to the door lock | + | |
| - | * Research different libraries for RFID-reader/controller communication | + | |
| - | * Research different hardware components, their functioning and available libraries and tools | + | |
| - | * Create a technical design for the RFID reader, it's controller and the lock | + | |
| - | + | ||
| - | Milestone 5 | + | |
| - | * Research different open-source authentication and authorization packages supporting RFID | + | |
| - | * Make a technical design of the management software | + | |
| - | + | ||
| - | Rest: | + | |
| - | * Get a final OK for the the designs | + | |
| - | * Order parts | + | |
| - | * Start writing software | + | |
| - | * Make a software and hardware testing plan | + | |
| - | * Install first prototype | + | |
| - | * Train the client on use of the prototype | + | |
| - | * Test first prototype | + | |
| - | * Adjust design, hardware and software according to test results | + | |
| - | * Install final prototype | + | |
| - | * Let user evaluate the system for a while | + | |
| - | * Evaluate the system with the user in a feedback session | + | |
| - | * Create the final version based on the client's feedback | + | |
| - | * Install and test the final version | + | |
| ===== Design ===== | ===== Design ===== | ||
| Line 127: | Line 84: | ||
| * Controller | * Controller | ||
| * Authentication and Authorization protocols and software (See also {{ :projects:privacy-preserving_authorized_rfid_authentication_protocols.pdf | the article on Privacy Preserving Authorized RFID Authentication Protocols}}) | * Authentication and Authorization protocols and software (See also {{ :projects:privacy-preserving_authorized_rfid_authentication_protocols.pdf | the article on Privacy Preserving Authorized RFID Authentication Protocols}}) | ||
| - | * Management webapplication | + | * Management web application |
| * Security and privacy | * Security and privacy | ||
| - | * | ||
| ===== Progress ===== | ===== Progress ===== | ||
| - | We made a 3D design for the connection between the servo and the lock, and a design for the mounting of the servo to the door. The files can be found on https://github.com/Waterspace/servo-lock-mount. If you click on the stl files, github shows you an interactive 3D view of the model. | + | * Students have started on the code side of the management and authentication application. |
| - | + | * We made a 3D design for the connection between the servo and the lock, and a design for the mounting of the servo to the door. The files can be found on https://github.com/Waterspace/servo-lock-mount. If you click on the stl files, github shows you an interactive 3D view of the model. | |
| - | The model has been printed, and after some tweaking, a heat gun and superglue we got it to fit! So now we need to create a casing for the electronics and hook everything up! | + | * The model has been printed, and after some tweaking, a heat gun and superglue we got it to fit! So now we need to create a casing for the electronics and hook everything up! {{:projects:servo_lock_mount.jpg?400|}} |
| - | + | * The code for the current arduino version [[https://github.com/Waterspace/arduino-rfid-lock|can be found on github]]. | |
| - | {{:projects:servo_lock_mount.jpg?400|}} | + | |
| - | + | ||
| - | The code for the current arduino version [[https://github.com/Waterspace/arduino-rfid-lock|can be found on github]]. | + | |
| ===== Interesting links ===== | ===== Interesting links ===== | ||
