Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Open Source Access Control System

No description
by

Joshua Montgomery

on 21 March 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Open Source Access Control System

Open Source Access Control System
Securing the Center for Entrepreneurship
Entrepreneurship Center Requirements
Conspicuous Security
24x7 Access
Multiple Security Zones
Dozens of Keys
Group Based Permissions
Security Auditing
Raspbian Solution for
Extensible RFID Access
Securing the Center for Entrepreneurship
RFID - The State of the Art
Modern Security Requirements
Solution Overview
Building an RFID System
Cost & Future Expansion
RFID - State of The Art
Existing RFID Access Systems
Proprietary Software
Untested / Insecure
Unstable (Windows)
RS485 Serial Interfaces Common
Stand Alone Systems
Limited Users
No Auditing
Expensive!
$200 - $1,000 Per Reader (Not Including Lock)
Modern Security Requirements
Network Connected
Use TCP/IP to connect
WiFi Compatible
Key Based Encryption
Securely Encrypt Network Traffic
Two Factor Authentication
Brute Force Resistant
Revokable Credentials
Fail Secure
Low Power Usage
Power Over Ethernet
Extensible

Hardware Overview
Hardware Build
Software Overview
On boot Raspbian logs in as unpriviliged user
.bashrc puts user into terminal application
Special characters are disabled
Bash script waits for input from reader
RFID Reader "types" serial over USB
Script uses key based SSH session to pass credentials to server
Server responds with status & error codes
Logs request
Raspbian takes appropriate action
Opens Relay
Plays Sound (Optional)
Plays Video (Optional)
Software Detail (Reader)
Install Vanilla Raspbian
Install wiringPi (Controls GPIO)
Add User rfid
Create SSH Key
Copy SSH Key to Server
Change tty fonts
Set rfid to automatically login
Add rfid.sh to .bashrc
Reboot

Software Detail Server
Add user RFID
Add rfidserver.sh
Add passwd, group
Passwd:
07626294:Joshua Montgomery:2e8c29a21fc0baa7a13fe98822bd8a5d
07765318:Kris Adair:4dd2f40ff0f2cb75ca7117f45085c046
04208196:Tim Middleton:095269d3340407454510769b7424f01c

Group:
# Built In
500:
# Users
1001:Users:07626294:07765318:04208196
1002:Admins:07626294:07708196:07765028:05624580:07707684
#Objects
10001:1001:Users:1002:Admins
10002:1002:Admins

Software Detail Server (Cont.)
Add config files
# Description of object
Description=Entreprenurship Center Front Door

# Require 2 factor authentication (Default Yes)
TwoFactor=no

# Default hours of operation. These should be presented in 24 hour format:
# i.e. DOTW=0800:1700
# If the facility is closed, set the hours to:000:000
# The default settings are 0800 to 1700 weekdays.
DefaultHours=Mo,0000;2359:Tu,0000;2359:We,0000;2359:Th,0000;2359:Fr,0000;2359:Sa,0000;2359:Su,0000;2359

# If there are special hours for groups, set the first field to the GroupID along with the hours:
# SpecialHours1001=Mo,0800;1700:Tu,0800;1700:We,0800;1700:Th,0800;1700:Fr,0800;1700:Sa,0000;0000:Su,0000;0000

Project Cost
Door with LCD / Keypad / Maglock - $281.49

Simple Door with Maglock - $181.99

RFID Relay - $97.08

Future Development
Open source webapp for user management
Local credential caching (improved latency)
Plugin scripts
Twitter integration
Voice paging
Full transcript