Access Control

4

After the Arduino course, I worked a bit on the access control system.  I managed to solder the whole lot and tested it.  The current version works using the Arduino Ethernet Shield; Tobie and I are working on the GSM version, which will be integrated into this soon.

The current version runs a small webserver and a GET request with the correct password will open the security gate.  This is not very secure, so I am looking at adding some security (was thinking about code-hopping + SHA).  User access will be mastered on the management system.  A local copy could be stored on the SD card, to enable off-line operations.

I need to some help with the web side of things:

  • a management console – add/edit/delete users
  • backend, including sync with house controller
  • smartphone friendly page with buttons to open the car gate, front door, alarm system, security gate etc.
Posted in: Arduino, Builts, House Setup

This article has 4 comments

  1. hcvst 08/14/2011, 3:41 pm:

    Very nice. How can I help with the webend? You can interface with any service, can’t you. How about using a free CouchDB backend at http://www.iriscouch.com?

  2. skullkey 08/14/2011, 4:37 pm:

    Need nice simple clean design (I like the stuff you did for startup weekend),
    1. login using openid etc,
    2. user mapped to basic roles,
    3. admin login: get to add/delete/modify/view user info probably want ability to keep address list for H4H, i.e. user, email, cellphone – very simple for now.
    4. User login: can see buttons (big nice friendly) – gate, security, door etc. press button does a GET to the houseserver with userid and code – the code is generated by the webserver-> new code for every request and hashed and included in the GET arguments – maybe easier to chat about the details face to face. Check out http://en.wikipedia.org/wiki/Rolling_code for details on code hopping.

    Ideally user login should happen with openid etc. and use cookies to maintain the session always, don’t really want to have to login everytime before opening the gate.

    Does this make sense?

  3. Andrew 08/15/2011, 7:58 am:

    Why openID? This is pretty much an offline system, id say implement with a cellphone number and password, set the cookies to last for say a month at a time (although this isnt the best idea).

    I’ll be more than happy to help write a web backend, but i really think that at this stage it should be kept as simple as possible, ie, 2 pages (users/admins) etc..

    -AM

  4. skullkey 08/15/2011, 8:58 am:

    100% agree – this is two pages, my only thing was that I want to GET parameters to only work once, i.e. once a certain GET has opened the door, the same code won’t work again. The system would then have to generate a new code in the hopping sequence . This is the same way car remotes etc work to prevent replay attacks. This is a bit of a transistion from the GSM, but gives lots more flexibility. The end result is however a more online solution, even if it is just online on the local wireless lan.

Leave a Reply

Get involved

Mailing List / Forum:
Google Group

IRL:

Courses:

Subscribe for course announcements





Meta