Date post: | 28-Dec-2015 |
Category: |
Documents |
Upload: | cynthia-jennings |
View: | 215 times |
Download: | 0 times |
Team 6:Faisal Moiz
Raymond NnodimMichael Woodruff
Instructor:Dr. Bun Yue
Mentor:Craig Russell – Tietronix Software
1
Capstone – Spring 2012Android Smart Card ID Checker
Presentation Overview
• Background• Requirements• Design• Demo• Results
Presentation Overview
• Background• Requirements• Design• Demo• Results
PIV Cards• Background• Requirements• Design
• Demo• Results
• HSPD-12 (Aug. 2004)– Presidential Directive to
create a government-wide standard ID
• FIPS 201 (Feb. 2005)– NIST standard to fufill
HSPD-12– Defines PIV card
http://openidtrustbearer.files.wordpress.com/2009/12/generic-piv.png
PIV Smart Card
• Microprocessor and Storage• Contact or NFC Contactless
• NFC is – Standardized – ISO/IEC 14443 – High Frequency – 13.56 MHz– Short Range – 10cm or less
http://www.idwholesaler.com/images/learning-center/combi-card.gif
• Background• Requirements• Design
• Demo• Results
Presentation Overview
• Background• Requirements• Design• Demo• Results
Purpose of Project
• Johnson Space Center (JSC) personnel are all assigned PIV cards
• The PIV cards are visually inspected by security at entrances
• Using portable PIV scanners would help to increase security
• Background• Requirements• Design
• Demo• Results
Why Use Android?
• Purpose-built scanners– Expensive– Too big or small screen
• Android– Many new models support NFC– Inexpensive– Lightweight with big screen– Lots of features
http://ww1.prweb.com/prfiles/2010/09/06/4467994/gI_0_0_DSC00111.jpg
$4,700
http://www.kestronics.com/catalog/images/IT-800.jpg
$1,431
$200 - $450
MaxID IDL500 CASIO IT-800
Samsung Galaxy Nexus
• Background• Requirements• Design
• Demo• Results
http://1.androidauthority.com/wp-content/uploads/2012/01/Samsung-Galaxy-Nexus-vs-droid-razr-maxx-600x378.jpg
Requirements
• Use Android smart phone to read NFC cards • Use ID number read to query remote database
and display digital replica of ID card• Display additional personnel details • Display warnings such as revoked or expired
cards• Log time and location of scans• Log and photograph Guests• Should work offline
• Background• Requirements• Design
• Demo• Results
Presentation Overview
• Background• Requirements• Design• Demo• Results
Architecture
Local Database
Remote Database
Web Server
• Background• Requirements• Design
• Demo• Results
RemotelyGenerated
PhoneGenerated
Card
Guest LogScan Log
PersonBelongs To
Updates
1 1
1
M
• Background• Requirements• Design
• Demo• Results Data Model
Pull Personnel Records
Remote Database
Local Database
Request records
Send records
Save records to local database
Web Server
• Background• Requirements• Design
• Demo• Results
QueryRemoteDatabase
Scan Card
Local Database
Save Scan/Guest Logs
Remote Database
Request records
Send records
Web Server
• Background• Requirements• Design
• Demo• Results
QueryRemoteDatabase
Retrieve Personnel Data Locally
Local Database
Use Local Database
Web Server
• Background• Requirements• Design
• Demo• Results
Push Logs
Local database
Push Scan/Guest Logs
Logs Received
Confirmation
Delete Logs from Local Database
Retrieve Logs to send from localdatabase
Remote Database
Web Server
• Background• Requirements• Design
• Demo• Results
Store LogsIn RemoteDatabase
Presentation Overview
• Background• Requirements• Design• Demo• Results
http://dcm.uhcl.edu/caps12g6/api/webforms/recentscanlogs/
http://dcm.uhcl.edu/caps12g6/api/webforms/recentguestlogs/
Presentation Overview
• Background• Requirements• Design• Demo• Results
Challenges
• Getting Equipment– Hard to find suitable cards– No local sellers
• Writing to PIV cards– Complicated specification and limited software
• Integrating Client and Server– Network communications– Translating data too and from XML
• Working with Different Android Phones• Using Different Vendors’ Cards
• Background• Requirements• Design
• Demo• Results
Future Work
• Security Enhancement– Use encrypted portion of card– Require authentication for app– Use secure connection– Encrypt local data
• Performance Enhancement– Custom made server application– Compress XML or use binary data format
• Background• Requirements• Design
• Demo• Results
Conclusion
• Android is a good platform for reading PIV cards– The phones are cheap and fast– Android has a native API for NFC– However, there are difficulties running the app on
different hardware/Android version• Reading cards can be difficult
– The NFC reader on the phone can sometimes be underpowered
– Some models of card read better than others• There would be extra steps for security
personnel, but enhanced security
• Background• Requirements• Design
• Demo• Results