KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

Physical access control system using mobile phones/smart cards

Domain:Physical Access Control

Status: Completed
Contact Person(s):   Faisal Karim BhuttaAbdul Ghafoor, Muhammad Awais Shibli

Date of Completion: January, 2014 

Currently, physical identity verification to enter in an organization is based either on manual process or simple RFID cards. The manual procedure of verification increases the probability of threats to the lives of our gatekeepers and employees of security agencies. RFID card system is comparatively better but it does not ensure the strong verification of identities as by applying simple attacks, any unauthorized person can enter in an organization without any identity verification. 

We are proposing a solution to extend current systems by providing smart card based access control (FIPS-201), which will not only overcome the shortcomings of current identity verification processes but will also provide extended security features using standard security practices. We will also extend our system to use our mobile devices for location based identity verification without compromising exiting security features. The project has three purposes:

  1. To use the current concept and implementation of open source security providers and APIs for smart card based Physical Access Control through additional applied R&D activities;
  2. To perform analysis of technical and economic requirements and prerequisites for deployment of the Physical Access Control Systems in an organization;
  3. To perform initial deployment and field tests of the Physical Access Control for various authentication and authorization functions using smart card and mobile devices in the form of new, advanced physical access services.

The systems comprises of multiple servers that may be located on individual hardware platforms (blades) or grouped in single server. Some other components can be workstations and card readers which will be installed on various places for managing and controlling access of employees. All these components will be installed within an organization. The system will also provide an administration station which will be used to register employees, personalize smart cards for them and can manage XACML based access control policies. The Security Manager of the system will manage and control security services using this administration station. In Figure 1 various components (hardware and software) of the Smart Physical Access Control (SPAC) System are shown.


Project Documents:

  1. Absract  (PDF)
  2. Publications 

      ► "Smart Phone based Authentication & Authorization Protocol for SPACS" (Link)