Mobile ID in physical access control applications

Simonetti, Jose Eduardo

10 November 2016

Submitted by Daniele Santos (danielesantos.htl@gmail.com) on 2017-02-21T21:04:19Z No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) / Approved for entry into archive by Janete de Oliveira Feitosa (janete.feitosa@fgv.br) on 2017-02-23T17:38:59Z (GMT) No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) / Made available in DSpace on 2017-03-02T13:43:19Z (GMT). No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) Previous issue date: 2016-11-10 / Today there exist a myriad of different types of physical access control systems (PACS) that use a smart card or mobile device as a key. The mobile device enabled smart locks, as they are often referred to, operate using either Wi-Fi or Bluetooth. This thesis has explored the use of a third emerging wireless technology called Near Field Communication (NFC) available in mobile devices such as smartphones. Near Field Communication (NFC) technology is a relatively new technology that is on the rise and is included in almost every new mobile device. By leveraging Near Field Communication (NFC) enabled mobile devices, a highly secure access control system can be achieved and developed taking advantage of the computational power of smartphones in comparison to traditional methods the business implications are huge, Several different authentication and encryption protocols, mobile operating systems and Near Field Communication (NFC) modes of operation where analyzed and evaluated. After considerations technical considerations the Secure Remote Password authentication protocol on top of Near Field Communication (NFC) card emulation (CE) scheme with the client application running on smartphones operating system (OS) was selected. This thesis shows that Near Field Communication (NFC) enables a mobile device to act as a key in a secure access control system (PACS) and as the user base for NFC grows larger so will the likelihood that we will come to see more of these types of systems in business and organizations.

Mobile ID

Physical Access Control Systems (PACS)

Near Field Communication (NFC)

Applications

Tecnologia

Comunicação por campo de proximidade

Sistemas de comunicação sem fio

Sistemas de comunicação móvel

Segurança de informações

Computadores - Controle de acesso

Det mobilanpassade id-kortet : En behovsanalys och modell för framtida utveckling / The smartphone based ID card : A demand analysis and model for future development

Peterson, Lukas, Johansson, Samuel

January 2016

Mycket av plånbokens innehåll och funktion, såsom medlemskort och betallösningar, är idag ersatt av mobila lösningar. Däremot finns det i Sverige ingen mobil lösning för id-kort som kan användas på samma sätt som det fysiska id-kortet. Denna uppsats syftar till att undersöka huruvida svenska myndigheter ser ett behov av en mobilanpassad id-kortslösning och, om detta behov konstateras, föreslå en modell för hur en sådan lösning skulle kunna utformas. För att undersöka detta ämne har tre intervjuer med svenska myndigheter (Elegitimationsnämnden, Polismyndigheten och Transportstyrelsen) samt en litteraturstudie genomförts. Uppsatsens resultat består av tre kunskapsprodukter: en behovsanalys, en kravsammanställning och en infrastrukturmodell. Behovsanalysen undersöker behovet av en mobilanpassad id-kortslösning, sett från de intervjuade myndigheternas perspektiv. Denna analys visar att myndigheterna ser ett behov av en sådan lösning. Kravsammanställningen består av krav på en mobilanpassad id-kortslösning som härletts från de genomförda intervjuerna samt från uppsatsens huvudsakliga teoribas: Kim Camerons The Laws of Identity (2005). Infrastrukturmodellen är utformad efter dessa krav och beskriver hur en mobilanpassad id-kortslösning skulle kunna utformas för att passa in i den svenska infrastrukturen för digital identitetshantering. Modellen är även utformad för att följa Hanseth och Lyytinens (2010) designregler för informationsinfrastrukturutveckling och den visar att utveckling av en mobilanpassad id-kortslösning i Sverige är tekniskt genomförbar. / Much of the contents and functionality of the traditional wallet, such as membership cards and payment solutions, have been replaced by smartphone solutions. Yet, in Sweden there is no smartphone based solution for ID cards that can be used in the same way as the physical ID card. This paper examines whether the Swedish authorities see a need for a smartphone based ID card solution and, if such a need is identified, suggests a model for how such a solution could be designed. To explore this topic, a literature review and three interviews with Swedish authorities (the E-identification Board, the Police Authority and the Transport Agency) have been conducted. The results of this report consists of three knowledge products: a demand analysis, a requirements specification and an infrastructure model. The demand analysis examines the need for a smartphone based ID card solution, as seen from the interviewed authorities' perspective. This analysis indicates that the authorities see a need for such a solution. The requirements specification consists of requirements for a smartphone based ID card solution, derived from the conducted interviews and Kim Cameron's The Laws of Identity (2005). The infrastructure model is designed to meet these requirements and describes how a smartphone based ID card solution could be designed to fit into the Swedish infrastructure for digital identity management. The model is also designed to follow the design rules for information infrastructure development derived by Hanseth and Lyytinen (2010) and shows that the development of a smartphone based ID card solution in Sweden is technically feasible.

digital identity management

digital ID

digitalt ID card

mobile ID card

smartphone ID card

mobile phone

smartphone

information infrastructure development

e-governance

swedish e-ID

digital identitetshantering

digital id-handling

digitalt id-kort

mobilanpassat idkort

mobilt id-kort

mobiltelefon

smartphone

informationsinfrastrukturutveckling

e-förvaltning

svensk e-legitimation