Team 6: Faisal Moiz Raymond Nnodim Michael Woodruff Instructor: Dr. Bun Yue Mentor: Craig Russell – Tietronix Software 1 Capstone – Spring 2012 Android Smart Card ID Checker
Presentation Overview Background Requirements Design Demo Results
Presentation Overview Background Requirements Design Demo Results
PIV Cards Background Requirements Design Demo Results HSPD-12 (Aug. 2004) – Presidential Directive to create a government- wide standard ID FIPS 201 (Feb. 2005) – NIST standard to fufill HSPD-12 – Defines PIV card
PIV Smart Card Microprocessor and Storage Contact or NFC Contactless NFC is – Standardized – ISO/IEC – High Frequency – MHz – Short Range – 10cm or less Background Requirements Design Demo Results
Presentation Overview Background Requirements Design Demo Results
Purpose of Project Johnson Space Center (JSC) personnel are all assigned PIV cards The PIV cards are visually inspected by security at entrances Using portable PIV scanners would help to increase security Background Requirements Design Demo Results
Why Use Android? Purpose-built scanners – Expensive – Too big or small screen Android – Many new models support NFC – Inexpensive – Lightweight with big screen – Lots of features /06/ /gI_0_0_DSC00111.jpg $4,700 alog/images/IT-800.jpg $1,431 $200 - $450 MaxID IDL500 CASIO IT-800 Samsung Galaxy Nexus Background Requirements Design Demo Results Galaxy-Nexus-vs-droid-razr-maxx-600x378.jpg
Requirements Use Android smart phone to read NFC cards Use ID number read to query remote database and display digital replica of ID card Display additional personnel details Display warnings such as revoked or expired cards Log time and location of scans Log and photograph Guests Should work offline Background Requirements Design Demo Results
Presentation Overview Background Requirements Design Demo Results
Architecture Local Database Remote Database Web Server Background Requirements Design Demo Results
Remotely Generated Phone Generated Background Requirements Design Demo Results Data Model
Pull Personnel Records Remote Database Local Database Request records Send records Save records to local database Web Server Background Requirements Design Demo Results Query Remote Database
Scan Card Local Database Save Scan/Guest Logs Remote Database Request records Send records Web Server Background Requirements Design Demo Results Query Remote Database
Retrieve Personnel Data Locally Local Database Use Local Database Web Server Background Requirements Design Demo Results
Push Logs Local database Push Scan/Guest Logs Logs Received Confirmation Delete Logs from Local Database Retrieve Logs to send from local database Remote Database Web Server Background Requirements Design Demo Results Store Logs In Remote Database
Presentation Overview Background Requirements Design Demo Results
Presentation Overview Background Requirements Design Demo Results
Challenges Getting Equipment – Hard to find suitable cards – No local sellers Writing to PIV cards – Complicated specification and limited software Integrating Client and Server – Network communications – Translating data too and from XML Working with Different Android Phones Using Different Vendors’ Cards Background Requirements Design Demo Results
Future Work Security Enhancement – Use encrypted portion of card – Require authentication for app – Use secure connection – Encrypt local data Performance Enhancement – Custom made server application – Compress XML or use binary data format Background Requirements Design Demo Results
Conclusion Android is a good platform for reading PIV cards – The phones are cheap and fast – Android has a native API for NFC – However, there are difficulties running the app on different hardware/Android version Reading cards can be difficult – The NFC reader on the phone can sometimes be underpowered – Some models of card read better than others There would be extra steps for security personnel, but enhanced security Background Requirements Design Demo Results