SHERLock - Smart Home Entrance Registration and Locking systemsaksham/SHERLOCK.pdf · To develop a...
Transcript of SHERLock - Smart Home Entrance Registration and Locking systemsaksham/SHERLOCK.pdf · To develop a...
SHERLockSmart Home Entrance Registration and Locking system
Prakhar Jawre Prawal Gangwar Saksham Agarwal
CS637: Embedded and Cyber-Physical Systems, 2016
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 1
/ 15
Outline
1 Problem Statement
2 Proposed Solution
3 State Machine
4 ImplementationHardware
5 DemonstrationMaster UserKnown VisitorUnknown Visitor
6 Threat Models
7 Future Scope
8 Concepts Used
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 2
/ 15
Problem Statement
To develop a home entry and locking system which is
robust and user friendlyefficient and functionally scalablesecure and immune to intentional break-in
To provide a framework alongside which can
make the system ”sufficiently hands-free”provide aid to the master in entry management and logging
To reduce the problems caused by the conventional locks
everyone who wishes to unlock would requires a keybeing physically present to unlockowner has no information of the current stateno log of the users, no security against break-ins
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 3
/ 15
Proposed Solution
A Cyber-Physical door lock which can make smart decisions using
Multiple sensors monitoring user activityEmbedded micro-processor to manage sensor data flow and decisions
A coupled software framework consisting of
A cloud based server for user logging and authenticationAn android app for the master ease-of-useAn easy sufficiently hands-free solution to getting access
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 4
/ 15
State Machine
Unlocked
Locked,
Camera ON
Locked,
Camera OFF
[Detect == false & t1<To]/
{t1 = t1 + 1}
1
[Input == "Open" & User == "Known"]/
{sendQR(User); LCD = "Show QR"};
t1 = 0;Detect = false;Input = Null}
3
[Verify == true]/{LCD = Welcome}
3
[t1 >= To]/
{LCD = "Request Again"}
5
[t2 < T2o]/
{t2 = t2+1}1
[Input == "Button"]/
{LCD = "Look @ Camera"; Capture = false;
;Input = Null}
2
[Input == "open" & User == "Master"]/
{LCD = "Welcome Home";t2 = 0;Input = Null} 1
[Capture==false]/
{capturePic(); Calpture=true;
}
4
[t2 >= T2o]/ {LCD = "Locked"}
3
[Input = "Close"]/{LCD = "Locked";Input = Null}
2
[Detect == true]/{LCD = "Welcome";t2=0}2
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 5
/ 15
Implementation
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 6
/ 15
Hardware & Software
Raspberry Pi 3.
To handle video capture and image processing for code detection.Processing of user requests to the lockHandling of all I/O devices
Software and APIs
Camera: PiCAM for Raspberry piTelegram: telepot in PythonQR Code: zbar in Python
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 7
/ 15
Use cases - Master User
Effortless entry system for the master user
Hands-free system for master authenticationSystem response time kept minimum for the master
Full control over user entry management
Receives notifications when known user arrivesApproves pending request access for unknown usersGiven the full access to user entry logs and white list database
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 8
/ 15
Use cases - Known Visitor
Reserves sub-privilege level of control.
Have a temporary access to the house depending on the settingspecified by owner.
Identification details of the known visitor need to be stored in thedatabase through a one-time sign up routine.
Visitor need to enter his user ID to request a One Time Password(OTP) in the form of QR Code which will give the visitor access tothe house for a finite time.
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 9
/ 15
Use cases - Unknown Visitor
By-default denial of entry unless access granted by master user.
Access is requested by pressing the door bell.A video notification is sent to master user for approval.Master user can grant or refuse the request on his discretion.
Entry is denied again once the door is locked.
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 10
/ 15
Threat Models
Physical tempering
Eve(Adversary) tries to modify the physical behavior the system.
Solution
Instant message to the master in case of detected physical tampering
Revoked attacker
Eve possesses legitimate access that Alice gave her, which will be revokedin the near future.
Solution
- Alice has access to complete white list of users.- Instantly revoke any user’s privilege through Internet.
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 11
/ 15
Threat Models
Theft
Eve steals Alices authorized device.
Solution
- Lock setting can also be modified over internet.- Alice can revoke permission for the lost/stolen devices.
Theft
Eve can acess the information sent to/from the lock.
Solution
- 256-bit symmetric AES encryption, 2048-bit RSA encryption, andDiffieHellman secure key exchange while transferring information- Only requests from legitimate.
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 12
/ 15
Future Scope
Extending support to other platforms such as PC, Tablets and othercommunication devices
Making SherLock more flexible ranging multiple locks and scenarios
Including more features such as live-video and audio bi-directionalcommunication
Providing better QOS to the users
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 13
/ 15
Concepts used from Course
State Machine Design and Implementation
Multi-Threading
Program Verification
Handling I/O devices on microcontroller
System Security
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 14
/ 15
References I
G. HoD.Smart Locks: Lessons for Securing Commodity Internet of ThingsDevices.
Ohsung Doh.A Digital Door Lock System for the Internet of Things with ImprovedSecurity and Usability
SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 15
/ 15