SHERLock - Smart Home Entrance Registration and Locking systemsaksham/SHERLOCK.pdf · To develop a...

SHERLockSmart Home Entrance Registration and Locking system

Prakhar Jawre Prawal Gangwar Saksham Agarwal

CS637: Embedded and Cyber-Physical Systems, 2016

SHERLockCS637: Embedded and Cyber-Physical Systems, 2016 1

/ 15

Outline

1 Problem Statement

2 Proposed Solution

3 State Machine

4 ImplementationHardware

5 DemonstrationMaster UserKnown VisitorUnknown Visitor

6 Threat Models

7 Future Scope

8 Concepts Used


/ 15

Problem Statement

To develop a home entry and locking system which is

robust and user friendlyefficient and functionally scalablesecure and immune to intentional break-in

To provide a framework alongside which can

make the system ”sufficiently hands-free”provide aid to the master in entry management and logging

To reduce the problems caused by the conventional locks

everyone who wishes to unlock would requires a keybeing physically present to unlockowner has no information of the current stateno log of the users, no security against break-ins


/ 15

Proposed Solution

A Cyber-Physical door lock which can make smart decisions using

Multiple sensors monitoring user activityEmbedded micro-processor to manage sensor data flow and decisions

A coupled software framework consisting of

A cloud based server for user logging and authenticationAn android app for the master ease-of-useAn easy sufficiently hands-free solution to getting access


/ 15

State Machine

Unlocked

Locked,

Camera ON

Locked,

Camera OFF

[Detect == false & t1<To]/

{t1 = t1 + 1}

1

[Input == "Open" & User == "Known"]/

{sendQR(User); LCD = "Show QR"};

t1 = 0;Detect = false;Input = Null}

3

[Verify == true]/{LCD = Welcome}

3

[t1 >= To]/

{LCD = "Request Again"}

5

[t2 < T2o]/

{t2 = t2+1}1

[Input == "Button"]/

{LCD = "Look @ Camera"; Capture = false;

;Input = Null}

2

[Input == "open" & User == "Master"]/

{LCD = "Welcome Home";t2 = 0;Input = Null} 1

[Capture==false]/

{capturePic(); Calpture=true;

}

4

[t2 >= T2o]/ {LCD = "Locked"}

3

[Input = "Close"]/{LCD = "Locked";Input = Null}

2

[Detect == true]/{LCD = "Welcome";t2=0}2


/ 15

Implementation


/ 15

Hardware & Software

Raspberry Pi 3.

To handle video capture and image processing for code detection.Processing of user requests to the lockHandling of all I/O devices

Software and APIs

Camera: PiCAM for Raspberry piTelegram: telepot in PythonQR Code: zbar in Python


/ 15

Use cases - Master User

Effortless entry system for the master user

Hands-free system for master authenticationSystem response time kept minimum for the master

Full control over user entry management

Receives notifications when known user arrivesApproves pending request access for unknown usersGiven the full access to user entry logs and white list database


/ 15

Use cases - Known Visitor

Reserves sub-privilege level of control.

Have a temporary access to the house depending on the settingspecified by owner.

Identification details of the known visitor need to be stored in thedatabase through a one-time sign up routine.

Visitor need to enter his user ID to request a One Time Password(OTP) in the form of QR Code which will give the visitor access tothe house for a finite time.


/ 15

Use cases - Unknown Visitor

By-default denial of entry unless access granted by master user.

Access is requested by pressing the door bell.A video notification is sent to master user for approval.Master user can grant or refuse the request on his discretion.

Entry is denied again once the door is locked.


/ 15

Threat Models

Physical tempering

Eve(Adversary) tries to modify the physical behavior the system.

Solution

Instant message to the master in case of detected physical tampering

Revoked attacker

Eve possesses legitimate access that Alice gave her, which will be revokedin the near future.

Solution

- Alice has access to complete white list of users.- Instantly revoke any user’s privilege through Internet.


/ 15

Threat Models

Theft

Eve steals Alices authorized device.

Solution

- Lock setting can also be modified over internet.- Alice can revoke permission for the lost/stolen devices.

Theft

Eve can acess the information sent to/from the lock.

Solution

- 256-bit symmetric AES encryption, 2048-bit RSA encryption, andDiffieHellman secure key exchange while transferring information- Only requests from legitimate.


/ 15

Future Scope

Extending support to other platforms such as PC, Tablets and othercommunication devices

Making SherLock more flexible ranging multiple locks and scenarios

Including more features such as live-video and audio bi-directionalcommunication

Providing better QOS to the users


/ 15

Concepts used from Course

State Machine Design and Implementation

Multi-Threading

Program Verification

Handling I/O devices on microcontroller

System Security


/ 15

References I

G. HoD.Smart Locks: Lessons for Securing Commodity Internet of ThingsDevices.

Ohsung Doh.A Digital Door Lock System for the Internet of Things with ImprovedSecurity and Usability


/ 15

SHERLock - Smart Home Entrance Registration and Locking systemsaksham/SHERLOCK.pdf · To develop a...

Documents

Transcript of SHERLock - Smart Home Entrance Registration and Locking systemsaksham/SHERLOCK.pdf · To develop a...