I created a door-entry system for Oxhack using RFID smart cards. Oxhack is the Oxford Hackspace. The system is probably a little more complicated than it could be, but this option is the most flexible and powerful system that I could design. I am not going to discuss the door hardware at this point because that’s not been finished yet, just the hardware design and software. The system comprises two modules: the door lock and a central server which controls the authentication and logging of entries.
The Door Lock
The door side of the electronics uses an MCF-522 RFID card reader, which reads the MiFare classic 1k cards (and others). For this application, I’m using the MiFare cards because they’re cheap, popular and secure enough. The card reader is connected to an Arduino (in this case, a Pro Mini but any flavour will do – note that you need 3v3 to power the card reader and other peripherals, so a Pro Mini also needs an additional circuit board with a reglator or something on it). The door communicates with the server over a 433MHz link powered br an NRF24L01+ radio transceiver module.
The server runs on a Raspberry Pi, which is also connected to an NRF24L01+ radio that allows it to (theoretically) talk to several locks at once, so a series of doors could be controlled. The code on the server doesn’t have this ability yet, but it ought to be relatively simple to add.
The server runs a MySQL database that contains access lists of the card IDs that are allowed to enter the door. I’m using a database rather than a dumb text file because the hope is that the entry system can be automatically linked through to the membership portal on the website so that members can see their activity, and have access privileges intimately connected to their membership status (e.g. we could control access to machines through this system so that only those who’ve been trained to use a piece of equipment can start it up).
How it Works
When a card is scanned on the outside door, the Arduino encrypts the card ID, and sends it, along with its own identifier and a seed number to the server. The server then decrypts the data, and queries the database to see whether the particular card is allowed ot open the door. The server then responds to the lock system with information about whether the user is allowed access (also encrypted). Once the signal has been sent, the server logs that it’s received an access request from that card in a separate table.