Skip to 0 minutes and 15 seconds The digitalisation of our society is now replacing physical keys and padlocks with smartphones, smart cars, and smart locks. This smart physical control offers new, flexible, and dynamic access control mechanism but also new threats and attacks. And this has a clear impact on the security-usability trade-off. For us, this provides a rich field for timely and exciting research, and also research-informed teaching. We have created a physical environment within Newcastle University to enable researchers and students to explore and contribute to research in smart access control. This environment is called the Access Control Live Lab. It is equipped with smart objects and mobile devices, and a range of hardware supporting access control experiments.
Skip to 1 minute and 14 seconds The lab consists of an access control space with three access control zones, separated by doors, equipped with wireless controllable locks. Together with a large variety of equipment, including biometric smart devices and an open platform locking mechanism. Information can be collected from individual user devices, such as smartphones, smart watches, Bluetooth beacons, or wearable microcomputers. And from room sensors, such as webcams, NFC, passive infrared sensors, Wi-Fi, or even gesture trackers. We use this place to encourage students to conduct experiments that explore the challenges of making access control systems that are both usable and secure. Let me give you just a few examples of the questions we ask our students.
Skip to 2 minutes and 6 seconds For instance, if someone forgot their key, can they still have access to the lab? Or can we detect tailgaters and modify the status of the zone they are entering? Can we make it so that, when you approach the door, the lock will detect you and just open the door just in time? Can we have multiple elements of the identity of a user and combine these elements together into one risk level? And finally, can we use the behavioural patterns of a user to detect whether they are the right person or not and grant access accordingly? We have designed customised student kits which include all of the hardware that they require to develop and test their solutions.
Skip to 2 minutes and 57 seconds They have a locking mechanism, with NFC and fingerprint reader, identical to the locks on the Live Lab doors. The different pieces of the kit are connected together with a Raspberry Pi 3 and an Arduino controller. They also have a mobile device, a smart watch, and wearable devices. The Access Control Live Lab is leading the way towards an integrated, research-informed teaching environment where students can come, conduct and design their own experiments to assess and understand the security-usability trade-off in a context of smart access control.
Exploring security: the Access Control Live Lab
In this video Charles describes the role of the Access Control Live Lab, a space within Newcastle University where students can explore the security/usability trade-off in a really tangible way.
The lab allows students to design and conduct experiments around access control. In doing so we ask them to overcome a range of challenges:
- how can we grant access to an authorised user who has forgotten their key?
- can the system detect tailgaters and modify the security status of the compromised zone?
- when an authorised user approaches a door, can the system unlock the door just-in-time?
- can multiple sources of identity be combined into a confidence level rating and used to balance the risk between usability and security?
- can a user’s behavioural patterns be used to authenticate or increase confidence in their identity?
© Newcastle University