A keyless facility access control system with wireless enabled personal devices

Nowadays, wireless personal devices, such as cell phones and Personal Data Assistants (PDAs), have gradually taken an important part of our daily lives. With two-factor authentication, the wireless personal devices can be further promoted to more security demanding and mission-critical applications, such as e-commerce, home surveillance, and medical monitoring, etc. Facility access is one of applications that have demonstrated a tremendous market potential for replacing the conventional physical key approach. In this paper, we present a novel keyless facility access control system by using wireless personal devices, where the devices serve as a second authentication factor to assure security. The proposed system is not only cost-efficient, but also capable of mitigating security threats existing in the traditional key control system. Furthermore, the proposed authentication protocol is featured in two different authentication processes for the first time and subsequent accesses by using a one-time authentication mechanism based on one-way hash chain while considering the resource constraints of the wireless personal devices and E-lock. Finally, a role-based access control (RBAC) system is adopted to reduce the complexity of key maintenance.