An efficient access control scheme for smart campus

With the great concern of our country and the continuous development of the epidemic, the development of smart campus is getting faster and faster, the safety of teachers and students becomes more and more important. To ensure the safety of users, the first step is to control at the doors. Usually, the access control method is used in computer system to protect the documents and data, few people use it at doors, but it’s a very effective way to improve safety. So we design a two-factor authentication protocol to verity the user’s identity, and improve the attribute-based access control (ABAC) model to fit the smart campus. We analyze the protocol theoretically and verify its security. Compare with others, our scheme can be more efficient and safer.


Introduction
With the advent of the smart era, the concept of "smart" has been gradually accepted by people and penetrated into all fields of social life.Smart campus is an important attempt and achievement for people to comply with the trend of Education informationization era and explore the in-depth application of information technology in the field of education.The construction of smart campus has also been strongly supported by the state.In 2017, the 13th five year plan for the development of National Education issued by the national development and Reform Commission clearly proposed to "support schools at all levels to build smart campuses and explore new models of education in the future".In 2018, the State Administration of market supervision and administration published the overall framework of smart campus [1], which has carried out the overall framework on how to build a smart campus, and the construction of smart campus has a clearer policy basis.
An important aspect of smart campus construction is smart campus management.In recent years, with the emergence of the COVID-19, the control of personnel flow on campus has become more and more strict.How to ensure the safety of personnel in and out is an urgent problem to be solved.
The first step to achieve security control is to correctly identify the user's identity.Common methods of identity authentication include password based authentication, smart card based authentication, biometric based authentication and so on.In order to improve security, the above methods can be combined to realize multi-factor authentication.Challa et al. [2] presented a provably secure three-factor user authenticcation and key agreement protocol for wireless healthcare sensor networks, but the security problems that may be encountered in the process of card reading are not considered.Li et al. [3] designed a lightweight RFID system information security authentication protocol, which can effectively resist the retransmission, tracking, deception, cloning and synchro-Yiru Niu et al.

2
nization, but when the background database authenticate the tag, it needs to traverse all real ID of card reader and tag and compute its hash value.With the increase of the number of tags and readers, it will consume a lot.In this paper, we propose a multi factor authentication scheme based on face information and RFID information to realize safe and reliable identity authentication.
After the authentication is passed, it is necessary to decide whether the user has the authority to access.The previous permission control methods, such as discretionary access control (DAC), mandatory access control (MAC) and rolebased access control (RBAC), have many security problems, such as low security, poor flexibility, coarse management granularity and so on.On the contrary, ABAC can achieve high flexibility and more fine-grained control, and support dynamic authorization and multi-party joint authorization.But at the same time, the problem is that a large number of policies are prone to conflict.Although eXtensible Access Control Markup Language (XACML) has provided a variety of basic algorithms for combining policies and solving policy conflicts, these algorithms are only used to resolve conflicts when conflicts occur, and can not detect possible conflicts in the policy set in advance.Liu et al. [4] thinks that most of the previous conflict detection methods could not detect implicit conflicts.In order to solve this problem, a method to transform implicit conflict into explicit conflict is proposed.However, it does not take into account the multiple complex value cases that attribute fields may have.Wang et al. [5] proposed a conflict detection method based on expression tree, which can detect attribute fields with different values, such as unique value, continuous value, discrete value, fixed interval value, and values related to other fields.At the same time, it can detect implicit conflicts with accurate results.However, it only considers conflicting policies which have opposite decision results, but does not detect redundant situ-ations which have the same decision results.In addition, it needs to traverse all policy trees during detection, which is complicated.Vijayalakshmi et al. [6] analyzed five species policy conflicts in ABAC policy sets and proposed corresponding solutions.However, their method to resolve policy redundancy is delete the policy with small scope, which may lead to further policy conflicts.At present, most of the access control schemes are designed for computer resources, which can not be well applied to the scenario of smart campus.And most current studies fail to take into account the potential conflicts that may occur when multiple administrators jointly formulate policies [7].Therefore, this paper studies a policy conflict detection method which is more suitable for the security management of smart campus under the condition of multi-administrator joint authorization based on the expression tree method proposed by Wang.
Our main contribution can be summarized in the following two points.
1. We design a two-factor authentication protocol, which contains RFID and facial information.We consider the security of authentication process and the RFID tag information reading process and use Elliptic Curve Cryptography (ECC) to improve the efficiency.So our protocol can be safer and more efficient than others.
2. The previous access control schemes are applied to computer systems, in order to fit the access control system of smart campus, we propose a new policy index structure, which can make the policy conflict detection process and policy search process more efficient.

System Model
The system model of smart campus access control system is shown in Figure 1.When a user sends an access request, the user information will be collected first, including face information for identification, RFID tag information, and temperature information required for access control under the epidemic situation.The face information collected by the camera is analyzed by the third-party artificial intelligence (AI) and sent to the management center, which integrates the face information and the RFID tag information obtained by the card reader for identity authentication.If the authentication is successful, the management center will send relevant request information to the policy decision module.The policy decision module uses the ABAC model to check the attributes of the subject, object, and environment according to the specific policy and determine whether the subject has access to the object.
The dotted line in the right of the figure indicates that when making policies, multiple administrators can jointly publish policies, detect conflicts on policies, and return possible conflicts to administrators for modification.

Identity Authentication
When an access request comes, identity authentication is first required to confirm the user's legal identity.The participants involved in the authentication process are management center (MC), third-party AI, user (U), RFID tag (RFID) and reader (R) (management center as RFID background database).The cryptography methods mainly include ECC algorithm, hash function and fuzzy extractor.Authentication involves initialization phase and authentication phase.The notations are listed in Table 1 p is a large prime, the base point P of order n , the private key SK , and the public key .PK SK P = .
Step Ini.2A one-way cryptographic hash function () h  is selected by MC.

Authentication phase
Authentication needs to integrate two parts of information to carry out, which are face information and RFID tag information.
Step Auth. 1 The camera obtains the face image and hands it to the third-party AI for face recognition.The third-party AI will send the user's identity information i ID and biometric information ' i Bio to the management center for multi-factor authentication together with the information obtained in the RFID tag.
Step Auth.2When the reader senses the RFID tag, it will send the authentication request to the tag.
Step Auth. 3 After receiving the authentication request, Step Auth. 4 After receiving the message from RFIDi, R will sign it, encrypt the signed information and the identity information of R using the public key of MC, and send it to MC.
Step Auth.5After receiving the information, MC first decrypts it to get the real identity of R and the message signed by R, verifies the signature to obtain the encrypted information sent by the RFIDi.After decryption, the identity of user and the information signed by RFIDi will be obtained.Verify the signature of RFIDi to get the timestamp and the information used to authenticate the user.If the timestamp is reasonable, the message will be considered valid, or else the authentication will fail.Step Auth.6 Both the user's information stored in MC and the message received from RFIDi are used to recover the valid period i u T of tag and the recovery parameters i  which is needed to run the () Rep  function.The result of this function is the biometric key

Reader Manage center MC User
the user will pass the authentication.

Access Control for Smart Campus
The attribute-based access control model is relatively mature.In this paper, we mainly propose two improvements for the smart campus scenario, which are the storage of subject attributes and the management and conflict detection of policies.

The storage of subject attributes
In order to improve the security of the subject attribute and prevent it from being tampered at will, the attribute certificate (AC) method is used in storage.The application, issuance, maintenance and revocation of the attribute certificate is run by the attribute authority (in this scheme, we still use the management center), which manages the entire life cycle of attribute certificates.The subject attributes are collected by the management center, stored in the attribute certificate, which is symmetrically encrypted with the user's biometric key generated during the authentication process.The encrypted certificate is stored in the Policy Information Point (PIP) of the ABAC model and can be retrieved by user ID.At the same time, when PIP wants to decrypt the attribute certificate, in order to securely transmit the biometric key from the MC to the PIP, the message will be encrypted by the ECC algorithm.The format of the attribute certificate is defined by the X.509v4, as shown in Figure 3.The version number, owner, issuer, signature, serial number, validity period, attribute and signature algorithm are the basic information that constitutes the attribute certificate.Using the signature algorithm specified in the certificate, the first nine items in the certificate are taken as input to obtain the signature value, which is appended to the attribute certificate.

Policy Management and Conflict Detection
XACML adopts a nested structure when managing policies.The outermost layer is the policy set, which mainly includes target, policies and policy combination algorithms; policies include target, rules and rule combination algo-rithms; rules include target, utility and conditions (conditions are not considered in this paper).In the above elements, target represents the object to which the rules apply, including four basic elements: subject (S), object (O), operation (op) and environment (E).

Policy Management
In order to make the policy management of XACML language more suitable for the access control system of smart campus, the index structure is established according to the object attribute when storing the policy.The object attribute has a hierarchical structure (except the campus gate), and there is a corresponding policy set at each level, which is shown in Figure 4.In policy conflict detection and resolution, only the policies in the policy set with the same object attribute need to be detected.When a request for policy retrieval occurs, the search can also be performed according to the object attribute, which improves the efficiency.
An efficient access control scheme for smart campus

RFIDi
will sign the timestamp of the current moment and the stored information.Then, RFIDi encrypts user's identity in-An efficient access control scheme for smart campus EAI Endorsed Transactions on Scalable Information Systems 08 2022 -10 2022 | Volume 9 | Issue 6 | e5 formation and the signed information RFID sig with the public key of MC and sends it to reader Rj.

R
Get the message saved in RFID:Verify the valid period: Authenticate user identity:

Figure 4 .
Figure 4.The index structure of object attrib utes.

Table 1 .
: Notations of protocol i ID , j R ID Ui's identity, Rj's identity p E a b , MC's private key, MC's public key i ID SK , i ID PK Ui's private key, Ui's public key i Bio , i  , i  , i u T Ui's personal biometrics template, biometric secret key, public reproduction parameter and valid period 3.1.Initialization phase p Z , where