History and technology
History of and the technique behind the LU-Card. A brief explanation.
The University wanted to implement access control, identification and the library pass for the Leiden University Libraries on a single card. This led to the project LU-Card. Below are some milestones.
- Medio 2009: pilot LU-Card in the Sylvius building
- March 2010: start project
- June 2010: choosing a tender for the registration of LU-Cards
- February 2011: working connection between the card registration system and ULCN; upload of photos possible via uPrefs
- August 2011: upload of photos also possible via the fotobox for students, first LU-Card Helpdesk active, producing the first LU-Cards by the external producer
- September 2011: all LU-Card Helpdesks active
- November 2011: gates at University Library active
- September 2013: access to the Hortus (students only)
- January 2015: copy and print with LU-Card (students only)
Card Management System
The product of HSB Care Card is used to manage LU-Cards. Within the university the system is called Card Management System (the Dutch abbreviation is KMS). The KMS provides a secure web portal (https) connected to an Oracle database. Access to KMS goes via an ULCN account (LDAP authentication).
ULCN supplies KMS the personal data (name, address and organization), including a photo. The photograph is uploaded in ULCN via uPrefs via a secure internet connection (https).
The transfer of personal data and card data from KMS to the external LU-Card-producer goes via a secure connection (sftp). The created LU-Card is a contactless Mifare smart card. The chip is of type NXP DESfire EV-1 and protected by the AES encryption algorithm.
Aeos and Salto
Aeos and Salto are information systems that contain rights for gates and door locks. Aeos is an online system: after offering an LU-Card to a card reader it determines the access rights online in the Aeos database (mainly used for access to buildings). Salto is an offline system: access is determined by the rights that are stored on the LU-Card (mainly used for access to areas). The card data goes via a secure connection from KMS to Aeos. Card data goes from Aeos to Salto.