History and technology

History of and the technique behind the LU-Card. A brief explanation.


The University wanted to implement access control, identification and the library pass for the Leiden University Libraries on a single card. This led to the project LU-Card. Below are some milestones.

  • Medio 2009: pilot LU-Card in the Sylvius building
  • March 2010: start project
  • June 2010: choosing a tender for the registration of LU-Cards
  • February 2011: working connection between the card registration system and ULCN; upload of photos possible via uPrefs
  • August 2011: upload of photos also possible via the fotobox for students, first LU-Card Helpdesk active, producing the first LU-Cards by the external producer
  • September 2011: all LU-Card Helpdesks active
  • November 2011: gates at University Library active
  • September 2013: access to the Hortus (students only)
  • January 2015: copy and print with LU-Card (students only)

Technical facts

Card Management System
The product of HSB Care Card is used to manage LU-Cards. Within the university the system is called Card Management System (the Dutch abbreviation is KMS). The KMS provides a secure web portal (https) connected to an Oracle database. Access to KMS goes via an ULCN account (LDAP authentication).

ULCN supplies KMS the personal data (name, address and organization), including a photo. The photograph is uploaded in ULCN via uPrefs via a secure internet connection (https).

The transfer of personal data and card data from KMS to the external LU-Card-producer goes via a secure connection (sftp). The created LU-Card is a contactless Mifare smart card. The chip is of type NXP DESfire EV-1 and protected by the AES encryption algorithm.

Aeos and Salto
Aeos and Salto are information systems that contain rights for gates and door locks. Aeos is an online system: after offering an LU-Card to a card reader it determines the access rights online in the Aeos database (mainly used for access to buildings). Salto is an offline system: access is determined by the rights that are stored on the LU-Card (mainly used for access to areas). The card data goes via a secure connection from KMS to Aeos. Card data goes from Aeos to Salto.

Last Modified: 08-01-2015