I am reading up on using Particle hardware to create access control devices and would like guidance/input on design. I have an Argon and 2 Xenons upon which I would like to base the prototype on.
Conceptually, I want the Particle device to wait for an authentication token (in my case they are 125kHz passive RFID fobs scanned into a Wiegand reader) and check it against a list of authorized tokens in the local memory/cache, allowing access if found. If the token is not found in local storage, the device should try to authenticate the token over the network, saving the token to local memory if network authentication passes. It should also be possible to update and overwrite the list of the tokens stored on the device remotely over the network.
Granting access will mean activating a relay or otherwise sending some sort of signal. First use case will be a door with an electric strike. I generally understand how to kludge together code to read Wiegand and to activate a relay.
I do need help learning how to store and look up tokens in memory. A hard requirement of this project is for the device to be tolerant of power and internet outages. The device may be backed up by a battery, but in case it restarts, it needs a “last known” list of tokens saved in non-volatile memory to fall back upon in case there is no internet (internet outages are common). I think 125kHz tag IDs go up to 30-something bits and I expect to store up to a few hundred of those values in memory. I am not sure if that much storage is available on the device.
As far as the networking resource for remote authentication, I have freeIPA/LDAP installed on a server instance that has the master list of active tokens in it. The instance may be on the local network or in AWS. My vague understanding is that I could maybe have the Particle device publish an authentication request and for the server to subscribe to that stream and push replies back somehow. I am not sure if there are better and more secure alternatives. This is something I need most input on.
Thanks for reading!