安全是門禁的核心價值，便利是人們追求的目標。現今門禁系統除了運用於居家之外，也有公司、民宿、租賃等協作環境，這些協作環境的成員常變動，這些解鎖策略的管理會變得非常困難。在這種情況下，透過權力下放的概念可提供門禁系統的靈活性，該概念即為授權。但過往門禁管理模式大多有回收鑰匙的困難，如金屬鑰匙需要擔心鑰匙被拷貝，電子鍵盤鎖需要置換整個密碼，電子標籤技術需要即時更新門鎖端黑名單。可見一個理想的門禁系統必須同時擁有四種特色：安全、解鎖便利、回收便利及可轉授權。
因此，本研究提出一個理想的半離線式(semi-offlin)身分驗證模型─多層次授權門禁平台模型(Multilayered Delegable Access Control Model，MDAC)，該模型利用RSA加密技術、連鎖綁定硬體序號的概念，設計出一套可應用於多層次授權的身分驗證模型之系統結構。本研究的鑰匙結構可有效避免被拷貝、竄改等安全風險，但同時保有「讓用戶無須經過後台允許，即可自行授權」的特色。驗證解鎖、撤銷鑰匙也是offline情況下也能運作。該系統僅發鑰匙、設黑名單(回收鑰匙第二道防線)與系統校時是online下進行，故本系統為semi-offline的門禁管理機制。此外，MDAC Model的鑰匙具有時效、次數性的生命週期，無論是驗證解鎖或再授權皆會受到生命週期約束，這讓管理者更易於管理鑰匙，且讓MDAC Model更能運用於所有的門禁情境。

Safety and convenience are two key factors of the access control systems. In semi-open environments, it’s difficult to manage access control due to the variety of users. In this case, multilayered delegation provides flexibility in access control systems. But in past access control systems, keys revocation is the major issue. So an ideal access control system require four characteristics: safe, convenient unlocking, convenient revocation and delegation ability.
However, there are disadvantages in all of related works, such as the demand of Internet, no multilayered delegation, the lack of key life cycle and incomplete revocation. To improve the weaknesses of related works, provide administrators facilitation to manage keys and opearte the model in all scenarios. This study proposes Multilayered Delegable Access Control Model (MDAC), which combines the features of semi-offline architecture and multi-level authorization mechanism. It’s designed by RSA encryption, a chain of binding hardware serial numbers, and the system architecture can be applied to multi-level delegation. This work can not only effectively avoid key copying, tampering and other security risks, but execute delegation ability without going through the server. Furthermore, it’s possible to unlock the doors and revoke the key when smartphones are offline, and has the feature of key life cycle management including key valid period and access times control. User’s key is always limited by the life cycle whenever he/she is unlocking the door or delegating the key to someone. Our proposal provides administrators facilitation to manage keys and is able to apply to all access control scenarios.

1. American National Standards Institute. (1998). AMERICAN NATIONAL STANDARD X9.62-1998 Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA).
2. Bailey, D., & Paar, C. (2001). Efficient Arithmetic in Finite Field Extensions with Application in Elliptic Curve Cryptography. Journal of Cryptology, 14, pp. 153-176.
3. Cheong, S.-N., Ling, H.-C., & Teh, P.-L. (2014, 06 01). Secure Encrypted Steganography Graphical Password scheme for Near Field Communication smartphone access control system. Expert Systems with Applications, 41(7), pp. 3561-3568.
4. DIGITIMES企劃. (2014年05月26日). NFC技術趨勢與行動支付未來. 台灣: DIGITIMES商情電子報. 擷取自 http://www.digitimes.com.tw/tw/b2b/Seminar/shwnws_new.asp?CnlID=18&cat=99&product_id=051A30515&id=0000379872_3IF93Y976OJOX13CTTNYZ
5. Dmitrienko, A., Sadeghi, A.-R., Tamrakar, S., & Wachsmann, C. (2012). SmartTokens: Delegable Access Control with NFC-enabled Smartphones. 5th International Conference on Trust & Trustworthy Computing (TRUST’12), (pp. 1-23).
6. Johnson, D., Menezes, A., & Vanstone, S. (1999). The Elliptic Curve Digital Signature Algorithm (ECDSA). Centre for Applied Cryptographic Research (CACR), University of Waterloo.
7. Jung, K., & Park, S. (2013, 7). Context-Aware Role Based Access Control Using User Relationship. International Journal of Computer Theory and Engineering, 5(3), pp. 533-537.
8. Kleinjung, T., Aoki, K., Franke, J., Lenstra, A., Thomé, E., Bos, J., . . . Zimmermann, P. (2010). Factorization of a 768-bit RSA modulus. CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology, (pp. 333-350).
9. Kotla, R., Rodeheffer, T., Roy, I., Stuedi, P., & Wester, B. (2012). Pasture: Secure Offline Data Access Using Commodity Trusted Hardware. 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI ’12), (pp. 321-334).
10. Liao, Y.-P., & Hsiao, C.-M. (2014, 7). A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Networks, 18, pp. 133-146.
11. Menezes, A. (1993). Elliptic Curve Public Key Cryptosystems. Kluwer.
12. Mohy, N. N., Mokhtar, H. M., & El-Sharkawi, M. E. (2015). Delegation Enabled Provenance-Based Access Control Model. Science and Information Conference, (pp. 28-30).
13. NIST. (2001). FIPS 186-2, Digital Signature Standard (DSS).
14. Nurbek, S., Aybek, N., & Gulnaz, B. (2014, 7). Access Control and Management System Based on NFC-Technology by the Use of Smart Phones as Keys. Middle East Journal of Scientific Research, 21(7), pp. 1130-1135.
15. Petrov, V., Edelev, S., Komar, M., & Koucheryavy, Y. (2014). Towards the era of wireless keys: How the IoT can change authentication paradigm. IEEE World Forum on Internet of Things (WF-IoT), (pp. 51-56).
16. Sandhu, R., Coyne, E., Feinstein, H., & Youman, C. (1996, 2). Role-Based Access Control Models. IEEE Computer, 29(2), pp. 38-47.
17. Silverman, J., & Tate, J. (1992). Rational Points on Elliptic Curves. Springer.
18. Y-FA TECHNOLOGY INC. (2015, 11). NFC Introduction. Retrieved from Y-FA TECHNOLOGY: http://www.yfa.com.tw/nfc-a01.asp
19. 中商情報網. (2016年6月17日). 2016年全球門禁訪問控制市場調研分析. 擷取自 http://www.askci.com/news/chanye/20160617/10085930291.shtml
20. 吳委政. (2013). NFC電子票證平台與P2P票證安全轉移之研究. 台灣: 國立成功大學電信管理研究所.
21. 孟令強, 關勇, 張向紅, 龔麗君, & 郭浩波. (2010). 基於可信計算的應用程序白名單管理系統. 計算機安全(10), 頁 16-17.
22. 楊中皇. (2005年1月). 橢圓曲線密碼系統軟體實現技術之探討. Communications of the CCISA, 11(1), 頁 1-11.
23. 趙波. (2014). 一手掌握Android NFC開發技術. 台北: 佳魁資訊.
24. 蘇偉慶, & 黃建隆. (2012年9月). 行動支付安全元件（Secure Element）之存取控制. 財金資訊季刊, 72, 45-52.