Build Your Own IoT Smart Lock with Secure Access Management

For as long as humans have tried to lock up stuff and keep their belongings safe, burglars (hackers in this context) have always tried to break into those locks. How does it sound if we say you can build your own smart lock that allows you to be able to unlock it? only Today’s users expect to interact in real-time. PubNub makes it easy for you to add real-time capabilities to your apps, without worrying about the infrastructure. You can build apps that allow your users to engage in real-time across mobile, browser, desktop and server. PubNub powers real-time communication for the and provides the infrastructure and APIs for communication for any size IoT deployment. And makes it all secure. Internet of Things and smart devices PubNub Access Management And here’s a demo of it in action: The full GitHub repo for this project is available here. What is PubNub Access Manager (PAM)? PubNub Access Manager extends PubNub’s security framework by providing token-based authorization that allows read and write access control at the user, device and channel level. PubNub Access Manager plays a major role in IoT/home automation device management system where secure data is streaming bi-directionally between registered devices and IoT devices like bulbs, sensors or locks. Setting Up PAM To access PubNub Access Manager you need to enable Access Manager in the PubNub (sign up first if you haven’t). Admin Dashboard Set Access Manager to ON Type ENABLE and click on ‘Save Changes’ Now you are all set to grant access to the users, groups and channels who can access the data that can be sent or received. PAM operates completely on grant permission scheme and there are 3 levels of access: Access for all users across all channels Access for all users over a specific channel Access for a specific user over a specific channel Raspberry Pi The idea here is to power a simple lock mechanism using Raspberry Pi. You can check out our PubNub blogs on and how to get connected with Raspberry Pi how to get started with Raspberry Pi 2 and Python. Once you set up Raspberry Pi, install Python and import PubNub into your setup using the command: pip install Pubnub Grant Access In order to perform PAM operations correctly, you must provide administrative authority. In order to perform an administrative function, you need to include along with and . secret_key publish_key subscribe_key Your key will have your authentication key . This should be unique to your device. At any point during run-time you can set the using function. authKey authKey authKey setAuthKey() As discussed earlier, there are 3 levels of access in PAM. Smart Locks like many other “Internet of Things” devices are vulnerable to internet hacks. So the highest level of security that can be provided to your Smart Lock using PubNub Access Manager is the channel + authKey level access. This example grants 5 minutes access to a user whose auth_key is ‘Valid_key’ in the channel Raspberry. If a user doesn’t have access and tries to publish, they get a 403 error. Whereas if you have access to publish you can see the following response for your grant code: JavaScript { error: false, operation: 'PNAccessManagerGrant', statusCode: 200 } Unlock Operation Once you grant permission to a user of a specific channel, you can try to publish a message on to the device. If the user is authorized to publish on to the lock, you should be able to unlock the device. If you are not a valid user or if you do not have grant access and are trying to break the lock, you get the following error if you are using JavaScript: {error: true, operation: "PNPublishOperation", statusCode: 403, errorData: Error: Forbidden at Request. (https://cdn.pubnub.com/sdk/javascript/pubnub.4.20.1.js:…, category: "PNAccessDeniedCategory"} Wrapping Up Setting up using Python on to your Raspberry Pi is simple and straight forward. You can provide user level read or write access using PubNub Access Manager to make your lock highly secure. PubNub authKey makes sure that only you have the privilege to unlock the IoT making it more secure and reliable. PubNub In our next part, ! we add OAuth 2.0 to make our app even more secure Originally published at www.pubnub.com . https://upscri.be/hackernoon/