Smart Card-based Access Control System using Isolated Many-to-Many Authentication Scheme for Electric Vehicle Charging Stations


  • Wervyan Shalannanda Institut Teknologi bandung
  • Fajri Anugerah P. Kornel School of Electrical Engineering and Informatics, Bandung Institute of Technology, Jalan Ganesa 10, Kota Bandung 40132, Indonesia
  • Naufal Rafi Hibatullah School of Electrical Engineering and Informatics, Bandung Institute of Technology, Jalan Ganesa 10, Kota Bandung 40132, Indonesia
  • Fahmi Fahmi Department of Electrical Engineering, Universitas Sumatera Utara, Jalan Dr. T. Mansur No.9, Kota Medan 20222, Indonesia
  • Erwin Sutanto Biomedical Engineering, Faculty of Science and Technology, Universitas Airlangga, Kampus C Unair Mulyorejo, Jalan Dr. Ir. H. Soekarno, Surabaya 60115, Indonesia
  • Muhammad Yazid Department of Biomedical Engineering, Faculty of Intelligent Electrical and Informatics Technology, Institut Teknologi Sepuluh Nopember, Kampus ITS Sukolilo, Surabaya 60111, Indonesia
  • Muhammad Aziz Institute of Industrial Science, The University of Tokyo, 4 Chome-6-1 Komaba, Meguro City, Tokyo 153-8505, Japan
  • Muhammad Imran Hamid Department of Electrical Engineering, Universitas Andalas, Jalan Limau Manis, Padang 25163, Indonesia



EV charging station, IoT, private key, public key, RFID, smart card


In recent years, the Internet of Things (IoT) trend has been adopted very quickly. The rapid growth of IoT has increased the need for physical access control systems (ACS) for IoT devices, especially for IoT devices containing confidential data or other potential security risks. This research focused on many-to-many ACS, a type of ACS in which many resource-owners and resource-users are involved in the same system. This type of system is advantageous in that the user can conveniently access resources from different resource-owners using the same system. However, such a system may create a situation where parties involved in the system have their data leaked because of the large number of parties involved in the system. Therefore, ?isolation? of the parties involved is needed. This research simulated the use of smart cards to access electric vehicle (EV) charging stations that implement an isolated many-to-many authentication scheme. Two ESP8266 MCUs, one RC522 RFID reader, and an LED represented an EV charging station. Each institute used a Raspberry Pi Zero W as the web and database server. This research also used VPN and HTTPS protocols to isolate each institute?s assets. Every component of the system was successfully implemented and tested functionally.


Download data is not yet available.


Whitmore, A., Agarwal, A. & Xu, L.D., The Internet of Things-A Survey of Topics and Trends, Information Systems Frontiers, 17(2), pp. 261-274, 2015.

Harkin, D., Mann, M. & Warren, I., Consumer IoT and its under?regulation: Findings from an Australian Study, Policy & Internet, 14(1), pp. 96-113, 2022.

Rudd, S. & Cunningham, H., Low-Energy Authentication with Selective Privacy for Heterogeneous IoT Devices in Smart-Farms, 2021 30th Conference of Open Innovations Association FRUCT. IEEE, 2021.

Ali, B., Fuzzy Based Approach for Smart Health Monitoring Systems Using IoT Devices, Journal of Intelligent & Fuzzy Systems, 43(2), pp. 2079-2085, 2022.

Yesmin, T., Carter, M.W. & Gladman, A.S., Internet of Things in Healthcare for Patient Safety: An Empirical Study, BMC Health Services Research, 22(1), pp. 1-14, 2022.

Kala?ov A., ?ul, K. & Poliak, M., The Importance of Connecting the First/Last Mile to Public Transport, Komunikie, 24(2), 2022.

Fortune Business Insights, Internet of Things [IoT] Market Size, Share & Trends, 2029, Fortune Business Insights, Retrieved from, (26 May 2022).

IoT Analytics, Global IoT Market Size Grew 22% in 2021, IoT Analytics,, (26 May 2022).

Qiu, J., Tian, Z., Du, C., Zuo, Q., Su, S. & Fang, B., A Survey on Access Control in the Age of Internet of Things, IEEE Internet of Things Journal, 7(6), pp. 4682-4696, 2020.

CSRC NIST, Authentication ? Glossary, CSRC,, (26 May 2022).

CSRC NIST, Authorization ? Glossary, CSRC,, (26 May 2022).

Khan, A., Authorization Schemes for Internet of Things: Requirements, Weaknesses, Future Challenges and Trends, Complex & Intelligent Systems, 8(5), pp. 3919-3941, 2022.

Hu, V.C., Kuhn, D.R., Ferraiolo, D.F. & Voas, J., Attribute-Based Access Control, Computer, 48(2), pp. 85-88, 2015.

Ameer, S., Benson, J. & Sandhu, R., An Attribute-Based Approach Toward a Secured Smart-Home IoT Access Control and A Comparison with A Role-Based Approach, Information, 13(2), 60, 2022.

Zheng, W., Bing, C. & Debiao, H., An Adaptive Access Control Scheme Based on Trust Degrees for Edge Computing, Computer Standards & Interfaces, 82, 103640, 2022.

Truong, A.T., A Comprehensive Framework Integrating Attribute-Based Access Control and Privacy Protection Models, Advances in Engineering Research and Application: Proceedings of the International Conference on Engineering Research and Applications, ICERA 2021, Springer International Publishing, 2022.

Ashutosh, A. & Gerl, A., Access Control for a Connected Vehicle Ecosystem, 2021 11th International Conference on Advanced Computer Information Technologies (ACIT). IEEE, 2021.

Chen, W., A Model Study on Hierarchical Assisted Exploration of RBAC, International Journal of Digital Crime and Forensics (IJDCF), 14(2), pp.1-13, 2022.

Petrov, V., Edelev, S., Komar, M. & Koucheryavy, Y., Towards the Era of Wireless Keys: How the IoT can Change Authentication Paradigm, 2014 IEEE World Forum on Internet of Things (WF-IoT), 2014.

Komar, M., Edelev, S. & Koucheryavy, Y., Handheld Wireless Authentication Key and Secure Documents Storage for the Internet of Everything, 18th Open Innovations FRUCT Conference, St. Petersburg, 2016.

Aji, P., Renata, D.A., Larasati, A. & Riza, Development of Electric Vehicle Charging Station Management System in Urban Areas, 2020 International Conference on Technology and Policy in Energy and Electric Power (ICT-PEP), Bandung, Indonesia, pp. 199-203, 2020.

Maclay, W.N., IoT Wireless Technology Overview, DigiKey,, (27 May 2022).

NXP, MIFARE Classic EV1 1K ? Mainstream Contactless Smart Card, NXP,, (28 February 2022).

NXP, MIFARE Desfire EV3 Contactless Multi-Application IC, NXP,, (29 May 2022).

Avnet, MF3DH8301DUD/00Z by NXP RFID, Avnet,, (29 May 2022).




How to Cite

Shalannanda, W., Kornel, F. A. P., Hibatullah, N. R., Fahmi, F., Sutanto, E., Yazid, M., Aziz, M., & Hamid, M. I. (2023). Smart Card-based Access Control System using Isolated Many-to-Many Authentication Scheme for Electric Vehicle Charging Stations. Journal of ICT Research and Applications, 17(2), 249-274.