Slashdot Mirror
Unattended Equipment Loan System?
captnitro asks: "I run a small media lab for a department at a large public university. We have about 120 faculty and and equal number of graduate students who from time to time need things like digital cameras, video equipment, projectors, EyeOne units, and so on. (While there is a central location on campus for students, faculty and staff to get some of this equipment, we stock a few specialized pieces that our faculty need.) Since I'm out of the office a lot, I'm looking for a clever way of loaning out equipment that doesn't involve me being there and is secure enough that our administrators deem it "theft resistant" enough to implement. I've looked into small safes with PINs, or card readers (all faculty have IDs with magstripes), blah blah blah, but most of these are prohibitively expensive, so I'm thinking of hacking something together myself.. though I have no idea how I'd do that. Any thoughts?" Solutions could range from the clever and mixed tech (cheap locked boxes with combinations sent through encrypted e-mail), through high tech (use of the existing ID cards system) to unlock delivery boxes. If you were going to set up a system like this, how would you do it?
[quote] You are loaning out things that people can pick up and walk away with. How are you going to stop theft..?[/quote] That's just silly. You stop theft by knowing exactly who took the gear. Most thieves prefer not to leave their identity.
leave the keys with security, who are there 24x7. get them to authenticate (i.e. look at their ID card) and unlock the kit.
get them to sign an agreement that their department gets billed if they bring it back late, as well.
I don't know about you but I've had people borrow equipment only to have it 'stolen' from them by burglars. We strongly suspect this to be a lie, but try proving it.
Did you read what he was asking at all?
He wants to have the equipment available to people who have authenticated themselves.
If the people abuse it after that, it's a seperate problem.
By your theory, we should secure our boxes by delting all the accounts, since if you have an account a bad person might log in and do something bad to our box!
~~~~~ BigLig2? You mean there's another one of me?
"That's not my problem, it's yours. Return the equipment or pay for it!"
?
Seems to me that the easiest solution would be to higher someone, say a student, to work checking stuff out. Any sort of authentication system that's based on the id cards is suseptible to theft if someone steals someone else's id card. Having a system where someone can email a request for equipment might be workable, but I suspect that it would end up costing quite a bit of money just for that many safes, plus the hassle of resetting the combination every time someone checks something out. One thing you might consider is just putting a card reader on the door that's tied to the lock, and then putting a security camera in the room. Even if you don't have the time to actually go through all the tapes, being on camera can be somewhat of a deturrent.
Also remember that any system you implement to check out equipment also has to make it easy to return equipment. This means that automated solutions need to not rest combinations or whatever until the equipment is returned.
Also, if you choose to go with a technology solution, remember that even if it seems expensive, think of the cost of the equipment that could be stolen, or the cost of paying someone to man the desk.
Famous Last Words: "hmm...wikipedia says it's edible"
I guess they could be used to track the movement of your equipment.
You guy remember those? I have seen many ways people have used them to do inventory.
g =3
http://cuecatastrophe.com/mirrors/Default.asp?p
I would do a 3 step process here. I will assume you have mag strip access to rooms on these cards. Should not be to much of a strech to have one set up on a storage door for access. Here you have a access control list for that door and limit your pool of people with access.
Then barcode all the equipment, set up a little web site that allows people to "request" to check out a piece of equipment online. Use the qcat, after getting past the access list for room access at the door, they scan the piece they are checking out. This time stamps the equipment for you as a check out and return. When they return the equipement they scan it again, and this removes it from the webpage as a "checked out" iteam. Thus giving a running list on the website of things that are "in".
Finally, set up a cheap webcam (thinkgeek has for 200 that is ip based with webserver) to write to disk on a computer in anouther room. This is your safty net for "nothing was scanned, but we have billy bob on tape slinking out with the digital camera. Here are the door scan logs from 12:03 am, and here are the logs where he did not scan it out. Also, he did not request this iteam via the web page. Get a ROPE!"
I think this pretty much covers your ass, gives them access to the equipment, and allows for an automated check in, check out, and what is "in stock".
Best of luck.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
RFID the equipment, sensor at the door to log in/out, card reader to get into the room.
Get an assistant (some first-year student), and pay him a few bucks for doing your job.
Tux2000
Denken hilft.
Yes, find the problems with what he's asking and completely ignore the question.
N IC_DOOR_STRIKE.asp -- When validated by the pc current is sent to the door strike to unlock the room
Parts
1) Magstrip reader (no link) -- used to read the id of someone at the door
2) Computer (no link) -- used to tell who is at the door.
3) Electronic door strike (http://www.audioimpact.net/EDS300_EDS300_ELECTRO
4) Webcam (no link) -- takes pictures of whoever is entering using motion sensing software
Issues -- power outage -- room remains locked. Entrance can be aqquired by using a key.
Issues -- Damanged equipment -- look at who has checked it out last by checking the mag stripe log and the webcam.
Issues -- Damaged equipment -- "Someone before me broke it", make it well aware that they should test it BEFORE they leave the room with it.
-- botsex is {grep;touch;strip;unzip;head;mount}
The books have a magnetic security strip and a barcode. You have a swipe-card (I think with a barcode too). You swipe your card, scan the book and the machine then demagnitizes the book. If you don't check it out, the alarm goes off at the door.
A .45 and a reputation.
Hoist Number One and Number Six.
Simply ask them for a copy of their police report of when they filed the burglary.
This is required when someone loses some company property here.
Bot Assisted Blogging
Yes, I know you asked for an "unattended" solution, but I'm sure that your university is already paying lots of money to run a library where people can go to check out other stuff, so make your stuff part of what people can check out at the library, provided, of course, that they can prove to the library staff that they are authorized to check out these items. Transfer a small amount of your department's budget to the library to cover their extra expense and it'll probably be by far the cheapest way to go and you get to take credit for saving them a lot of money.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Solve technical problems with technology; solve social problems socially.
There is no technology that is going to remove the possibility of someone walking away with your stuff illegitimately that won't also piss of the people you are serving. No one is going to want to learn another password, another process, and another set of rules and regulations because you are too lazy to do your job or too cheap to pay someone else to do your job.
Simplest solution:
1. Put aside 3 hours per week in which you guarantee that you will be in your office.
2. Tell your users, customers, clients, whatever that if they come at those times, they will be able to get the resources you offer; any other time is a gamble.
3. Stick to it.
People will be happy they don't have to track you down anymore; you will be happy because you will spend less time per week babysitting equipment.
Hire a student to do this. I was a student in a university and I'm rather erked at the number of jobs that used to be for work study, and are now being phased out thanks to half baked tech replacements. A homemade system will never be as secure as having a human being there to verify ID and record who checked out what. A work study student would cost you nothing, and give someone the ability to collect their financial aid. Why are we trying to replace jobs a person could do in a recession?
Coffee: The lifeblood of intelligence in civilization.
I'm one of the two staffers for my University's Instructional Technology and Campus Media Office (Whew!) and all I can say is: student workers. We keep 10 or so around for 6-10 hours per week. They take requests, make equipment deliveries, and generally follow our every nefarious whim as far as checking out equipment. The university pays them tax-free $5.25/hour. They love it because %90 of the time they can sit and do homework, surf the web, etc.
It's great for us because we're free to work on more involved projects without worrying that Dr. Smith isn't going to get her LaserDisc player on time. Student workers are also neat to have around.. We maintain a very casual, but very efficient, atmosphere in the office.
While what you're doing MAY be possible without human help, I get the feeling that any automated solution will cause you to spend more time babysitting it than doing your job.
Good luck, and don't forget to change the air filters on those projectors!
I saw a presentation by Gabriele Wienhausen (provost of Sixth College at UCSD) about their "digital playroom". I couldn't find a page for it, but did find a press release about Sony donating a bunch of stuff.
Basically it's a room that students need to swipe their ids to enter. Once inside, they've got free access to camcorders, digital cameras, lots of computers, etc. I think it's unattended, and open very long hours (24/7 during finals).
The key is making the students feel like the equipment is theirs, so taking it would be stealing from their friends. Otherwise, any unattended system is going to be plagued by theft.
-esme
While this may sound like a neat project, there's one fundamental problem: You can't assign responsibility for damage. Suppose 3 people check out an item over a week. When the manager/IT guy/whoever checks it and notices damage, how do you know who did it? Obviously, if someone does something apparent, the next user will notice. But even then, the person who broke it can simply say, "Yeah, I noticed that when I checked it out. I forgot to report it."
You still need a human to check stuff in and out and verify the state of the equipment at check out/in. Otherwise, expect everyone to start pointing fingers. You could simply bill everyone, but that would just tick off everyone.
-- Fugacity: Confusing chemists since 1908
Create a win-win for you and a student.
Dude, it's an AUTOMATED system. How do you figure out who borrowed it last? Who is going to verify the person's ID? This is just asking for abuse.
RFID tags are now pretty cheap, and available in stick-on rolls. RFID readers ditto. Your people have swipe cards. Now:
Person with swipe card operates the door to the hitech store room with their swipe card. PC records their entry. Person takes piece of gear with an RFID tag in it and swipes card to exit. PC records their exit, and RFID reader records the RFID of whatever gear they just took out.
Yes it's still possible for a second person to get in when someone else opens the door, or someone could take off the RFID tags somehow, but then every system has some way to get around it.
-- ted russ http://www.arach.net.au/~ted/mydynes/ http://www.arach.net.au/~ted/myblogs/
I have to disagree. There are psychological ways of stopping theft that are probably more effective than technical ways (or at least complementary to them). Anyone determined enough can find a way around technical safeguards... your goal should be to make them stand out like a purple cow!
-I think the best is simply putting whatever solution you have in a highly visible area, like in a commons area. It's rare that you see a car broken into right in front of the entrance to a store, where everyone can see it.
-Lock it up at the end of the night, by putting a cage around it.
-Put a sign up, "This automated rental system generously donated by (whomever gave you a few bucks to implement this)".
-Have a loud alarm that sounds if it is broken into.
-Put up a camera inside, and have one in a separate location facing the person so everyone who uses it can be identified. Or at least a sign saying "This machine under electronic surveillance".
The key here is not to making it technically impossible to steal something, but to strongly discourage it. And to make it more likely to identify someone who does manage to break into it. You know those signs around military areas that say "Use of deadly force authorized"? Do you really think they put them up because they intend to shoot to kill everyone who wanders in there? Absolutely not. Psychology is a very powerful tool- use it however you can.
The sending of this message pretty much inconveniences everyone involved.
Sounds like you could use an internal website with a calendar to schedule loan times. In fact, I was looking into such a system for my department. Unfortunately, google is inundated with non-open source (read: non-free) software. But if you find one that suits you (or develop a site yourself) you could advertise the "office hours" when you will be there for equipment pickup and allow people to login and sign up for equipment in available time slots. That way, you have a digital record of who has what AND it's automatically logged and blocked off so others can work their schedule around it without involving you (that's the most important part). Make it a policy that if they haven't logged their loan request in the system, then they can't take the equipment. If you have the site developed well enough, then with this policy you minimize ID fraud since the criminal not only has to have the right personal ID card, but the would have to know the login and password for the appointment system.
I realize that I haven't given a suggestion on how to NOT be there in person when lending the equipment out, but I'm in line with the other suggestions that you should hire an underling to do it if you can't do it--that's most cost effective.
In my university, the IDs are now smartcards. Assuming that you also have this system, you could possibly use a smartcard reader for access to a secure room (ask the facility staff to do this). A smartcard reader on a PC with a barcode reader (to scan a barcode on the equipment, you do use barcodes for inventory management don't you?) could possibly be used to log the actually equipment transaction without you being there, but that's still insecure and takes staff training, yuck.
Linux at home
I've looked into small safes with PINs, or card readers (all faculty have IDs with magstripes), blah blah blah, but most of these are prohibitively expensive, so I'm thinking of hacking something together myself.
I have no idea what the cost situation is, but have you looked at the sorts of lockers that are (or were, at least before 11 Sept 2001) common in airports and train stations? Not the "drop a quarter in and take away the key" type, they've been around for 50 years or more. Rather, the ones that have interfaces for non-cash transactions. Combined with the smart-cards you've got, and with each item in its own locker, you could probably get a decent system put together from off-the-shelf parts.
I don't think there's a good solution for equipment of the value of the equipment you're talking about.
If you were loaning out stuff that was all worth less than a hundred dollars, I'd have something like this: card swipe on the door, camera watching the whole room and another camera for closeups (both record 24/7 to disk), and electronically closeable rings on shelves. To loan the equipment, just swipe yourself in and pick it up. Your card swipe will unlock the equipment you've booked. Show it to the closeup camera (so that you don't get blamed for any damage already on it) and take it away.
When you return it, show it to the camera again (for the same reason) and lock it back in.
You could add a keypad to the swipe reader.
I don't know of an inexpensive source of electronic locks though - that could be the killer.
Xenu loves you!
I'd set up a Linux koisk with a phisically secured connection to lock boxes. Mirror trusted users' data from your university's existing authentication server for authentication. Just make sure to set up your firewall to not accept any external connections.
I don't know whether your job description would allow this, but you could have a system of "office hours" for checking out and returning equipment. Say something like you'll be in the office from 8-9 in the morning and then again from 4-5 in the afternoon (and maybe during lunchtime too). People can submit their requests by E-Mail or other means ahead of time and you'll have it prepared the next morning, or they can come in during the appointed office hours to make a request in person. Professors do this all the time; it is their job to teach students, but they have other things to do as well, and they don't see it useful to committ their entire schedule to the possibility that a student might want to see them at any given moment. So they make office hours 2-3 times a week. They also tell the students that they are welcome to drop by his office whenever they want, and if he's in he'll answer whatever questions they have, but he doesn't make any garuntees outside of the times he's specifically mentioned.
But, my off the wall idea is similar to the chains on shopping carts.. around here, you insert a quarter, or some places, a #'d tag into a slot, and the lock pops open, they are mainly used to keep carts from flying all over the lot..
--you don't get your quarter back until you put the cart into another cart or other spot with available chains... they don't have to be quarters.
Do these devices have kensington slots? run the cable on the kensington slot (or weld some cables on) and issue unique tokens/keys that are left behind when someone unlocks an item.. something awol? pull the tag and see who's it is.
in my search for examples to include, I also found this potentially applicable site
http://bike.hampshire.edu/development/summary/ about setting up community bikes & security..
skim it, they cover mechanical to electrical to complex tracking.
every day http://en.wikipedia.org/wiki/Special:Random
lol. The system in question is automated. How easy is it going to be to find Amanda Huggenkiss and Hugh Jass?
Support the First Amendment. Read at -1
Sure technology is cool and all, but sometimes the old-fashoned ways just work better.
Basically, we needed a way keep track of what employee used what vehicle out of the company car pool at what times (some trusted employees are supposed to have access to the company cars for official business).
I had a safe installed in a dedicated room, inside the office. All employees have RFID and/or swipe cards for access control to the building. There's a seperate card reader that controls access to the room and a surveillance camera inside.
The system works basically by reading an ID number off of a swipe card, then prompting for a PIN (pretty much like an ATM would -- we used a standard PC for that but only the number pad is accessible). The ID # and the PIN are compared to what's stored in a database.
If the PIN matches what's on file for that ID number, the door of the safe opens and a the number is then logged to a read-only system (this is the logging host which is reasonably secure since it's not connected to any network and does nothing but append a logfile). Unsuccessful attempts are also logged. The account lockout counter is set to a reasonably low amount.
All the keys are on keychains that have a magnet on them. If you take a car key out of slot #1 (all the cars are assigned slots), the system logs it. When you return the key, you insert it into the same marked slot (ie. #1), the system registers and, consequently, logs it.
Bear in mind though, that this only works because we have a trusted group of users. You need to be inside the building and inside the safe room, to actually access the keypad. And there's nothing to stop an employee from taking all the keys at once except that the fact that they can easily be identified, terminated, sued and criminally prosecuted.
The system itself is pretty simple. Two old PCs (one database server that does the processing and one logging host). The safe is pretty standard (I don't remember who we bought that magnet system from though).
HTH a bit. :)