|URL of the blog. Try it with your smart phone.|
Let's assume we need to install a number of sensors or actuators, wired or wireless, into a building or outdoor environment. We don't want to pair the nodes in advance, as then we must pay close attention in which unit to install where. All units are equal as long as they are in the box. Only at installation time they get the association to the place and possible role. How to do that in most convenient matter?
There may be a serial number printed in every unit. Then the installation guy must manually copy the serial number to paper or electronic device. Manual and error prone process. If we put a 1D bar code into each unit, then the process of identification can be automated, but a specific tool with laser bar code reader unit is needed.
Let's stick a QR code with a unique identifier into each unit. The installation person can then use his or her smart phone or tablet to read the code, and immediately associate the specific sensor into the installation location and deliver the info in the system database with help of the mobile data connection of the device. In case of outdoor environment, GPS data can be combined to create geospatial mapping of the installation.
Let's consider building automation, for example some sort of equipment installed inside of a building, like heat pump, ventilation unit or A/C. Those are rather sophisticated devices nowadays, with capability to offer remote connectivity, possibly with help of cloud solution. Use of such remote user interface should be as easy as possible, simultaneously providing adequate security and confidentiality.
If a person has physical access next to the device, then we may assume he or she has right to access and control that equipment, at least in some extend - not a completely outsider. If there is a QR printed at the side of the device, that information may tell to the cloud or even to the device itself that the person operating the mobile terminal which delivered the code has access right to the device.
In case of asymmetric cryptography, the QR code may contain the public key of the server side. If it is printed and mounted at the assembly line, it most probably is authentic and not altered. With help of the public key, terminal unit may then send it's own public key in encrypted format to the server, and then they can communicate in completely secured fashion, and no cryptographic credentials was ever exchanged in plain text format.