Employees each have a private key associated with their Ethereum address. Access control to the different endpoints is done via tickets that are issued with Solidity events. Each endpoint must keep track of the current tickets that have been issued and their validity periods. Tickets are issued to a specific employee, if and only if the employee has sufficient permissions to access the endpoint. The permission checking is encoded in the smart contacts themselves.
The door lock example allows for opening physical doors using an NFC device / Mobile App as the employee’s key.
Demo video https://youtu.be/AamH4xetnSQ
more info in the project GitHub repo – https://github.com/ICST-Technion/smartcontract_ESP32