70 resultados para RFID,
Resumo:
Radio Frequency Identification (RFID) system is a remote identification technology which is taking the place of barcodes to become electronic tags of an object. However, its radio transmission nature is making it vulnerable in terms of security. Recently, research proposed that an RFID tag can contain malicious code which might spread viruses, worms and other exploits to middleware and back-end systems. This paper is proposing a framework which will provide protection from malware and ensure the data privacy of a tag. The framework will use a sanitization technique with a mutual authentication in the reader level. This will ensure that any malicious code in the tag is identified. If the tag is infected by malicious code it will stop execution of the code in the RFIF system. Here shared unique parameters are used for authentication. It will be capable of protecting an RFID system from denial of service (DOS) attack, forward security and rogue reader better than existing protocols. The framework is introducing a layer concept on a smart reader to reduce coupling between different tasks. Using this framework, the RFID system will be protected from malware and also the privacy of the tag will be ensured.
Resumo:
In this paper we address the problem of securing networked RFID applications. We develop and present a RFID security protocol that allows mutual authentication between the reader and tag as well as secure communication of tag data. The protocol presented uses a hybrid method to provide strong security while ensuring the resource requirements are low. To this end it employs a mix of simple one way hashing and low-cost bit wise operations. Our protocol ensures the confidentiality and integrity of all data being communicated and allows for reliable mutual authentication between tags and readers. The protocol presented is also resistant to a large number of common attacks.
Resumo:
The use of RFID (Radio Frequency Identification) technology can be employed for tracking and detecting each container, pallet, case, and product uniquely in the supply chain. It connects the supply chain stakeholders (i.e.; suppliers, manufacturers, wholesalers/distributors, retailers and customers) and allows them to exchange data and product information. Despite these potential benefits, security issues are the key factor in the deployment of a RFID-enabled system in the global supply chain. This paper proposes a hybrid approach to secure RFID transmission in Supply Chain Management (SCM) systems using modified Wired Equivalent Encryption (WEP) and Rivest, Shamir and Adleman (RSA) cryptosystem. The proposed system also addresses the common loop hole of WEP key algorithm and makes it more secure compare to the existing modified WEP key process.
Resumo:
Radio frequency identification (RFID) is a remote identification technique promises to revolutionize the way a specific object use to identify in our industry. However, large scale implementation of RFID sought for protection, against Malware threat, information privacy and un-traceability, for low cost RFID tag. In this paper, we propose a framework to provide privacy for tag data and to provide protection for RFID system from malware. In the proposed framework, malware infected tag is detected by analysing individual component of the RFID tag. It uses sanitization technique for analysing individual component. Here authentication based shared unique parameters is used as a method to protect privacy. This authentication protocol will be capable of handling forward and backward security and identifying rogue reader better than existing protocols. Using this framework, the RFID system will be protected from malware and the privacy of the tag will be ensured as well.
Resumo:
In this paper we present a novel approach to authentication and privacy in RFID systems based on the minimum disclosure property and in conformance to EPC Class-1 Gen-2 specifications. We take into account the computational constraints of EPC Class-1 Gen-2 passive RFID tags and only the cyclic redundancy check (CRC) and pseudo random number generator (PRNG) functions that passive RFID tags are capable of are employed. Detailed security analysis of our scheme shows that it can offer robust security properties in terms of tag anonymity and tag untraceability while at the same time being robust to replay, tag impersonation and desynchronisation attacks. Simulations results are also presented to study the scalability of the proposed scheme and its impact on authentication delay.
Resumo:
Radio Frequency Identification (RFID) technology is becoming increasingly popular as an automated tool for object monitoring and identification in a cost-efficient manner. RFID systems are made up of heterogeneous components consisting of both hardware and software. RFID components such as the readers are prone to failures with serious consequences to the overall system. Thus, issues such as reliability and dependability of RFID systems are receiving attention recently. This mandates fault management that includes monitoring the health of RFID readers and accessing the RFID reader configurations remotely. Therefore, an approach that detects the faulty readers with the aim to minimize the impacts of the faulty readers on the system reliability and dependability is of paramount importance. In this chapter, the authors discuss an approach to detect faulty readers in networked RFID system environments. Performance evaluation of the approach against other techniques is presented and shows that it performs reasonably well in the presence of faulty readers.
Resumo:
In the last decade RFID technology has become a major contender for managing large scale logistics operations and generating and distributing the massive amount of data involved in such operations. One of the main obstacles to the widespread deployment and adoption of RFID systems is the security issues inherent in them. This is compounded by a noticeable lack of literature on how to identify the vulnerabilities of a RFID system and then effectively identify and develop counter measures to combat the threats posed by those vulnerabilities. In this chapter, the authors develop a conceptual framework for analysing the threats, attacks, and security requirements pertaining to networked RFID systems. The vulnerabilities of, and the threats to, the system are identified using the threat model. The security framework itself consists of two main concepts: (1) the attack model, which identifies and classifies the possible attacks, and (2) the system model, which identifies the security requirements. The framework gives readers a method with which to analyse the threats any given system faces. Those threats can then be used to identify the attacks possible on that system and get a better understanding of those attacks. It also allows the reader to easily identify all the security requirements of that system and identify how those requirements can be met.
Resumo:
While SQL injection attacks have been plaguing web applications for years the threat they pose to RFID systems have only identified recently. Because the architecture of web systems and RFID systems differ considerably the prevention and detection techniques proposed for web applications are not suitable for RFID systems. In this paper we propose a system to secure RFID systems against tag based SQLIA. Our system is optimized for the architecture of RFID systems and consists of a query structure matching technique and tag data cleaning technique. The novelty of the proposed system is that it's specifically aimed at RFID systems and has the ability to detect and prevent second order injections which is a problem most current solutions haven't addressed. The preliminary evaluation of our query matching technique is very promising showing very high detection rate with minimal false positives.
Resumo:
Radio frequency identification (RFID) systems are emerging as the primary object identification mechanism, especially in supply chain management. However, RFID naturally generates a large amount of duplicate readings. Removing these duplicates from the RFID data stream is paramount as it does not contribute new information to the system and wastes system resources. Existing approaches to deal with this problem cannot fulfill the real time demands to process the massive RFID data stream. We propose a data filtering approach that efficiently detects and removes duplicate readings from RFID data streams. Experimental results show that the proposed approach offers a significant improvement as compared to the existing approaches.
Resumo:
In this paper we propose a novel secure tag ownership transfer scheme for closed loop RFID systems. An important property of our method is that the ownership transfer is guaranteed to be atomic and the scheme is protected against desynchronisation leading to permanent DoS. Further, it is suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use the CRC and PRNG functions that passive RFID tags are capable of. We provide a detailed security analysis to show that our scheme satisfies the required security properties of tag anonymity, tag location privacy, forward secrecy, forward untraceability while being resistant to replay, desynchronisation and server impersonation attacks. Performance comparisons show that our scheme is practical and can be implemented on passive low-cost RFID tags.
Resumo:
The ability to uniquely identify individual objects is essential in many applications such as manufacturing, distribution logistics, access control, anti-counterfeiting and healthcare. Radio Frequency Identification (RFID) technology provides one solution for automatic identification of entities using radio waves. Although there is considerable potential in deploying RFID technology, reliability is a key challenge that requires careful attention for RFID to deliver its inherent benefits. In this paper, we highlight the reliability challenges in RFID technology and we analyze the reliability aspects of RFID technology and their major causes. We will also discuss techniques to improve the reliability of RFID systems.
Resumo:
Radio Frequency Identification (RFID) is a technology that enables the non-contact, automatic and unique identification of objects using radio waves. Its use for commercial applications has recently become attractive with RFID technology seen as the replacement for the optical barcode system that is currently in widespread use. RFID has many advantages over the traditional barcode and these advantages have the potential to significantly increase the efficiency of decentralised business environments such as logistics and supply chain management. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. In order to ensure the privacy and security of the tags, the search has to be conducted in a secure fashion. To our knowledge not much work has been done in this secure search area of RFID. The limited work that has been done does not comply with the EPC Class-1 Gen-2 standards since most of them use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a serverless ultra-lightweight secure search protocol that does not use the expensive hash functions or any complex encryption schemes but achieves compliance with EPC Class-1 Gen-2 standards while meeting the required security requirements. Our protocol is based on XOR encryption and random numbers - operations that are easily implemented on low-cost RFID tags. Our protocol also provides additional protection using a blind-factor to prevent tracking attacks. Since our protocol is EPC Class-1 Gen-2 compliant it makes it possible to implement it on low-cost passive RFID tags.
Resumo:
Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although much work has been done to provide privacy and anonymity, little focus has been given to ensure RFID data confidentiality, integrity and to address the tampered data recovery problem. To this end, we propose a lightweight stenographic-based approach to ensure RFID data confidentiality and integrity as well as the recovery of tampered RFID data.
Resumo:
Remote technologies are changing our way of life. The radio frequency identification (RFJD) system is a new technology which uses the open air to transmit information. This information transmission needs to be protected to provide user safety and privacy. Business will look for a 5ystem that hasfraud resilience to prevent the misuse of information to take dishonest advantage. The business and the user need to be assured that the transmitted information has no content which is capable of undertaking malicious activities. Public awareness of RFID security will help users and organizations to understand the need for security protection. Publishing a security guideline from the regulating body and monitoring implementation of that guideline in RFID 5ystems will ensure that businesses and users are protected. This chapter explains the importance of security in a RFID system and will outline the protective measures. It also points out the research direction of RFID 5ystems.
