An Gen2 Based Security Authentication Protocol for RFID System

AbstractEPC Class-1 Generation-2 specification(Gen2 in brief) has been accepted as the standard for RFID tags under grant number ISO18000-6C. However, Gen2 does not pay due attention to security. For this reason, a Gen2 based security authentication protocol is developed in this paper. In details, we study the security requirements presented in the current Gen2 based RFID authentication protocols[7–13]. Then we point out the security flaws of Chien's mutual authentication protocol[7], and improve the protocol based on a 11 security requirements. Our improved protocol merely uses CRC and PRNG operations supported by Gen2 and meets the 11 security requirements. In contrast to the similar work [14,15] on Chien's protocol or other Gen2 based schemes, our protocol is more secure and our security analysis is much more comprehensive and qualitative

RFID Privacy Concerns: A Conceptual Analysis in the Healthcare Sector

Radio Frequency Identification (RFID) is a wireless technology that utilizes radio waves to automatically capture data for identifying and tracking objects and/or people. As the use of RFID has grown, so has the chorus of privacy invasions against this identity-aware technology. With the planned deployment and use of RFID in healthcare, there are concerns regarding the social, technological and regulatory complexity of the RFID technology vis-à-vis the requirements of the Health Insurance Portability and Accountability Act (HIPAA). In this paper we use the principles of Fair Information Practice (FIP) as a guideline to examine the design of Privacy Enhancing Technologies (PETs). The outcome shows that PETs fail to incorporate the FIP principles and the importance of examining the social aspect of this ubiquitous technology from a sociotechnical perspective. The socio-technical perspective, with its emphasis on the examination of complex relations among social and technical interactions of RFID, can provide a useful insight to assess the societal impact and changes to individual behavior that may arise from privacy concerns. We believe that, using the groundwork laid down in this study, future research along these directions could contribute significantly to addressing privacy concerns expressed about RFID in the context of healthcare

Using Radio Frequency Identification Technology In Healthcare

In the healthcare industry, medical treatment can be a matter of life and death, so that any mistakes may cause irreversible consequences. As hospitals have sought to reduce these types of errors, Radio Frequency Identification Technology (RFID) has become a solution in the healthcare industry to address these problems. Since 2005, RFID has generated a lot of interest in healthcare to make simpler the identification process for tracking and managing medical resources to improve their use and to reduce the need for future costs for purchasing duplicate equipment. There are rising concerns linked to the privacy and security issues, when RFID tags are used for tracking items carried by people. A tag by its design will respond to a reader\u27s query without the owner\u27s consent and without the owner even noticing it. When RFID tags contain patients\u27 personal data and medical history, they have to be protected to avoid any leaking of privacy-sensitive information. To address these concerns, we propose an Intelligent RFID System which is a RFID card system that embeds smart tags in insurance cards, medical charts, and medical bracelets to store medical information. Patient data is sent to the insurance providers by way of a clearinghouse that translates the information from the healthcare facility into a format that the insurance company can process. To ensure data protection, an additional security layer was added to secure the communication between the tags and the readers. This security layer will allow only authorized readers to poll tags for the patient\u27s medical tags and prevent unauthorized access to tag data. It will simplify the maintenance and transfer of patient data in a secure, feasible and cost effective way

A Hybrid Approach for Enhancing Security in RFID Networks

Abstract-RFID (Radio-Frequency Identification) is a technology for automatic identification of things and people. Human beings are skillful at identifying things under many different challenge circumstances. A bleary-eyed person can quickly pick a cup out of coffee on a cluttered breakfast dining table each day, as an example. Computer sight, though, executes jobs which are such. RFID might be considered an easy method of explicitly objects that are labeling facilitate their "perception" by processing devices. An RFID device frequently only called an RFID label is a microchip that is small for wireless information transmission. It is generally mounted on an antenna in a package that resembles an adhesive sticker that is ordinary. The word "RFID" to denote any RF device whose function that is main identification of an object or person. This definition excludes simple products like retail stock tags, which simply indicate their particular presence and on/off condition during the standard end of the practical range. It also excludes products being transportable smart phones, which do a lot more than merely identify by themselves or their particular bearers. Numerous cryptographic models of security neglect to show crucial features of RFID systems. A straightforward design that is cryptographic as an example catches the top-layer communication protocol between a tag and audience. In the reduced layers are anti-collision protocols along with other RF that is basic notably enumerate the safety dilemmas present at multiple interaction layers in RFID methods. This work proposes a hybrid that is brand new and AES based Encryption mechanism for RFID program

Personal Privacy Protection within Pervasive RFID Environments

Recent advancements in location tracking technologies have increased the threat to an individual\u27s personal privacy. Radio frequency identification (RFID) technology allows for the identification and potentially continuous tracking of an object or individual, without obtaining the individual\u27s consent or even awareness that the tracking is taking place. Although many positive applications for RFID technology exist, for example in the commercial sector and law enforcement, the potential for abuse in the collection and use of personal information through this technology also exists. Location data linked to other types of personal information allows not only the detection of past spatial travel and activity patterns, but also inferences regarding past and future behavior and preferences. Legislative and technological solutions to deal with the increased privacy threat raised by this and similar tracking technologies have been proposed. Such approaches in isolation have significant limitations. This thesis hypothesizes that an approach may be developed with high potential for sufficiently protecting individual privacy in the use of RFID technologies while also strongly supporting marketplace uses of such tags. The research develops and investigates the limits of approaches that might be us,ed to protect privacy in pervasive RFID surveillance environments. The conclusion is ultimately reached that an approach facilitating individual control over the linking of unique RFID tag ID numbers to personal identity implemented though a combination of legal controls and technological capabilities would be a highly desirable option in balancing the interests of both the commercial sector and the information privacy interests of individuals. The specific model developed is responsive to the core ethical principle of autonomy of the individual and as such is also intended to be more responsive to the needs of individual consumers. The technological approach proposed integrated with enabling privacy legislation and private contract law to enable interactive alteration of privacy preferences should result in marketplace solutions acceptable to both potential commercial users and those being tracked