46,275 research outputs found
An efficient and private RFID authentication protocol supporting ownership transfer
Radio Frequency IDentification (RFID) systems are getting pervasively deployed in many daily life applications. But this increased usage of RFID systems brings some serious problems together, security and privacy. In some applications, ownership transfer of RFID labels is sine qua non need. Specifically, the owner of RFID tag might be required to change several times during its lifetime. Besides, after ownership transfer, the authentication protocol should also prevent the old owner to trace the tags and disallow the new owner to trace old transactions of the tags. On the other hand, while achieving privacy and security concerns, the computation complexity should be considered. In order to resolve these issues, numerous authentication protocols have been proposed in the literature. Many of them failed and their computation load on the server side is very high. Motivated by this need, we propose an RFID mutual authentication protocol to provide ownership transfer. In our protocol, the server needs only a constant-time complexity for identification when the tag and server are synchronized. In case of ownership transfer, our protocol preserves both old and new ownersâ privacy. Our protocol is backward untraceable against a strong adversary who compromise tag, and also forward untraceable under an assumption
Cryptanalysis of two mutual authentication protocols for low-cost RFID
Radio Frequency Identification (RFID) is appearing as a favorite technology
for automated identification, which can be widely applied to many applications
such as e-passport, supply chain management and ticketing. However, researchers
have found many security and privacy problems along RFID technology. In recent
years, many researchers are interested in RFID authentication protocols and
their security flaws. In this paper, we analyze two of the newest RFID
authentication protocols which proposed by Fu et al. and Li et al. from several
security viewpoints. We present different attacks such as desynchronization
attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed
and Parallel system
Responsibility and non-repudiation in resource-constrained Internet of Things scenarios
The proliferation and popularity of smart
autonomous systems necessitates the development
of methods and models for ensuring the effective
identification of their owners and controllers. The aim
of this paper is to critically discuss the responsibility of
Things and their impact on human affairs. This starts
with an in-depth analysis of IoT Characteristics such
as Autonomy, Ubiquity and Pervasiveness. We argue
that Things governed by a controller should have an
identifiable relationship between the two parties and
that authentication and non-repudiation are essential
characteristics in all IoT scenarios which require
trustworthy communications. However, resources can
be a problem, for instance, many Things are designed
to perform in low-powered hardware. Hence, we also
propose a protocol to demonstrate how we can achieve the
authenticity of participating Things in a connectionless
and resource-constrained environment
Analysis domain model for shared virtual environments
The field of shared virtual environments, which also
encompasses online games and social 3D environments, has a
system landscape consisting of multiple solutions that share great functional overlap. However, there is little system interoperability between the different solutions. A shared virtual environment has an associated problem domain that is highly complex raising difficult challenges to the development process, starting with the architectural design of the underlying system. This paper has two main contributions. The first contribution is a broad domain analysis of shared virtual environments, which enables developers to have a better understanding of the whole rather than the part(s). The second contribution is a reference domain model for discussing and describing solutions - the Analysis Domain Model
Modernizing payment systems in emerging economies
The authors address the following questions in this overview of payment systems: What is a payment system? How can efficient systems contribute to the development of modern, market-based financial institutions and markets? What elements are necessary for payment systems to operate efficiently? What are the operational characteristics of a modern payment system? What is the World Bank approach to selected payment system initiatives, design, and development? Effective, efficient payment systems, they conclude, are vital for the economic development of emerging economies. Efficient payment systems help promote the development of commerce, enhance economic policy oversight, control the risk inherent in moving large values, and reduce the financial, capital and human resources devoted to the transfer of payments. Many emerging economies lack the financial and technical resources to develop such systems. Many turn technical resources to develop such systems. Many turn to the World Bank and other international agencies for assistance. Unfortunately, some believe that the entire solution for an effective payment system rests in obtaining modern computer hardware and believe the World Bank's sole contribution is to finance hardware costs. Hardware procurement alone will not solve problems of payment systems. These countries need organizational plans and structure for national payment systems before they spend money on computer equipment. They often lack the expertise to design and operate modern payment systems, so they may need technical assistance from financial experts before they invest in systems development. The design of a new payment system should be kept simple. Many emerging economies lack the infrastructure and banking sophistication to leapfrog from basic to state-of-the-art payment systems. The first task is to fix the most serious problems. The second is to upgrade the current systems incrementally, to meet basic standards of timeliness, security, and reliability. As these improvements are made, the countries can turn their attention to long-term, advanced solutions. Each country's payments system is unique. To simply import another country's system without adjusting for the target country's geography, infrastructure, banking and legal structures, culture, and needs could lead to suboptimal solutions. Development of the system should follow a disciplined plan for defining the needs of users and for organizing the project team and project goals.Payment Systems&Infrastructure,Banks&Banking Reform,Economic Theory&Research,Financial Intermediation,Information Technology
- âŠ