17 research outputs found
Security and Privacy of Radio Frequency Identification
Tanenbaum, A.S. [Promotor]Crispo, B. [Copromotor
The Evolution of RFID Security
The advantages and drawbacks associated with the use of RFID technology, are discussed. The RFID functions as a medium for numerous tasks including managing supply chains, tracking livestock, preventing counterfeiting, controlling building access, supporting automated checkout, developing smart home appliances, locating children, and even foiling grave robbers. The RFID tags that optimize supply chains can also violate a person's privacy by tracking the tagged item's owner and muggers with RFID readers could scan crowds for high-value banknotes, whereas, terrorists could scan digital passports to target specific nationalities
RFID Malware: Truth vs. Myth
The issues related to RFID malware along with proof-of-concept RFID virus are discussed. RFID exploits are traditionally hacking attacks that are identical to those found on Internet, such as buffer overflow, code insertion, and SQL injection attack. RFID warms copy the original exploit code to newly appearing RFID tags. An RFID virus can self replicate without an Internet connection by copying itself into back-end database. The tags are simply data carriers, just like floppy disks and USB sticks, which are prone to attacks by various hackers. It is recommended that RFID middleware vendors must have independent experts audit their code for vulnerabilities and practice safe programming practices. RFID equipment manufacturers must invest more energy in prototyping improved cryptography on low-cost RFID tags. Lawmakers and the average person should demand security and privacy measures in the RFID technology
Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags
This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible. © Springer-Verlag Berlin Heidelberg 2007
Uniting Legislation with RFID Privacy-Enhancing Technologies
RFID is a popular identification and automation technology with serious security and privacy threats. Legislation expounds upon the actual security and privacy needs of people in RFID-enabled environments, while technology helps to ensure legal compliance. This paper examines the main aims of RFID privacy legislation, and explains how to achieve them using RFID privacy-enhancing technologies. The discussion reveals that multiple RFID privacyenhancing technologies must be combined and coordinated to achieve the protection of an individual. People currently do not have a tool that allows them to do this, so we suggest the development of a unified platform that can manage, utilize, and integrate RFID privacy-enhancing technologies
RFID Malware: Design Principles and Examples
This paper explores the concept of malware for Radio Frequency Identification (RFID) systems - including RFID exploits, RFID worms, and RFID viruses. We present RFID malware design principles together with concrete examples; the highlight is a fully illustrated example of a self-replicating RFID virus. The various RFID malware approaches are then analyzed for their effectiveness across a range of target platforms. This paper concludes by warning RFID middleware developers to build appropriate checks into their RFID middleware before it achieves wide-scale deployment in the real world. © 2006 Elsevier Ltd. All rights reserved