Securing EPCglobal Object Name Service Privacy Enhancements for Anti-counterfeiting

Transcription

1 Securing EPCglobal Object Name Service Privacy Enhancements for Anti-counterfeiting Matthieu-P. Schapranow, Alexander Zeier, Felix Leupold, Tobias Schubotz Hasso Plattner Institute, Enterprise Platform and Integration Concepts August Bebel Str. 88, Potsdam, Germany {matthieu.schapranow {felix.leupold Abstract In RFID-aided supply chains captured location-based event data is stored in distributed repositories. Performing anti-counterfeiting involves checks on the good s path in the supply chain. The path is reconstructed by querying corresponding event data from distributed repositories. The object name service performs lookups of relevant event repositories in EPCglobal networks. Attacking the lookup process can be used to break privacy of inquirers, e.g. to derive product and user profiles. We share details about our security enhancement prototypes to protect the privacy of querying parties. Our developed enhancements are designed for easy integration into existing network infrastructures without major efforts. I. Introduction Radio Frequency Identification (RFID) technology is named as a possible basis for anti-counterfeiting by providing enhancements of existing business processes [1]. Hereby, an automated tracking and tracing of products and an enhanced goods receipt process, e.g. on item, box, or pallet level, becomes available. It shows prevailing advantages, e.g. in contrast to barcodes, RFID tags can be read without establishing a direct line of sight, multiple tags can be read simultaneously, and they can cope with dirty environments [2], [3]. In context of pharmaceutical supply chains, the integration of tracking functionality is widely considered, e.g. two-dimensional data matrix or RFID technology, since this specific industry is confronted with increasing counterfeit rates [4]. The Electronic Product Code (EPC) uniquely identifies a certain good, e.g. pharmaceuticals equipped with RFID tags [5]. Related tracking events are stored in distributed EPC Information Services (EPCIS) repositories of involved supply chain parties [6]. We assume a dedicated service provider for anti-counterfeiting which needs to access EPCIS repositories of all supply chain parties. EPCISs are determined by providing EPC to Object Name Service (ONS) [7]. We value RFID event data as sensitive which needs to be protected against attacks during anticounterfeiting, e.g. eavesdropping [8]. In this work, we share details about our developed security enhancements ONSSL and zone encryption of ONS data to improve privacy during anti-counterfeiting Inquirer ONS DNS EPCIS EPC IP Address EPC Query Response Fig. 1. UML Sequence Diagram: EPCglobal Lookup Process and Privacy Threats in Scope of this Work Indicated by Bolt Signs lookup process. In Fig. 1 actors of the EPCglobal lookup process and privacy vulnerabilities in scope of our work are depicted and marked by bolt signs. The rest of the paper is structured as follows: Sect. II draws the motivation in context of the pharmaceutical supply chain. Sect. III sets our work in context to related work and in Sect. IV we share implementation details about our prototypes. Benchmark results of our enhancements are shared in Sect. V and their applicability in context of the pharmaceutical supply chain is evaluated in Sect. VI. Our work concludes with an outlook towards further research activities in Sect. VII. II. Motivation: Pharmaceutical Supply Chain The European pharmaceutical industry hit headlines with operation MEDI-FAKE announcing 34 million detected fake drugs in just two months [9]. The European Commission reported an increase of 118 % for pharmaceutical counterfeits detected at borders in 2008 compared to The pharmaceutical product category is the third largest product category in terms of quantities of intercepted articles besides the categories CDs/DVDs and cigarettes [4]. Counterfeited goods are a risk for customers and suppliers, since their effects are neither tested nor validated and the customer may suffer from medical complications. Annually approx. 7,000 cases of

2 medical complications are suspected to be connected with pharmaceutical counterfeits or improper ingredients [10]. In 2004, it was estimated that more than 500 billion USD were traded in counterfeits, i.e. 7 % of the world trade in the same period [11]. It is argued, that this equals an increase of 150 billion USD compared to 2001 [12]. In contrast, during the same period, the worldwide merchandise trade increased only by approx. 50 billion USD. This short excerpt of reported cases and their impact highlights the omnipresent risks of counterfeits and the need for a reliable mechanism to protect pharmaceutical goods. Its protection has to be an integer part of the entire pharmaceutical supply chain and should involve all supply chain participants. From our point of view, a high level of supply chain integrity is the basis for reliable product tracking and counterfeit detection. III. Related Work Fabian et al. started to investigate security of ONSs in EPCglobal networks, discussed various drawbacks and highlighted possible threats [13]. We see their work as basis for our research activities on ONS privacy enhancements. Jing Sun et al. performed research on securing EPC data based on an adapted Public Key Infrastructure (PKI) [14]. Besides access control, this approach encrypts data for data exchange. However, this requires set-up and administrate a hierarchical chain of trust which issues certificates via Certificate Authorities (CAs) [15], [16]. Security improvements of the Domain Name Service (DNS) are also relevant for the development of ONS since the latter adapts ideas of the DNS concept [17]. Domain Name System Security Extensions (DNSSEC) [18] and DNScurve [19] are only two possible extensions to enable authenticity and data encryption based on ellipticcurve cryptography for DNS queries and responses. From our perspective, securing exchanged queries and responses is equally important for EPCglobal networks to prevent eavesdropping of EPC event data. The Onion Routing (TOR) project presented by Dingledine et al. provides application layer anonymity by encrypting messages and routing them via frequently changing paths through a network of servers operated by volunteers [20]. In terms of the pharmaceutical supply chain the anonymity of the querying party is only relevant when a connection between EPC and customer can be derived. Since we assume a dedicated service provider for anti-counterfeiting the anonymity of inquirers is preserved. Other research activities evaluated the applicability of Peer-to-Peer (P2P) solutions in context of RFID scenarios to guarantee High Availability (HA) and load balancing in global supply chains [21]. Further approaches for HA, such as the Totem Redundant Ring Protocol [22] or multiple logical machines with fault-tolerant protocols [23] exist. We agree on storing RFID event data in a distributed manner. However, no existing work considers security of stored data or privacy of querying parties. Establishing Fig. 2. Inquirer EPC ONSSL Client Encrypted EPC Encrypted ONSSL Server EPC ONS UML Sequence Diagram: Secured ONS Lookup Process access control in P2P networks or distributed environments is hard to achieve. Decker et al. use encryption while resolving RFID event data in P2P networks [24]. Although their approach ensures data security it prevents adaptable views, which are necessary to maintain individual access control. Miklau and Suciu suggest XML encryption to define fine-grained access control and to provide different views [25]. However, due to the expected amount of events, the transferred data needs to be minimized and XML is not an adequate choice in our opinion. Evdokimov et al. propose access control for RFID data on a high level of granularity, i.e. their approach provides only one generic key per data source [26]. If the key is exposed, all RFID events for this source are exposed at once. Our contribution focuses on a fine-grained access control, i.e. an individual key inquirer. IV. Contribution In the following, we present our research prototypes for enhancing the inquirer s privacy of EPCIS lookups during anti-counterfeiting in global RFID-aided pharmaceutical supply chains. Our developed prototypes can be applied to ONS and DNS lookup processes in a similar way since we consider these lookup methods as implementations on top of key-value stores [27]. For anti-counterfeiting RFID event data from distributed EPCIS repositories has to be aggregated. The EPCglobal ONS standard defines interpretation of EPC as Uniform Resource Identifier () and defines the mapping algorithm to convert it to an Internet domain name as follows [7]: urn :epc :id :sgtin : sgtin.id.ons.org. ONS server returns for a given EPC a, e.g. a Unified Resource Locator (URL), to the querying party. The querying party contacts a DNS name server to resolve the received by ONS server to a naming authority pointer. The resolved pointer is used to contact the responsible

3 EPC EPCIS Encrypted EPC Encrypted EPCIS *.sgtin.id.pfizer.com epcis.pfizer.com DgBxJs99gVPV/A==enc.ons.org T5Hz4o6ilCVGA0oEp2c= *.sgtin.id.bayer.de epcis.bayerscheringpharma.de Kd0x8MSbkwE=enc.ons.org c/xovss04fqmsg== *.sgtin.id.schering.de epcis.bayerscheringpharma.de 7dnMS28bAfg=enc.ons.org c/xovss04fqmsg== *.sgtin.id.ratiopharm.de epcis.ratiopharm.de Lr1VMb8R/NiBFinlig==enc.ons.org av38il7o4m2yyydd TABLE I Example of an Encrypted Zone File EPCIS or its provided services for anti-counterfeiting purposes. The lookup process is modeled in Fig. 1. Since ONS lookups are performed via the Internet in plain text, attackers are able to perform malicious attacks, e.g. man-in-the-middle attacks or ONS server attacks, to obtain EPC event details [8]. As a result, attackers are able to either derive connections between groups of pharmaceuticals and querying parties, i.e. product and customer profiles, or spy business relations, e.g. between retailers, wholesalers, and manufacturers. A. Encrypting Lookups using Secure Socket Layer Since current ONS implementations lack encrypted communication, we elaborate the use of Secure Socket Layer (SSL) to secure data exchange. Rather than adapting existing infrastructure services, such as DNS or ONS, we developed an ONSSL client/server which encrypts queries and responses as depicted in Fig. 2. Instead of querying default ONS server directly inquirers have to connect to ONSSL client at the border of its trusted network, e.g. company s internal network. A trusted ONS respectively DNS server needs to install ONSSL server, which accepts incoming encrypted queries and forwards them to the local ONS service accordingly. Stored content remains unchanged and plain text data is still accessible via existing service ports. B. Zone Encryption Due to the expected bulk amount of anti-counterfeiting checks in the pharmaceutical supply chain, we focus on keeping server load moderate when applying any enhancements [28]. The use of encrypted message exchange is connected with additional protocol overhead, e.g. key negotiation, and increased server load, e.g. for key recreation. We propose to shift the encrypt-many/decrypt-many technique incorporated by our proposed ONSSL prototype towards an encrypt-once/decrypt-many setup. From a database architect s point of view, ONS storages can be considered as key-value stores [27]. Neither unauthorized inquirers nor operators of ONSs are able to retrieve plain text information when keys and values are encrypted. Queries are encrypted by inquirers and compared by ONS servers without decryption. Equally, the response is decrypted by the client, which eliminates additional encryption CPU load on ONS servers. However, querying parties need knowledge about how to encrypt/decrypt data and how to create encrypted queries. The EPCIS operator is responsible for encrypting resource records stored in ONS servers. We propose the use of symmetric key encryption, e.g. Advanced Encryption Standard (AES) [29]. Private keys need to be exchanged between EPCIS operator and querying parties using a dedicated, secured channel, e.g. by downloading these from a secured webpage or providing them as two-dimensional data matrix on pharmaceutical packages [30]. For long lasting business relationships it is possible to issue special partner keys, e.g. for decryption of EPC event data for multiple packages delivered to a certain business partner. Encrypted records are stored in the same way current plain text records are stored in ONS server. However, they cannot be decrypted without the knowledge of the private key. In other words, neither the operator of ONS server nor any querying party is able to decrypt the data without the knowledge of the shared key. In order to identify encrypted requests, a specific zone-suffix, e.g. enc.ons.org as shown in Tab. I, needs to be appended to the request. Querying a record involves encryption of the request using the shared key and appending of the specific domain suffix. ONS server performs a regular lookup and returns stored encrypted content. The querying party can decrypt the response using its shared key. V. Benchmark Results We performed benchmark analysis of our implemented security enhancement prototypes. Acquired results are evaluated in the following. A. ONSSL We implemented ONSSL client/server using communication protocols User Datagram Protocol (UDP) and the Transmission Control Protocol (TCP) for network communication [31]. Single ONS lookups are typically performed using UDP, but TCP is also possible, e.g. for zone negotiations. Due to the required TCP three-way handshake, UDP performs better in a reliable network environment. UDP s communication overhead is smaller compared to TCP which makes UDP preferable for bulk queries [32]. ONSSL client was installed on a workstation running Microsoft Windows 7, which was equipped with a single CPU, two cores running at 2.6 GHz clock speed, 4 GB RAM. Server was installed on Debian squeeze running kernel on a single Intel(R) Xeon(R) CPU E5450 at 3.0 GHz clock speed, 1 GB RAM. On the same

4 UDP TCP Zone I II I II I II Request Size [B] Response Size [B] 143 1, , ,045 Roundtrip [ms] TABLE II Comparison of Performance Results Single UDP, Single TCP, Zone TCP (I: DNS, II: ONSSL) Metric Traditional Lookup Zone Encryption Request Size [B] Response Size [B] Roundtrip Time [ms] Client Time [ms] TABLE III Comparison of Performance Results for Traditional Lookups and Zone Encryption system, we used a BIND 9.6-ESV-R1 and populated it with encrypted RFID event data as shown in Tab. I for the unencrypted content. All systems were equipped with Gigabit network interface cards and connected through an unmanaged Gigabit network switch. The network response time of our prototypes is addressed by measuring roundtrip times, i.e. time consumed to transfer messages between peers. We randomly looked up entries in our test data using the current ONS lookup process and compared it to using a secured connection using ONSSL client/server. Benchmark results are given in Tab. II. We found out, that key negotiation and connection setup time for the secured connection increase lookup time. In contrast to a traditional UDP lookup which consumes avg. 20 ms and a TCP lookup which consumes avg. 110 ms, roundtrip times increased to 649 ms and 656 ms respectively in the secured setup. Since the secure connection requires a TCP connection, response performance decreases when wrapping UDP requests into TCP packets. The size of encrypted TCP queries is ten times larger than a comparable UDP query without encryption, which is avg. 90 Byte. Roundtrip takes up to three times longer to retrieve the response for an encrypted query. Response size of 1,695 ms and 1,629 ms is between five to eleven times higher for TCP and UDP respectively. B. Zone Encryption The enhancement zone encryption was tested incorporating same benchmark setup used for ONSSL. We analyzed request and response size, roundtrip time, and total time consumed by the client application to decrypt the data as shown in Tab. III. As a result of the used suffix to indicate encrypted queries, request size increased by approx. 15 percent compared to traditional lookup request with avg. 90 Byte. Due to fixed block size of AES algorithm response size increases by approx. 43 percent compared to avg. 143 Byte in traditional lookups. Roundtrip times remain constant at avg. 20 ms since zone encryption only affects data stored in ONS server and not communication methods in between. We found out, that using zone encryption doubles client time from avg. 27 ms to avg. 60 ms. This is caused by performing cryptographic operations. Since operations for encrypting requests and decrypting responses are performed on client-site, zone encryption does not increase CPU load on server-site in none of the case. VI. Security Evaluation In the following, results of our threat assessment for the pharmaceutical supply chain scenario are given and our proposed enhancements are evaluated. A. Threat Assessment A transformation towards an RFID-enabled pharmaceutical industry involves the need to provide open interfaces, e.g. to query EPCISs while coping with vulnerable environments [8]. Related research work elaborated threats for an RFID-aided supply chain [33], [34], [35]. We aim to protect customer privacy in an RFID-aided pharmaceutical supply chain. Therefore, we focus in our work on the following threats. 1) Data theft: RFID event data is of high interest for competitors and for counterfeiters. It can be abused to derive business relations and to create counterfeited pharmaceuticals. We consider RFID event data stored in ONS and DNS servers as confidential, which needs to be protected against unauthorized access. Thus, we propose access control with userspecific keys to protect data and to control data access for certain users or groups. 2) Denial of service: Real-time business processes such as goods receipt processing are coupled via RFID technology with EPCISs. Thus, queries need to be performed in sub-second response time while zero downtime is required. ONS servers should be out of scope for potential attacks since its availability is crucial for business operations in a global RFIDaided supply chain. 3) Eavesdropping lookup data: Anti-counterfeiting involves lookups of EPCISs using ONS and DNS queries respectively. Eavesdropping the lookup process can be abused to derive details about involved business partners even when exchanged data is encrypted, e.g. fingerprinting [36]. B. ONSSL Our ONSSL prototype developed in Python provides a transparent encryption enhancement to prevent eavesdropping of exchanged ONS queries and responses. It is designed for easy integration in existing landscapes with minimal effort, i.e. current systems have neither to be adapted nor recompiled. This enhancement can be operated in parallel to an ONS setup without influencing

5 operation of the existing system. In addition to the default query service our ONSSL prototype exposes a SSL encrypted query service. Benchmark results for ONSSL prototype showed an increase in roundtrip time between factors six up to factor 32 compared to the plain text lookup depending on the used communication method. However, roundtrip times for the ONSSL approach are constant for all lookup methods at avg. 650 ms. In other words, although roundtrip time increased it remains constant regardless of the used query method. We found out, that the required three-way handshake to setup the TCP connection in combination with key negotiation is a major reason for this increase. We further observed increased CPU load on ONSSL server and client, which is driven by cryptographic activities. Due to increased network load and roundtrip time we do not consider ONSSL approach as optimal for use in the global RFID-aided pharmaceutical supply chain. However, since ONS servers cache lookup results we value increased network traffic as moderate for the given scenario. We consider our ONSSL prototype as a feasible and transparent way to prevent eavesdropping of ONS lookups. Thus, we suggest using it for migration towards a secured RFID-aided pharmaceutical supply chain based on integrated support for encrypted data exchange. Threats mentioned in Sect. VI-A are only partially eliminated, e.g. eavesdropping lookup data results in encrypted content. However, data theft is still possible, e.g. by attacking ONS server to obtain stored plain text records. From the security s point of view, ONSSL improves data integrity during exchange via communication network, but it does not address endpoint security. C. Zone Encryption The design of our proposed zone encryption enhancement focuses on improving roundtrip times for ONS lookups. We consider the increase of request and response size to avg. 100 and 200 bytes respectively not as significant in context of the pharmaceutical supply chain. This approach suffers from a trade-off between security and data volume. Any data set that is stored in ONS server belongs to a specific key. Therefore, if each client gets a unique key, each event record is stored multiple times encrypted by different keys. On the one hand, if a company hasnrecords andmclients, this would result inn m records stored in ONS server in the worst case without applying business semantics. On the other hand, providing different clients with identical keys impacts security. Zone encryption prevents eavesdropping during lookup of data equally to ONSSL approach since only encrypted data is stored in ONS server and exchanged. It also prevents unauthorized access to data stored in ONS server since it is stored completely encrypted. Access to encrypted data is maintained sharing encryption keys, i.e. the encrypting party and legitimate querying parties are able to decrypt data. It builds on existing lookup mechanism, thus, it minimizes network overhead. In contrast to ONSSL approach, zone encryption eliminates the need for encryption and decryption of data on server-site. As a result, CPU load of ONS server is not affected since encrypted data is handled similar to plain text records. This approach is easy to integrate into existing lookup mechanisms without the need to install additional software or to change configurations. We consider zone encryption as a feasible way to protect both RFID event data and inquirers privacy. Threats mentioned in Sect. VI-A are eliminated or limited to a minimum by applying this enhancement in a global RFIDaided pharmaceutical supply chain. Denial of service and data theft attacks against ONS servers to obtain plain text data are prevented since no plain text data is stored in ONS servers. Eavesdropping exchanged data is prevented since only encrypted content is exchanged between ONS servers and inquirers. From the security s point of view, zone encryption addresses both aspects, data integrity during data exchange and endpoint security while data is stored on public systems, such as ONS servers. VII. Conclusion The given work is motivated by requirements of an integer RFID-aided supply chain for the pharmaceutical industry. Particularly, we focused on privacy of ONS lookups to prevent exposure of product or customer profiles. We developed and tested privacy enhancements for the EPCglobal network to secure RFID event data and data exchange between querying parties and ONSs. Our first contribution ONSSL was designed to support transformation towards an entirely secured ONS lookup since it provides in addition to the existing ONS lookup a secured lookup service without the need to adapt the current ONS software and lookup process. The second contribution zone encryption is designed to support entirely secured ONS lookups. While making use of established ONS software, it prevents unsecured communication and public data to be stored in plain text. In a matter of answering queries in an EPCglobal network in sub-second response time, our future research focuses on lightweight privacy enhancements. On the one hand, we assume, that administrative overhead for encrypting all EPC event data for any querying party with a dedicated key is high. Since it is not known whether all encrypted event data is queried. Thus, storage requirements increase for this approach since data is stored redundantly encrypted by keys of potential business partners with access to the data. Overhead depends on supply chain configuration and its impact needs to be evaluated in a concrete business context. We expect storage requirements to be a limiting factor and perform further research on how to perform on-the-fly encryption to reduce storage requirements for an encrypted ONS lookup setup while keeping required system modification low.

6 On the other hand, future research activities will investigate adoptions for inquirers, e.g. how to maintain keys issued by various business partners and possibly combine them for specific user groups. References [1] S. Choi and C. Poon, An RFID-based Anti-counterfeiting System, International Journal of Computer Science, vol. 35, no. 1, [2] G. R. White, G. Gardiner, G. Prabhakar, and A. A. Razak, A Comparison of Barcode and RFID Technologies in Practice, Journal of Information, Information Technology, and Organizations, vol. 2, [3] A. Stiehler and T. Wichmann, RFID im Pharma- und Gesundheitssektor. Vision und Realität RFID-basierter Netzwerke für Medikamente, Berlecon Report, [4] European Commission Taxation and Customs Union, Report on EU Customs Enforcement of IP Rights, customs/customs_controls/counterfeit_piracy/statistics/ 2009_statistics_for_2008_full_report_en.pdf 1, [5] EPCglobal Inc., Tag Data Standard 1.4, epcglobalinc.org/standards/tds/tds_1_4-standard pdf 1, [6], EPC Information Services Specification, epcis_1_0_1-standard pdf 1, [7], EPCglobal Object Name Service 1.0.1, ons_1_0_1-standard pdf 1, [8] M.-P. Schapranow, J. Müller, A. Zeier, and H. Plattner, Security Aspects in Vulnerable RFID-Aided Supply Chains, in Proceedings of the 5th European Workshop on RFID Systems and Technologies. VDE, [9] IP Crime Group, IP Crime Report, [10] J. Jenkins, P. Mills, R. Maidment, and M. Profit, Pharma Traceability Business Case Report, [11] ICC Policy Statement, The Fight against Piracy and Counterfeiting of Intellectual Property, intellectual_property/fight_against_piracy.pdf 1, [12] T. Staake, F. Thiesse, and E. Fleisch, Extending the EPC Network: The Potential of RFID in Anti-Counterfeiting, in Proceedings of the ACM Symposium on Applied Computing. New York, NY, USA: ACM, 2005, pp [13] B. Fabian, O. Günther, and S. Spiekermann, Security Analysis of the Object Name Service, in Proceedings of the 1st International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, [14] J. Sun, H. Zhao, H. Xiao, and G. Hu, Lightweight Public Key Infrastructure and Service Relation Model for Designing a Trustworthy ONS, in Proceedings of the International Conference on Computer and Information Science. Los Alamitos, CA, USA: IEEE Computer Society, 2009, pp [15] L. Boursas and W. Hommel, Multidimensional Dynamic Trust Management for Federated Services, in Proceedings of the International Conference on Computational Science and Engineering, vol. 2. Los Alamitos, CA, USA: IEEE Computer Society, 2009, pp [16] E. Holohan and M. Schukat, Authentication Using Virtual Certificate Authorities: A New Security Paradigm for Wireless Sensor Networks, in Proceedings of the International Symposium on Network Computing and Applications, vol. 0. Los Alamitos, CA, USA: IEEE Computer Society, 2010, pp [17] P. Mockapetris, RFC1034: Domain Names Concepts and Facilities, 1, [18] R. Austein, M. Larson, D. Massey, R. Arends, and S. Rose, RFC4033: DNS Security Introduction and Requirements, 1, [19] D. J. Bernstein, How DNSCurve is integrated into DNS, 1, [20] R. Dingledine, N. Mathewson, and P. Syverson, Tor: The Second-Generation Onion Router, in Proceedings of the 13th USENIX Security Symposium, 2004, pp [21] S. Shrestha, D. S. Kim, S. Lee, and J. S. Park, A Peer-to- Peer RFID Resolution Framework for Supply Chain Network, in Proceedings of the 2nd International Conference on Future Networks. Washington, DC, USA: IEEE Computer Society, 2010, pp [22] R. R. Koch, L. E. Moser, and P. M. Melliar-Smith, The Totem Redundant Ring Protocol, in Proceedings of the 22nd International Conference on Distributed Computing Systems. Washington, DC, USA: IEEE Computer Society, 2002, p [23] Y. Amir, B. Coan, J. Kirsch, and J. Lane, Customizable Fault Tolerance for Wide-Area Replication, in Proceedings of the 26th International Symposium on Reliable Distributed Systems. Washington, DC, USA: IEEE Computer Society, 2007, pp [24] C. Decker, M. Leuchtner, and M. Beigl, A Peer-To-Peer Approach for Resolving RFIDs, Poster at at Ubicomp 2003, , seattle, USA. [25] G. Miklau and D. Suciu, Controlling Access to Published Data using Cryptography, in Proceedings of the 29th International Conference on Very Large Data Bases. VLDB Endowment, 2003, pp [26] S. Evdokimov and O. Gunther, Practical Access Control Management for Outsourced EPC-related Data in RFID-enabled Supply Chain, in Proceedings of the International Conference on e-business Engineering. Washington, DC, USA: IEEE Computer Society, 2007, pp [27] G. DeCandia, D. Hastorun, M. Jampani, G. Kakulapati, A. Lakshman, A. Pilchin, S. Sivasubramanian, P. Vosshall, and W. Vogels, Dynamo: Amazon s Highly Available Key-Value Store, in Proceedings of the 21st Symposium on Operating Systems Principles, ser. SOSP 07. New York, NY, USA: ACM, 2007, pp [28] M.-P. Schapranow, M. Nagora, and A. Zeier, CoMoSeR: Cost Model for Security-Enhanced RFID-Aided Supply Chains, in Proceedings of the 18th International Conference on Software Telecommunications and Computer Networks. IEEE, [29] M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, Strong Authentication for RFID Systems Using the AES Algorithm, in Proceedings of the 6th International Workshop on Cryptographic Hardware and Embedded Systems, 2004, pp [30] European Commission, Public Consultation in Preparation of a Legal Proposal to Combat Counterfeit Medicines for Human Use, pharmaceuticals/files/pharmacos/docs/doc2008/2008_03/ consult_counterfeit_ _en.pdf 1, [31] J. F. Kurose and K. W. Ross, Computer Networking: A Top- Down Approach, 5th ed. Addison-Wesley, [32] M.-P. Schapranow, J. Müller, A. Zeier, and H. Plattner, RFID Event Data Processing An Architecture for Storing and Searching, in Proceedings of the 4th International Workshop on RFID Technology. INSTICC PRESS, [33] J. Wang, E. C. Wong, and T. Ye, PGMAP: A Privacy Guaranteed Mutual Authentication Protocol Conforming to EPC Class 1 Gen 2 Standards, in Proceedings of the International Conference on E-Business Engineering. Los Alamitos, CA, USA: IEEE Computer Society, 2008, pp [34] M.-P. Schapranow, A. Zeier, and H. Plattner, A Dynamic Mutual RFID Authentication Model Preventing Unauthorized Third Party Access, in Proceedings of the 4th International Conference on Network and System Security, [35] Q. Xiao, C. Boulet, and T. Gibbons, RFID Security Issues in Military Supply Chains, in Proceedings of the International Conference on Availability, Reliability and Security. Los Alamitos, CA, USA: IEEE Computer Society, 2007, pp [36] R. Koch and G. Dreo, Command Evaluation in Encrypted Remote Sessions, in Proceedings of the 4th International Conference on Network and System Security, All online references were checked on Nov. 17th, 2010.