Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader



Similar documents
Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

A Study on the Security of RFID with Enhancing Privacy Protection

RFID BASED VEHICLE TRACKING SYSTEM

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

How To Hack An Rdi Credit Card

Evolving Bar Codes. Y398 Internship. William Holmes

RFID Security. April 10, Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

Strengthen RFID Tags Security Using New Data Structure

Radio Frequency Identification (RFID) An Overview

Cloud RFID UHF Gen 2

On the Security of RFID

Using RFID Techniques for a Universal Identification Device

Enabling the secure use of RFID

RFID Basics HEGRO Belgium nv - Assesteenweg Ternat Tel.: +32 (0)2/ Fax : +32 (0)2/ info@hegrobelgium.

rf Technology to automate your BUsiness

Radio Frequency Identification (RFID)

How To Understand The Power Of An Freddi Tag (Rfid) System

An Overview of Approaches to Privacy Protection in RFID

RF ID Security and Privacy

WHITE PAPER. ABCs of RFID

RF Attendance System Framework for Faculties of Higher Education

Data Protection Technical Guidance Radio Frequency Identification

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda

The Marriage of Passive and Active Technologies in Healthcare. Authors: Dr. Erick C. Jones, Angela Garza, Gowthaman Anatakrishnan, and Jaikrit Kandari

CHAPTER 1 Introduction 1

Radio Frequency Identification (RFID) Vs Barcodes

RFID 101: Using RFID to Manage School Assets and Achieve Huge Savings

Why Has the Development in RFID Technology Made Asset Management More Urgent?

ASSET TRACKING USING RFID SRAVANI.P(07241A12A7) DEEPTHI.B(07241A1262) SRUTHI.B(07241A12A3)

Asset Tracking & Radio Frequency Identification White Paper

Industrial Track and Trace: Choosing the Technology that Measures Up to Your Application Demands A WHITE PAPER

Privacy and Security in library RFID Issues, Practices and Architecture

RFID the next step in consumer-product relations or Orwellian nightmare?

RFID Design Principles

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

PCI Solution for Retail: Addressing Compliance and Security Best Practices

A. Background. In this Communication we can read:

RFID Applications in the Healthcare and Pharmaceutical Industries

WHAT IS RFID & HOW WILL IT IMPACT MY BUSINESS?

RFID Design Principles

Closing Wireless Loopholes for PCI Compliance and Security

RFID Radio Frequency Identification

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007

REAL TIME MONITORING AND TRACKING SYSTEM FOR AN ITEM USING THE RFID TECHNOLOGY

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

RFID based Bill Generation and Payment through Mobile

RFID Tags. Prasanna Kulkarni Motorola. ILT Workshop Smart Labels USA February 21, 2008

Running Head: WIRELESS DATA NETWORK SECURITY FOR HOSTPITALS

Security and privacy in RFID

An Overview of RFID Security and Privacy threats

RFID SECURITY. February The Government of the Hong Kong Special Administrative Region

Ethical Use of RFID in for the Surveillance of People and the Tracking of Things in Healthcare Delivery

Cisco Context-Aware Mobility Solution: Put Your Assets in Motion

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

entigral whitepaper Understanding RFID and Barcode Differences

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08

RFID TECHNOLOGY: A PARADIGM SHIFT IN BUSINESS PROCESSES. Alp ÜSTÜNDAĞ. Istanbul Technical University Industrial Engineering Department

a GAO GAO INFORMATON SECURITY Radio Frequency Identification Technology in the Federal Government Report to Congressional Requesters

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Military Usage of Passive RFID 1

Best Practices for Outdoor Wireless Security

Tracking People s Movements by RFID Implants

Back-end Server Reader Tag

RFID Security: Threats, solutions and open challenges

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

RFID in the Hospital Environment

Asset Management Services. White Paper

Automated Identification Technologies

CONSUMER PERSPECTIVES OF IMPLANTED RADIO FREQUENCY IDENTIFICATION (RFID) DEVICES FOR MEDICAL INFORMATION RETRIEVAL

The IT Guide to RFID Solutions for Schools. UHF RFID Technology: The Basics. The Technology, Applications, and Benefits

SATO RFID White Paper

RFID System Description for Logistics & Inventory

A Research on Issues Related to RFID Security and Privacy

RFID Field Guide. Deploying Radio Frequency Identification Systems. Manish Bhuptani Shahram Moradpour. Sun Microsystems Press A Prentice Hall Title

LibRFID: Automation Software for Library Management System Using RFID Technology

Modern Multipurpose Security Management System

An Introductory and Elementary Study on RFID & Its Applications

SOURCE ID RFID Technologies and Data Capture Solutions

Security in Near Field Communication (NFC)

How To Combine Active And Passive Rdi For A More Complete Solution

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags

International Journal of Engineering Research & Management Technology

How To Protect A Wireless Lan From A Rogue Access Point

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Wireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability

Location-Aware and Safer Cards: Enhancing RFID Security and Privacy

NEW TECHNOLOGY. Figure 1. Simplified view of data transfer in low-frequency passive RFID tags (the tag is enlarged for clarity).

Transcription:

Feature Security and Privacy Trade-offs in RFID Use S. Srinivasan is a professor of computer information systems at the University of Louisville in Kentucky, USA. He can be reached at srini@louisville.edu. Radio frequency identification (RFID) tags are gaining widespread use in supply chains and inventory control. Besides these two areas, RFID is also being touted as a useful tool for marketing and tracking. Given the nature of RFID technology, all these areas are vulnerable to exploitation by unsavory elements that could put people s and organizations privacy in jeopardy. This paper will explore the potential of RFID technology, its vulnerabilities, and the trade-offs that one could accept for the sake of security and privacy. Types and Use of RFID RFID tags were first used more than 60 years ago. The earliest successful use of this technology was in tagging airplanes during World War II. Businesses, however, relied on bar-code technology to manage inventory. Bar-code technology served this purpose well, but with the increasing need for online information a more robust technology is required. This is where RFID comes in. For example, the RFID tag can carry information about the expiration of a product. Moreover, the RFID tag can carry more relevant manufacturing information, such as the plant location and the batch of the product. This is beneficial to quickly identify the correct products in the event of a recall. Identifying the right products quickly for removal from shelves is critical for the health and well-being of consumers. Thus, RFID can play an important role with individual products. Besides tagging individual products, RFID tags are also used in bulk containers when products are shipped. For example, Wal-Mart has been on the cutting edge of using RFID tags on pallets. One advantage is that an RFID tag can be read from a distance without having a lineof-sight requirement. RFID tags are also useful in monitoring containers after an inspection at a port of entry. RFID technology has matured gradually over the past five years. Today, the cost of an RFID tag is around US $0.10 when used in large quantities. There are basically two types of RFID tags: passive and active. A passive tag has a built-in antenna that reflects back the data when interrogated by a compatible reader. The utility of a passive RFID tag is high because it does not become obsolete with the data contained in it. The other type of RFID tag is the active tag, which has a battery source attached to it and broadcasts data contained in the tag. Because the active tag has a built-in battery, it has a limited lifetime. The active tag is much more expensive compared to the passive tag. The passive tag holds up to 2 kilobits (Kb) of data. The active tag holds up to 128 Kb of data. These tags have the capability to have unobstructed reading of up to 300 feet, with a battery life of four years. Figure 1 shows an RFID tag configuration. Figure 1 RFID System RFID Reader Operational Zone RFID Tag RFID tags use various frequencies to communicate their data. Figure 2 illustrates the common frequencies in use for RFID and additional related data, such as storage capacity and distance to an RFID reader. 1 Of these frequencies, the 915 megahertz (MHz) frequency band used in the US allows for the use of anticollision algorithms when multiple tags are involved. 2 Low-frequency RFID tags are the most commonly used tags. They use less power and consequently have shorter range, which gives protection due to proximity. The higher frequencies are useful to scan objects at a 1 ISACA JOURNAL VOLUME 6, 2009

Frequency Type Microwave Ultra High Frequency Figure 2 Passive RFID Tag Frequencies, Range and Memory Capacity Frequency Range 2.45 GHz (ISM band) Distance to Reader 866 to 960 MHz 6 meters or more Memory Capacity 2 meters Less than 1 Kb 1 Kb High Frequency 13.56 MHz 1.5 meters 256 bits to 4 kilobytes (KB) Low Frequency 30 Kilohertz (KHz) to 300 KHz 1 meter 64 bits to 1,360 bits distance. They are primarily used in air-to-air or air-to-ground communications. 3 At this time, active tags are primarily used by organizations such as the US Department of Defense and Wal-Mart. Active RFID tags use the 433.92 MHz frequency. Even though there is no universal standard for RFID tags, EPCglobal has developed an industry-driven standard: the Electronic Product Code (EPC). 4 The EPC tag is at most 96 bits in length. There are many tags that use proprietary technology and, as such, are not cross-functional with multiple readers. EPCglobal s efforts and that of the International Organization for Standardization (ISO) have resulted in a common standard called the EPC Gen-2 standard. This standard has been ratified and is expected to boost the adoption of RFID tags. RFID technology adoption is expected to benefit the sellers in the retail sector by US $68.55 billion by 2011. 5 RFID Security As noted earlier, the data stored in an RFID tag are read using wireless devices. 6, 7 This aspect potentially opens up the data to be read by unauthorized devices. However, this is not a major concern for security because the range of the reader is small and the rogue device requires proximity to the tags. RFID-tagged products are stored in closed quarters, such as a warehouse, which would make it difficult for rogue devices to get close to the products. Another way to enhance the security of the data stored in the RFID tag is to encrypt them. The storage capacity in the RFID tag is so small that one could store only a minimal amount of information in it, such as the unique ID number. This ID number could then be mapped to such information as the model and serial numbers, date and location of manufacturer, product weight, color, and storage location in a database. For example, the tag might contain a manufacturer ID such as 214456. This number by itself does not reveal any information until it is matched with the proper database. Protecting databases of encrypted data is more critical than the protection of other types of databases. There are numerous techniques available for this type of protection. The RFID tag has some built-in security in that it will communicate only with proper readers that have the necessary authentication for the tag. Moreover, the RFID tag contains only minimal information that must be corroborated with a database to reveal the information within the tag. Thus, the data contained in an RFID tag are useful only for the people who have access to the associated database. This barrier makes it less of an incentive for an unauthorized rogue reader to pick up data from an RFID tag. As mentioned earlier, the data stored in the RFID tag are sent back to the reader in response to the radio frequency (RF) signal. This method requires the reader to be within a short range of the tag. This proximity requirement adds a level of protection from unauthorized readers trying to read the tags on items stored in a warehouse from a van parked in the street. From an efficiency perspective, a single RF signal could elicit responses from multiple tags simultaneously. For example, when the cargo bay of an aircraft full of RFID-tagged luggage is scanned, the data are sent back to the reader. Thus, there is greater efficiency in retrieval of information using RFID tags than would be possible with bar codes. An RFID reader is capable of processing hundreds of responses per second. 8 An active RFID tag is designed to send out data periodically to any readers that are within its range. An active tag has the ability to receive certain forms of information, such as the global positioning system (GPS) coordinates of its current location, and broadcast the same to the readers. One of the security concerns with RFID tags is cloning. An eavesdropper might capture the RFID tag from a pallet with prescription medicines and place that tag in a new pallet of counterfeit medicines. This is a serious threat; in order to counter this threat, one should use different types of RFID tags for pallets as opposed to the products on a pallet. Such a tag could be called a semipassive or minimally active tag. The tag would contain the circuitry needed for some form of authentication and be powered by a short-life battery. ISACA JOURNAL VOLUME 6, 2009 2

Another option to enhance security is to use independent security chips 9 in conjunction with the RFID tags. Use of such chips is similar to using enhanced passwords that are made available from secondary devices for two-factor authentication. The practical aspect of the security chip is that the pallet is affixed with the security chip associated with the RFID tag; if the tag information is cloned in a counterfeit pallet, it could be detected because the tag will lack the appropriate security chip. Another security solution is the use of an appropriate information system model. The pallet is tagged with an individually identifiable number (IIN) that is hidden from outside view. The IIN is then associated with the bill of lading for that pallet. When the pallet gets the RFID tag, the impostor cannot substitute the original pallet tag on the counterfeit pallet, even if it is cloned, because it will lack the IIN. Since the intruder will not have access to the bill of lading, the IIN cannot be replicated on the counterfeit pallet. However, this adds complexity and cost to the operation. It requires having a reliable, independent mechanism for managing IINs. Thus, arriving at solutions to likely problems is not difficult, but operations must incorporate complexity into the use of simple, ubiquitous RFID tags. Privacy Concerns The RFID tag associated with a product has the potential to uniquely identify the user of that product and, thus, violate the privacy of the individual. In the evolving ubiquitous computing environment, RFID, in conjunction with the pervasive Wi-Fi and Bluetooth technologies, forms the core of the intelligence infrastructure. 10 As an emerging technology, policy makers have an opportunity to understand the potential for abuse of this intelligence infrastructure. The Electronic Privacy Information Center (EPIC) 11 is helping to educate consumers in this regard. The major privacy concerns stem from the fact that individual products are tagged with associated data and, therefore, businesses in the product life cycle will be able to track the products even after the products are sold. Moreover, people with ulterior motives are able to use readers, just like hackers, and can see who has what product. When third parties start gathering such data, their only purpose is to sell those data. When such data become easily available, they enable data miners to extract all types of information from multiple databases and learn about the private lives of individuals. This is a clear violation of privacy. Since RFID technology is not widely deployed yet, the unknown factor in this privacy concern is how people will react to their personal data being accessible. For example, the simple presence of an RFID tag in clothing can be used by an employer to capture data of all people arriving at a particular venue, such as a rally, and compare it with data about when employees arrive for work. The employer may use the data to discriminate or retaliate against employees who were at locations of which the employer disapproves. Such concerns are legitimate. With these concerns in mind, legislation is being developed both at the federal and state levels to protect people s privacy. 12 Since RFID is not yet deployed at levels where it has become a major concern for ordinary individuals, it is necessary, at this stage, to educate the public. In the next section, several trade-offs in which RFID technology can be used while providing the necessary security and privacy protection will be addressed. A common privacy concern with RFID tagging is that the tag can be tracked for its location, such as the active tag discussed previously. For example, automobiles use RFID tags to pay highway tolls. The automobile tags are associated with individuals and their movements could be tracked, violating their privacy. This concern is addressed in the trade-offs section later. The RFID tag as a stand-alone entity may not be useful and may Automobiles use not violate privacy laws; RFID tags to however, when combined with other forms of data, such as point-of-sale data, pay highway tolls. including the method of payment or data from a loyalty card, the person who holds a product containing an RFID tag can be identified. One organization that mass produces RFID tags is Texas Instruments (TI). More than 500 million TI tags, called TI- RFids, have already been produced. 13 When such a large number of tags is attached to various products sold, a huge amount of personal information is gathered and stored. The privacy concerns arise when these tags remain with the items purchased. This concern can be addressed by removing the tags or by disabling the tags at the point of sale. The disabling aspect is a more proactive solution for privacy protection. 3 ISACA JOURNAL VOLUME 6, 2009

If bar codes on products are any predictors, RFID tags also could become widely prevalent in the future. Tracking such tags on things that people have on their bodies will cause a furor. For example, if a person has a medical device implanted in his/her body and someone with a suitable reader captures information about the device without the permission of the person, the person is likely to feel that his/her privacy has been violated. One way to protect such data is a locking mechanism. 14 The RFID tag with security features can have a special bit turned on to indicate that it should respond with data only to signals that address the security bit. Even though this is a technical solution to the privacy problem, it is not a cost-effective solution because RFID tags are not fully standardized yet and, as such, readers cannot be standardized. To address this privacy concern, the industry and the standards organizations should fast track the standardization process before the large-scale use of this technology appears in the marketplace. Another approach to ensuring privacy of information from RFID tags is to use some form of IIN on the products physical tags. This additional information would be used only when dealing with individual tags and not when an inventory tracking scan is made of all the tags. The manufacturer can add a three-digit code, similar to the card verification value in credit cards. The number would be visible only on the product tag and the reader would need to be able to accept an input of this kind before it can associate the electronic product code with the necessary databases. Thus, an unauthorized reader would not capture the tag data and derive any meaningful information. This approach provides privacy protection for the individual. RFID tags respond with data when interrogated by the relevant readers. On many occasions, the person with the tag may not be aware that such an interrogation is taking place. In this regard, a policy similar to the World Wide Web Consortium s policy on Privacy Preferences Project is appropriate. 15 Trade-offs for Security and Privacy RFID is a useful technology that can facilitate access to information through the Internet an increasing trend. At the same time, the capabilities of RFID provide many intrusive opportunities, if applied without proper guidelines and controls. Secure access to information is made possible by features outside of RFID technology. Therefore, the main objective here is to discover the degree to which the secure access requirement can be implemented effectively. For example, RFID-generated information can be accessed using a multifactor authentication process. This access restriction causes added processing time and cost. When information is accessed over the Internet, such delays are not acceptable. Thus, suitable policies must be put in place to store only the relevant information that the RFID tag can provide. With regard to privacy, RFID technology can provide too much information that will reveal the personal habits of individuals. This can be mitigated by developing and implementing proper policies. For example, for low-priced items, there is no need for continued tracking of the product beyond the point of sale. Therefore, the RFID tag could be disabled at the point of sale. For high-priced items, such as personal digital assistants (PDAs), digital cameras and cell phones that are easily moved around, some form of postsale tracking, using RFID tags, is useful. At the same time, devices such as these with RFID tags do not need continual tracking. Consequently, the technology should be adapted to track such devices only on demand. Another area of concern with abuse of RFID technology has to do with trust. People assigned the responsibility to check for proper identification rely on relevant equipment for authentication. If the validating equipment gets cloned data and, thus, the identification passes authentication, it can be difficult to detect that a fraud has been committed. Since RFID technology can be abused this way, in instances where high security is needed, additional measures have to be implemented. For example, when a container is examined and cleared with an RFID tag at a port of entry, and the tag information is subsequently cloned, then any other container with contraband goods will also be treated as cleared. To protect against abuse of this type of trust, a second level of authentication should be added in the form of an IIN on the container that is coded in the bill of lading. Another option is to add a security chip to the original container. Monitoring these efforts requires additional time and money. However, this trade-off is needed to protect the original content of the container. Laws such as the US Health Insurance Portability and Accountability Act (HIPAA) and US Family Educational Rights and Privacy Act (FERPA) are in place to protect the privacy of information. HIPAA especially deals with numerous ISACA JOURNAL VOLUME 6, 2009 4

points of data entry that are gathered from multiple sources, including those from RFID tags. Since sharing information in a health network is important, trade-offs must be put in place as to what kind of information is collected from RFID tags that could be abused. Thus, protecting people s privacy may sometimes involve sacrificing the security of information. Conclusion RFID is an evolving technology that has great potential. Global standards are slowly emerging that may make it possible to develop cost-effective tags. Also, policies and procedures are being developed by nonprofit groups, such as EPCglobal, that address privacy concerns. Since people need access to information from remote locations, using technology such as RFID can be cost-effective. Policy makers and policy users should be willing to consider trade-offs in managing this new technology. References Sarma, S.E.; S.A. Weis; D.W. Engels; RFID Systems and Security and Privacy Implications, Springer-Verlag LNCS, vol. 2523, B.S. Kaliski, et al, 2003 Albrecht, K.; RFID: Tracking Everything, Everywhere, www.spychips.com/rfid_overview.html, accessed 11 October 2008 Alfonsi, B.J.; Privacy Debate Centers on Radio Frequency Identification, IEEE Security and Privacy Magazine, vol. 2, no. 2, March-April 2004, p. 12 Takaragi, K., et al; An Ultra Small Individual Recognition Security Chip, IEEE Micro, vol. 21, no. 6, 43-49, 2001 Garfinkel, S.; B. Rosenberg; RFID Applications, Security, and Privacy, Addison-Wesley Publishers, USA, 2005 Kosta, E., et al; An Analysis of Security and Privacy Issues Relating to RFID Enabled epassports, New Approaches for Security, Privacy and Trust, Springer, 2007 Endnotes 1 IEEE Technical Policy Committee, Developing National Policies on the Deployment of Radio Frequency Identification (RFID) Technology, 2005 2 Floerkemeier, C.; M. Lampe; Issues With RFID Usage in Ubiquitous Computing Applications, Springer-Verlag LNCS, vol. 3001, A. Ferscha, et al, 2004 3 Harper, J.; RFID Tags and Privacy: How Bar-codes on Steroids Are Really a 98-Lb. Weakling, Competitive Enterprise Institute, vol. 89, 21 June 2004 4 EPCglobal, www.epcglobalinc.org, accessed 11 October 2008 5 Barua, A.; D. Mani; A. Whinston; Assessing the Financial Impacts of RFID Technologies on the Retail and Healthcare Sectors, Research Report, Center of Research in Electronic Commerce, University of Texas at Austin, USA, 2006 6 Finkenzeller, K.; RFID Handbook, 2 nd Edition, 2003 7 Weis, S.A.; Radio-frequency Identification Security and Privacy, MIT MS Thesis, 2003 8 Juels, A.; RFID Security and Privacy: A Research Survey, RSA Laboratories, 2005 9 Ibid. 10 Spiekermann, S.; H. Ziekow; RFID: A 7-point Plan to Ensure Privacy, http://lasecwww.epfl.ch/~gavoine/rfid/, accessed 11 October 2008 11 Electronic Privacy Information Center, www.epic.org, accessed 11 October 2008 12 Lemieux, S.; A. Tang; Clone Resistant Mutual Authentication for Low-cost RFID Technology, http:// eprint.iacr.org/2007/170, accessed 11 October 2008 13 Texas Instruments, www.ti.com/rfid/, accessed 11 October 2008 14 Op cit, Juels 15 Floerkemeier, C.; R. Schneider; M. Langheinrich; Scanning With a Purpose Supporting the Fair Information Principles in RFID Protocols, Springer-Verlag LNCS, vol. 3598, H. Murkami, et al, 2005 Vaudenay, S.; RFID Privacy Based on Public-Key Cryptography, http://lasecwww.epfl.ch/pub/lasec/doc/ Vau06.pdf, accessed 11 October 2008 5 ISACA JOURNAL VOLUME 6, 2009

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information