What Do We Really Mean By Security for RFID

Similar documents
IBM Solution for Pharmaceutical Track & Trace

IBM Solution for Pharmaceutical Track & Trace: Supply chain visibility drives overall performance

Track/Trace Solutions. for the Manufacturing Industry

Five Challenges of Serialization in Pharmaceutical Supply Chains

RFID Security. April 10, Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Field Guide. Deploying Radio Frequency Identification Systems. Manish Bhuptani Shahram Moradpour. Sun Microsystems Press A Prentice Hall Title

Pharmaceutical Distribution in the US: Current and Future Perspectives

Serialization, Traceability and e-pedigree

A GLOBAL CURE FOR HEALTHCARE

Track and Trace in the Pharmaceutical Supply Chain

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Efficient Data Sharing in Healthcare

A. Background. In this Communication we can read:

Enabling the secure use of RFID

RFID in the Hospital Environment

Securing the Internet of Things

Asset Tracking & Radio Frequency Identification White Paper

RFID Security: Threats, solutions and open challenges

CSC Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

Pharmaceutical Distribution Security Alliance (PDSA)

White Paper Healthcare Supply Chain Traceability

NOT ALL CODES ARE CREATED EQUAL

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Improving Patient Safety and Supply Chain Efficiency with GS1 Standards in HEALTHCARE

SOURCE ID RFID Technologies and Data Capture Solutions

NIST Cyber Security Activities

Suspect and Illegitimate Products. Francis B. Palumbo, PhD, Esq. University of MD School of Pharmacy Center on Drugs & Public policy

Developing Secure Software in the Age of Advanced Persistent Threats

Privacy and Security in library RFID Issues, Practices and Architecture

The Drug Quality & Security Act

Hidden Challenges to Achieving Desired Patient Outcomes

White Paper. Trust Hi-Speed to show you the way. A Guide to Pharmaceutical Serialization Choosing the Right Equipment Supplier

CoSign for 21CFR Part 11 Compliance

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Global Commercial Drug Supply for Trials: How to Achieve Long-term Success Published in Journal for Clinical Studies

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Drug Distribution Management Policy in Korea

SUPPLY CHAIN INTEGRITY AND SECURITY

CloudCheck Compliance Certification Program

A European Medicines Verification System

Bellevue University Cybersecurity Programs & Courses

Brochure More information from

CS Final Exam

RFID SECURITY. February The Government of the Hong Kong Special Administrative Region

Drug Supply Chain Security Act (Title II of the Drug Quality and Security Act) Overview and Implementation

How To Help The Global Healthcare User Group (Hug)

Guidance for Industry Drug Supply Chain Security Act Implementation: Identification of Suspect Product and Notification

Patch and Vulnerability Management Program

RF ID Security and Privacy

Bank of America s RFID Data Center Inventory Project

SATO Healthcare Solutions

The Mathematics of the RSA Public-Key Cryptosystem

Securing, Monitoring & Tracking Documents and Flow of Goods. Real Time Supply Chain Visibility

Documenting Distribution Operations: FDA Validation Beyond the Laboratory and Manufacturing Facility

American Academy of Physician Assistants

Container tracking solution. HUG DIJON 2006 Jean-Christophe Lecosse

Part-time MSc in Cyber Security from Northumbria University. masters.qa.com

Using RFID Technology to Stop Counterfeiting

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

Innovations in Digital Signature. Rethinking Digital Signatures

The RFID Revolution: Your voice on the Challenges, Opportunities and Threats. Online Public Consultation Preliminary Overview of the Results

Patient Safety Applications for Bar Code and RFID Technology APPLICATION WHITE PAPER

California E-Pedigree Update. August 2013

SATO Healthcare Solutions

Implementing high-level Counterfeit Security using RFID and PKI

WHITE PAPER. ABCs of RFID

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

Blood-clotting disorders XARELTO Identifying genuine products of Bayer HealthCare

NC CJIN Governing Board. 13 October, George A. White

How To Hack An Rdi Credit Card

Cloud RFID UHF Gen 2

Eighth UPS Pain in the Chain Survey. Survey Snapshot

SmartSensor Temperature Using RFID Sensors to better monitor temperaturesensitive

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

Advanced Authentication

MSc Cyber Security. identity. hacker. virus. network. information

CHASE Survey on 6 Most Important Topics in Hardware Security

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

Table of Contents. 2 P a g e

RFID Asset Management Solutions. Distributed globally by

Strong Authentication for Future Web Applications

Briefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication.

Network Security and Surveillance

Research Article. Research of network payment system based on multi-factor authentication

Transport - track and trace with RFID and latest developments in barcoding

10 Smart Ideas for. Keeping Data Safe. From Hackers

More effective protection for your access control system with end-to-end security

Inventory Management

Transcription:

What Do We Really Mean By Security for RFID And How Much Is Enough? March 26, 2008

SecureRF at a glance RFID tag and reader security development and consulting to protect Pharmaceutical Supply Chain and provide Cold Chain Management functions. Protocol Independent/EPCglobal National Science Foundation supported research World-class mathematician/cryptographers Lead by top RFID Solution designer Advisors and board members leading security and Pharmaceutical Experts RSA, Certicom, Verisign, McKesson, PDX

Today s Supply Chain

Need to Secure Pharma Supply Chain Counterfeit drugs cost Pharma Industry $40 Billion Yearly. Source: World Health Organization Counterfeiting of Pharmaceuticals is now a global trade. Source: Eye On Europe, Stockholm Network United States ranked Six in Top Ten Countries for Counterfeits Seizures/Discoveries. Source: PSI Situational Report

Issues in our Pharmaceutical Supply? Counterfeit Viagra Seizure Counterfeit Lipitor tablets on the left. Only distinguishable to the consumer by their bitter taste. More than 18 million counterfeit Lipitor tablets removed from the U.S. supply chain in 2003.

Product and Supply Chain Threats Counterfeits Diverted Products Parallel Imports Unapproved Generics Stolen Products Up-labeled Products Expired Products Patient Safety - Manufacturer Brand - Financial Impact

RFID in Pharma Supply Chain We continue to believe that RFID is the most promising technology for implementing electronic track and trace in the drug supply chain. Source: FDA Task Force Report: 2006 Update Asset tracking supply chain management Anti-counterfeiting Anti-diversion Pedigree reporting Recalls and reverse logistics

The Need for Security and Privacy Pharmacies need to be unimpeachable about the security and privacy of their customer s records. Source: RFID in the Pharmacy: Q&A with CVS Security versus Privacy Patient Safety HIPAA Pedigree versus RFID

How Secure is RFID? The weakest link in the security chain is the RFID tag -- in particular, the so-called passive tag Forrester Research good security tools developed over the last 20 years won t fit into the hardware that s available on most of these RFID tags Burt Kaliski, Chief Scientist RSA Laboratories

Emerging Cyber Threats Report - 2008 As RFID systems continue to gain popularity in 2008, particularly with credit cards and other personal and financial systems, this vulnerability will be a major threat for years to come. Chris Rouland - Chief Technology Officer IBM Internet Security Systems and IBM Distinguished Engineer

Possible Security Threats Graphics Source: AIM Reg 302

What is Security? Security is a collection of mechanisms, procedures and controls that can be implemented to reduce the risk of specific threats. Examples include: Authentication Digital Signatures Encryption/Decryption Hash Functions

Today s RFID Security Solutions Simple password protection Rolling code" Tag identifier information changes after each scan Challenge-response protocols The reader issues a challenge to the tag, which responds with a result computed using a cryptographic circuit keyed with some secret value

Proposed RFID Security Solutions Protective bag prevents RFID signal from escaping. Key management by consumer via passwords. RFID privacy management by consumer via a mobile handheld device. Snowflake Solutions Devices that locally jam RFID signals. Physical disabling of tag by consumer Authentication and Data Protection

Evaluating Security Risks Create Model to evaluate: Damage Potential Reproducibility Exploitability Affected Users Discoverability Probability versus Possibility

Secure Pharma Network Initial Secure Certificate Authenticate Create Certificate Authenticate Read/Update Certificate Authenticate Read/Update Certificate Authenticate Read Certificate SecureRF Distributor Wholesale Retail Manufacturer Data Flow

Action Today Security audit supply chain and process Understand risk in new technology Monitor progress in solutions Ask vendors for input and updates Understand solutions may not come from existing protocols Collaborate and support industry efforts

Summary Strong need for secure Pharma Supply Chain High value to protecting data Privacy and HIPAA need to be addressed Many emerging schemes No winners yet

Questions? SecureRF Corporation Louis Parks Voice: (203) 227-3151 x301 Email: LParks@SecureRF.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information