Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
RFID ● Technology ● Applications ● Risks ● Security ● Privacy RFID Radio Frequency IDentification ● Replaces the ubiquitous bar code ● Electronic ● Wireless ● Contains much information ● Very flexible ● Very powerful RFID ● NIST SP800-98 ● GAO Report ● “Is Your Cat Infected with a Computer Virus?” ● Melanie R. Rieback Components of an RFID ● Antenna ● CPU/Chip, i.e. Computer ● Substrate ● Chip Reader – Interrogator ● Middleware – Communications and Database ● Analytic System Gillette’s Razor RFID Close to actual size Chip Antenna RFID What is it? Small! Hitatchi’s Answer Human Hair Tiny Radio Frequency Identification (RFID) chips, 64 times smaller than current devices, have been developed by Hitatchi in Japan. Little bigger than a grain of sand at 0.05 x 0.05mm, the chips come with a 128-bit memory capable of storing an identification number of up to 38 digits RFID’s ● Size is about the dot on an “i” or larger ● Antenna can be up to several inches ● Usually copper foil ● Now can be conductive printer ink. ● When the label is printed the RFID can be printed at the same time with sticky chip attacked RFID Tag Printer Tag Printer RFID Interrogators ● Hand held for inventory etc. ● Fixed ● ● Can read up to palette load of items ● Overhead in a toll booth Interrogation distances can be from a few centimeters to many meters ● Subject to design considerations Hand Held Interrogator Fix Interrogator RFID Placement ● On the back of a Label ● In the spine of a book ● As part of the item ● Within the person/animal Active RFID’s ● Active RFID’s will have a battery ● Can have multiple sensors attached ● ● Temperature ● Humidity ● Impact – Accelerometer ● Radiation dosimeter ● Verifies proper shipping/storage specs Used mainly for large shipments Antenna Types Examples ● Passports ● EPC’s – Electronic Bar Codes ● Toll Roads ● Baggage Tickets ● ● Later Smart Shelf – Smart Store ● Later ● Operating Room Items ● NAIS ● Later The Smart Shelf ● Shopper photographed when item is selected ● Each RFID has a unique ID Number ● Quantity selected is known ● Items are tracked throughout the store ● Theft risk assessment is made ● At checked out undeclared items are known Gillette’s Razor RFID Close to actual size Chip Antenna NAIS ● National Animal Identification System ● “Recommended” by USDA ● States are the enforcers ● State by state data bases ● Non-compliance fines up to %5,000 per animal ● Purpose ● ● Track disease ● Feed lots are exempt Recommending Committee ● Agri-Business ● Chip Companies Risks ● RFID ● Corruption/Compromise ● ● ● ● RFID chip Middleware Data Bases Interrogator ● Impersonator ● Middleware ● Analytic System Security ● RIFD corruption ● Baggage routing exploit ● ● ● “Does your cat have a virus?” Backend database compromise ● Subject to the latest vulnerabilities ● Subject to the latest exploits Evesdropping ● Passports in an Airport ● Redesign Virus Infection ● ● Scenario ● Baggage check in at the airport ● Each bag gets an RFID – These RFID’s are printed at the check in counter – Routing info ● All baggage handling equip read the RFID ● Route correctly A Bad RFID is put on the bag ● This one corrupts the routing data base – SQL Injection vulnerability Virus Infection ● ● ● When the bad RFID is read the data base is corrupted All new tags will have the same virus As the tags move through the system all routing DB’s will become corrupted Privacy ● Evesdropping ● ID Association ● Personality Profiling ● Life Style Profiling Privacy Evesdropping ● RFID contains personal information ● Could be compromised – ● One card at a time RFID contains serial number to a data base ● Fairly secure from evesdropping ● However – If the data base is compromised then the entire system is compromised Privacy ID Association ● A RFID is associated with you ● ● ● Your credit card is associated with you and you have aand RFID on your clothing. Your activities are tracked In a smart store all of the merchandise you look at is logged. Privacy Personality Profiling ● Shopping history ● Travel patterns ● Profiling is based on an RFID assigned to you ● Credit card ● Smart card ● etc. Privacy Life Style Profiling ● RFID tracks ● Cell phone travels ● ● Tower by tower ● GPS Credit card purchases