Tag Broker Model for Protecting Privacy in RFID Environment
Authors: Sokjoon Lee, Howon Kim, Kyoil Chung
Abstract:
RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.
Keywords: Broker, EPC, Privacy, RFID.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1085581
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1658References:
[1] M. Ohkubo, K. Suzuki and S. Kinoshita, "Cryptographic Approach to Privacy-Friendly Tags", RFID Privacy Work-shop, 2003.
[2] Ari Juels, Ronald L Rivest, and Michael Szydlo, "The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy", 10th ACM Conference on Computer and Communications Security, 2003.
[3] Stephen A. et al., Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, Security in Pervasive Computing 2003, LNCS 2802, 2004, pp. 201-212.
[4] Byungil Lee and Howon Kim, "Enhanced Security and Privacy Mechanism of RFID Service for Pervasive Mobile Device", CIS(Computational Intelligence and Security) 2005, LNAI 3802, Dec. 2005.
[5] EPCglobal, http://www.epcglobalinc.org/
[6] EPC Tag Data Standards Version 1.1 Rev.1.24, Apr. 2004.
[7] Information technology - Radio frequency identification for item management - Unique identification for RF tags, ISO/IEC 15963, Sep. 2004.
[8] EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz - 960 MHz Version 1.0.7,Sep. 2004.