Privacy of RFID Systems: Security of Personal Data for End-Users
Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.
[1] Image Courtesy Salik (online). Available at: www.salik.gov.ae.
[2] Michael Anshel and Sarah Levitan. 2007. “Reducing medical errors using secure RFID technology”. In SIGCSE Bull. 39, 2 (June 2007), 157-159.
[3] Boyeon Song and Chris J. Mitchell. 2008. “RFID authentication protocol for low-cost tags”. In Proceedings of the first ACM conference on Wireless network security (WiSec '08). ACM, New York, NY, USA, 140-147.
[4] Mohamed K. Saad and Syed V. Ahamed. 2007. “Vulnerabilities of RFID systems in infant abduction protection and patient wander prevention”. In SIGCSE Bull. 39, 2 (June 2007), 160-165B.
[5] Jim Waldo, Alan Ramos, Weina Scott, William Scott, Doug Lloyd, and Katherine O'Leary. 2009. “A Threat Analysis of RFID Passports”. In Queue 7, 9, Pages 10 (October 2009), 6 pages.
[6] Erik-Oliver Blass, Anil Kurmus, Refik Molva, and Thorsten Strufe. 2009. “PSP: private and secure payment with RFID”. In Proceedings of the 8th ACM workshop on Privacy in the electronic society (WPES '09). ACM, New York, NY, USA, 51-60.
[7] David Molnar and David Wagner. 2004. “Privacy and security in library RFID: issues, practices, and architectures”. In Proceedings of the 11th ACM conference on Computer and communications security (CCS '04). ACM, New York, NY, USA, 210-219.
[8] Caldwell-Stone, D 2010, “Chapter 6: RFID in Libraries”, In Library Technology Reports, vol. 46, no. 8, pp. 38-44.
[9] Jaspreet Kaur and Narinder Kehar. 2011. “RFID enabled cards skimming: enhanced technology”. In Proceedings of the International Conference on Advances in Computing and Artificial Intelligence (ACAI '11). ACM, New York, NY, USA, 155-157.
[10] Yingjiu Li and Xuhua Ding. 2007. “Protecting RFID communications in supply chains”. In Proceedings of the 2nd ACM symposium on Information, computer and communications security (ASIACCS '07), Robert Deng and Pierangela Samarati (Eds.). ACM, New York, NY, USA, 234-241.
[11] Renu Aggarwal and Manik Lal Das. 2012. “RFID security in the context of ‘internet of things’”. In Proceedings of the First International Conference on Security of Internet of Things (SecurIT '12). ACM, New York, NY, USA, 51-56.
[12] James Lee and Khalil EL-Khatib. 2009. “A privacy-enabled architecture for an RFID-based location monitoring system”. In Proceedings of the 7th ACM international symposium on Mobility management and wireless access (MobiWAC '09). ACM, New York, NY, USA, 128-131.
[13] Mike Burmester and Jorge Munilla. 2011. “Lightweight RFID authentication with forward and backward security”. In ACM Trans. Inf. Syst. Secur. 14, 1, Article 11 (June 2011), 26 pages.
[14] Good, T, and Benaissa, M 2013, “A holistic approach examining RFID design for security and privacy”, In Journal of Supercomputing, vol. 64, no. 3, pp. 664-684.
[15] David Molnar, Andrea Soppera, and David Wagner. 2005. “Privacy for RFID through trusted computing”. In Proceedings of the 2005 ACM workshop on Privacy in the electronic society (WPES '05). ACM, New York, NY, USA, 31-34.
[16] Giuseppe Ateniese, Jan Camenisch, and Breno de Medeiros. 2005. “Untraceable RFID tags via insubvertible encryption”. In Proceedings of the 12th ACM conference on Computer and communications security (CCS '05). ACM, New York, NY, USA, 92-101.
[1] Image Courtesy Salik (online). Available at: www.salik.gov.ae.
[2] Michael Anshel and Sarah Levitan. 2007. “Reducing medical errors using secure RFID technology”. In SIGCSE Bull. 39, 2 (June 2007), 157-159.
[3] Boyeon Song and Chris J. Mitchell. 2008. “RFID authentication protocol for low-cost tags”. In Proceedings of the first ACM conference on Wireless network security (WiSec '08). ACM, New York, NY, USA, 140-147.
[4] Mohamed K. Saad and Syed V. Ahamed. 2007. “Vulnerabilities of RFID systems in infant abduction protection and patient wander prevention”. In SIGCSE Bull. 39, 2 (June 2007), 160-165B.
[5] Jim Waldo, Alan Ramos, Weina Scott, William Scott, Doug Lloyd, and Katherine O'Leary. 2009. “A Threat Analysis of RFID Passports”. In Queue 7, 9, Pages 10 (October 2009), 6 pages.
[6] Erik-Oliver Blass, Anil Kurmus, Refik Molva, and Thorsten Strufe. 2009. “PSP: private and secure payment with RFID”. In Proceedings of the 8th ACM workshop on Privacy in the electronic society (WPES '09). ACM, New York, NY, USA, 51-60.
[7] David Molnar and David Wagner. 2004. “Privacy and security in library RFID: issues, practices, and architectures”. In Proceedings of the 11th ACM conference on Computer and communications security (CCS '04). ACM, New York, NY, USA, 210-219.
[8] Caldwell-Stone, D 2010, “Chapter 6: RFID in Libraries”, In Library Technology Reports, vol. 46, no. 8, pp. 38-44.
[9] Jaspreet Kaur and Narinder Kehar. 2011. “RFID enabled cards skimming: enhanced technology”. In Proceedings of the International Conference on Advances in Computing and Artificial Intelligence (ACAI '11). ACM, New York, NY, USA, 155-157.
[10] Yingjiu Li and Xuhua Ding. 2007. “Protecting RFID communications in supply chains”. In Proceedings of the 2nd ACM symposium on Information, computer and communications security (ASIACCS '07), Robert Deng and Pierangela Samarati (Eds.). ACM, New York, NY, USA, 234-241.
[11] Renu Aggarwal and Manik Lal Das. 2012. “RFID security in the context of ‘internet of things’”. In Proceedings of the First International Conference on Security of Internet of Things (SecurIT '12). ACM, New York, NY, USA, 51-56.
[12] James Lee and Khalil EL-Khatib. 2009. “A privacy-enabled architecture for an RFID-based location monitoring system”. In Proceedings of the 7th ACM international symposium on Mobility management and wireless access (MobiWAC '09). ACM, New York, NY, USA, 128-131.
[13] Mike Burmester and Jorge Munilla. 2011. “Lightweight RFID authentication with forward and backward security”. In ACM Trans. Inf. Syst. Secur. 14, 1, Article 11 (June 2011), 26 pages.
[14] Good, T, and Benaissa, M 2013, “A holistic approach examining RFID design for security and privacy”, In Journal of Supercomputing, vol. 64, no. 3, pp. 664-684.
[15] David Molnar, Andrea Soppera, and David Wagner. 2005. “Privacy for RFID through trusted computing”. In Proceedings of the 2005 ACM workshop on Privacy in the electronic society (WPES '05). ACM, New York, NY, USA, 31-34.
[16] Giuseppe Ateniese, Jan Camenisch, and Breno de Medeiros. 2005. “Untraceable RFID tags via insubvertible encryption”. In Proceedings of the 12th ACM conference on Computer and communications security (CCS '05). ACM, New York, NY, USA, 92-101.
@article{"International Journal of Information, Control and Computer Sciences:73962", author = "Firoz Khan", title = "Privacy of RFID Systems: Security of Personal Data for End-Users ", abstract = "Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.", keywords = "RFID, privacy, security, encryption.", volume = "10", number = "1", pages = "259-4", }
