A comparative study of rfid solutions for security and privacy pop vs previous solutions
Download
1 / 23

A Comparative Study of RFID Solutions for Security and Privacy: POP vs. Previous Solutions - PowerPoint PPT Presentation


  • 130 Views
  • Uploaded on

A Comparative Study of RFID Solutions for Security and Privacy: POP vs. Previous Solutions. K.H.S Sabaragamu Koralalage and J. Cheng Department of Information and Computer Sciences, Saitama University, Japan {krishan, [email protected]

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' A Comparative Study of RFID Solutions for Security and Privacy: POP vs. Previous Solutions' - royal


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
A comparative study of rfid solutions for security and privacy pop vs previous solutions

A Comparative Study of RFID Solutions for Security and Privacy:POP vs. Previous Solutions

K.H.S Sabaragamu Koralalage and J. Cheng

Department of Information and Computer Sciences,

Saitama University, Japan

{krishan, [email protected]

Advanced Information Systems Engineering Lab

Saitama University, Japan

2008-April-17


Agenda
Agenda

POP Architecture

The Problem

Goal

Evaluation

Conclusion

Future Works


What is pop
What is POP

  • What is Product-flow with Ownership-transferring Protocol

    • A comprehensive mechanism used to ensure the security and privacy of the passive RFID systems used in a product lifecycle

  • How

    • Tagged-product flow with an anonymous ownership transference

    • Robust communicational protocol

ISA 2008


E

E

E

E

E

E

E

E

Ki

Kk

Ke

Ka

Kg

Kc

Kl

Sg

Sk

Sl

Sa

Se

Sc

Si

EPC

EPC

EPC

EPC

EPC

EPC

EPC

EPC

PRIVACY

SECURITY

E

E

E

E

E

E

E

Kd

Kf

Kb

Kh

Kj

Sj

Sh

Sb

Sf

Sd

EPC

EPC

EPC

EPC

EPC

EPC

EPC

How to change the ownership

ISA 2008


The problem
The Problem

  • Position of POP Architecture ?

  • Level of Security ?

  • Level of Privacy ?

  • Level of Functionality ?

ISA 2008


Goal and objectives
Goal and Objectives

  • Goal

    • Compare and contrast previously proposed RFID solutions against thePOP Architecture

  • Objectives

    • Define security criterion

    • Define privacy criterion

    • Define desired functionalities

    • Evaluate available RFID Solutions

ISA 2008


Previous solutions
Previous Solutions

Faraday Cage[1]

Blocker Tag[1]

Active Jamming[1]

Frequency Modification[12]

Kill Tag[1]

RFID Guardian[10]

Renaming[3]

Hash Based Schemes[12,11,9]

Delegated Pseudonym[7]

Zero knowledge[5]

Re-encryption Method[8,2]

ISA 2008


Security objectives
Security Objectives

  • Authentication

  • Authorization

  • Confidentiality

  • Anonymity

  • Data Integrity

  • No-Repudiation

  • Availability

  • Forward Security

  • Anti-Cloning

  • Anti-Reverse Engineering

ISA 2008



Security attacks
Security Attacks

  • Attacking RFID Tags

  • Attacking Interrogators

  • Access-key/Cipher-text Tracing

  • Eavesdropping

  • Spoofing

  • Man-in-the-middle

  • Replay Attack

  • Brute-force Attacks

ISA 2008



Privacy threats
PrivacyThreats

  • Corporate espionage

  • Competitive marketing

  • Action threat

  • Association threat

  • Location threat

  • Preference threat

  • Constellation threat

  • Transaction threat

  • Breadcrumb threat

ISA 2008



Desired functionalities
Desired Functionalities

  • Interoperability

  • Reliability

  • Usability

  • Feasibility

  • Scalability

  • Manage new and damaged tags

  • Control Accessing

  • Transfer ownership online/offline

  • Achieve multiple authorizations

  • Recycle the tagged products

ISA 2008



Evaluation
Evaluation

  • POP Achieves

    • Highest security objectives, attack prevention throughout the product lifecycle

    • Highest protection against the privacy threats

    • Highest interoperability

    • Highest level of feasibility, scalability, manageability of new and damaged tags and self controllability

    • Resolve multiple authorizations issue

ISA 2008


Evaluation1
Evaluation

  • No solution provides both online/offline anonymous ownership transference other than POP

    But

  • POP yields for universal customer card and PIN only for after purchase use

ISA 2008


Conclusion
Conclusion

  • Our evaluation reveals that the POP Architecture is the best out of all those solutions as no one provides such level of achievement so far.

ISA 2008


Future works
Future Works

  • We hope to analyze the performance of POP Tags in following aspects

    • Computational Overhead

    • Storage Overhead

    • Communication Overhead

    • Cost Overhead

ISA 2008


Thank you very much for your attention !!!.....

Please feel free to ask questions…………or put forward your opinions……..

ISA 2008


Q & A

ISA 2008


Thank you

ISA 2008


  • K. H. S. Sabaragamu Koralalage and Jingde Cheng: A Comparative Study of RFID Solutions for Security and Privacy: POP vs. Previous Solutions, Proceedings of the 2nd International Conference on Information Security and Assurance (ISA '08), pp. 342-349, Busan, Korea, IEEE Computer Society Press, April 2008.

ISA 2008


ad