1 / 8

Technical Issues in Library RFID Privacy

Technical Issues in Library RFID Privacy. David Molnar UC-Berkeley Computer Science. What are we worried about?. RFID new technology Law of “unintended consequences” Read tags through backpacks, briefcases Can we track books? “track” = link sightings of same book

toby
Download Presentation

Technical Issues in Library RFID Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science

  2. What are we worried about? • RFID new technology • Law of “unintended consequences” • Read tags through backpacks, briefcases • Can we track books? • “track” = link sightings of same book • Can we figure out what you’re reading? • Who “we” is depends • FBI, marketers, teenagers, college students, pick your favorite

  3. How RFID Works • Radio Frequency IDentification • Passive tags – no power source • Tag carries small amount of data • May be read-only or limited read/write • RFID reader powers tag, extracts data via radio Power Stored data

  4. Two Main Questions • How to read tags? • What is on the tag?

  5. How to read tags? • Need an RFID reader • Standardization not privacy issue in long term • Read range for 13.56Mhz tags low • Ubiquity of readers bigger problem! • Reader at door of every Starbucks? • Blocking tag signals, “kill”, not sufficient • “Security Bit” does not prevent tag read • Read passwords?

  6. What is on the tag? • Varies by vendor and library decision • Library bar code • Unique, static ID  can track book • Need library database to learn title/author • Unless see book later, learn bar code/title map • Some vendors suggest more info “The Lib~Chip stores data such as type of material, title, author, bar code and serial number, shelf location, last borrowed date, and last returned date.” – Libramation site

  7. “Encrypting” Tag Data • Several meanings to “encrypting” data • Proprietary encoding, not different per library • Buy reader from company or secondary market • Eventually reverse engineered • Encrypting bar code with per-library key • Does not currently exist • Non-library readers can’t understand data • Still leads to static data  can track book

  8. Bottom Line • Reading static ID is privacy risk • Risk will grow as readers become cheaper, more available, more common • Minimize data on tag • No title, no author, etc. on tag • Protect bibliographic database! • Privacy depends on choices in deployment

More Related