Security issues in RFID Middleware Systems: Proposed EPC implementation for network layer attacks
Keywords:RFID Security, RFID attacks, classification, EPCglobal middleware systems, network layer attacks
Recently, Radio Frequency Identification (RFID) technology becomes very popular. Especially low-cost RFID tags are widely used in supply chain management. Due to lack of security considerations in simple RFID technology, performance optimization becomes quite important rather than securing the data transmitted over RFID media. Since security holes shown variety in RFID systems, this paper classifies the attacks that occurs in different layer of RFID models. The security enhanced EPC RFID middleware systems that are widely used in organizations and their vulnerabilities against Network Layer attacks are investigated in this research to clarify the actual impact of network layer attacks in RFID systems. This paper investigates the RFID middleware attacks and impact of possible integration of EPCglobal architecture to mitigate such attacks on RFID systems.
Kindberg et al. (2002), “People, Places, and Things: Web Presence of the Real World,” ACM Mobile Works & Applications J., pp. 365-376.
Whiting, R. (2004). “RFID growth poses a data management challenge,” Computing, pp. 29-30. Publisher: VNU Business Publications, UK.
Finkelzeller, K. (2003). The RFID Handbook, 2nd ed., John Wiley & Sons.
Garfinkel, S., Juels, A., and Pappu, R. (2005). RFID privacy: An overview of problems and proposed solutions. IEEE Security & Privacy, 3(3), 34-43.
 Ayoade, J. (2007). Privacy and RFID Systems, Roadmap for solving security and privacy concerns in RFID systems. Computer Law & Security Report 23, 555-561.
Karygiannis, A., Phillips, T., and Tsibertzopoulos, A. (2006). RFID security: A taxonomy of risk. In Proceedings of the 1st International Conference on Communications and Networking in China (ChinaCom'06), October 2006, Beijing, China (pp. 1-7). IEEE Press.
Avoine, G. & Oechslin, P. (2005). RFID traceability: a multilayer problem. In A.S. Patrick, M. Yung (Eds.), Financial Cryptography and Data Security, 9th International C, FS 2005, Roseau, The Commonwealth of Dominica, Lecture Notes in Computer Science, Security and Cryptology, vol. 3570, (pp.125-140). Berlin, Heidelberg: Springer-Verlag. doi:10.1007/b137875.
Sari, A. (2010). RFID Security Models use of Security Enhanced RFID Middleware Systems for Enhancing Organizational Data Security. 6th ArchEng International Symposium of European University of Lefke, Vol 6.
Jieun, S. and Kim, T. (2005). Security Enhanced RFID Middleware System. Retrieved from http://www.waset.org/journals/waset/v10/v10-16.pdf
Mirowski, L. , Hartnett, J. (2007). Deckard: A system to detect change of RFID tag ownership. International Journal of Computer Science and Network Security, 7(7):89 -98.
Weis, S.A. (2003) Security and privacy in Radio-Frequency Identi_cation devices. Master's thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology.
Weis, S., Sarma, S., Rivest, R., and Engels, D. (2003). Security and privacy aspects of low-cost Radio Frequency Identi_cation systems. In D. Hutter, G. Muller, W. Stephan, M. Ullmann (Eds.), Security in Pervasive Computing, Proceedings of the 1st International Conference in Security in Pervasive Computing, Boppard, Germany, March 12-14, 2003, Lecture Notes in Computer Science, vol. 2802, (pp. 201- 212). Berlin, Heidelberg: Springer Verlag. doi:10.1007/b95124.
Ohkubo, M., Suzuki, K., and Kinoshita, S. (2003). Cryptographic approach to privacyfriendly" tags. In Proceedings of RFID Privacy Workshop, MIT, MA, USA.