Security issues in RFID Middleware Systems: Proposed EPC implementation for network layer attacks
Recently, Radio Frequency Identification (RFID) technology becomes very popular. Especially low-cost RFID tags are widely used in supply chain management. Due to lack of security considerations in simple RFID technology, performance optimization becomes quite important rather than securing the data transmitted over RFID media. Since security holes shown variety in RFID systems, this paper classifies the attacks that occurs in different layer of RFID models. The security enhanced EPC RFID middleware systems that are widely used in organizations and their vulnerabilities against Network Layer attacks are investigated in this research to clarify the actual impact of network layer attacks in RFID systems. This paper investigates the RFID middleware attacks and impact of possible integration of EPCglobal architecture to mitigate such attacks on RFID systems.
Kindberg et al. (2002), “People, Places, and Things: Web Presence of the Real World,” ACM Mobile Works & Applications J., pp. 365-376.
Whiting, R. (2004). “RFID growth poses a data management challenge,” Computing, pp. 29-30. Publisher: VNU Business Publications, UK.
Finkelzeller, K. (2003). The RFID Handbook, 2nd ed., John Wiley & Sons.
Garfinkel, S., Juels, A., and Pappu, R. (2005). RFID privacy: An overview of problems and proposed solutions. IEEE Security & Privacy, 3(3), 34-43.
 Ayoade, J. (2007). Privacy and RFID Systems, Roadmap for solving security and privacy concerns in RFID systems. Computer Law & Security Report 23, 555-561.
Karygiannis, A., Phillips, T., and Tsibertzopoulos, A. (2006). RFID security: A taxonomy of risk. In Proceedings of the 1st International Conference on Communications and Networking in China (ChinaCom'06), October 2006, Beijing, China (pp. 1-7). IEEE Press.
Avoine, G. & Oechslin, P. (2005). RFID traceability: a multilayer problem. In A.S. Patrick, M. Yung (Eds.), Financial Cryptography and Data Security, 9th International C, FS 2005, Roseau, The Commonwealth of Dominica, Lecture Notes in Computer Science, Security and Cryptology, vol. 3570, (pp.125-140). Berlin, Heidelberg: Springer-Verlag. doi:10.1007/b137875.
Sari, A. (2010). RFID Security Models use of Security Enhanced RFID Middleware Systems for Enhancing Organizational Data Security. 6th ArchEng International Symposium of European University of Lefke, Vol 6.
Jieun, S. and Kim, T. (2005). Security Enhanced RFID Middleware System. Retrieved from http://www.waset.org/journals/waset/v10/v10-16.pdf
Mirowski, L. , Hartnett, J. (2007). Deckard: A system to detect change of RFID tag ownership. International Journal of Computer Science and Network Security, 7(7):89 -98.
Weis, S.A. (2003) Security and privacy in Radio-Frequency Identi_cation devices. Master's thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology.
Weis, S., Sarma, S., Rivest, R., and Engels, D. (2003). Security and privacy aspects of low-cost Radio Frequency Identi_cation systems. In D. Hutter, G. Muller, W. Stephan, M. Ullmann (Eds.), Security in Pervasive Computing, Proceedings of the 1st International Conference in Security in Pervasive Computing, Boppard, Germany, March 12-14, 2003, Lecture Notes in Computer Science, vol. 2802, (pp. 201- 212). Berlin, Heidelberg: Springer Verlag. doi:10.1007/b95124.
Ohkubo, M., Suzuki, K., and Kinoshita, S. (2003). Cryptographic approach to privacyfriendly" tags. In Proceedings of RFID Privacy Workshop, MIT, MA, USA.
Authors wishing to include figures, tables, or text passages that have already been published elsewhere are required to obtain permission from the copyright owner(s) for both the print and online format and to include evidence that such permission has been granted when submitting their papers. Any material received without such evidence will be assumed to originate from the authors.
All authors of manuscripts accepted for publication in the journal Transactions on Networks and Communications are required to license the Scholar Publishing to publish the manuscript. Each author should sign one of the following forms, as appropriate:
License to publish; to be used by most authors. This grants the publisher a license of copyright. Download forms (MS Word formats) - (doc)
Publication agreement — Crown copyright; to be used by authors who are public servants in a Commonwealth country, such as Canada, U.K., Australia. Download forms (Adobe or MS Word formats) - (doc)
License to publish — U.S. official; to be used by authors who are officials of the U.S. government. Download forms (Adobe or MS Word formats) – (doc)
The preferred method to submit a completed, signed copyright form is to upload it within the task assigned to you in the Manuscript submission system, after the submission of your manuscript. Alternatively, you can submit it by email email@example.com