5.1.RFID-Summary

guineanscarletElectronics - Devices

Nov 27, 2013 (3 years and 8 months ago)

95 views

RFID


Technology


Applications


Risks


Security


Privacy

RFID

Radio Frequency IDentification


Replaces the ubiquitous bar code


Electronic


Wireless


Contains much information


Very flexible


Very powerful

RFID


NIST SP800
-
98


GAO Report


“Is Your Cat Infected with a Computer Virus?”


Melanie R. Rieback

Components of an RFID


Antenna


CPU/Chip, i.e. Computer


Substrate


Chip Reader


Interrogator


Middleware


Communications and Database


Analytic System

Gillette’s Razor RFID

Close to actual size

Chip

Antenna

RFID

What is it?



Small!

Hitatchi’s Answer

Human Hair

Tiny Radio Frequency Identification (RFID) chips, 64 times smaller than current
devices, have been developed by Hitatchi in Japan. Little bigger than a grain of
sand at 0.05 x 0.05mm, the chips come with a 128
-
bit memory capable of storing
an identification number of up to 38 digits


RFID’s


Size is about the dot on an “i” or larger


Antenna can be up to several inches


Usually copper foil


Now can be conductive printer ink.


When the label is printed the RFID can be
printed at the same time with sticky chip
attacked

RFID Tag Printer

Tag Printer

RFID Interrogators


Hand held for inventory etc.


Fixed


Can read up to palette load of items


Overhead in a toll booth


Interrogation distances can be from a few
centimeters to many meters


Subject to design considerations

Hand Held Interrogator

Fix Interrogator

RFID Placement


On the back of a Label


In the spine of a book


As part of the item


Within the person/animal

Active RFID’s


Active RFID’s will have a battery


Can have multiple sensors attached


Temperature


Humidity


Impact


Accelerometer


Radiation dosimeter


Verifies proper shipping/storage specs


Used mainly for large shipments

Antenna Types

Examples


Passports


EPC’s


Electronic Bar Codes


Toll Roads


Baggage Tickets


Later


Smart Shelf


Smart Store


Later


Operating Room Items


NAIS


Later

The Smart Shelf


Shopper photographed when item is selected


Each RFID has a unique ID Number


Quantity selected is known


Items are tracked throughout the store


Theft risk assessment is made


At checked out undeclared items are known

Gillette’s Razor RFID

Close to actual size

Chip

Antenna

NAIS


National Animal Identification System


“Recommended” by USDA


States are the enforcers


State by state data bases


Non
-
compliance fines up to %5,000 per animal


Purpose


Track disease


Feed lots are exempt


Recommending Committee


Agri
-
Business


Chip Companies

Risks


RFID


Corruption/Compromise


RFID chip


Middleware


Data Bases


Interrogator


Impersonator


Middleware


Analytic System

Security


RIFD corruption


Baggage routing exploit


“Does your cat have a virus?”


Backend database compromise


Subject to the latest vulnerabilities


Subject to the latest exploits


Evesdropping


Passports in an Airport


Redesign

Virus Infection


Scenario


Baggage check in at the airport


Each bag gets an RFID


These RFID’s are printed at the check in counter


Routing info


All baggage handling equip read the RFID


Route correctly


A Bad RFID is put on the bag


This one corrupts the routing data base


SQL Injection vulnerability

Virus Infection


When the bad RFID is read the data base is
corrupted


All new tags will have the same virus


As the tags move through the system all routing
DB’s will become corrupted

Privacy


Evesdropping


ID Association


Personality Profiling


Life Style Profiling

Privacy

Evesdropping


RFID contains personal information


Could be compromised


One card at a time


RFID contains serial number to a data base


Fairly secure from evesdropping


However


If the data base is compromised then the entire system is
compromised

Privacy

ID Association


A RFID is associated with you


Your credit card is associated with you and you have
aand RFID on your clothing.


Your activities are tracked


In a smart store all of the merchandise you look at is
logged.

Privacy

Personality Profiling


Shopping history


Travel patterns


Profiling is based on an RFID assigned to you


Credit card


Smart card


etc.

Privacy

Life Style Profiling


RFID tracks


Cell phone travels


Tower by tower


GPS


Credit card purchases