Preso - OpenLoop.com
Download
Report
Transcript Preso - OpenLoop.com
Analysis of RFID Architecture and
Security
CMPE 294
Final Presentation
Presented by Sundeep Kotla
• RFID – Radio frequency Identification.
RFID was first used during the world war II .
It was used to identify whether the plane was
from a friend or a foe.
RIFD Components
• RFID Tags
• RIFD Reader
• RFID MIDDLE Ware
• RFID Data Base
RFID Middle ware
Server 1
Server 2
Server 3
Application 1
Application 2
Application 3
Messaging Server
Server 5
Buffering
Aggregation
Server 4
Virtual Tag memory service
Read Surrogate
RFID Middle Ware
Aggregation
Reader 1
Reader 2
Reader 3
Aggregation
Antenna
RFID Tags
/Reader
Filtering
Tags
Filtering
Filtering
RFID Design issues
• No power in RFID tags
NO Power
• Proprietary based Encryption
RFID Attacks
• RFID Tags / Reader
• Tracking - I CAN TRACK YOUUUU
• Skimming
• Eavesdropping
• Replay – I AM BOB – I SWEAR
• Replay and cross contamination
• Disruption attack
PARTIAL SOLUTION : content based filtering
RFID Middle ware attacks
• Sql injection attacks
• Query:"Find luggage for Mr.Sinn; shutdown”
• Response:“5 bags to washington; database
shutdown completed“.
• Solution :Light weight Encryption
RFID Back end attacks
• Data attacks
– Flooding the data base with large mounts of data
• Virus attacks
– Web component Exploitation
– example [s1] <!--#exec cmd="rm -R /"-->
Delete files from the database !!!!
Solution To have application level gate way
Conclusion
• RFID is a promising technology .
• Considerable work is being done on scalable
middleware architecture
• Security of RFID is also being worked on with
the work on Light DES
Future of E Business
• IBM store
REFERENCES
• Anand M.Das, Anita Campbell, Brad Haines, Hersh
Bhargava, & Pete Lindstrom (2006).
• RFID Security. Washington, DC
• Mikey Sklar. (2006). RFID Exposed: The Naked Truth
about the Future of Retail [Digital Journal].
• Privacy and Security in library RFID. (n.d.). Retrieved
December 1, 2007, from
http://www.cs.berkeley.edu/~dmolnar/library.pdf
• Review of DES and current status. (n.d). Retrieved
Dec 1, 2007, from
• http://www.distributed.net/DES
Any Questions