The technology that enables automated, fast identification of physical objects is also a staple for numerous industries – warehouses and factories use it to track inventory and manage pharmaceutical companies, supply chains deploy it to track drugs and courier services utilize it to tag deliveries. But what would happen if the RFID technology were altered ?
“A security breach in the RFID applications would leak important information about physical objects to unauthorized parties,” confirms Li Yingjiu, an associate lecturer at the Singapore Management University, School of Information Systems. Lecturer Li, a proficient on RFID privacy and security, as well as other aspects of mobile security is struggling hard to construct better safeguards into the technology.
Since RFID tags function by broadcasting data to electrical RFID readers, security breaches can happen if hackers eavesdrop on this conversation and manage to obtain access to or tamper with the information. The eventual consequences of this attack could be severe, says lecturer Li. “In the context of supply chain management, for instance, this implies that industrial expionage may avail sensitive information about the inventory levels, trading volumes, trading partners, and also business plans,” he explains.
To safeguard communications between readers and tags, lecturer Li and his group are designing and testing novel RFID protocols with augmented security features. “Accomplishing high security and efficacy in RFID – tagged supply chains,” says Li. Such strategies comprise making the protocol’s output unexpected, making such tags different to the hacker and preventing hackers from availing vital information even if they manage to interact with the tags.
Moreover, there are numerous stances where sharing of RFID data – between retailers and suppliers, for instance, between numerous components of an Internet of Things – would possess obvious advantages, says lecturer Li. But without suitable security controls, but, most companies would be reluctant to create valuable information readily available. To address such problem, lecturer Li’s group is designing enhanced access control mechanisms that protect RFID data when it is shared on the internet.
The solution introduced by this duo that they have stated is, “Completely secure policy of key attribute based encryption with regular – size ciphertexts and instant decryption,” for ASIA CCS’14. Proceedings of the 9th ACM Symposium on Information, Communications and Compute Security, have numerous applications in real-world scenarios.
Despite its confirmation, but, getting such research out into the souk is still proving to be a big challenge. “While we can prove in theory and employ proof-of-concept prototypes that our solution is better than the current solutions in terms of flexibility and security, it is still intricate to convince the industry to adopt it without introducing it into a final product,” says lecturer Li. Indeed, one of the challenges of data security field is the extending gap between industry and academia, he confirms. While people in this industry are familiar with the market, they are presently isolated from the innovative research.
Filed Under: News