Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
A way to temporarily disable tags is putting them to sleep . A reader provides a tag with a hashed value of a key: meta-id=hash(key). This provision must take place securely, e.g. by physical contact. After a tag received a meta-id, it is in a sleep mode, replying to requests with its meta-id. In order to wake a tag up, the reader has to send the key to the tag, which builds the hash of this value and compares it with the stored meta-id. Upon a match the tag is “awake” again and can provide the reader with the requested information.
The main problems with this concept are that it is very hard to convince the user that a tag really was sent to sleep. Furthermore, the key is sent in clear-text to the tag. Other problems arise in terms of traceability. A sleeping tag answers all requests with its meta-id, so it can be tracked by this information.
Figure 5 shows an example scenario where putting tags to sleep could be used. Assume that the goods at a supermarket are equipped with RFID-tags. At the cash point, the tags are put to sleep, by providing them the proper secret. The secret has to be stored in a database together with the products when they enter the store. The secrets for all purchased products are given to the customer. Maybe some kind of “PrivacyCard” exists, like depictured in the illustration below. The cash point could provide the needed data to this card. The user then can activate the tags by using the secrets stored at his personal PrivacyCard. So the tags could be used for the smart fridge, but on the way home, no one could scan the contents of user’s shopping bag.
Figure 5: Supermarket example for putting a tag to sleep
Problematic is, that the user cannot be sure that the supermarket does not keep the secrets it handed out to the customer. Furthermore, this scheme requires user interaction. But in a world of discount cards a PrivacyCard could be well adopted by the consumers, or the PrivacyCard functionality could be integrated in discount cards from the beginning.
In an enhanced “sleep-version” is introduced, called “Randomized Access Control”. Here, the tag responses to a request with a random number r and a value h=hash(r || id). The reader has to search its database in a brute-force fashion to find the corresponding id. It is obvious, that this scheme is only applicable in a system with relatively few tags; else the search for the id would take too much time. Another problem is that tags have to implement a random number generator which produces good random numbers.
32 / 38 |