Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.7 A Structured Collection on Information and Literature on Technological and Usability Aspects of Radio Frequency Identification (RFID)
 |
Untitled THREATS |
 |
Malware
When considering the broader RFID architecture of , new security risks and countermeasures come to mind: one could foresee an attack at the back office through information stored at the tag, which was recently shown in (DCSA 2006). Basically there are three types of RFID malware (Rieback 2006), which are mentioned in increasing complexity of implementation:
RFID exploits:
Just like other software, RFID systems are vulnerable to buffer overflows, code insertion and SQL injection.RFID worms:
A worm is basically an RFID exploit that downloads and executes remote malware. A worm could propagate through the network or through tags.RFID viruses:
An RFID virus starts with malicious content of a tag. When the tag is read out, this initiates a malicious SQL query which would disturb a database in the back office. This type of attack already has been demonstrated (Juels 2006).
Measures for malware
To avoid such attacks, the compliance of the content of tags with respect to the corresponding standards should be checked by the reader, and regular security measures such as checks and filtering against signature databases should be taken to protect the gateway. In addition patches for the database should be installed, if available.
Threats to gateway interface
In case of insufficient access control the user interface to the gateway could be misused by unauthorised people to attack the integrity of the filters and to misguide the product management system.
Measures for threats to gateway interface
To prevent such an attack the user interface should be provided with a sufficient authentication mechanism such that only authorised users are able to access the gateway. Another measure would be to place the gateway and the user interface in a physically protected room such that only authorised employees that have access to this room can access the user interface.
Threats to drivers
The drivers that are used by RFID readers to communicate with the middleware could be corrupted. This could be done by either modifying the driver of a legitimate reader, or by replacing the legitimate reader with a fake reader that has a corrupted driver. A corrupted driver could be used to attack and misguide the gateway.
Measures to threats to driversA possible solution to this problem is to use only signed drivers, i.e. each legitimate driver should be digitally signed by manufacturers or trusted third parties such that the gateway can check that communicating readers contain a legitimate driver.
Threats to back office and measures
Systems at the back office could be subject to attack. These kinds of attacks (and their countermeasures) are known as attacks (and countermeasures) for regular IT systems and therefore not specific RFID related attacks.
Threats to communication reader gateway
The communication between reader and gateway could be eavesdropped or modified.
Measures to threats to communication reader gateway
Since an RFID reader is a more sophisticated device than a tag, some kind of encryption mechanism should be available to encrypt the communication between reader and gateway. Note that transfer of data between reader and gateway is similar to transfer of any other kind of data through the network (the connection can be wireless of wired) so threats and countermeasures are from technical point of view similar to existing in other kinds of networks.
|
|
|
| |
   |
|
| Denis Royer | 17 / 46 |
