Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.7 A Structured Collection on Information and Literature on Technological and Usability Aspects of Radio Frequency Identification (RFID)
 |
Untitled CONCLUSIONS |
 |
Conclusions
Given commonly discussed security threats for an RFID system, and the available security measures against these threats, we can evaluate their implementation on RFID. This means incorporating (a qualitative estimate of) the costs of each security measure and on the other hand (a qualitative estimate of) the costs of performing a specific attack (BSI 2004). The comparison of these two types of costs will give insight into the current vulnerabilities of RFID systems.
The summary of this evaluation is shown . The qualitative estimates of the costs are explained in the following sections, followed by a separate section of conclusions.
Object | Threat | Cost of performing threat | Cost of countermeasures |
EPC Tag | Deployment of falsified tag | Medium to high | Medium |
| Deactivation | Low to medium | Medium |
| Destruction | Low to medium | Low to medium |
| Detaching the tag | Low | Low to medium |
Tag-general | Falsification of content and/or tag ID | Medium to high | Medium |
| Unauthorized read access | Medium to high | Low to medium |
Air interface | Eavesdropping | High | Medium |
| Blocking | Low | Low |
| Jamming | Medium to high | Medium to high |
| Relay attack | High | Low to medium |
Reader | Falsifying reader ID | Medium to high | Medium |
Table : Summary of security evaluation
From a financial point of view, the most alarming risk would be the risk that has low costs for performing the threat and high costs for taking countermeasures. By only analysing , this would be the risks of deactivating or detaching the tag because these are fairly easy to perform and countermeasures are more involved. Although much attention in the media is paid to eavesdropping on the air interface because of the privacy consequences of the consumer, from a security cost point of view indeed the vulnerability of the tag itself is an often overlooked aspect. Since tags are easily removed or destroyed, and countermeasures are costly, this can be seen as the weakest point of an RFID system.
At first sight it seems that a redesign of tags might be needed to overcome these risks. However, some important considerations have to be taken in mind:
These are the results of a general threat analysis and rough cost estimation. No conclusions can be drawn with respect to specific applications or scenarios. Each application or scenario would require its own more detailed and specific security analysis. The (seriousness of the) consequences of removing or destroying RFID tags depend on the application. Depending on the business case of the application, even a Common Criteria accreditation process might be worthwhile.
The costs are not the only point of view. Also user convenience, user’s acceptance, interoperability, etc. are important factors to take into account. This would require a case by case analysis.
The RFID system is usually part of a larger IT system which includes the back-office. Since the security chain is as weak as the weakest link, we have to consider the entire IT system.
The next chapter gives an overview on common areas of application for RFID.
|
|
|
| |
   |
|
| Denis Royer | 18 / 46 |
