Evaluation of Group Management of RFID Passwords for Privacy Protection

Abstract

The RFID tag is equipped with a small IC tip and antenna, and data can be read from or written to it via radio signal. This device has attracted much attention because it is extremely effective for promoting work efficiency in supply chains and for building IT-based systems connecting companies and/or industries. The scope of RFID use is spreading throughout the entire product life cycle, and RFID is now used not only for primary distribution from production to sale, but also for secondary forms of distribution, such as recycling or maintenance. The difference between the scope of primary distribution only and the scope of a product’s entire life cycle is that in the latter a greater number of general companies and people are involved in the distribution process. Therefore, a provision for protecting data written to RFID tag memory must be included when RFID systems are built so that data cannot be illegally read or overwritten. In addition, a solution to RFID privacy problems is required so that items with RFID tags can be safely provided to many consumers (CASPIAN et al., 2003; Albrecht & Mcintyre, 2005). We define the privacy problem as unauthorized persons abusing the radiocommunications function of RFID tags, and we consider two kinds of privacy problem: a. Possession Privacy Problem: This is the problem of unauthorized persons or agents being able to surreptitiously detect items that other persons are carrying because of the item codes recorded in the memory of IC tags. b. Location Privacy Problem: This is the problem of an unauthorized persons or agents knowing where a person is without that person’s knowledge because a unique ID is recorded in an IC tag memory. A guideline for solving privacy problems (GS1 EPCglobal, 2005) states that RFID tags should be removed from products before the products are provided to consumers. However, the requirements for consumers, who want to protect their privacy, conflict with those of industries that want to use RFID tags throughout the entire life cycle of products – satisfying both requirements is very difficult. To protect consumer privacy, some researchers have proposed systems that mount a hash function in the RFID tag which authenticates interrogators (Weis, 2003; Juels.& Pappu, 2003; Source: Radio Frequency Identification Fundamentals and Applications, Bringing Research to Practice, Book edited by: Cristina Turcu, ISBN 978-953-7619-73-2, pp. 278, February 2010, INTECH, Croatia, downloaded from SCIYO.COM