Security Control and Privacy Preservation in RFID enabled Wine Supply Chain

Abstract

Modern identification procedures such as radio frequency identification (RFID) are able to provide transparency in applications including supply chain, logistics and equipment management. The benefits of visibility and fast identification provided by RFID technology especially in supply chain management (SCM) reduce the risk of counterfeiting (Gao et al., 2004). There are two mainly ways in which RFID technology supports a visible and fast identification processes: 1) RFID allows for new, automated and secure ways to efficiently authenticate physical items; and 2) As many companies invest in networked RFID technology for varying supply chain applications, the item-level data can be gathered in any case (Lehtonen et al., 2006). Despite these benefits, RFID technology is still not widely implemented. The main reasons are, firstly, the difficult are, firstly, the difficult technical aspects of implementation resulting in high setup costs, secondly, growing security and privacy concerns. Our focus in this paper is to discuss the second reason for the low take-up of RFID technology, that is, security and privacy concerns. We argue that without applying maximum security and privacy, trustworthiness between supply chain partners will be minimal. As a result, the effectiveness and collaboration of traditional supply chain environment with RFID technology cannot be achieved. Given that humans cannot read the RFID tags on items and the tags themselves maintain no history of past readings, the challenge of security and privacy in this technology is related to the nature of RFID tags and their functionality (Juels, 2005). A retailer inventory that is labeled with unprotected tags may be monitored and read by unauthorised readers. The inventory data holds significant financial value for commercial organisations and their competitors. Once data has been accessed by unauthorised users, it can be cloned on empty tags, giving rise to the counterfeiting issue. Counterfeiting in the form of cloned or fraudulent RFID tags is the consequence of a lack of security measures and trustworthiness among the supply chain partners when RFID technology is used to automate their business transactions. Privacy violations stem from the fact that when goods are tagged, the manufacturers, retailers and consumers will be able to track the goods beyond point-of-sale (POS) because they have associated data. Even if the tags only contain product codes rather than unique serial numbers, a consumer’s taste in brands “constellation” can betray their identity.