Security and privacy protection in RFID-enabled supply chain management

Radio frequency identification-enabled supply chain systems are in an open system environment, where different organisations have different business workflows and operate on different standards and protocols. This supply-chain environment can only be effective if the partners can trust each other and be collaborative. However, Radio Frequency Identification (RFID) involves growing privacy and security concerns in part because humans cannot sense the radio frequency radiation used to read tags and the tags themselves maintain no history of past readings. Counterfeiting in the form of cloned or fraudulent RFID tags is a consequence of a lack of security measures and trust among the partners when RFID technology is used to automate their business transactions. This paper discusses the ways in which privacy and security protection can be maintained in an open-loop RFID supply chain. A cost-based detection of counterfeit tags using different classifiers is presented.

[1]  Peter D. Turney Types of Cost in Inductive Concept Learning , 2002, ArXiv.

[2]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[3]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[4]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[5]  Sumita Mishra,et al.  A cross-layer based intrusion detection approach for wireless ad hoc networks , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[6]  Lea Kutvonen,et al.  Trust Management Survey , 2005, iTrust.

[7]  Pedro M. Domingos MetaCost: a general method for making classifiers cost-sensitive , 1999, KDD '99.

[8]  Kouichi Sakurai,et al.  Reassignment Scheme of an RFID Tag's Key for Owner Transfer , 2005, EUC Workshops.

[9]  Sherali Zeadally,et al.  TMS-RFID: Temporal management of large-scale RFID applications , 2011, Inf. Syst. Frontiers.

[10]  S. H. Choi,et al.  An RFID-based Anti-counterfeiting System , 2008 .

[11]  Juan E. Tapiador,et al.  Vulnerability analysis of RFID protocols for tag ownership transfer , 2010, Comput. Networks.

[12]  Manmeet Mahinderjit Singh,et al.  Trust Framework for RFID Tracking in Supply Chain Management , 2009, IWRT.

[13]  S. Devadas,et al.  Design and Implementation of PUF-Based "Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications , 2008, 2008 IEEE International Conference on RFID.

[14]  Damith C. Ranasinghe,et al.  EPC Network Architecture , 2008 .

[15]  Kai Ming Ting,et al.  Inducing Cost-Sensitive Trees via Instance Weighting , 1998, PKDD.

[16]  David A. Wagner,et al.  Security and Privacy Issues in E-passports , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[17]  Jacky Hartnett,et al.  Deckard: A System to Detect Change of RFID Tag Ownership , 2007 .

[18]  Tsuyoshi Takagi,et al.  An Efficient and Secure RFID Security Method with Ownership Transfer , 2006, 2006 International Conference on Computational Intelligence and Security.

[19]  Frédéric Thiesse,et al.  Extending the EPC network: the potential of RFID in anti-counterfeiting , 2005, SAC '05.

[20]  John Ayoade,et al.  Roadmap to solving security and privacy concerns in RFID systems , 2007, Comput. Law Secur. Rev..

[21]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[22]  Marc Langheinrich,et al.  A survey of RFID privacy approaches , 2009, Personal and Ubiquitous Computing.

[23]  Simson L. Garfinkel,et al.  RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[24]  Peter D. Turney Cost-Sensitive Classification: Empirical Evaluation of a Hybrid Genetic Decision Tree Induction Algorithm , 1994, J. Artif. Intell. Res..

[25]  Robert C. Holte,et al.  Exploiting the Cost (In)sensitivity of Decision Tree Splitting Criteria , 2000, ICML.

[26]  Jian Huang,et al.  An approach to security and privacy of RFID system for supply chain , 2004, IEEE International Conference on E-Commerce Technology for Dynamic E-Business.

[27]  Ari Juels,et al.  Strengthening EPC tags against cloning , 2005, WiSe '05.

[28]  Elgar Fleisch,et al.  Probabilistic Approach for Location-Based Authentication , 2007 .

[29]  Manmeet Mahinderjit Singh,et al.  Trust in RFID-enabled Supply-Chain Management , 2010, Int. J. Secur. Networks.

[30]  Ian H. Witten,et al.  Data mining: practical machine learning tools and techniques with Java implementations , 2002, SGMD.