Title :
Password Management for EPC Class 1 Generation 2 Transponders
Author :
Wonnemann, Claus ; Struker, Jens
Author_Institution :
Deptartment of Telematics, Albert-Ludwigs-Univ. Freiburg, Freiburg
Abstract :
RFID systems compliant to the widely-used standard EPC class 1 generation 2 lack effective security mechanisms. We show that passwords used to protect critical functionality can be obtained by attackers with only moderate effort. Since more capable systems are not likely to replace the current standard in the medium term, it is crucial to embed the deployment of RFID technology into IT-ecosystems that ensure a minimization of the potential damage caused by an attack. This objective can be achieved by using transponder-individual passwords. The associated challenge of an efficient and scalable password management remains one of most pressing problems of an enterprise-spanning RFID deployment, however. In this paper, we present two approaches for a password management infrastructure and describe their integration into a retailer´s processes.
Keywords :
message authentication; product codes; radiofrequency identification; retail data processing; transponders; EPC class 1 generation 2 transponder; IT-ecosystem; RFID system; electronic product code; password management; retailer process; security mechanism; transponder-individual password; Conference management; Costs; Data security; Protection; RFID tags; Radiofrequency identification; Standards development; Supply chains; Technology management; Transponders; EPC; RFID; password management; privacy; security;
Conference_Titel :
E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services, 2008 10th IEEE Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-0-7695-3340-7
DOI :
10.1109/CECandEEE.2008.98
