By Topic

Pseudonym-based RFID Discovery Service to Mitigate Unauthorized Tracking in Supply Chain Management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Qiang Yan ; Sch. of Inf. Syst., Singapore Manage. Univ., Singapore, Singapore ; Robert H. Deng ; Zheng Yan ; Yingjiu Li
more authors

Unauthorized tracking of RFID tagged assets at the system level, where an adversary tracks movement of RFID tagged assets by eavesdropping network messages or compromising date center servers, has not been well recognized in prior research. Compared to the traditional unauthorized tracking by clandestine scanning at the physical level, unauthorized tracking at the system level could be even more harmful as the adversary is able to obtain tracking information on a global scale and without physical presence. This paper analyzes the threat of unauthorized tracking by a semi-trusted RFID Discovery Service which maintains a database of RFID tag location records in the current industrial standard EPCglobal Network. We propose a pseudonym-based design to mitigate this threat. Our design protects against Discovery Service database reading attack and provides efficient key management and access control. The design is backward compatible with the existing communication protocols and database schemas of RFID Discovery Service.

Published in:

Data, Privacy and E-Commerce (ISDPE), 2010 Second International Symposium on

Date of Conference:

13-14 Sept. 2010