WP4: Security

Scope

The objective of this work package is to ensure that RFID tags, readers, network infrastructure and RFID services are developed in harmony with security features to enable effective and safe deployment of applications in various business sectors and to ensure that security and privacy of the end-user is not compromised.

Work Programme

Task 4.1 Security Analysis and Requirements The aim of this task is to focus on business and social issues that could derive from an uncontrolled deployment of RFID tags in particular for item level tracking, consumer applications and the complex sharing and transferral of assets and tags.

Task 4.2 RFID Tag Security This work packages will study the security and privacy issues, including the risks and threats, that could affect the deployment of new RFID standards. It will be run in collaboration with the hardware WP1.

Task 4.3 Anti-cloning RFID Tag This task will develop techniques that improve the resistance to simple cloning attacks. It will focus on solutions that meet both business and standard requirements.

Task 4.4 RFID Trusted Network This task will examine how the inclusion of trusted computing modules in RFID readers can be exploited to improve security.

Task 4.5 Network Confidentiality This task will look at collaborative and federated supply chain environments and the requirements to restrict the visibility of business events carried within RFID networks. It will define solutions to protect the confidentiality of information in the network and to control the dissemination to other members of the network.

Task 4.6 Supply Chain Integrity This task will look at security mechanisms within the EPC Network such as RBAC (Role Based Access Control), logging mechanisms and automated auditing. These mechanisms should deter and increase the cost and difficulty of attempting these illicit practices.

Task 4.7 Roadmap, Dissemination and Interoperabilit This task will look at the opportunity to disseminate our work and trial experience through security conferences and appropriate working groups.

Participants

BT, Bénédicta, ETH, SAP, TUG, UPC, AT4 wireless, Auto-ID Labs Fudan, GS1 UK, UPM Raflatac, Confidex and CAEN.

Related Public Deliverables

pdf icon BRIDGE WP04 Security Analysis Report

pdf icon BRIDGE WP04 A Threat Model Analysis of EPC-based Information Sharing Networks

pdf icon BRIDGE WP04 Interim Security Deliverable (D4.X)

pdf icon BRIDGE WP04 The Economic Relevance of Secure RFID Solutions – a Qualitative Perspective (D4.1.3)

pdf icon BRIDGE WP04 Report on first part of the security WP: Tag security (D4.2.1)

pdf icon BRIDGE WP04 Report on first part of the security WP: Anti-Cloning Tag (D4.3.1)

pdf icon BRIDGE WP04 Anti-cloning demonstrator (D4.3.2)

pdf icon BRIDGE WP04 Trusted Networks: Design of an RFID Trusted Reader (D4.4.1)

pdf icon BRIDGE WP04 Trusted Reader’s Hardware Description (D4.4.2A)

pdf icon BRIDGE WP04 Using the Trusted Reader for product Authentication (D4.4.2B)

pdf icon BRIDGE WP04 RFID Network Confidentiality (D 4.5.1)

pdf icon BRIDGE WP04 Final Report on Network Confidentiality (D4.5.2)

pdf icon BRIDGE WP04 Supply Chain Integrity (D4.6.1)

pdf icon BRIDGE WP04 Trusted Business Interaction (D4.6.2)

pdf icon BRIDGE WP04 Security Technology Roadmap (D4.7.1)