Interoperable internet-scale security framework for RFID networks

Mao, Tingting

Author(s)

Mao, Tingting

DownloadFull printable version (57.46Mb)

Alternative title

Interoperable internet-scale security framework for Radio Frequency Identification networks

Other Contributors

Massachusetts Institute of Technology. Dept. of Civil and Environmental Engineering.

Advisor

John R. Williams and Steven R. Lerman.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

It is estimated that over 3 billion Radio Frequency Identification (RFID) tags have been deployed through 2007. Most tags are used in supply chains where the Electronic Product Code (EPC) and associated business event data are transmitted through RFID networks. Security and privacy issues are critically important in RFID networks because EPC data and their associated business events are valuable assets. Companies need to share these data with restricted business partners and, under some conditions, such as product recall, more widely with regulators and non business partners. At present, no security or privacy framework has been chosen as an EPCglobal standard(industry-driven standards for EPC) due to the difficulty of sharing information between parties who have no direct business relationships and hence no business rules for sharing these data. To date, no security schemes have been deployed that can support data exchange with multiple identity techniques and interchangeable complex business rules, as required by RFID networks. In this thesis, an Interoperable Internet-Scale Security (IISS) framework for RFID networks is proposed. The IISS framework performs authentication and authorization based on an aggregation of business rules, enterprise information, and RFID tag information. IISS provides a protocol for several authentication schemes and identity techniques. It also provides an engine for reasoning over business rules from different domains. Moreover, the IISS framework is able to resolve provenance information of RFID tags, which can identify the history of a particular piece of EPC data through the supply chain.

(cont.) The IISS framework and the IISS ontologies to model the information in RFID networks are also described, and how the IISS framework can be developed for access control in RFID enabled supply chains is discussed. Finally, the IISS framework's efficiency is tested using a supply chain EPC simulator as the testing platform, which allows optimization of the IISS protocol's performance.

Description

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering, 2008.

Includes bibliographical references (leaves 124-129).

Date issued

2008

URI

http://hdl.handle.net/1721.1/47741

Department

Massachusetts Institute of Technology. Department of Civil and Environmental Engineering

Publisher

Massachusetts Institute of Technology

Keywords

Civil and Environmental Engineering.

Collections

Doctoral Theses