Interoperable internet-scale security framework for RFID networks
Author(s)
Mao, Tingting
DownloadFull printable version (57.46Mb)
Alternative title
Interoperable internet-scale security framework for Radio Frequency Identification networks
Other Contributors
Massachusetts Institute of Technology. Dept. of Civil and Environmental Engineering.
Advisor
John R. Williams and Steven R. Lerman.
Terms of use
Metadata
Show full item recordAbstract
It is estimated that over 3 billion Radio Frequency Identification (RFID) tags have been deployed through 2007. Most tags are used in supply chains where the Electronic Product Code (EPC) and associated business event data are transmitted through RFID networks. Security and privacy issues are critically important in RFID networks because EPC data and their associated business events are valuable assets. Companies need to share these data with restricted business partners and, under some conditions, such as product recall, more widely with regulators and non business partners. At present, no security or privacy framework has been chosen as an EPCglobal standard(industry-driven standards for EPC) due to the difficulty of sharing information between parties who have no direct business relationships and hence no business rules for sharing these data. To date, no security schemes have been deployed that can support data exchange with multiple identity techniques and interchangeable complex business rules, as required by RFID networks. In this thesis, an Interoperable Internet-Scale Security (IISS) framework for RFID networks is proposed. The IISS framework performs authentication and authorization based on an aggregation of business rules, enterprise information, and RFID tag information. IISS provides a protocol for several authentication schemes and identity techniques. It also provides an engine for reasoning over business rules from different domains. Moreover, the IISS framework is able to resolve provenance information of RFID tags, which can identify the history of a particular piece of EPC data through the supply chain. (cont.) The IISS framework and the IISS ontologies to model the information in RFID networks are also described, and how the IISS framework can be developed for access control in RFID enabled supply chains is discussed. Finally, the IISS framework's efficiency is tested using a supply chain EPC simulator as the testing platform, which allows optimization of the IISS protocol's performance.
Description
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering, 2008. Includes bibliographical references (leaves 124-129).
Date issued
2008Department
Massachusetts Institute of Technology. Department of Civil and Environmental EngineeringPublisher
Massachusetts Institute of Technology
Keywords
Civil and Environmental Engineering.