1 / 23

Radio Frequency Identification

Evan Welbourne University of Washington, Dept. of Computer Science & Engineering “ Radio Frequency Identification: What’s RFID Doing in Your Life?” University of Alaska, Anchorage September 19, 2007. Radio Frequency Identification. Wireless identification and tracking Information on: Identity

winfield-reynold
Download Presentation

Radio Frequency Identification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Evan WelbourneUniversity of Washington,Dept. of Computer Science & Engineering“Radio Frequency Identification: What’s RFID Doing in Your Life?” University of Alaska, AnchorageSeptember 19, 2007

  2. Radio Frequency Identification • Wireless identification and tracking • Information on: • Identity • Location • Time A B C

  3. Elements of an RFID System Applications Data ManagementSystem Network Infrastructure RFID Tags RFID Reader Reader Antenna

  4. RFID Tags – A Wide Variety GPS-enabledactive tags Cost of tag(logarithmic) active tags passive tags barcodes Cases Pallets Trucks Consumer Item Ships / Trains

  5. RFID in the Supply-Chain

  6. Today: Outside the Supply Chain

  7. Tomorrow: Pervasive Computing • “Post-desktop era”, “Internet of Things”, “Third wave of computing”

  8. Overview • RFID-based pervasive computing • The RFID Ecosystem project • Specific Applications • Research Challenges

  9. Enabling “The Third Wave” 1960 1970 1980 1990 2000 mainframe eraone-to-many PC eraone-to-one pervasive computing eramany-to-one • RFID is a key enabling technology • Cheap • Wireless • No batteries • Already pervasive • But there are many challenges!!

  10. RFID Ecosystem at UW CSE • Create a microcosm of a world saturated with uniquely identifiable objects • 100s of readers and antennas, 1000s of tags • Explore applications, systems, and social implications • Do it while there is still time to learn and adapt • Groups: Database, Security, Ubicomp, and others • Participants include: • Magdalena Balazinska • Gaetano Borriello • Garret Cole • Nodira Khoussainova • Tadayoshi Kohno • Karl Koscher • Travis Kriplean • Caitlin Lustig • Julie Letchner • Vibhor Rastogi • Chris Re • Dan Suciu • Justin Vincent-Foglesong • Jordan Walke • Evan Welbourne

  11. Benefits: Home & Office • Management, information, assistance

  12. Benefits: Healthcare • Use RFID to automatically monitor an elder’s activities • “Activity inference” • Intel Research

  13. Overview • RFID-based pervasive computing • The RFID Ecosystem project • Specific Applications • Research Challenges

  14. Research Challenges • Technology (Hardware) Challenges • Noisy, uncertain sensors • Limited sensor information • Data Management Challenges • “High fan-in” architecture produces a massive amount of data • Data must be “cleaned” • Uncertainty must be represented to applications • Inference and event detection for pervasive computing • Security and Privacy Challenges • Tags are on people and personal objects • Security on tags is often weak • How to manage sensitive information about individuals

  15. Challenges: Technology • RFID is inherently unreliable • Missed and duplicate tag readings • Highly sensitive to environment • Handle at the data management level • RFID provides limited context • Identity, Time, Location only • Some applications need more! Intel Research’s WISP: Wireless Identification and Sensing Platform- Passive tags with limited sensing and computation - Acceleration, light

  16. Challenges: Data Management • StreamClean: constraint-based RFID data stream cleaning • MystiQ: probabilistic database for managing uncertainty • Heuristics assign a probability to each tuple • Interpretation of probabilities passed on to application logic • PEEX: probabilistic event extractor • Specify events in SQL-like language • Detect complex events (“a meeting in room 405”) over RFID streams • Sophisticated learning machinery to improve accuracy

  17. Challenges: Security & Privacy • Security: Protection against unauthorized access, use, disclosure, disruption, modification, or destruction • Privacy: Privacy in the collection and sharing of data • Roughly two areas of concern: • Security of reader-tag communication • Security and privacy of collected RFID data ( Rigorously defined and evaluated ) ( Definition and evaluation depends on human perception/interpretation )

  18. Security of Tags and Readers First generation RFID credit card vulnerabilities(UMass Amherst, RSA labs) • Promise:Provides a faster, easier payment option Problem: Name, #, expiration sent as plaintext • $150 homemade device can steal and replay credit cards • Next generation of cards includes better security Security and Privacy Risks of the U.S. e-Passport(UC Berkeley) Promise: Faster border-crossings, improved security Problem: Identity, nationality sent in the clear • Malicious parties can easily identify / target U.S. citizens • Revised passport includes faraday shielding and BAC

  19. Security of Tags and Readers • Many attacks: • Crypto can improve security but… • Increases cost and power consumption, slows down read rate • and to be useful RFID tags have to be fast and cheap! • Physical security • Foil-lined wallet: works, but you have to remove your tag sometime • RFID Guardian: experimental device that jams readers, audits reads • Our approach: • Store little on tags, secure the EPC-PII link • Incorporate cryptographic techniques as they emerge • Skimming • Cloning • Replay attack • Eavesdropping • Ghost leech

  20. Data Privacy and Security RFID and Contactless Smart Card Transit Fare Payment • Promise:Streamlines transit experience and book keeping Problem: Massive databases with transit traces of individuals • Not entirely clear what data is private and how it can be used • Oyster card data is the new law enforcement tool in London • Increasing # of requests for Oyster data: 4 in all of 2004 61 in Jan. 2007 ORCA Card: RFID-Based Transit Card for Seattle Area (August 2008) Promise:Streamlines transit experience and book keeping Integrated with easy pay and institutional partners Problem: The word “privacy” appears twice in 500 pages of early docs…

  21. Data Privacy and Security • From RFID Ecosystem user studies: • “How do I know if I have a tag on me?”, “How do I opt out?” • Users must be carefully educated before consenting • There should be equal, available alternatives to the RFID option • If personal RFID data is stored: • Clearly define how each piece of information can and will be used • Define and enforce appropriate access control policies • May depend on user, application, and context of use (PAC) • Formal data privacy techniques to further ensure privacy (K-anonymity) • Store only the information you need, and add noise! • Provide users with direct access to and control of their data

  22. Privacy & Security Discussion… • Just having an RFID tag could be a privacy risk • Pseudonymity not Anonymity • Each RFID tag you carry has a unique number • Sequential readings of your tags create a trace • Over time this trace can be used to identify you • “The person who: wears this sweater, takes this bus, uses this bus stop, shops at this grocery, …” • U.S. privacy law doesn’t consider these traces to be PII • European and Canadian law does a better job • Important to discuss these issues • RFID is increasingly ubiquitous, may be in the REAL ID cards

  23. Thank you! Thanks! Questions?

More Related