310 likes | 440 Views
Secured Tag Identification Using EDSA (Enhanced Distributed Scalable Architecture). Sheikh Iqbal Ahamed Marquette University, Milwaukee, Wisconsin, USA iq@mscs.mu.edu. Md. Endadul Hoque Bangladesh Univ. of Eng. & Tech. Dhaka, Bangladesh endadulhoque@gmail.com. Farzana Rahman
E N D
Secured Tag Identification Using EDSA (Enhanced Distributed Scalable Architecture) Sheikh IqbalAhamed Marquette University, Milwaukee, Wisconsin, USA iq@mscs.mu.edu Md. Endadul Hoque Bangladesh Univ. of Eng. & Tech. Dhaka, Bangladesh endadulhoque@gmail.com Farzana Rahman Bangladesh Univ. of Eng. & Tech. Dhaka, Bangladesh farzanarahman02@gmail.com
Outline • Basic introduction to RFID technology. • What is meant by privacy protection and scalability. • Problems of unsecure and non-scalable RFID application. • Importance of secure and scalable RFID application. • Overview of related work. • Our contribution • Hexagonal Cell Based Architecture – alleviates scalability problem. • Use of serverless protocols for authentication and search purpose • Reduces setup and maintenance cost. • In case of emergency situation, usage of serverless protocol is practical and feasible. • Now back-end server can be devoted to some higher level maintenance. • Evaluation - use of our architecture in emergency evacuation system. • Conclusion & Future work
Introduction – Radio Frequency Identification Technology • Radio Frequency Identification (RFID) is a type of automatic identification system. • Each tag has a unique ID. An authorized reader can identify a tag by communicating through radio transmission. • Mass exploitation of RFID technology requires the entire system to be scalable. • But if used improperly, RFID application has the potential to jeopardize consumer privacy. • Our main concern : • Privacy protection – how can we ensure that users privacy is not hampered? • Ensuring scalability – how can we ensure scalability when the number of tags increase continually?
Important terms and their definitions • What is Security in the context of RFID applications? • RFID technology may bring spontaneous risks because of the proliferation of RFID tags. So RFID applications must be secure against all major attacks that are possible to be done by the adversaries. • What is Privacy Protection? • By privacy protection we mean that a tag cannot be tracked by an adversary without tampering it and realizing all its stored information. • What is Scalability? • Scalability means that a reader can find a tag’s ID with constant computational time regardless of the number of tags that is owned by it.
Problems of Unsecured and Non-scalable RFID application • Security problems • While applying RFID tags to individual objects, there exists a possibility that these items can be tracked. • Individuals having these items can be followed to know what items they carry. • Surely nobody wants to be traced. So to capture future market RFID applications need to be secured and protected. • Scalability problems • Private tag identification involves decryption the of ID of the tag which is identified by exhaustive search. • Definitely this will not ensure scalability when the number of tag increases. • But many real life RFID application needs to maintain scalability throughout the lifetime of their application, no matter how large the number of tags is.
Importance of Secure and Scalable RFID application So, we now know that Privacy Protection & Scalability are two conflicting goals !! • But Some real life application of RFID requires the entire system to be protected against all type of security attacks. • These systems also need to be scalable over the entire lifetime of the system.
Importance of Secure and Scalable RFID application (Cont.) • So we realized that both strong privacy protection and scalability are very important for the real life implementation of RFID technology. • No matter how many tags are present, the system should be scalable and secure against all attacks. Adversary: WOW! So many tags, but how can we reach them now?? System is secure and adversary cannot attack no matter how many tags are in the system Yes, We are safe now Secure Shield
Related work • A. Solanas et al. first contributed to mitigate scalability problems with a distributed architecture for RFID privacy-preserving technique. • According to them, an area is divided into cells where each cell was assumed as square shape. • Here tags capable of performing simple cryptographic computation can use improved randomized hash lock in a scalable manner to send its encrypted ID to the reader. • Other authentication techniques can be used in addition to improved randomized hash lock.
Related work (Cont.) • Scalability is ensured by using information sharing protocol suites, though the system would be more scalable by assuming different structure of a cell. • There is no explicit mention of a search option.
Overview of our approach • We propose a distributed architecture for large scale application where not only secure RFID authentication is needed, but also efficiency, cost-effectiveness and accuracy are a great concern. • Then we address some challenges in emergency evacuation system and demonstrate how our system resolves those. • Our system is actually an improved version of the architecture that was proposed by A. Solanas et al. We try to alleviate the shortcomings noticed in that architecture.
Details of our approach • Our system comprises its components, their location and capabilities, and their privacy and search functionalities. • Components • RFID reader, tags and back-end server are defined as main components of the system. • The tags are assumed to be passive. We also assume tag can compute simple one way hash functions and generate random numbers. Moreover, tags can change their location at any time. • On the other hand, readers are static and active devices. They are capable of detecting tags by performing crucial functions. To cover an area, readers are logically distributed.
Details of our approach (Cont.) • The proposal of Solanas et al. had square cells. In our architecture the area is divided into equal hexagon and each is covered by a single reader. • We refer to each hexagon as a cell which improves our system. Each single reader covers a specific cell. Our assumption includes that all communication channel are secure. • The backbone of our system is a back-end server. It can access database of tag IDs. On basis of requirements, server can communicate with each reader. • In spite of having a back-end server in the system, ours does not comply with a centralized scheme. In fact, it is a servered as well as serverless scheme.
Details of our approach (Cont.) • Coverage Area • The readers are spatially distributed and tags are scattered among them. Consider an area S which can be covered by a couple of readers. We have two permitted points called ENtrance Point (ENP) and EXit Point (EXP) for tags to enter or exit the area S respectively. The size of each cell, covered by each reader, is equal. denotes the cell of S . Formally, we consider Suppose, cell is covered by reader . Also, is the set of readers adjacent to .
Details of our approach (Cont.) • Privacy and Search • Serverless authentication and search protocol is used in our system for authentication and search of tags. • Protocols and Functionalities There will be three types of communication in our system. • Between tag and reader, there will be two types of functionalities. One is forauthenticationand other is forsearch. Here each reader can perform like aserverlessreader. However a reader can communicate with the back-end server.
Details of our approach (Cont.) • A reader can share its information with its adjacent readers. The shared information (Ownership Information) contains the used for a tag along with the tag ID and reader ID of the reader which locates the particular tag within its cell. • If a reader locates a tag in , then after authentication, reader will send its (Ownership Information ) to all its adjacent readers. All the adjacent readers store this Ownership Information in their contact lists so that they can authenticate this tag whenever it enters one of their cells.
Details of our approach (Cont.) • In order to communicate between the readers three protocols are proposed. • Arrival Protocol • This protocol starts when a tag enters the system through ENP. • At the very beginning all readers other than that at ENP own no tags. • Whenever an authorized tag enters the system through ENP, after authentication sends the ownership information to all its adjacent readers. Otherwise alerts the system about the attempt of an unauthorized tag. • When an authorized tag enters into a cell, reader of that cell authenticates the tag without any involvement of the back-end server. Because the contact list of the reader is supposed to have tag’s ownership information. And this information was received from any of its adjacent readers where the tag lived before.
Details of our approach (Cont.) • Roaming Protocol • This protocol sets off when a tag enters a cell equipped with a reader from another cell. • If a tag enters a cell of a reader ( ) which is adjacent to the cell in which it was residing before ( ), the tag will be authenticated as already has the ownership information of the tag. • After authentication will send the ownership information to all of its adjacent readers. • Now depending on the information in its contact lists, each adjacent reader takes measurements differently.
Details of our approach (Cont.) • Departure Protocol • Whenever a tag is about to exit the system through EXP, this protocol starts. • When tag reaches the EXP to exit from the system, sends the ownership information to its adjacent readers to erase the information of the tag as there is no chance to go back. • Moreover, the previous owner (reader) propagates this information to its neighboring readers to remove the tag’s ownership information from their contact lists. • Hence nothing remains in the system about the departed tag.
Details of our approach (Cont.) • Our system is equipped with a back-end server which can efficiently access a database of tag IDs. Server can authorize all readers. But it authorizes only for tags. Server monitors the system constantly. • The server can do a search whenever it faces a request from application. • Server just sends a search request to all the readers in the system along with tag ID for which readers have to perform a search. However, only those readers that have ownership information related to this tag invokes the search operation, while other readers remain silent. Whenever a reader locates the tag within its cell, it replies to server with the search result.
Details of our approach (Cont.) • Through searching for a tag, server ascertains in which cell the tag actually is. This feature can be used in the application where locating or tracking of something is required. • For this back-end server, we cannot refer our system as entirely serverless. Though intervention of the server is limited to search, authorization, monitoring, etc., we cannot deny the presence of back-end server. • Justification of Enhanced Cell Organization Our system is improved by introducing hexagonal cell. There are several reasons behind it. • Depending on the mobility purpose, a tag can be at different locations at different times.
Details of our approach (Cont.) • For locating a tag, a reader faces fivedifferent situations in case of square cell (see Fig.2) and four different situations in case of hexagonal cell (see Fig.1). • Using square areaas a cell a tag can be located by at mostfourreaders at a time. However using hexagonal cell a tag can be located by at most three readers at a time. • As a result, it reduces the traffic of communication channel between reader and server. Fig.1 Fig.2
Details of our approach (Cont.) • In hexagonal cell organization, total number of adjacent readers of a specific reader is less than that in square cell organization. • In our system, whenever a tag changes its location from one cell to another, at most 3 readers have to add the ownership information of the particular tag into their contact lists and at most 3 readers have to delete the information. While in previous system, at most 5 readers do insertion and at most 5 readers do deletion. Thus, our system ensures more scalability. • Radio frequency is omni-directional. So a cell should be circular. But practically circular cell is not possible. A hexagon has more resemblance to a circle than a square.
Details of our approach (Cont.) • In square pattern, all the neighboring readers of a reader are not at an equal distance. Some neighbors are at distance while others are at √2 distance. In contrast, all neighboring readers in hexagonal pattern are at an equal distance . • A hexagonal pattern provides a reduced overlapping area. The area is reduced by for a single cell (see Fig.3). Fig.3
Evaluation • Emergency evacuation system is a real life situation in which RFID tags can be used - • to keep track of each and every person stuck in danger • persons who were unable to leave the danger premises and • persons who were undetected. • It will raise scalability problem with typical RFID systems. • Our proposed enhanced distributed architecture can be used in this situation as it ensures scalability and security by using serverless RFID authentication and search protocols.
Evaluation (Cont.) • The emergency evacuation system must be able to keep track of who is entering and leaving the system on a hands-free basis. • It must cover all entrances/exits and handles people one-by-one basis. But in case of any emergency it needs to handle a number of people at a time, because there is no time for a personnel to think in which pocket a personnel card was kept and to use it to exit the building. • Even it has to know more specifically who has already entered the system so that it can determine who are still inside at the time of emergency. • Because of these situations, EDSA accompanied by RFID can be the appropriate solution to the architecture of the system.
Evaluation (Cont.) • For more than one entrance or exit point more than one ENP or EXP have to be build in EDSA. • To account for personnel, building occupants must have ID card, badge or other cards with embedded RFID tag. • As a tag needs to be authenticated to enter the system, the ENPs of EDSA can be authorized by back-end server for all possible tags that can enter through them. • ENPs are placed in every possible entry point in the system. So that each people entering the building through any gate must be accounted. • Whenever it is required, the back-end server can keep track the whereabouts of people by executing a search operation.
Evaluation (Cont.) Fire ! Fire ! • Those who have entered and who are still inside can readily be available to back-end server by getting information from the contact lists of readers. • The back-end server can come to know about the sparse distribution of people throughout the whole building. • The back-end server can provide total numbers of people left in the building as well as who are leaving the building through EXPs. EXIT Ms. Linda has left the building. Oh no!! Rachel is still inside. We have to save her.
Evaluation (Cont.) • The automated system concept must be based on a “hands-off” approach and require no user intervention upon entry or exit. In fact, EDSA follows the hands-off approach. • As buildings grow and workplace increase in size in recent times, the need for more sophisticated emergency systems grows. • Accurate location information is essential to any emergency system and thus the implementation of RFID and EDSA is crucial to the society.
Future Work • Implementation of EDSA in real life scenario. • Simulation results can be used to evaluate the success rate in real circumstances.
Conclusion • RFID systems will be widely used in the future depending on the strength of privacy protection and the improvement of performance features such as scalability. • Unfortunately, there is a trade-off between maintaining scalability and ensuring security. • Our architecture incorporates these two conflicting goals. Logically it can be successfully implemented in real-life situation like Emergency Evacuation System.
Questions iq@mscs.mu.edu