Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A RFID Multi-Authentication Method for Logistics Systems

물류 시스템에 적합한 RFID 다중 인증방법

  • 배우식 (충북대학교 컴퓨터교육과) ;
  • 이종연 (충북대학교 컴퓨터교육과)
  • Published : 2009.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Recently the RFID system, which can recognize multiple tags simultaneously through wireless communication, is emerging as a new technology that can replace the barcode system. Furthermore, related industries are carrying out active research on tags and authentication protocols with guaranteed security that are widely applicable to logistics, distribution, etc. The present study proposes a protocol with enhanced security by introducing the concept of RBAC to the authentication protocol, and a method with lower security for effective mass authentication. The proposed method is advantageous in that it guarantees security against spoofing attack, traffic analysis, replay attack, etc. based on hash function.

최근 들어 RFID 시스템은 무선으로 동시에 여러 태그를 인식할 수 있는 장점으로 기존 바코드를 대체할 수 있는 새로운 기술로 부상하고 있다. 또한 산업계에서는 물류, 유통 분야를 비롯하여 널리 사용할 수 있는 보안성이 보장된 태그 및 인증 프로토콜에 대한 연구가 활발히 진행 중이다. 본 논문에서는 RBAC 개념을 인증프로토콜에 접목하고 보안성이 강화된 프로토콜과 보안성을 낮추고 효과적인 대량 인증을 할 수 있는 방법을 제안하며 제안하는 방식은 해쉬 함수를 기반으로 스푸핑공격, 트래픽분석, 재전송공격 등에 대한 안정성이 보장되는 장점이 있다.

Keywords

References

  1. S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels, "Security and Privacy Aspects of Low-cost Radio Frequency Identification Systems," Security in Pervasive Computing 2003, LNCS 2802, pp. 201-202, Springer-Verlag Heidelderg, 2004. https://doi.org/10.1007/978-3-540-39881-3_18
  2. S. A. Weis, "Security and Privacy in Radio-Frequency Identification Devices" MS Thesis, MIT.May, 2003.
  3. S. E. Sarma, S. A. Weis, D. W. Engels. "RFID systems, Security & Privacy Implications", White Paper MIT-AUTOID-WH-014, MIT AUTO-ID CENTER, 2002.
  4. Sanjay E.Sarma, Stephen A. Weis and Daiel W.Engels, "Radio-Frequency Identification Systems", In Proceeding of CHES '02, pp. 454-469. Springer-Verlag, 2002. LNCS No.2523.
  5. Weis, S. et al. Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, First International Conference on Security in Pervasive Computing (SPC), 2003.
  6. R. Laborde, B. Nasser, F. Grasset, F. Barrere, A. Benzekri, "A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies" Electronic Notes in Theoretical Computer Science 121 2005, pp. 117-142 https://doi.org/10.1016/j.entcs.2004.10.011
  7. Andrea Omicini Alessandro Ricci Mirko Viroli, "RBAC for Organisation and Security in an Agent Coordination Infrastructure" Electronic Notes in Theoretical Computer Science 128, 2005, pp. 65-85 https://doi.org/10.1016/j.entcs.2004.11.045
  8. XinyuWANG, Member, Jianling SUN, Xiaohu YANG, Chao HUANG,and Di WU "Security Violation Detection for RBAC Based Interoperation in Distributed Environment" IEICE TRANS. INF. & SYST., VOL.E91-D, NO.5 MAY 2008, pp. 1447-1456 https://doi.org/10.1093/ietisy/e91-d.5.1447
  9. Jacques Wainer, Akhil Kumar, Paulo Barthelmess "DW-RBAC: A formal security model of delegation and revocation in workflow systems" Information Systems 32, 2007, pp. 365-384 https://doi.org/10.1016/j.is.2005.11.008
  10. Celia Li, Cungang Yang, Richard Cheung, "Key management for role hierarchy in distributed systems" Journal of Network and Computer Applications 30, 2007, pp. 920-936 https://doi.org/10.1016/j.jnca.2005.07.009
  11. Chlara Braghin, Daniele Gorla and Vladimiro Sassone, "Role-based access control for a distributed calculus Chiara Braghin" Journal of Computer Security 14, 2006, pp. 113-155 https://doi.org/10.3233/JCS-2006-14202
  12. Wei She and Bhavani Thuraisingham, "Security for Enterprise Resource Planning Systems" Information Systems Security, 2007, pp. 152-163