Visible to the public Secure object tracking protocol for Networked RFID Systems

TitleSecure object tracking protocol for Networked RFID Systems
Publication TypeConference Paper
Year of Publication2015
AuthorsRay, B., Howdhury, M., Abawajy, J., Jesmin, M.
Conference Name2015 IEEE/ACIS 16th International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)
Date Publishedjun
Keywordsautomated claim verification tool Scyther, cryptographic primitive, cryptographic protocols, Diffie-Hellman algorithm, distributed system, injection of fake objects, IoT, lawful business operation, Mathematical model, networked RFID system, non-repudiation, NRS, NRS system security, object traceability, object tracking, object visibility, physically unclonable function, privacy, protocol, Protocols, pubcrawl170112, PUF, radiofrequency identification, radiofrequency identification technology, RFID, secure object tracking protocol, security, security protocol description language, SPDL model, Supply chains, telecommunication security, tracker, unclonable, visibility

Networked systems have adapted Radio Frequency identification technology (RFID) to automate their business process. The Networked RFID Systems (NRS) has some unique characteristics which raise new privacy and security concerns for organizations and their NRS systems. The businesses are always having new realization of business needs using NRS. One of the most recent business realization of NRS implementation on large scale distributed systems (such as Internet of Things (IoT), supply chain) is to ensure visibility and traceability of the object throughout the chain. However, this requires assurance of security and privacy to ensure lawful business operation. In this paper, we are proposing a secure tracker protocol that will ensure not only visibility and traceability of the object but also genuineness of the object and its travel path on-site. The proposed protocol is using Physically Unclonable Function (PUF), Diffie-Hellman algorithm and simple cryptographic primitives to protect privacy of the partners, injection of fake objects, non-repudiation, and unclonability. The tag only performs a simple mathematical computation (such as combination, PUF and division) that makes the proposed protocol suitable to passive tags. To verify our security claims, we performed experiment on Security Protocol Description Language (SPDL) model of the proposed protocol using automated claim verification tool Scyther. Our experiment not only verified our claims but also helped us to eliminate possible attacks identified by Scyther.

Citation Keyray_secure_2015