無線射頻識別論文報告

1

授課教授：黃秋煌學生：賴志勇學號：M0018762

Security Framework for RFID-based Applications in Smart Home

Environment

2

Source: This work was published as an abstract in the proceedings of 2007 Symposium on Cryptography and Information Security.

Authors: Divyan M. Konidala, Daeyoung Kim, Chan Yeob Yeun and Byoungcheon Lee

Presenter: Chi Yong LaiDate: 2012/11/26

Secure UHF/HF Dual-Band RFID : Strategic Framework Approaches

and Application Solutions

3

Source: Department of Computer Education, Teachers College, Jeju National University, 61 Iljudong-ro, Jeju-si, Jeju-do, 690-781, Korea

Authors: Namje ParkPresenter: Chi Yong LaiDate: 2012/11/26

4

OUTLINE

． INTRODUCTION

． SECURITY FRAMEWORK

． SOLUTION

． CONCLUSIONS

5

INTRODUCTION (1/2)

Smart Home Environment

Hospital data management system

UHF Tag HF / UHF Tag EPC-Information Services (EPC-IS)

IS (Information Services) server

mobile phone

mobile phone

6

INTRODUCTION (2/2)

． RFID Technology for Consumers ： an “Internet of

Objects”． Mobile-RFID Technology(mRFID)． B2B (Business to Business) models． B2C (Business to Customer) models for marketing． 3G/4G/Wi-Fi networks． Near Field Communication (NFC)

7

SECURITY FRAMEWORK (1/6)Smart Home EnvironmentSecure Communication between mRFID-Smartphones and Home ServersOtherwise the communication channel between the smartphone and the home server can be easily compromised,man-in-the-middle attacks, replay attacks.

8

SECURITY FRAMEWORK (2/6)Smart Home EnvironmentSecure Communication between Home Servers and EPC-IS Object Naming Service

9

SECURITY FRAMEWORK (3/6)Smart Home EnvironmentSecure Communication: RFID Reader-enabled Appliances & Home Servers

10

SECURITY FRAMEWORK (4/6)Smart Home EnvironmentSecure Communication: RFID Reader-enabled Appliances & Home Servers

11

SECURITY FRAMEWORK (5/6)HospitalRFID application services like authentication of tag, reader, and owner, privacy protection.

1. Approach of Platform Level information service server,terminal security application,payment server,privacy protection server.

12

SECURITY FRAMEWORK (6/6)Hospital2. Approach of Protocol LevelWIPI (Wireless Internet Platform for Interoperability)

3. Approach of Privacy LevelOwners have the option to allow access to any personal information on the object’s tag by authorized persons like a pharmacist or doctor but limit or completely restrict access to unauthorized persons.

13

SOLUTION(1/6)HospitalImplementation of Customized Healthcare Service

The proposed system for tracking patient care at a hospital. A mechanism that manages privacy policy in a user-centric manner for ubiquitous medical care.

14

SOLUTION(2/6)HospitalDesign M-RPS Based Customized ServiceFirst step is setting the default level of access control over patient information in the default policy.Second step is user-controllable profile based privacy protectionThird step is auditable privacy management.

15

SOLUTION(3/6)HospitalDesign M-RPS Based Customized Service

16

SOLUTION(4/6)HospitalImplementation

17

SOLUTION(5/6)HospitalPerformance Evaluation

18

SOLUTION(6/6)HospitalPerformance Evaluation

19

CONCLUSIONS (1/2)Smart HomeHTTP Securehttp://en.wikipedia.org/wiki/HTTP_SecureHospitalA frequency-hopping spread spectrum (FHSS)-type readerAttacksman-in-the-middle attacksreplay attacks

20

CONCLUSIONS (2/2)Object Name Service (ONS)The Object Name Service (ONS)