sheikh iqbal ahamed marquette university, milwaukee, wisconsin, usa [email protected] 1 secured tag...
TRANSCRIPT
Sheikh Iqbal Ahamed
Marquette University, Milwaukee,
Wisconsin, USA
1
Secured Tag Identification Using EDSA
(Enhanced Distributed Scalable Architecture)
Farzana RahmanBangladesh Univ. of Eng. & Tech.
Dhaka, [email protected]
Md. Endadul HoqueBangladesh Univ. of Eng. & Tech.
Dhaka, [email protected]
Outline
2
Basic introduction to RFID technology.
What is meant by privacy protection and scalability.
Problems of unsecure and non-scalable RFID application.
Importance of secure and scalable RFID application.
Overview of related work.
Our contribution
Hexagonal Cell Based Architecture – alleviates scalability problem.
Use of serverless protocols for authentication and search purposeReduces setup and maintenance cost. In case of emergency situation, usage of serverless protocol is
practical and feasible.Now back-end server can be devoted to some higher level
maintenance.
Evaluation - use of our architecture in emergency evacuation system.
Conclusion & Future work
Introduction – Radio Frequency Identification Technology
3
Radio Frequency Identification (RFID) is a type of automatic
identification system.
Each tag has a unique ID. An authorized reader can identify a tag by
communicating through radio transmission.
Mass exploitation of RFID technology requires the entire system to be
scalable.
But if used improperly, RFID application has the potential to jeopardize
consumer privacy.
Our main concern :
Privacy protection – how can we ensure that users privacy is not
hampered?
Ensuring scalability – how can we ensure scalability when the
number of tags increase continually?
Important terms and their definitions
4
What is Security in the context of RFID applications?RFID technology may bring spontaneous risks because of the
proliferation of RFID tags. So RFID applications must be secure against all
major attacks that are possible to be done by the adversaries.
What is Privacy Protection? By privacy protection we mean that a tag cannot be tracked by an
adversary without tampering it and realizing all its stored information.
What is Scalability? Scalability means that a reader can find a tag’s ID with constant
computational time regardless of the number of tags that is owned by it.
Problems of Unsecured and Non-scalable RFID application
5
Security problemsWhile applying RFID tags to individual objects, there exists a
possibility that these items can be tracked. Individuals having these items can be followed to know what
items they carry.Surely nobody wants to be traced. So to capture future market
RFID applications need to be secured and protected.
Scalability problemsPrivate tag identification involves decryption the of ID of the
tag which is identified by exhaustive search.Definitely this will not ensure scalability when the number of
tag increases.But many real life RFID application needs to maintain
scalability throughout the lifetime of their application, no matter how large the number of tags is.
Importance of Secure and Scalable RFID application
6
So, we now know that Privacy Protection & Scalability are two conflicting goals !!
But Some real life application of RFID requires the
entire system to be protected against all type of
security attacks.
These systems also need to be scalable over the
entire lifetime of the system.
Importance of Secure and Scalable RFID application (Cont.)
7
So we realized that both strong privacy protection and
scalability are very important for the real life
implementation of RFID technology.
No matter how many tags are present, the system should
be scalable and secure against all attacks.Adversary: WOW! So
many tags, but how can we
reach them now??
System is secure and adversary
cannot attack no matter how many tags are in the system
Yes, We are safe now
Secure
Shield
8
A. Solanas et al. first contributed to mitigate scalability
problems with a distributed architecture for RFID privacy-
preserving technique.
According to them, an area is divided into cells where each
cell was assumed as square shape.
Here tags capable of performing simple cryptographic
computation can use improved randomized hash lock in a
scalable manner to send its encrypted ID to the reader.
Other authentication techniques can be used in addition to
improved randomized hash lock.
Related work
9
Scalability is ensured by using information sharing
protocol suites, though the system would be more
scalable by assuming different structure of a cell.
There is no explicit mention of a search option.
Related work (Cont.)
10
We propose a distributed architecture for large scale
application where not only secure RFID authentication is
needed, but also efficiency, cost-effectiveness and
accuracy are a great concern.
Then we address some challenges in emergency
evacuation system and demonstrate how our system
resolves those.
Our system is actually an improved version of the
architecture that was proposed by A. Solanas et al. We try
to alleviate the shortcomings noticed in that architecture.
Overview of our approach
11
Our system comprises its components, their location and
capabilities, and their privacy and search functionalities.
ComponentsRFID reader, tags and back-end server are defined as main
components of the system.
The tags are assumed to be passive. We also assume tag
can compute simple one way hash functions and generate
random numbers. Moreover, tags can change their
location at any time.
On the other hand, readers are static and active devices.
They are capable of detecting tags by performing crucial
functions. To cover an area, readers are logically
distributed.
Details of our approach
12
The proposal of Solanas et al. had square cells. In our
architecture the area is divided into equal hexagon and each is
covered by a single reader.
We refer to each hexagon as a cell which improves our system.
Each single reader covers a specific cell. Our assumption
includes that all communication channel are secure.
The backbone of our system is a back-end server. It can access
database of tag IDs. On basis of requirements, server can
communicate with each reader.
In spite of having a back-end server in the system, ours does not
comply with a centralized scheme. In fact, it is a servered as well
as serverless scheme.
Details of our approach (Cont.)
13
Coverage AreaThe readers are spatially distributed and tags are
scattered among them. Consider an area S which can be covered by a couple of readers. We have two permitted points called ENtrance Point (ENP) and EXit Point (EXP) for tags to enter or exit the area S respectively. The size of each cell, covered by each reader, is equal. denotes the cell of S . Formally, we consider
Suppose, cell is covered by reader . Also, is the set of readers adjacent to .
Details of our approach (Cont.)
thi
iC
iC
iR
iR
14
Privacy and SearchServerless authentication and search protocol is used in
our system for authentication and search of tags.
Protocols and Functionalities
There will be three types of communication in our system.
1)
Between tag and reader, there will be two types of
functionalities. One is for authentication and other
is for search. Here each reader can perform like a
serverless reader. However a reader can
communicate with the back-end server.
Details of our approach (Cont.)
15
2)
A reader can share its information with its adjacent
readers. The shared information (Ownership
Information) contains the used for a tag along
with the tag ID and reader ID of the reader which locates
the particular tag within its cell.
If a reader locates a tag in , then after
authentication, reader will send its (Ownership
Information ) to all its adjacent readers. All the adjacent
readers store this Ownership Information in their contact
lists so that they can authenticate this tag whenever it
enters one of their cells.
Details of our approach (Cont.)
iCjTiR
jT
16
In order to communicate between the readers three protocols are
proposed.
Arrival ProtocolThis protocol starts when a tag enters the system through ENP.
At the very beginning all readers other than that at ENP own no tags.
Whenever an authorized tag enters the system through ENP, after
authentication
sends the ownership information to all its adjacent readers.
Otherwise alerts the system about the attempt of an unauthorized
tag.
When an authorized tag enters into a cell, reader of that cell
authenticates the tag without any involvement of the back-end server.
Because the contact list of the reader is supposed to have tag’s
ownership information. And this information was received from any of its
adjacent readers where the tag lived before.
Details of our approach (Cont.)
ENPRENPR
17
Roaming ProtocolThis protocol sets off when a tag enters a cell equipped
with a reader from another cell.
If a tag enters a cell of a reader ( ) which is adjacent
to the cell in which it was residing before ( ), the tag
will be authenticated as already has the ownership
information of the tag.
After authentication will send the ownership
information to all of its adjacent readers.
Now depending on the information in its contact lists,
each adjacent reader takes measurements differently.
Details of our approach (Cont.)
iR
ownR
iR
iR
18
Departure ProtocolWhenever a tag is about to exit the system through EXP, this
protocol starts.
When tag reaches the EXP to exit from the system,
sends the ownership information to its adjacent readers to
erase the information of the tag as there is no chance to go
back.
Moreover, the previous owner (reader) propagates this
information to its neighboring readers to remove the tag’s
ownership information from their contact lists.
Hence nothing remains in the system about the departed
tag.
Details of our approach (Cont.)
jT EXPR
19
3)
Our system is equipped with a back-end server which can
efficiently access a database of tag IDs. Server can authorize all
readers. But it authorizes only for tags. Server monitors
the system constantly.
The server can do a search whenever it faces a request from
application.
Server just sends a search request to all the readers in the
system along with tag ID for which readers have to perform
a search. However, only those readers that have ownership
information related to this tag invokes the search operation,
while other readers remain silent. Whenever a reader locates
the tag within its cell, it replies to server with the search result.
Details of our approach (Cont.)
20
Through searching for a tag, server ascertains in which cell
the tag actually is. This feature can be used in the application
where locating or tracking of something is required.
For this back-end server, we cannot refer our system as
entirely serverless. Though intervention of the server is
limited to search, authorization, monitoring, etc., we cannot
deny the presence of back-end server.
Justification of Enhanced Cell Organization
Our system is improved by introducing hexagonal cell. There are
several reasons behind it.
Depending on the mobility purpose, a tag can be at
different locations at different times.
Details of our approach (Cont.)
21
For locating a tag, a reader faces
five different situations in case of
square cell (see Fig.2) and four
different situations in case of
hexagonal cell (see Fig.1).
Using square area as a cell a tag
can be located by at most four
readers at a time. However using
hexagonal cell a tag can be located
by at most three readers at a time.
As a result, it reduces the traffic of
communication channel between
reader and server.
Details of our approach (Cont.)
Fig.1
Fig.2
22
In hexagonal cell organization, total number of adjacent
readers of a specific reader is less than that in square cell
organization.
In our system, whenever a tag changes its location from one
cell to another, at most 3 readers have to add the ownership
information of the particular tag into their contact lists and at
most 3 readers have to delete the information. While in
previous system, at most 5 readers do insertion and at most 5
readers do deletion. Thus, our system ensures more scalability.
Radio frequency is omni-directional. So a cell should be
circular. But practically circular cell is not possible. A hexagon
has more resemblance to a circle than a square.
Details of our approach (Cont.)
23
In square pattern, all the neighboring readers of a reader are
not at an equal distance. Some neighbors are at distance
while others are at √2 distance. In contrast, all neighboring
readers in hexagonal pattern are at an equal distance .
Details of our approach (Cont.)
A hexagonal pattern
provides a reduced
overlapping area. The area
is reduced by
for a single cell (see Fig.3).Fig.3
24
Emergency evacuation system is a real life situation in
which RFID tags can be used -
to keep track of each and every person stuck in danger
persons who were unable to leave the danger premises and
persons who were undetected.
It will raise scalability problem with typical RFID systems.
Our proposed enhanced distributed architecture can be
used in this situation as it ensures scalability and security
by using serverless RFID authentication and search
protocols.
Evaluation
25
The emergency evacuation system must be able to keep track
of who is entering and leaving the system on a hands-free
basis.
It must cover all entrances/exits and handles people one-by-one
basis. But in case of any emergency it needs to handle a
number of people at a time, because there is no time for a
personnel to think in which pocket a personnel card was kept
and to use it to exit the building.
Even it has to know more specifically who has already entered
the system so that it can determine who are still inside at the
time of emergency.
Because of these situations, EDSA accompanied by RFID can be
the appropriate solution to the architecture of the system.
Evaluation (Cont.)
26
For more than one entrance or exit point more than one ENP
or EXP have to be build in EDSA.
To account for personnel, building occupants must have ID
card, badge or other cards with embedded RFID tag.
As a tag needs to be authenticated to enter the system, the
ENPs of EDSA can be authorized by back-end server for all
possible tags that can enter through them.
ENPs are placed in every possible entry point in the system.
So that each people entering the building through any gate
must be accounted.
Whenever it is required, the back-end server can keep track
the whereabouts of people by executing a search operation.
Evaluation (Cont.)
27
Those who have entered and
who are still inside can readily
be available to back-end server
by getting information from the
contact lists of readers.
The back-end server can come
to know about the sparse
distribution of people
throughout the whole building.
The back-end server can
provide total numbers of
people left in the building as
well as who are leaving the
building through EXPs.
Evaluation (Cont.)
EXIT
Fire !
Fire !
Ms. Linda has left the building. Oh no!! Rachel
is still inside. We
have to save her.
28
The automated system concept must be based on a “hands-
off” approach and require no user intervention upon entry or
exit. In fact, EDSA follows the hands-off approach.
As buildings grow and workplace increase in size in recent
times, the need for more sophisticated emergency systems
grows.
Accurate location information is essential to any emergency
system and thus the implementation of RFID and EDSA is
crucial to the society.
Evaluation (Cont.)
29
Implementation of EDSA in real life scenario.
Simulation results can be used to evaluate the success
rate in real circumstances.
Future Work
30
RFID systems will be widely used in the future
depending on the strength of privacy protection and
the improvement of performance features such as
scalability.
Unfortunately, there is a trade-off between
maintaining scalability and ensuring security.
Our architecture incorporates these two conflicting
goals. Logically it can be successfully implemented in
real-life situation like Emergency Evacuation System.
Conclusion
31