Abstract
This paper presents the design, implementation, and evaluation of
the RFID Guardian, the first-ever unified platform for RFID security
and privacy administration. The RFID Guardian resembles an ``RFID
firewall,'' that monitors and controls access to RFID tags by combining
a standard-issue RFID reader with unique RFID tag emulation capabilities.
Our system provides a platform for both automated and coordinated
usage of RFID security mechanisms, offering fine-grained control
over RFID-based auditing, key management, access control, and authentication
capabilities. We have prototyped the RFID Guardian using off-the-shelf
components, and our experience has shown that active mobile devices
are a valuable tool for managing the security of RFID tags in a variety
of applications, including protecting low-cost tags that are unable
to regulate their own usage.
More philosophically, RFID technology vividly illustrates the difficulties
of security administration in a world of increasingly pervasive,
decentralized, low-cost, and low-power computing. Our paper thus
also offers a glimpse of what system administration may be like in
the future, when laymen face the responsibility to manage systems
of tiny computers that they are barely aware of.
Users
Please
log in to take part in the discussion (add own reviews or comments).