RFID technology facilitates the
identification of objects, animals and people by using radio waves. RFID is an
electronic identification device and is classified as an automatic
identification tool along with biometric systems. RFID can be used to store
information beyond what is simply needed to identify individuals, which has
potentially profound implications. A RFID system is made up of three main
components:
- the RFID tag or transporter, carries object identifying data
- the RFID reader, or transceiver, reads and writes tag data
- the back-end database associates records with tag data collected by readers
Every person or object that needs to
be identified through an RFID system must have a tag physically attached. The
tag reader gathers information from tags by sending out a radio frequency
signal and a tag will respond to the signal by sending back identification
information and/or other stored data. The reader converts data from the tag
into digital data and this is sent through to appropriate agencies where either
automated identification process occurs or there is human processing of the
data. RFID readers and tags must be tuned to the same frequency and the range
between the two devices depends on whether the tag is active - has an internal power
supply, or passive - draws power from the field created by the reader. There
are obvious threats to RFID systems that stem from physical attacks on the tag
or reader devices but a number of other potential security and privacy threats
have been identified including:
Sniffing: RFID tags are indiscriminate and could potentially be
readable by any compliant reader therefore providing the potential for
unauthorised readers scanning tags. Unrestricted access could mean personal
information such as a person's medical predispositions could be extracted and
used to inform insurance coverage.
Tracking: RFID technology could be used to track individual's
movements through the use of strategically placed readers and this provides the
opportunity for governments to monitor the movement of individual or groups.
Spoofing: Authentic RFID tags could be produced and attached to
objects that could subsequently be used to falsify the identity of goods or
gain unauthorised access to services.
Replay attacks: Replay devices can intercept and retransmit RFID queries
from readers or tags which could be used to abuse various RFID applications.
Denial of Services: Tags can be removed from items or people or aluminum foil
can be used to block RFID systems disrupting the system and subsequently
causing systems to record useless data and discrediting the technology.
The first widespread commercial
usage of RFID began in 1987 for electronic toll collection in the United States
and the 1990s saw the widespread use of RFID to prevent shoplifting. RFID has
been used across a number of security areas including anti counterfeiting,
monitoring the movement of people into and out of buildings, preventing the unauthorized
taking of goods and monitoring the movement of offenders through electronic
tagging.
No comments:
Post a Comment