Abstract
Recently, mobile RFID has been studied actively as a primary technology in computing environments. The mobile RFID service is defined as a special type of mobile service using RFID tag packaging objects and RFID readers attached to mobile RFID terminals. While the mobile RFID system has many advantages, it may make new intrusions to the user’s privacy. We propose the policy-based dynamic privacy protection framework leveraging globally mobile RFIDs. In this paper, we describe privacy infringements for the mobile RFID service environment and requirements for personal privacy protection, and develop privacy protection service based on a user privacy policy. The proposed framework provides a means for securing the stability of mobile RFID services by suggesting personal privacy-policy-based access control for personalized tags. This means a technical solution to privacy protection for the mobile RFID service system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Chapter 10-References
An Y., Oh S. (2005) RFID System for User's Privacy Protection. 2005 Asia-Pacific Conference on Communications, Perth, Western Australia, 3–5 October 2005
Avoine G., Oechslin P. (2005). RFID traceability: A multilayer problem. In Andrew Patrick and Moti Yung, editors, Financial Cryptography - FC'05. Lecture Notes in Computer Science, vol. 3570, Springer, Berlin, pp. 125–140
Chae J., Oh S. (2005) Information Report on Mobile RFID in Korea. ISO/IEC JTC1/SC 31/WG4 N0922, Information Paper, ISO/IEC JTC1 SC31 WG4 SG 5
Choi D., Kim H., Chung K. (2007) Proposed Draft of X.rfidsec-1: Privacy Protection Frame-work for Networked RFID Services. ITU-T, COM17C107E, Q9/17, Contribution 107, Geneva
Chug B. et al. (2005) Proposal for the Study on a Security Framework for Mobile RFID Applications as a New Work Item on Mobile Security. ITU-T, COM17D116E, Q9/17, Contribution 116, Geneva
Finkenzeller K. (2003) RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, Wiley, New York
Garfinkel S., Rosenberg B. (2005) RFID: Applications, Security, and Privacy, Addison-Wesley, Reading, MA
Garfinkel S., Juels A., Pappu R. (2005) RFID Privacy: An Overview of Problems and Proposed Solutions. IEEE Security and Privacy 3(3): 34–43
ITU-T TSAG (2005) A Proposed New Work Item on Object/ID Associations
ITU-T TSAG RFID CG Deliverable (2006) Review Report of Identification Based Business Models and Service Scenarios
Kim Y., Koshizuka N. (2006) Review report of Standardization Issues on Network Aspects of Identification Including RFID. ITU-T, Paper TD315
Kim Y., Lee J., Yoo S., Kim H. (2006) A Network Reference Model for B2C RFID Applications. Proceedings of ICACT 2006
Konidala D.M., Kim K. (2006) Mobile RFID Security Issues. Proceeding of Symposium on Cryptography and Information Security
Kwak J., Rhee K., Oh S., Kim S., Won D. (2005) RFID System with Fairness within the Framework of Security and Privacy. Lecture Notes in Computer Science, vol. 3813, Springer, Berlin, pp. 142–152
Lee J., Kim H. (2006) RFID Code Structure and Tag Data Structure for Mobile RFID Services in Korea. Proceedings of ICACT 2006
Lee H., Kim J. (2006) Privacy Threats and Issues in Mobile RFID, Proceedings of the First International Conference on Availability, Reliability and Security, vol. 1
Lee B., Kim H., Chung K. (2006) The design of dynamic authorization model for user centric service in mobile environment, Proceedings of ICACT 2006, vo1. 3, pp. 20–22
MIC (Ministry of Information and Communication) of Korea (2005) RFID Privacy Protection Guideline. MIC Report Paper 2005
Mobile RFID Forum of Korea (2005) WIPI C API Standard for Mobile RFID Reader. Standard Paper
Mobile RFID Forum of Korea (2005) WIPI Network APIs for Mobile RFID Services. Standard Paper
Mobile RFID Forum of Korea (2005) Mobile RFID Code Structure and Tag Data Structure for Mobile RFID Services. Standard Paper, http://www.mrf.or.kr
Mobile RFID Forum of Korea (2005) Access Right Management API Standard for Secure Mobile RFID Reader, MRFS-4–03. Standard Paper. http://www.mrf.or.kr
Mobile RFID Forum of Korea (2005) HAL API Standard for RFID Reader of Mobile Phone, Standard Paper
Mobile RFID Forum of Korea(2005) WIPI API for Mobile RFID Reader Device, Standard Paper
Nokia. RFID Phones - Nokia Mobile RFID Kit, http://europe.nokia.com/nokia
Ohkubo M., Suzuki K., Kinoshita S. (2003) Cryptographic Approach to ‘Privacy-Friendly' Tags. RFID Privacy Workshop 2003
Park W., Lee B. (2004) Proposal for Participating in the Correspondence Group on RFID in ITU-T. Information Paper. ASTAP Forum
Park B., Lee S., Youm H. (2006) A Proposal for Personal Identifier Management Framework on the Internet. ITU-T, COM17-D165
Park N., Kwak J., Kim S., Won D., Kim H. (2006) WIPI Mobile Platform with Secure Service for Mobile RFID Network Environment. Lecture Notes in Computer Science, vol. 3842, Springer, Berlin, pp. 741–748
Park N., Kim S., Won D., Kim H. (2006) Security Analysis and Implementation leveraging Globally Networked Mobile RFIDs. Lecture Notes in Computer Science, vol. 4217, Springer, Berlin, pp. 494–505
Sakurai Y., Kim H. (2006) Report for Business Models and Service Scenarios for Network Aspects of Identification (Including RFID). ITU-T, TSAG TD 314
Sarma S.E., Weis S.A., Engels D.W. (2002) RFID Systems, Security and Privacy Implications. Technical Report MIT-AUTOID-WH-014, AutoID Center, MIT, Cambridge, MA
Shepard S. (2005) RFID: Radio Frequency Identification. McGraw-Hill, New York, NY
Son M., Lee Y., Pyo C. (2006) Design and Implementation of Mobile RFID Technology in the CDMA Networks, Proceedings of ICACT 2006
Strandburg K.J., Raicu D.S.(2005) Privacy and Technologies of Identity: A Cross-Disciplinary Conversation, Springer, Berlin
Sullivan L. (2004) Middleware Enables RFID Tests. Information Week, No. 991
Thornton F. et al. (2006) RFID Security, Syngress, Rockland, MA
Tsuji T., Kouno S., Noguchi J., Iguchi M., Misu N., Kawamura M. (2004) Asset management solution based on RFID. NEC Journal of Advanced Technology 1(3): 188–193
Tsukada M., Narita A. (2006) Development Models of Network Aspects of Identification Systems (Including RFID) (NID) and Proposal on Approach for the Standardization. ITU-T, JCA-NID Document 2006-I-014
Weis S. et al. (2003) Security and Privacy Aspects of Low-Cost Radio Frequency identification Systems. First International Conference on Security in Pervasive Computing (SPC) 2003
Weis S.A., Sarma S.E., Rivest R.L., Engels D.W. (2003) Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. Proceedings of First International Conference on Security in Pervasive Computing (SPC 2003)
Yoo S. (2005) Mobile RFID Activities in Korea. Contribution Paper of the APT Standardization Program
Yutaka Y., Nakao K. (2002) A Study of Privacy Information Handling on Sensor Information Network. Technical Report of IEICE
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Park, N., Won, D. (2008). Dynamic Privacy Protection for Mobile RFID Service. In: Kitsos, P., Zhang, Y. (eds) RFID Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-76481-8_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-76481-8_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-76480-1
Online ISBN: 978-0-387-76481-8
eBook Packages: EngineeringEngineering (R0)