Abstract
Managing security in an RFID system is a complex activity considering that it is imperatively challenging to implement trust among tags and readers. There is always the chance that an unauthorized individual might assume the identity of a trusted tag and manage to gain confidential data in an RFID system. The situation becomes worse in systems that use a backend server and a private Internet connection. In such a system, there is no comprehensive mechanism for authenticating a tag into the system. It is thus essential to consider the implementation of a robust framework that improves the trust and the authentication levels in an RFID system. In this paper, a system known as Secure Cloud-Assisted RFID Authentication (SCARA) is proposed, which uses cloud-assisted RFID authentication to reap benefits of cloud-like scalability, availability and fault tolerance. It has three parties such as a cloud server, RFID reader and issuer involved. Issuer provides system parameters to other parties through a secure channel. Server and RFID reader are included in the authentication process with the help of information obtained from the issuer. The proposed system is secure even if the private keys associated with server and RFID tag are compromised. It does mean that it can prevent server-side insider attack in addition to external attacks. Amazon EC2 is used to have experiments. We built a prototype application to demonstrate proof of the concept. The empirical results revealed that the proposed system is able to withstand various kinds of attacks and provides a more efficient solution with less overhead.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abughazalah, S., Markantonakis, K., Mayes, K.: Secure improved cloud-based RFID authentication protocol. In: Garcia-Alfaro, J., et al. (eds.) DPM/QASA/SETOP -2014. LNCS, vol. 8872, pp. 147–164. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17016-9_10
Alabrah, A., Bassiouni, M.: A tree-based authentication scheme for a cloud toll/traffic RFID system. In: 2015 IEEE Vehicular Networking Conference (VNC), pp. 108–111. IEEE (2015)
Bu, K., Weng, M., Zheng, Y., Xiao, B., Liu, X.: You can clone but you cannot hide: a survey of clone prevention and detection for RFID. IEEE Commun. Surv. Tutor. 19(3), 1682–1700 (2017)
Dong, Q., Tong, J., Chen, Y.: Cloud-based RFID mutual authentication protocol without leaking location privacy to the cloud. Int. J. Distrib. Sens. Netw. 11(10), 937198 (2015)
Fan, K., Luo, Q., Li, H., Yang, Y.: Cloud-based lightweight RFID mutual authentication protocol. In: 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pp. 333–338. IEEE (2017)
Juels, A., Pappu, R.: Squealing euros: privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45126-6_8
Kiraz, M.S., Bingöl, M.A., Kardaş, S., Birinci, F.: Anonymous RFID authentication for cloud services. Int. J. Inf. Secur. Sci. 1(2), 32–42 (2012)
Lehtonen, M., Staake, T., Michahelles, F.: From identification to authentication-a review of RFID product authentication techniques. In: Cole, P., Ranasinghe, D. (eds.) Networked RFID Systems and Lightweight Cryptography, pp. 169–187. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71641-9_9
Lehtonen, M.O., Michahelles, F., Fleisch, E.: Trust and security in RFID-based product authentication systems. IEEE Syst. J. 1(2), 129–144 (2007)
Lin, I.C., Hsu, H.H., Cheng, C.Y.: A cloud-based authentication protocol for RFID supply chain systems. J. Netw. Syst. Manag. 23(4), 978–997 (2015)
Rahman, M., Sampangi, R.V., Sampalli, S.: Lightweight protocol for anonymity and mutual authentication in RFID systems. In: 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), pp. 910–915. IEEE (2015)
Weber, R.H.: Internet of things-new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010)
Xiao, H., Alshehri, A.A., Christianson, B.: A cloud-based RFID authentication protocol with insecure communication channels. In: 2016 IEEE Trustcom/BigDataSE/I SPA, pp. 332–339. IEEE (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Al-Sudani, A.R., Zhou, W., Wen, S., Al-Mansoori, A. (2018). SCARA: A Framework for Secure Cloud-Assisted RFID Authentication for Smart Building Access Control. In: Au, M., et al. Network and System Security. NSS 2018. Lecture Notes in Computer Science(), vol 11058. Springer, Cham. https://doi.org/10.1007/978-3-030-02744-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-02744-5_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02743-8
Online ISBN: 978-3-030-02744-5
eBook Packages: Computer ScienceComputer Science (R0)