Abstract
This paper presents the design, implementation, and evaluation of the RFID Guardian, the first-ever unified platform for RFID security and privacy administration. The RFID Guardian resembles an ``RFID firewall,'' that monitors and controls access to RFID tags by combining a standard-issue RFID reader with unique RFID tag emulation capabilities. Our system provides a platform for both automated and coordinated usage of RFID security mechanisms, offering fine-grained control over RFID-based auditing, key management, access control, and authentication capabilities. We have prototyped the RFID Guardian using off-the-shelf components, and our experience has shown that active mobile devices are a valuable tool for managing the security of RFID tags in a variety of applications, including protecting low-cost tags that are unable to regulate their own usage.
More philosophically, RFID technology vividly illustrates the difficulties of security administration in a world of increasingly pervasive, decentralized, low-cost, and low-power computing. Our paper thus also offers a glimpse of what system administration may be like in the future, when laymen face the responsibility to manage systems of tiny computers that they are barely aware of.
More philosophically, RFID technology vividly illustrates the difficulties of security administration in a world of increasingly pervasive, decentralized, low-cost, and low-power computing. Our paper thus also offers a glimpse of what system administration may be like in the future, when laymen face the responsibility to manage systems of tiny computers that they are barely aware of.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 20th Conference on Systems Administration (LISA 2006), Washington, DC, USA, December 3-8, 2006 |
| Publisher | USENIX |
| Pages | 89-102 |
| Publication status | Published - 2006 |