Information Security Today Home

New Books

Information Security Risk Analysis, Third Edition
Information Security Management: Concepts and Practice
Official (ISC)2 Guide to the CISSP CBK, Second Edition
The Executive MBA in Information Security
Vulnerability Management

Attacking RFID Systems

by Pedro Peris-Lopez, Julio Cesar Hernandez-Castro,Juan M. Estevez-Tapiador, and Arturo Ribagorda

A great number of hackers end up working in the security departments of IT and telecommunications companies. In other words, the best way of making a system secure is to now how it can be attacked. Radio-frequency identification (RFID) is no different from any other technology, so the possible attacks on it should be studied in depth. The extent of an attack can vary considerably; some attacks focus on a particular part of the system, such as the tag, whereas others target the whole system. Although there are references to such attacks in a number of publications, a rigorous study has not been made of the subject until now. We examine, in this chapter, the main threats to RFID security.

First, we look at data and location privacy. Although these are the risks most often referred to in the literature, there are other equally important problems to consider too. RFID systems are made up of three main components: tag, reader, and back-end database. So, we have grouped the threats according to the unit involved in the attack. First, we examine those related to tags and readers such as eavesdropping, cloning, replay, and relay attacks. Then we look at the threats to the back-end database; e.g., object name service [ONS] attack, virus. By the end of this chapter, we hope you will have acquired a basic understanding of the principal security risks in RFID.

Continue reading ...

About the Author

CISO Soft Skills From Security in RFID and Sensor Networks edited by Paris Kitsos. New York: Auerbach Publications, 2009.
Subscribe to Information Security Today

Powered by VerticalResponse

© Copyright 2009-2010 Auerbach Publications