RFID Community in Asia
RFID NEWS
RFID PHOTOS
Photos related to Radio Frequency Identification (RFID) technology.
SMART CARD NEWS
RFID ANSWERS
Guidelines for Securing RFID Systems
Friday, April 27, 2007
Like any information technology (IT), radio frequency identification (RFID) presents security and privacy risks that must be carefully mitigated through management, operational, and technical controls in order to realize the numerous benefits the technology has to offer.
When practitioners adhere to sound security engineering principles, RFID technology can help a wide range of organizations and individuals realize substantial productivity gains and efficiencies. These organizations and individuals include hospitals and patients, retailers and customers, and manufacturers and distributors throughout the supply chain.
RFID is a form of automatic identification and data capture (AIDC) technology that uses electric or magnetic fields at radio frequencies to transmit information. An RFID system can be used to identify many types of objects, such as manufactured goods, animals, and people. Each object that needs to be identified has a small object known as an RFID tag affixed to it or embedded within it.
The tag has a unique identifier and may optionally hold additional information about the object. Devices known as RFID readers wirelessly communicate with the tags to identify the item connected to each tag and possibly read or update additional information stored on the tag. This communication can occur without optical line of sight and over greater distances than other AIDC technologies. RFID technologies support a wide range of applications—everything from asset management and tracking to access control and automated payment.
Every RFID system includes a radio frequency (RF) subsystem, which is composed of tags and readers. In many RFID systems, the RF subsystem is supported by an enterprise subsystem that is composed of middleware, analytic systems, and networking services. RFID systems that share information across organizational boundaries, such as supply chain applications, also have an inter-enterprise subsystem.
Each RFID system has different components and customizations so that it can support a particular business process for an organization; as a result, the security risks for RFID systems and the controls available to address them are highly varied. The enterprise and inter-enterprise subsystems involve common IT components such as servers, databases, and networks and therefore can benefit from typical IT security controls for those components.
Source: Karygiannis, T., Eydt, B., et al. (2007). Guidelines for Securing Radio Frequency Identification (RFID) Systems. Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-98.
Send your comments.
When practitioners adhere to sound security engineering principles, RFID technology can help a wide range of organizations and individuals realize substantial productivity gains and efficiencies. These organizations and individuals include hospitals and patients, retailers and customers, and manufacturers and distributors throughout the supply chain.
RFID is a form of automatic identification and data capture (AIDC) technology that uses electric or magnetic fields at radio frequencies to transmit information. An RFID system can be used to identify many types of objects, such as manufactured goods, animals, and people. Each object that needs to be identified has a small object known as an RFID tag affixed to it or embedded within it.
The tag has a unique identifier and may optionally hold additional information about the object. Devices known as RFID readers wirelessly communicate with the tags to identify the item connected to each tag and possibly read or update additional information stored on the tag. This communication can occur without optical line of sight and over greater distances than other AIDC technologies. RFID technologies support a wide range of applications—everything from asset management and tracking to access control and automated payment.
Every RFID system includes a radio frequency (RF) subsystem, which is composed of tags and readers. In many RFID systems, the RF subsystem is supported by an enterprise subsystem that is composed of middleware, analytic systems, and networking services. RFID systems that share information across organizational boundaries, such as supply chain applications, also have an inter-enterprise subsystem.
Each RFID system has different components and customizations so that it can support a particular business process for an organization; as a result, the security risks for RFID systems and the controls available to address them are highly varied. The enterprise and inter-enterprise subsystems involve common IT components such as servers, databases, and networks and therefore can benefit from typical IT security controls for those components.
Source: Karygiannis, T., Eydt, B., et al. (2007). Guidelines for Securing Radio Frequency Identification (RFID) Systems. Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-98.
Send your comments.
Labels: business, payment, privacy, rfid, scm, security, tag, technology, tracking
RFID Videos
RFID Journal Entries
- Press Release: Enabling Mobile Phones for NFC
- Press Release: Confidex Ironside Gen2 RFID tag com...
- RFID Asia to open first RFID kiosk in Indonesia
- Press Release: FeliCa IC Chip Cumulative Shipments...
- Putting RFID Network Security in Perspective
- Opinion: Revitalize RFID Industry
- Digestible RFID Tag: an Alternative for Your Inter...
- Press Release: First NFC Payment Trial in Taiwan
- Press Release: RFID Field Trial in Japan for Cosme...
- Partnership Invitation for Mobile RFID 2.0 Project...
QR Code
