CRITICAL PRIVACY AND SECURITY ISSUES IN RFID-ENABLED APPLICATIONS

PhD Thesis Proposal Defence


Title: "CRITICAL PRIVACY AND SECURITY ISSUES IN RFID-ENABLED APPLICATIONS"

by

Mr. Saiyu QI


Abstract:

Radio Frequency Identification (RFID) technology has been an important 
enabling solution to support various supply chain applications such as 
batch recall, anti-counterfeiting and product data sharing. However, the 
RFID technique also raises privacy and security requirements, which if not 
well resolved, may hinder its broad deployment in the supply chain 
setting. In this thesis, we analyze the privacy and security requirements 
of four critical RFID-enabled supply chain applications and devise the 
corresponding security solutions. We briefly summarize our results as 
follows.

Our first application is RFID-enabled Batch recall. We leverage RFID 
technique to implement batch recall in an accurate and efficient way. 
RFID-enabled batch recall provides us the opportunity to further enhance 
the security of batch recall operation, allowing us to achieve recognition 
of problematic products, privacy preserving of production pattern, recall 
authentication and non-repudiation, etc. We thoroughly study the security 
aspects and identify the unique requirements in RFID-enabled batch recall. 
We propose a practically secure protocol, COLLECTOR, to enable accurate, 
secure and efficient RFID batch recall.

Our second application is RFID-enabled anti-counterfeiting. We investigate 
the new opportunity provided by the RFID technique to solve this problem 
and identify a critical requirement: balance the tradeoff between the 
privacy and efficiency. We design a bidirectional efficiency-privacy 
transferable (BEST) authentication protocol to achieve this requirement. 
In a relatively secure domain, BEST works in an efficient manner to 
authenticate batches of tags with less privacy guarantee. Once the tags 
flow into open environment, BEST can migrate to provide stronger privacy 
protection to the tags with moderate efficiency degradation.

Our third and fourth applications are RFID-enabled product data sharing in 
data-on-tag manner and data-on-network manner, respectively. Sharing 
product data in a supply chain enables the involved participants to track 
products accurately. In the two applications, we investigate two new 
approaches of RFID technique to facilitate product data sharing, namely, 
data-on-tag approach and data-on-network approach. The two approaches are 
complementary with each other.


Date:			Tuesday, 26 August 2014

Time:                   2:00pm - 4:00pm

Venue:                  Room 5508
                         lifts 25/26

Committee Members:	Prof. Lionel Ni (Supervisor)
 			Prof. Cunsheng Ding (Chairperson)
 			Prof. Gary Chan
 			Dr. Ke Yi


**** ALL are Welcome ****