TY - GEN
T1 - Fine-grained privacy control for the RFID middleware of EPCglobal networks
AU - Tounsi, Wiem
AU - Cuppens-Boulahia, Nora
AU - Cuppens, Frédéric
AU - Garcia-Alfaro, Joaquin
PY - 2013/12/1
Y1 - 2013/12/1
N2 - The Electronic Product Code (EPC) is a Radio Frequency IDentification (RFID) that offers a new way of automating identification. However, once RFID tags carry more than just an identifier, privacy may be violated. Treating the privacy in early stages helps to master the data view before interpreting and storing it in databases. An RFID middleware is the entity that sits between tag readers and database applications. It is in charge of collecting, filtering, aggregating and grouping the requested events from heterogeneous RFID environments. Thus, the system, at this point, is likely to suffer from parameter manipulation and eavesdropping, raising privacy concerns. We propose a privacy controller module that enhances the Filtering and Collection middleware of the RFID EPCglobal network. We provide a privacy policy-driven model using some enhanced contextual concepts of the extended Role Based Access Control model. To show the feasibility of our privacy-enhanced model, we provide a proof-of-concept prototype integrated into the middleware of the Fosstrak framework, an open-source implementation of the EPCglobal specifications.
AB - The Electronic Product Code (EPC) is a Radio Frequency IDentification (RFID) that offers a new way of automating identification. However, once RFID tags carry more than just an identifier, privacy may be violated. Treating the privacy in early stages helps to master the data view before interpreting and storing it in databases. An RFID middleware is the entity that sits between tag readers and database applications. It is in charge of collecting, filtering, aggregating and grouping the requested events from heterogeneous RFID environments. Thus, the system, at this point, is likely to suffer from parameter manipulation and eavesdropping, raising privacy concerns. We propose a privacy controller module that enhances the Filtering and Collection middleware of the RFID EPCglobal network. We provide a privacy policy-driven model using some enhanced contextual concepts of the extended Role Based Access Control model. To show the feasibility of our privacy-enhanced model, we provide a proof-of-concept prototype integrated into the middleware of the Fosstrak framework, an open-source implementation of the EPCglobal specifications.
KW - EPCglobal
KW - RFID
KW - access control
KW - middleware
KW - privacy assurance
KW - privacy policy
UR - https://www.scopus.com/pages/publications/84892651677
U2 - 10.1145/2536146.2536154
DO - 10.1145/2536146.2536154
M3 - Conference contribution
AN - SCOPUS:84892651677
SN - 9781450320047
T3 - Proceedings of the 5th International Conference on Management of Emergent Digital EcoSystems, MEDES 2013
SP - 60
EP - 67
BT - Proceedings of the 5th International Conference on Management of Emergent Digital EcoSystems, MEDES 2013
T2 - 5th International Conference on Management of Emergent Digital EcoSystems, MEDES 2013
Y2 - 28 October 2013 through 31 October 2013
ER -