Time： 2019-06-25 18:46:27
RFID has better confidentiality than traditional identification systems such as barcode recognition, but its data is very vulnerable to attacks, mainly because chips and chips are easily attacked by others in the process of reading and writing data. So protecting the security of data stored in RFID chips is a key issue. The latest RFID standard redesigned the UHF air interface protocol, which manages the movement of data from tags to readers, providing some protection for data stored on the chip. The new standard uses "a secure link" to protect passive tags from most attacks.
When data is written to the volume label, the data is disguised as it passes through the air interface. All data from the tag to the reader is spoofed, so the data is not intercepted when the reader reads or writes data from the tag. Once the data is written to the volume label, the data is locked so that only the data can be read and cannot be rewritten, which is what people often call read-only. There is no reliable security mechanism, and the data information in the read-only tag cannot be kept very confidential. For the readable and writable tag, there is also a hidden danger that the information on the electronic tag is maliciously changed.
If the information in the electronic tag is stolen or even maliciously changed, it may bring immeasurable losses in the future. One way to solve these security problems is to study RFID tag encryption technology. Encryption technology can be used to prevent unauthorized snoopers from obtaining or tampering with electronic tag information, but currently only a few RFID chips can handle more complex tasks such as push-in and encryption. In addition, RFID tags that can handle these tasks are the most expensive products on the market. Therefore, there are still obstacles in the current RFID technology to be applied in military projects such as confidentiality of information. From the perspective of national security, we should actively develop our own RFID encryption technology.
Privacy security issues are mainly reflected in RFID tags. “After the item is purchased, the point of sale will immediately update the privacy data to ensure that it is not read by some readers, such as a supply chain reader. In a retail store, or when goods are shipped from one location In the process of going to another location, there are many opportunities to cover or even modify the data on the RFID tag. This vulnerability also exists on the network that companies use to process RFID-tagged boxes, pallets or other goods. In the back of the company's distribution center, warehouse or store. Unsecured wireless networks provide opportunities to intercept data. The back end of the FID reader is a very standardized Internet infrastructure, so the RFID backend The security problems and opportunities of the network are the same as the Internet.
In the network behind the reader, you can learn from the various security technologies of the existing Internet. The solution is to ensure that all readers on the network must pass validation before transmitting the message to the middleware (the middleware then passes the information to the enterprise system) and ensure that the data flow between the reader and the backend system is encrypted. . There are some very practical steps to take when deploying RFID readers to ensure that they are authenticated before they can connect to the corporate network and that they are not being stolen by others because of the transmission. For example, readers based on technologies from companies such as Symbol Technologies and ThingMagic support standard network technologies, including built-in authentication methods that prevent unauthorized access.
In order to prevent someone from eavesdropping on the higher power signals from the RFID reader, an anti-eavesdropping technique called "silent tree climbing" is used. Within the limits of the RFID wireless interface, this approach ensures that the reader never repeats the information on the tag. The numbers on the RFID tag are not broadcast by the reader, but are indirectly referenced, and the receiver middleware knows how to interpret the numbers, but the eavesdropper does not. Data Crisis Caused by “Transparency” Although the application of RFID technology has increased the transparency of the entire supply chain, it has also raised concerns about data security. Businesses need a strong sense of security for their data. For companies, their data includes information about their business, not just their own data, but also their trading partners.