1. Interoperable Internet Scale Security Framework for RFID Networks
Tingting Mao, John R. Williams, Abel Sanche

2. Outline Introduction Problems Related work
Proposition: Interoperable Internet Scale Security Frame Work (IISS)
IISS Framework
Ontologies in IISS
Using IISS in supply chains
Conclusion and future work
1/25

3. Introduction
Around 3 billion Radio Frequency Identification (RFID) tags were deployed till today.
Wal-Mart’s in-store implementation will generate about 7 terabytes of RFID data per day.
data breaches cost businesses an average of $197 per customer record in 2007.
Security and Privacy issues are critically important for RFID networks.
However, No security or privacy framework has been chosen as an EPCglobal standard at present.
2/25

4. Problem 1:What identity system should we choose
It is hard to make mandatory adoption of a particular identity system or a certificate authority for all these widely distributed vendors.
Example:
In a supply chain, a RFID tag is read by manufacturing plants, storage warehouses, carrier cross docks, major distribution centers, ports, intermodal terminals, suppliers, transport carrier, a third-party logistics provider and a retail store.
3/25

5. Problem 2: Should I give the permission to whom I do not know?
Example: Retailer R1 queries Manufacturer M2 about SKU3. How does M2 know if SKU3 was shipped to R1?
Manufacturer M1 queries Retailer R1: Are promotional goods SKU1 reaching retailer R1 in time? How does R1 know if M1 was the Manufacturer? (Manufacturer may not have business relationship with Retailer ) .
Distributor 1 queries the Retailer: Were shipped goods received? (proof of delivery) (Distributor 1 may not have business relationship with Retailer )
Manufacturer
Distributor 1
Distributor 2
Retailer
Item
SKU 1
SKU 3
SKU 1
SKU 2
Item
SKU 2
SKU 4
SKU 3
SKU 4
We may know the company but need other credentials to make authorization decision
4/25

6. Problem 3: Who is Entitled to see What?
The business rules for protecting access to EPC data can be complex.
Example: In a use case, a product could be a F15 Engine GE504 destined for Pakistan, and the associated business information could be that the engine was shipped from Boeing on 12/5/2007 and was part of a Purchase Order (PO) that is stored on
The user might have “partial” authorization to see some data but not all of it. So any authorization system must look up a business rule that is defined by EPC, Shipper, Date, PO Context and Requester Identity.
5/25

7. Related Work RFID network:
A network describing components and interfaces for the EPC-related information interchange between servers that contain information related to items identified by EPC numbers.
EPCIS:
Disparate applications which are able to leverage EPC data both within and across enterprises.
6/25

8. Related Work Secure Internet Exchange ONS EPCIS EPCIS Private Network
Event
Registries
Search and
Discovery
ONS
EPCIS
EPCIS
Internal
Systems
(ERP, WMS, etc)
Internal
Systems
(ERP, WMS, etc)
EPC
Middleware
EPC
Middleware
EPC Readers
EPC Readers
Private Network
Private Network
7/25

9. Related Work
Research work on RFID security and privacy issue includes:
blocker tags
the protocols by Henrici and Muller
the protocols by Juels et al.
the protocols by Ohkubo et al.
the protocols by Feldhofer et al.
the protocols by Molnar and Wagner
Limitation:
Only target the communication between tags and readers
8/25

10. Related Work Related works in existing Web standards:
Privacy Preferences (P3P)
XML markup languages such as SAML, EPAL and XACML.
Limitation:
None of this research enables the development of RFID networks specific policy description.
No tools have been developed to help users evaluate queries by referring to the policy rules, especially when various rule-sets interact.
9/25

11. Proposition: IISS
Interoperable Internet Scale Security Framework for RFID networks(IISS)
-- a Web-based framework for an agent in RFID networks to perform authentication to another agent from a different domain by reasoning over queries and related policies described in RDF-s and OWL
10/25

12. IISS Features Features to solve Problem 1:
Centralized identity providers are avoided in the security framework.
Different authentication schemes and identity techniques are supported.
Feature to solve Problem 2:
Provenance information of the EPC data is generated and passed through the security framework to identify the track of particular EPC data.
11/25

13. IISS Features Features to solve Problem 3:
Business rules are interchangeable between agents in different domains.
A business rule language is formulized in IISS.
12/25

14. IISS frame work The EPCIS stores EPC data generated by RFID readers.
The Provenance Server stores the provenance information of each RFID tag-bearing object.
The Rule and Policy Engine collects relevant policy information or proofs and generates permissions after reasoning over collected information.
The Identity Selector controls and dispatch digital identities from different identity providers according to various security demands from its Rule and Policy Engine.
The Identity Providers issue identity tokens.
Enterprise Identity Information
Business Rule
Item Information
Reader
EPCIS
RFID
Provenance Server
Rule and Policy Engine
Identity Selector
Identity Provider
Adaptor
13/25

15. Provenance Challenge of four supply chain
Provenance challenge is the secret identification of the particular track of particular RFID-bearing object, shared by all the parties that have read particular RFID tag.
In IISS, provenance challenge is transmitted confidentially to the next party that the object is shipped to.
The challenge can be used to verify that the company is a transition point in the RFID object’s track.
1245
3576
5998
9327
14/25

16. 4 5 3 6 9 2 12 10 11 7 8 1 Enterprise Level Business Rule Level
Identity provider
Identity provider
Enterprise
Level
Security Agents in Company A
Security Token
Security Agents in Company D 4
step11: Return the provenance challenge information
step1: Query about the item with a particular EPC code
step12: Validation succeeds if the provenance challenge sent by company A and company A's identity security token are validated
step3: Send the requirement on company A's identity
step2: Send the policy and business rule to company A
step5: Return security token
step6: Send the security token to rule and policy engine
step4: Request identity security token from related identity selector
step8: Return the provenance challenge
step7: Query the provenance challenge generate by the provenance server
step10: Check the provenance challenge informaton about the EPC code
step9: Send back all the information that is required by company B
Identity Selector
Adaptor 5
Identity Selector
Adaptor 3 6
Business Rule
Level
Rule and Policy Engine
Rule and Policy Engine 9 2 12 10 11 7 8
Provenance
Information
Provenance
Information
Provenance
Information
Provenance Server
Provenance Server
Provenance Server
Provenance Server
Item Level 1
Provenance challenge is generated when Item is shipped
15/25

17. RDF Describing things on the Semantic Web
RDF (Resource Description Framework)
a data format for describing information and resources,
the fundamental data model for the Semantic Web
Using RDF, we can describe relationships between things like:
A is a part of B or
Y is a member of Z
and their properties (size, weight, age, price…) in a machine-understandable format where each thing has a
RDF graph-based model delivers straightforward machine processing
Putting information into RDF files makes it possible for “scutters” or RDF crawlers to search, discover, pick up, collect, analyse and process information from the Web
16/25

18. RDF example A simple RDF example Statement:
“Stefan Decker is the creator of the resource (web page)
Structure:
Resource (subject)
Property (predicate)
Value (object) “Stefan Decker”
Directed graph:
dc:creator
Stefan Decker
17/25

19. Ontologies in IISS
18/25

20. Using IISS in Supply Chains
19/25

21. Example of a Policy
20/25

22. Benefits
All the partners in supply chains do not need to trust one Identity authority.
If they do not share any identity authorities, the provenance information in IISS can be used as proof to some extent.
Instead of associating EPC events with parties by statically enumerating parties credentials, relying parties can associate declarative policies by using the Policy language in IISS.
Once the IISS can be implemented in supply chains, a centralized registry server may not be necessary for tracking purposes. Companies can broad cast their queries.
21/25

23. Implementation Sink Source Facilities Facilities Facilities Facilities
Identity Selector
Identity provider
Rule and Policy Engine
Rule and Policy Engine
Provenance
Challenge
Provenance
Challenge
Provenance
Server
Provenance
Server
Provenance
Server
Provenance
Challenge
Sink
Send PORequest
EPCIS PO
inventory
EPCIS PO
inventory
Send PORequest
EPCIS PO
inventory
Send PORequest
Source
Send PORequest
EPCIS PO
inventory
EPCIS PO
inventory
EPCIS PO
inventory
Fulfill POs
Facilities
Fulfill POs
Fulfill POs
Fulfill POs
Facilities
EPCIS PO
inventory
Facilities
EPCIS PO
inventory
Facilities
EPCIS PO
inventory
Request POs
Tier
Tier
Tier
Scheduler
22/25

24. Conclusion
It provides a solution to security problems in the RFID networks on which multiple partners can rely.
In RFID networks, IISS is the first scheme that performs authentication based on an aggregation of business rules, enterprise information, and RFID tag information.
IISS provides a way to express complex business rules in RFID networks.
23/25

25. Future Work
Enrich the policy vocabulary in the business rule language in IISS.
Enable users generate rule sets.
Use Epedigree signature as a kind of provenance.
24/25

26. Thanks
25/25