The Community for Technology Leaders
Green Image
Issue No. 02 - March-April (2013 vol. 10)
ISSN: 1545-5971
pp: 57-69
Yan Zhu , Coll. of Eng. & Comput. Sci, Univ. of Michigan-Dearborn, Dearborn, MI, USA
Tuo Xiang , Coll. of Eng. & Comput. Sci, Univ. of Michigan-Dearborn, Dearborn, MI, USA
N. Saxena , Comput. & Inf. Sci. Dept., Univ. of Alabama at Birmingham, Birmingham, AL, USA
Di Ma , Coll. of Eng. & Comput. Sci, Univ. of Michigan-Dearborn, Dearborn, MI, USA
ABSTRACT
In this paper, we report on a new approach for enhancing security and privacy in certain RFID applications whereby location or location-related information (such as speed) can serve as a legitimate access context. Examples of these applications include access cards, toll cards, credit cards, and other payment tokens. We show that location awareness can be used by both tags and back-end servers for defending against unauthorized reading and relay attacks on RFID systems. On the tag side, we design a location-aware selective unlocking mechanism using which tags can selectively respond to reader interrogations rather than doing so promiscuously. On the server side, we design a location-aware secure transaction verification scheme that allows a bank server to decide whether to approve or deny a payment transaction and detect a specific type of relay attack involving malicious readers. The premise of our work is a current technological advancement that can enable RFID tags with low-cost location (GPS) sensing capabilities. Unlike prior research on this subject, our defenses do not rely on auxiliary devices or require any explicit user involvement.
INDEX TERMS
Security, Relays, Protocols, Privacy, RFID tags, location sensing, RFID, mobile payment system, relay attacks, context recognition
CITATION
Yan Zhu, Tuo Xiang, N. Saxena, Di Ma, "Location-Aware and Safer Cards: Enhancing RFID Security and Privacy via Location Sensing", IEEE Transactions on Dependable and Secure Computing, vol. 10, no. , pp. 57-69, March-April 2013, doi:10.1109/TDSC.2012.89
98 ms
(Ver )