NIST Issues Guidelines for Ensuring RFID Security

Apr 27, 2007

Retailers, manufacturers, hospitals, federal agencies and other organizations planning to use radio frequency identification (RFID) technology to improve their operations should also systematically evaluate the possible security and privacy risks and use best practices to mitigate them, according to a report issued today by the National Institute of Standards and Technology.

“RFID tags, commonly referred to as smart tags, have the ability to improve logistics, profoundly change cost structures for business, and improve the current levels of safety and authenticity of the international pharmaceutical supply chain and many other industries,” said Under Secretary of Commerce for Technology Robert C. Cresanti. “This important report lays the foundation for addressing potential RFID security risks so that a thoughtful enterprise can launch a smart tag program with confidence.”

RFID devices send and/or receive radio signals to transmit identifying information such as product model or serial numbers. They come in a wide variety of types and can be as small as a grain of rice or printed on paper. Unlike bar coding systems, some RFID devices can communicate without requiring a line of sight, and over longer distances, for faster batch processing of inventory. They can be outfitted with sensors to collect data on temperature changes, sudden shocks, humidity or other factors affecting products.

However, as RFID devices are deployed in more sophisticated applications from matching hospital patients with laboratory test results to tracking systems for dangerous materials, concerns have been raised about protecting such systems against eavesdropping and unauthorized uses. The new NIST report focuses on RFID applications for asset management, tracking, matching, and process and supply chain control. It lists of recommended practices for ensuring the security and privacy of RFID systems, including firewalls that separate RFID databases from an organization’s other databases and information technology (IT) systems, encryption of radio signals when feasible, shielding RFID tags or tag reading areas with metal screens or films to prevent unauthorized access, and other security measures.

Two case studies—in health care and supply chain settings—provide examples for identifying and minimizing security risks throughout the various stages of an RFID project.

Citation: T. Karygiannis, B. Eydt, G. Barber, L.Bunn and T. Phillips. Guidelines for Securing Radio Frequency Identification (RFID) Systems (Special Publication 800-98), 154 pages. Available on-line at csrc.nist.gov/publications/nis… 800-98_RFID-2007.pdf .

Source: NIST

Explore further: Seeing through the fog (and dust and snow) of war

add to favorites email to friend print save as pdf

Related Stories

A refined approach to proteins at low resolution

14 minutes ago

Membrane proteins and large protein complexes are notoriously difficult to study with X-ray crystallography, not least because they are often very difficult, if not impossible, to crystallize, but also because ...

CloudFlare tackles lost SSL key risk with Keyless SSL

21 minutes ago

Organizations looking for and concerned about optimal security protection are the targets of a new service announced by San Francisco-based CloudFlare. The offering is called Keyless SSL. CloudFlare explained ...

New hadrosaur noses into spotlight

36 minutes ago

Call it the Jimmy Durante of dinosaurs – a newly discovered hadrosaur with a truly distinctive nasal profile. The new dinosaur, named Rhinorex condrupus by paleontologists from North Carolina State Univer ...

Recommended for you

Wireless sensor transmits tumor pressure

3 hours ago

The interstitial pressure inside a tumor is often remarkably high compared to normal tissues and is thought to impede the delivery of chemotherapeutic agents as well as decrease the effectiveness of radiation ...

Seeing through the fog (and dust and snow) of war

Sep 19, 2014

Degraded visibility—which encompasses diverse environmental conditions including severe weather, dust kicked up during takeoff and landing and poor visual contrast among different parts of terrain—often ...

The oscillator that could makeover the mechanical watch

Sep 18, 2014

For the first time in 200 years the heart of the mechanical watch has been reinvented, thereby improving precision and autonomy while making the watch completely silent. EPFL researchers have developed an ...

User comments : 0