Browse > Article
http://dx.doi.org/10.7840/KICS.2011.36C.4.197

Secure and Efficient DB Security and Authentication Scheme for RFID System  

Ahn, Rae-Soon (대구대학교 기초교육원 컴퓨터)
Yoon, Eun-Jun (경북대학교 전자전기컴퓨터학부)
Bu, Ki-Dong (경일대학교 컴퓨터공학과)
Nam, In-Gil (대구대학교 컴퓨터 IT공학부)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.36, no.4C, 2011 , pp. 197-206 More about this Journal
Abstract
In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.
Keywords
RFID; DB security; Protocol; Mutual authentication; XOR operation; Efficiency;
Citations & Related Records
Times Cited By KSCI : 6  (Citation Analysis)
연도 인용수 순위
1 안해순, 부기동, 윤은준, 남인길, "TRMA: 2-라운 드 RFID 상호 인증 프로토콜," 전자공학회논문지, 제46권, 제CI-5호, pp.71-78, 2009.
2 안해순, 부기동, 윤은준, 남인길, "RFID/USN 환경을 위한 개선된 인증 프로토콜," 전자공학회논문지, 제46권, 제CI-1호, pp.1-10, 2009.
3 전서관, 은선기, 우수현, "상호인증을 제공하는 개선된 RFID 인증 프로토콜," 전자공학회논문지, 제47권, 제TC-2호, pp.113-120, 2010.
4 김정숙, 김천식, 윤은준, 홍유식, "RFID와 TCP/IP를 활용한 원격 보안 출입 제어 시스템," 전자공학회논문지, 제45권, 제CI-6호, pp.60-67, 2008.
5 S. S. Yeo, K. Sakurai, S. E. Choi, K. S. Yang, and S. K. Kim, "Forward Secure Privacy Protection Scheme for RFID System Using Advanced Encryption Standard", In Proceedings of Frontiers of High Performance Computing and Networking ISPA 2007 Workshops, Vol.4743 of LNCS, pp.245-254, 2007.
6 Y. Chang and M. Mitzenmacher, "Privacy preserving keyword searches on remote encrypted data", In Proceedings of ACNS`05, Vol.3531 of LNCS, pp.442-445, 2005.
7 이근우, 오동규, 곽진, 오수현, 김승주, 원동호, "분산 데이타베이스 환경에 적합한 Challenge- Response 기반의 안전한 RFID 인증 프로토콜," 한국정보처리학회 논문지C, 제12-C권, 제03호, pp.309-316, 2005.
8 윤은준, 유기영, "의료정보보호를 위한 RFID를 이용한 환자 인증 시스템," 한국통신학회논문지, 제35권, 제6호, pp.962-969, 2010.
9 A. Gordon, M. P. Loeb, W. Lucyshyn, and R. Richardson, "2004 CSI/FBI Computer Crime and Security Survey", Ninth annual report of computer security society, CSI, 2004. For general information, refer to "http://gocsi.com or http://www.nipc.gov"
10 D. J. Park, K. Kim, and P. J. Lee, "Public Key Encryption with Conjunctive Field Keyword Search", In Proceedings of WISA'04, Vol.3325 of LNCS, pp.73-86, 2004.
11 P. Golle, J. Staddon, and B. Waters, "Secure Conjunctive Keyword Search Over Encrypted Data", In Proceedings of ACNS'04, Vol.3089 of LNCS, pp.31-45, Springer-Verlag, 2004.
12 X. Dawn, D. Wagner and A. Perrig, "Practical Techniques for Searches on Encrypted Data", Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.44, 2000.
13 변진욱, "암호화 문서상에서 효율적인 키워드 검색 프로토콜 설계," 전자공학회논문지, 제46권, 제CI-1호, pp.46-55, 2009.
14 D. Lin, H. G. Elmongui, E. Bertino, and B. C. Ooi, "Data management in RFID applications", International conference on database and expert systems applications, Vol.4653 of LNCS, pp.434-444, 2007.
15 S. Shepard, "RFID: Radio Frequency Identification", New York, USA: Mc Graw Hill, 2005.
16 L. Srivastava, "Ubiquitous network societies: The case of Radio Frequency Identification, background paper", International telecommunication union (ITU) new initiatives workshop on ubiquitous network societies, Geneva, Switzerland, 2005.
17 B. Glover and H. Bhatt. RFID Essentials. O'Reilly, 2006
18 M. Lehtonen, T. Staake, F. Michahelles, and E. Fleisch. From identification to authentication - a review of RFID product authentication techniques. In Printed handout of Workshop on RFID Security (RFIDSec 2006).
19 K. Finkenzeller, "RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification", (2nd ed.), Munich, Germany: Wiley, 2003.
20 S. A. Weis, "Security and privacy in radiofrequency identification devices," MS Thesis. MIT. May, 2003.
21 S. Weis, S. Sarma, R. Rivest, and D. Engels. "Security and privacy Aspects of Low-Cost Radio Frequency Identification Systems", In D. Hutter, G. M¨uller, W. Stephan, and M. Ullmann, editors, International Conference on Security in Pervasive Computing (SPC 2003), Vol.2802 of LNCS, pp.454-469, 2003.
22 S. S. Yeo and S. K. Kim, "Scalable and Flexible Privacy Protection Scheme for RFID System", In Proceedings of the 2nd European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS 2005), Vol.3813 of LNCS, pp.153-163, July 2005.
23 D. Molnar and D. Wagner, "Privacy and security in library RFID: issues, practices, and architectures", Conference on Computer and Communications Security-CCS'04, pp.210-219, 2004.
24 F. Klaus, "RFID handbook", Second Edition, Jone Willey & Sons, 2003.