A whole of system approach to analysis of security in RFID Systems using an integrated layered and partitioned reference model

This thesis proposes the use of a 'whole of system' approach to the analysis of security in Radio Frequency Identification (RFID) systems and introduces a reference model for this purpose. It illustrates the advantages of this approach in the context of detecting clone tags within RFID systems, including the specific example of a pharmaceutical supply chain. It compares the results from using the proposed model with those from previous work that adopted a more localised approach (Rotter 2008; Mitrokotsa et al. 2010). In order to enable the 'whole of system' approach, a domain model for RFID systems is introduced and a simulator based on this is implemented. Interesting insights arising from simulator results are confirmed through laboratory experiments. The reference model proposed consists of the three horizontal layers suggested by previous authors: real world, RFID and strategic (Mitrokotsa et al. 2008, 2009), but adds vertical security partitions for such things as the problem context. This provides a structure that allows existing analysis methods from any appropriate source to be applied systematically, such that their results are integrated across the whole system. It is shown that this provides for the analysis of not only the security requirements of the whole system but also, where in the system it is practicable to place measures that achieve these requirements. The domain model introduced comprises a logical view of RFID components and a data view of the associations and features that characterise the component interactions. The model's controlled vocabulary allows the domain constructs in RFID systems to be identified and described. A simulator, which has been validated for preliminary 'whole of system' analysis and is based on this domain model, allows experimentation with systems via an application programming interface (API). Work suggested by the reference model is reported as simulation results, and confirmed by laboratory experimentation using Class-One Generation-Two RFID equipment. Whereas Juels (2005) showed that tags of this standard can be reprogrammed so that they can be authenticated by a reader, the results in this thesis illustrate how readers can be reprogrammed to expose clone tags, thereby contributing an additional security solution. This thesis addresses an analysis gap in the RFID security field by introducing a 'whole of system' approach made possible by the proposed reference model. The results illustrate that the effectiveness of security in RFID systems can be improved by employing a range of individual analysis methods integrated into this model.