Open Access Repository

A whole of system approach to analysis of security in RFID Systems using an integrated layered and partitioned reference model


Downloads per month over past year

Mirowski, LT 2011 , 'A whole of system approach to analysis of security in RFID Systems using an integrated layered and partitioned reference model', PhD thesis, University of Tasmania.

[img] PDF (Whole thesis)
Mirowski_Thesis...pdf | Download (1MB)
Available under University of Tasmania Standard License.


This thesis proposes the use of a ‘whole of system’ approach to the analysis of
security in Radio Frequency Identification (RFID) systems and introduces a
reference model for this purpose. It illustrates the advantages of this approach in the
context of detecting clone tags within RFID systems, including the specific example
of a pharmaceutical supply chain. It compares the results from using the proposed
model with those from previous work that adopted a more localised approach (Rotter
2008; Mitrokotsa et al. 2010). In order to enable the ‘whole of system’ approach, a
domain model for RFID systems is introduced and a simulator based on this is
implemented. Interesting insights arising from simulator results are confirmed
through laboratory experiments.
The reference model proposed consists of the three horizontal layers suggested by
previous authors: real world, RFID and strategic (Mitrokotsa et al. 2008, 2009), but
adds vertical security partitions for such things as the problem context. This
provides a structure that allows existing analysis methods from any appropriate
source to be applied systematically, such that their results are integrated across the
whole system. It is shown that this provides for the analysis of not only the security
requirements of the whole system but also, where in the system it is practicable to
place measures that achieve these requirements.
The domain model introduced comprises a logical view of RFID components and a
data view of the associations and features that characterise the component
interactions. The model’s controlled vocabulary allows the domain constructs in
RFID systems to be identified and described. A simulator, which has been validated
for preliminary ‘whole of system’ analysis and is based on this domain model, allows
experimentation with systems via an application programming interface (API).
Work suggested by the reference model is reported as simulation results, and
confirmed by laboratory experimentation using Class-One Generation-Two RFID
equipment. Whereas Juels (2005) showed that tags of this standard can be
reprogrammed so that they can be authenticated by a reader, the results in this thesis
illustrate how readers can be reprogrammed to expose clone tags, thereby
contributing an additional security solution. This thesis addresses an analysis gap in the RFID security field by introducing a
‘whole of system’ approach made possible by the proposed reference model. The
results illustrate that the effectiveness of security in RFID systems can be improved
by employing a range of individual analysis methods integrated into this model.

Item Type: Thesis - PhD
Authors/Creators:Mirowski, LT
Keywords: computer security, RFID, utas, thesis
Additional Information:

Copyright © the Author

Item Statistics: View statistics for this item

Actions (login required)

Item Control Page Item Control Page