You are on page 1of 42

Royal Holloway University Of London

CRITICAL REVIEW OF RFID BASED LOGISTICS/TAGGING SYSTEMS


PROTECTING LOW TO HIGH VALUE ITEMS

BY

Simab Ishtiaq Chuhan


Student Number: 100581612

A thesis submitted in partial fulfillment of the requirements for the degree of

MSc Information Security

Royal Holloway, University of London

2008

Supervisor: KEITH MAYES

Submitted as part of the requirements for the award of the MSc in Information
Security at Royal Holloway, University of London.

I declare that this assignment is all my own work and that I have acknowledged
all quotations from the published or unpublished works of other people. I declare
that I have also read the statements on plagiarism in Section 1 of the Regulations
Governing Examination and Assessment Offences and in accordance with it I
submit this project report as my own work.

Signature (handwritten candidate number): ___________________________

Date:

1 MSc Information Security


Royal Holloway University Of London

Royal Holloway University of London

Abstract

In today‟s world there is a rapidly increasing demand for wireless activities such as Radio
Frequency (RFID) tagging system for assets tracking. My project based on critical review
of RFID tagged high and low based frequency tagged using in logistics system for assets
tracking. I discussed the detail structure of management process of RFID tagged in
logistics systems how its works. We can say that RFID providing the financial security
safety and decrease the risk of lost, saving time and labor management. Beside also I did
discuss about the measure attacks and tagged manipulating, cloning, removing etc.
ISO/IEC 14443 has defined standards for RFID tags which specify the ranges and
transmission methods. RFID have proved their importance in daily life therefore its
rapidly increasing in assets controlling beside there is also misunderstanding between
people who think that RFID Tagged are vulnerable which monitors their all actions but
the RFID tags only used for assets tracking its only about the product which should going
to right hands its giving the unique identification for each product. I did also discussed
about other organization‟s view on RFID whom successfully using RFID tagged for
securing tier business and providing better customer services.

2 MSc Information Security


Royal Holloway University Of London

ACKNOWLEDGEMENTS

Without the help and support from the following people, this project would have not been
as successful as it was. The author wishes to extend his gratitude to the following people:

Firstly, I would like to extend my gratitude to my project supervisor, Dr Keith Mayes


who has assisted me throughout this project. His excellent guidance helped me to
overcome my limited knowledge about turbulence models.

Secondly, I would like to thank my Academic advisor, Dr Allan Tomlinson. He spent his
precious time advising me on this project. I would like to thank also Mr. Mohammad
Faran who helped me a lot to complete this project.

Thirdly, my heartfelt gratitude goes to my family and especially my father who gave me
this opportunity to come far from my home country and pursue master degree in one of
the top universities in U.K.

Finally, I would like to thank my house mate‟s friends, for their greatly appreciated help
and support.

3 MSc Information Security


Royal Holloway University Of London
Table of Content

Table of Content
1. Introduction…………………………………………………………………...….2
1.2. History of RFID………………………………………………………………...2

2. Basics of RFID Systems……………………………………………………..……2


2.1. RFID Tags………………………………………………………………………2
2.1.1. Passive Tags……………………………………………………………….2
2.1.2. Active Tags………………………………………………………………..2
2.1.3. Semi-Passive Tags………………………………………………………...2
2.2. RFID Readers…………………………………………………………………..2
2.3. Middleware……………………………………………………………………..2
2.4. Radio Waves Frequencies……………………………………………………...2
2.4.1. Low Frequency (LF)………………………………………………….............2
2.4.2. High Frequency (HF)………………………………………………………...2
2.4.3. Ultra-High Frequency (UHF)………………………………………………..2
2.5. Differentiate Between RFID and Barcodes…………………………………...2
2.6. Electronics Product Code (EPC)………………………………………............2
2.7. EPC Global Network…………………………………………………………...2

3. RFID Product Supply chain Management…………...…………………………2


3.1 Suppliers…………………………………………………………………………2
3.2. Manufacturing………………………………………………………………….2
3.3Finish Goods Distribution……………………………………………………….2
3.4. Retailer / Distributor Distribution……………………………………...…….. 2
3.5. Retail Store……………………………………………………………………...2
3.6. Consumer……………………………………………………………………….2
3.7. Example of Retail Supermarkets……………………………………………...2
3.7.1. Tesco…………………………………………………………………………..2
3.7.2. Wal-mart…………………………………………………………………..….2
3.8. Low Level and High level Inventory Management…………………………...2
3.9. Returnable Transport Item……………………………………………………2
3.9.1. Pallets, Roll Container, Dolly, Rolly, Mainitainer, Crate………….…..2
3.10. Logistics Customers and Organization…………………………………...… 2
3.11. RFID Implementation and Pilot Projects……………………………………2

4. Benefits of RFID in Logistics and Standards………………………………...…2


4.1. Increased Accuracy………………………………………………………….…2
4.2. Faster Throughput……………………………………………………………..2
4.3. Lower Inventory………………………………………………………………..2
4.4. Management Exception………………………………………………………...2
4.5. EPC Global Standard Classes Protocols…………………………………….. .2
4.6. Characteristics Table of RFID Technology…………………………………...2
4.7. ISO Standards………………………………………………………………......2

4 MSc Information Security


Royal Holloway University Of London

4.8. ISO Standards for Supply Chain Management Applications………………..2

5. Security and Countermeasures of RFID…………………………………….......2


5.1 Virus Attack……………………………………………………………………..2
5.2. RFID Worms……………………………………………………………………2
5.3. RFID Tag Removing…………………………………………………………...2
5.4. Tag Cloning……………………………………………………………………..2
5.5. SQL Injection…………………………………………………………………...2
5.6. DOS Attack……………………………………………………………………..2
5.7. Middleware Attack……………………………………………………………..2
5.8 Radio Waves Jammer and Signal Blocking…………………………………....2
5.9. Tag Collision…………………………………………………………………....2
5.10. Lack of Knowledge……………………………………………………………2
5.11. RFID Backup Process………………………………………………………...2
5.12. Mutual Authentication………………………………………………………..2
5.13. Countermeasure………………………………………………………………2

6. Conclusion………………………………………………………………………...2

7. Bibliography………………………………………………………………………2

5 MSc Information Security


Royal Holloway University Of London

List of Figures

Figure 0. Tags [24]………………………………………………………………………1

Figure 1: Passive Tags [25]……………………………………………………………..1

Figure 2: Passive Tags [25]……………………………………………………………..1

Figure 3: Passive Tags [25]……………………………………………………………..1

Figure 4: Active Tags [13]……………………………..………………………………..1

Figure 5: RFID Readers [13]…………………………..………………………………..1

Figure 6: Antenna [14]……………………………………...…………………………..1

Figure 7: RFID Middleware [20]………………………………………………………..1

Figure 8: EPC Code Type [15]……………………………………………………….…1

Figure 9/9.1: EPC 2nd Gen Code Type [16]……………………………………….……1

Figure 10: EPC Global Network [15]…………………………………………………...1

Figure 11: Customer Warehouse Scenario [28]…………………………………………1

Figure 12: RFID in the Supply Chain [26]……………………………………………...1

Figure 13: Pallets [15]…………………………………………………………………..1

Figure 14: Roll Container [15]………………………………………………………….1

Figure 15: Dolly [15]…………………………………………………………………....1

Figure 16: Crate [15]…………………………………………………………………....1

Figure 17: Rolly [15]...….................................................................................................1

Figure 18: Minitainer [15]...………………………………………………………….....1

6 MSc Information Security


Royal Holloway University Of London

Figure 19: Logistics Customers [17]……………………………………………………1

Figure 20: Logistics Organizations [18]………………………………………………...1

Figure 21: Retail Customers [19]……………………………………………………….1

Figure 22: Basic Function [38]…………………………………………………………...1

Figure 23: Authentication Process [39]…………………………………………………...1

7 MSc Information Security


Royal Holloway University Of London

List of Table

Table 1: RFID Implementation and Pilot Projects [23]…………………………………2

Table 2: EPC Global Standard Classes Protocols [21]…………………………………….2

Table 3: Characteristics Table of RFID Technology [21]…………………………………2

Table 4: ISO Standards [21]……………………………………………………………....2

Table 5: Draft ISO RFID Standards [21]…………………………………………………2

8 MSc Information Security


Royal Holloway University Of London

1. Introduction:
RFID (Radio-Frequency Identification) is an automated data capture technology used to
identity, track and store information about physical items. It consists of three components
which are RFID tags (transponder), RFID readers and transceiver with decoder. It
operates on the radio signal and operates on different frequencies. RFID works on a very
basic concept. A signal is sent to transponder which sent back a signal (passive tags) or
broadcasts a signal (active tags).

1.2. History of RFID:

It was first used by Britain in 1939 during World War II to identify friendly and enemy
aircrafts. Each aircraft has transmitter installed on it and it broadcast the signal back as
the transmitter received signal from the radar on the ground. Advances in radar and RF
communications system continued during 1950s and 1960s. Scientists and academics in
the United States, Europe and Japan did research and presented papers explaining how
RF energy could be used to identify objects remotely. During 1960s it was considered for
the commercial world. The first modern RFID system was demonstrated in 1971 to the
New York Port Authority which consisted of 16 bit transponder and a passive device
powered by interrogating signal for use as toll device.

The First U.S patent for an active RFID tag with rewritable memory was awarded to
Mario W. Cardullo on January 23, 1973. Also in 1973, Charles Walton, a California
entrepreneur received a patent for passive transponder used to unlock a door without a
key. A card with embedded transponder sends signal to the reader near the door. When
the reader detected a valid identity number stored within the RFID tag, the reader
unlocked the door. Walton licensed the technology to Schlage, a lock maker, and other
companies. In 1970s US government developed RFID system to track Nuclear Weapons
that use transponder on trucks and readers at the gates of the secure facilities.

This system was commercialized during mid 80s and automated toll payment systems
was created and widely used on roads, bridges and tunnels around the world. Also the
same scientist who developed toll system created passive RFID tag system to track cows
that uses UHF radio waves. The device drew energy from the reader and simply reflected
back a modulated signal to the reader using a technique known as backscatter. Later
companies developed low frequency (125 kHz) system that uses small transponders. Low
frequency transponders were also put in cards and used to control the access to buildings.
Later companies moved to high frequency (13.56 MHz) which was unregulated and
unused in most part of the world. High frequency offered greater range and faster data
transfer rates are possible. Companies in Europe started to use 13.56 MHz frequency to
track reusable container and other assets. Today, 13.56 MHz RFID systems are used for
access control, payment systems (Mobile Speed pass) and contact less Smart Cards. In
the early 1990s, IBM engineers developed and patented an ultra-high frequency (UHF)
RFID system. UHF offered longer read range (up to 20 feet under good conditions) and
faster data transfer.

9 MSc Information Security


Royal Holloway University Of London

IBM tested its technology with Wal-Mart but that technology was never commercialized
and in mid 1990s IBM sold it patents to Intermec. Intermec RFID systems are used from
warehouse tracking to farming. But at that time due to low volumes of sales and lack
open international standards the technology was expensive. In 1999 Uniform Code
Council, EAN International, Procter & Gamble and Gillette funded to establish the Auto-
ID Center at MIT for UHF RFID research. David Brock and Sanjay Sharma was
working on low cost RFID tags.

In order to decrease the cost their idea was to put only serial number on tag. The data
associated with the serial number would be stored in internet accessible database.
Previous tags were like mobile database that carried information about the product or
container they were on with them as they traveled. They turned RFID into a networking
technology by linking objects to the Internet through the tag. For businesses, this was an
important change, because now a manufacturer could automatically let a business partner
know when a shipment was leaving the dock at a manufacturing facility or warehouse,
and a retailer could automatically let the manufacturer know when the goods arrived.

Between 1999 and 2003, the Auto-ID Center gained the support of more than 100 large
end-user companies, plus the U.S. Department of Defense and many key RFID vendors.
It opened research labs in Australia, the United Kingdom, Switzerland, Japan and China.
It developed two air interface protocols (Class 1 and Class 0), the Electronic Product
Code (EPC) numbering scheme, and a network architecture for looking up data
associated on an RFID tag on the Internet. The technology was licensed to the Uniform
Code Council in 2003, and the Uniform Code Council created EPCglobal, as a joint
venture with EAN International, to commercialize EPC technology.

The Auto-ID Center closed its doors in October 2003, and its research responsibilities
were passed on to Auto-ID Labs.
Some of the biggest retailers in the world—Albertsons, Metro, Target, Tesco, Wal-
Mart—and the U.S. Department of Defense have said they plan to use EPC technology to
track goods in their supply chain. The pharmaceutical, tire, defense and other industries
are also moving to adopt the technology. EPCglobal ratified a second-generation standard
in December 2004, paving the way for broad adoption.

Ref: [40, 41, 42, 43].

10 MSc Information Security


Royal Holloway University Of London

Chapter 2
------------------------------------------------------------------------------------------------------------
2. Basics of RFID Systems……………………………………………………..……11
2.1. RFID Tags………………………………………………………………………11
2.1.1. Passive Tags……………………………………………………………….12
2.1.2. Active Tags………………………………………………………………..13
2.1.3. Semi-Passive Tags………………………………………………………...13
2.2. RFID Readers…………………………………………………………………..13
2.3. Middleware……………………………………………………………………..15
2.4. Radio Waves Frequencies……………………………………………………...16
2.4.1. Low Frequency (LF)………………………………………………….............16
2.4.2. High Frequency (HF)………………………………………………………...16
2.4.3. Ultra-High Frequency (UHF)………………………………………………..16
2.5. Differentiate Between RFID and Barcodes…………………………………...16
2.6. Electronics Product Code (EPC)………………………………………............17
2.7. EPC Global Network…………………………………………………………...18
------------------------------------------------------------------------------------------------------------

2. Basics of RFID Systems

RFID systems are used to identify and track objects or people using radio waves. It is
possible by reading microchips that contains unique numbers that can identify objects,
people and information. These microchips can be read automatically, unlike bar code that
is scanned manually. Due to its automatic identification it is gaining popularity in the
world to identify and track objects. RFID systems is made of three components

1. RFID Tag (Transponder).


2. RFID Reader (Transceiver).
3. Middleware

2.1 RFID Tags:

Basically RFID Tags are microchips that used to store data on it. Before late 1990s it
used to contain much more information then it is used to be stored now a days. These tags
are large and very expensive because of large microcontroller and memory. Now a days
tag only store serial numbers that are large enough to store a unique identification of a
single product not like barcode that store similar information about the same type of
product. These tags can be Read-Only or Read-Write capability. Read-only tags have
unique information stored during its manufacturing process also referred as „name plate‟
application. The information cannot be changed on the Read-only tags. With Read-Write
tags user can manipulate information on the tags when the tags are within user range.

11 MSc Information Security


Royal Holloway University Of London
Read-Write tags are more expensive than Read-only tags. Some of the tags allow user to
permanently disable the tag. These tags stop responding to the reader after it receives kill
code. There are also anti-collision types of tags which are useful where there are many
tags are nearby. They know how to wait for their turn when responding to reader. RFID
tags can be made of different types of material with different shapes and sizes. PVC or
plastic buttons and disks usually include a central hole for fasteners and are durable and
reusable. Tags shaped like credit cards are contact less smart cards. Tags made into the
layers of paper in a label called “smart labels”, can be used instead of bar code labels.
Small tags can be embedded into common objects such as clothing, watches and
bracelets. These small tags can also come in the form of keys and keys chains. Tags can
also be put in glass containers to be used in corrosive environments or in liquids

There are three types of tags that are used now days.

1. Passive.
2. Active.
3. Semi-Passive.

Figure: 0[24]
2.1.1. Passive Tags:

As the name suggests Passive tags have no power of its own. These tags are powered by
electromagnetic field generated by the reader and provide enough power to the circuit for
power up and to send back the signal to the reader. These tags operate by backscattering
(reflection of the signal back to the source) the radio wave from the reader. Passive tags
practical read distance ranges from 10 cm (ISO 14443) up to few meters (Electronic
Product Code (EPC) and ISO 18000-6) that depend on the radio frequency and the
antenna size. These tags are very small as compared to active tags because lack of power
source. It holds less information as compared to active tags. These are the most cost
effective and reliable. Passive tags are less reliable as compared to active tags but some
passive tags are much work effective then active tags like in water and tin foils. The tags
remain readable for the long time even after the product is sold. Tags have life of twenty
years or more.

Some Passive tags

Figure: 1[25] Figure: 2[25]

12 MSc Information Security


Royal Holloway University Of London

Figure: 3[25]
2.1.2. Active Tags:

Active tags have their own power source which is used to power the circuit and send the
respond signal to the reader. Active tags range of operation is up to 100 meter and
battery source life is up to ten years. Active tags are more expensive and bulkier than
passive tags due to internal power supply for the tags. It holds more information as
compared to the passive tags. These tags due to its on power supply it can transmit at
higher power level which allows them to be work better in environment with humidity
and spray or with dampening targets (objects containing water), reflective targets from
metal (containers, vehicles) and at longer distances. They are more reliable because of the
ability to conduct Session with the reader. Active tags can have more memory as
compared to passive tags and may store additional information received from the reader.

Active Tags
Figure: 4[13]
2.1.3. Semi-Passive Tags:

These tags have their own power source but it powers only the circuit not the antenna to
broadcast the signal. For response it worked the same way as passive tags. They have
greater sensitivity than passive tags which can be used for greater range and enhanced
reliability. It has longer battery life as compared to active tags. It can perform active
functions such as temperature monitoring using its own power even without the reader.

2.2. RFID Readers:

Basically RFID readers performs various function from activating tags, send querying
signals, supplying power to passive tags and to the antennas of semi-passive tags,
encoding the data sent to the tag and decoding data received from the tag. It typically
consists of transmitter and receiver, a control unit and a coupling element (antenna) .The
reader can be fixed or handheld. It emits electromagnetic waves. The range of the reader
depends upon the radio frequency used and power output. They can be fitted with an

13 MSc Information Security


Royal Holloway University Of London
additional interface that can convert radio waves returned from the RFID tags to
computer system, like computer system or any programmable logic controller. It contains
one or more antennas. A reader consists of four subsystems.

Some Readers
Figure: 5[13]

a. Reader API:

The reader API is the application programming interface that allows programs to
register for and capture RFID tag read events. It also provides capabilities to
configure, monitor, and otherwise manage the reader.

b. Communications:

Readers are edge devices, and like any other RFID devices; they are connected to
the overall edge network. The communications component handles the
networking functions.

c. Event Management:

When a reader sees a tag, we call this an observation. An observation that differs
from previous observations is called an event. The analysis of observations is
called event filtering. Event management defines what kinds of observations are
considered events and determines which events are interesting enough to merit
being either put in a report or sent immediately to an external application on the
network.

d. Antenna subsystem:

The antenna subsystem consists of one or more antennas and the supporting
interfaces and logic that enable RFID readers to interrogate RFID tags.

14 MSc Information Security


Royal Holloway University Of London

Antenna
Figure: 6[14]

2.3. Middleware:

Middleware is software that bridges RFID hardware and enterprise application. It is the
primary means of data gathering for any RFID deployment. It consists of computer
hardware and data processing software connection to enterprise inventory or
identification management system. It provides operating system, data repository and
processing algorithm that convert multiple tags data into visible tracking or identification
data. It can be managed by company personal or be contracted to an IT service. It allows
user to monitor, deploy, issue commands and configure readers through common
interface. It collects data from reader and provides filtering, formatting or logic so that it
can be processed by software application such as Supply Chain Management (SCM),
Enterprise Resource Planning (ERP), Warehouse Management (WMS) or Customer
Relationship Management (CRM) Systems. It can be standalone system or can be merged
with the RFID reader.

Figure: 7[20]

15 MSc Information Security


Royal Holloway University Of London

2.4. Radio Waves Frequencies:


RFID tags communicate with reader via radio waves which
based on electromagnetic. Generally following frequencies are using for RFID passive
tags.

 Low Frequency (LF)


 High frequency (HF)
 Ultra-high frequency (UHF)

2.4.1. Low Frequency (LF)


These kinds of tags are work around 125 kHz to 134.2 kHz and the
reading range is approximately 40 to 50 cm. Because of insensibility and interference of
tags reading is low. For example 134.2 kHz has been adopted internationally for animal
identification. The international standards organization (ISO) defined for electronically
identification of the animal are based on LF 134.2 kHz on the (ISO 11784/11785).

2.4.2. High Frequency (HF)


High frequency (HF) tags are using the more energy, currently
using in tracking books in libraries and airport baggage systems. The international
standard of organization (ISO) 15693 provides detail of frequencies which work on 13.56
MHz and can readable around one meter of distance.

2.4.3. Ultra-High Frequency (UHF)


These kinds of tags using the higher energy then HF tags it‟s
working between 860 to 930 MHz and can readable more away from HF tags reading
distance like three to 6 meter of range. This frequency tags are more use full in supply
chain management can be use for tracking pallet, dolly, and cases.

2.5. Differentiate Between RFID and Barcodes


There is many retail supplier can be used
barcodes for their assets tracking and still they need more information about to adopt
RFID system following describe the comparison of RFID and barcodes.
 Barcodes
1. Barcodes can read individually
2. Should be visible lining for reading
3. Cant read if tags are dirty of damaged
4. Usually reading manually which effect on labor cost
5. Limited quantity of information on barcodes can not to be change should
have to replace with new barcodes
 RFID
1. Faster reading because of multiple reading automatically
2. No sight of lining required for reading
3. Tags are integrated with material and packaging can read in dirty
environment
4. No labor cost required because of reading automatically via antenna and
reader
5. Possibility of changing information required like quantity or temperature
fluctuations.

16 MSc Information Security


Royal Holloway University Of London
2.6. Electronics Product Code (EPC)
EPCglobal an organization build the electronic
product code for next generation of product identification code. There tags consist of 96
and 64 bits long digits.

The tag code is based on header, EPC Manager, Object Class and Serial Numbers.
Following figure shows the tags contents for example there is header, header is shows the
current version of EPC code, to next is EPC Manager which is 26 bits define the product
manager or a product manufacturer for example if bottle of wine by fosters company
fosters company have their own code for their product which shows in EPC Manger
column in tags suppose that 01 is the code for class 1 of EPCglobal table and 0000A89 is
the manufacturer which we assume that is Fosters a wine company code.

Now the Object class its given the product information of the company for example if a
cane of foster 320ml which we can assume the product code is 00016F in the figure, now
we get class of code which brand is that product and which product is the company.

The serial number is use for unique identification every single unit of foster cane have
different serial number, through the 96 bit long integer tag code, we can get 68 billion
unique serial numbers and 16 million objects classes and 268 million companies in our
EPC Manager codes.

Figure: 8[15]

The next Gen2 EPC Global code is still facing tough research work. Gen 2 passive tags
can work in thin metal and deep water too because of the micro chip and antenna will
help to detect radio waves and help to reduce blocking waves. Gen 2 smart label shows in
following figure

Figure: 9[16]

17 MSc Information Security


Royal Holloway University Of London

The figure shows the smart label size width and inside structure of chip and antenna there
is few more characteristics define in following figure

Figure: 9.1[16]

2.7. EPC Global Network


EPC global now is using the GSM and GPS system for real time
tracking product during the supply around the world. To exchange information of product
using the internet service following figures shows the network of EPC Global structure

Figure: 10[15]

Layer one is tags and sensors every tags should have to go through readers, readers may
forward information to the savant, savant work for filtering data its work like a part of
middleware application to reduce the size of data and getting the valuable information

18 MSc Information Security


Royal Holloway University Of London

which may needed. Fourth layer of EPC Information Service may provide the
information which received from savant such as object detail, manufacturer date and
forward that detail to Object name service (ONS) besides also converting the information
to the physical markup language PML.

Object name service is the cache which work like Domain name services (DNS) on
internet and other network can read the physical markup language (PML). Object name
service (ONS) service send request to enterprise application database where the all
product information available from the manufacturer. EPC global has awarded with the
VeriSign to work on object name service on global network for tracking in real time.

19 MSc Information Security


Royal Holloway University Of London

Chapter 3
------------------------------------------------------------------------------------------------------------
3. RFID Product Supply chain Management…………...…………………….………20
3.1 Suppliers……………………………………………………………………….……21
3.2. Manufacturing……………………………………………………………………..21
3.3Finish Goods Distribution……………………………………………………….….21
3.4. Retailer / Distributor Distribution……………………………………......…….. 21
3.5. Retail Store………………………………………………………………………...22
3.6. Consumer………………………………………………………………………….22
3.7. Example of Retail Supermarkets………………………………………………...23
3.7.1. Tesco……………………………………………………………………………..23
3.7.2. Wall-mart……………………………………………………………………..….23
3.8. Low Level and High level Inventory Management……………………...……...23
3.9. Returnable Transport Item………………………………………………………23
3.9.1. Pallets, Roll Container, Dolly, Rolly, Maintainer, Crate………………..24
3.10. Logistics Customers and Organization……………………………………..… 25
3.11. RFID Implementation and Pilot Projects………………………………………26
------------------------------------------------------------------------------------------------------------
3. RFID Product Supply chain Management.

Process of RFID management is the same as product life cycle just each step is monitor and
saving the time, labor and its cost. Every business tycoon looking for their business growth and
satisfaction of customers when customer feels unsafely about their product usage or product been
stolen disrupting them for using that facilities. A small example of laptop companies who build
laptop and sending to distributors and retail during the journey all laptop or some of laptop stolen
from theft they cannot do anything to stop them using except complaining or claiming. RFID help
to manage each product their quantity and track in each way for example If I got RFID tagged
laptop and some steal it from me where ever they can go every NFC(near frequency reader) can
read their signal about their location If I can complain about my laptop been stolen they only need
my name and my order number they will get all detail about my laptop serials and their RFID
code because each RFID tagged has unique identification, if they send request to find particular
tagged reference number on internet they get the result of RFID product where it is each NFC
(near frequency reader) will check 1st in their local database about the product if not exist then it
goes to internet to find the location of the server where its match the tagged number and get the
location of the product. Its help business because technology cost and ongoing operation is fixed
it‟s not goanna change. Cost is low and their benefits are high. Following fig describe some part
of management:

Figure: 11[28]

20 MSc Information Security


Royal Holloway University Of London

Suppliers

If we can talk about any farming product like vegetables which comes from the
farmers, farmers are collecting the goods in bulk quantity gathering them and
sending to manufactures. In other example of any electric machines supplier
sending every single part of machine to manufacturer for assembling all raw
goods comes from suppliers.

3.2. Manufacturing

Second and important part of manufacture for example if they receiving bulk of
mangoes they are doing their packaging put RFID tagged on each package make
them separate in quantity wise or weight wise each tagged has their unique
identification and have their code number once you put tagged on product its goes
to database that this number of tagged been issued for product. Because of EPC
(electronic product code) which saved in database which interlink to network may
help to track the product during their journey. Manufacturer sending goods to
distributions, when product leaving from manufacturing channel its catch their
quantity of product from database which goes through exit channel because of
every exit gate there is reader which read the electronics code like RFID Tagged.
When its exit from the channel its counting the time when will it reach to their
destination.

Finish Goods Distribution

Again same procedure to follow from step 2 that when receiving goods from
manufacturer reader read the each product code from delivery and check with data
base which interlink through network when they received all of them they will
give green signal to manufacturer if there is any one of missing its shows that
something missing in product and they will check all product code if any one is
missing its shows in system that this box of product is not receiving through
channel, those code may check on the channel through RFID where it is lost.

3.4. Retailer / Distributor Distribution

Distributors and retail order the quantity of goods to the distribution for example
if I am owner of Sainsbury‟s I have my own many retail stores and my own
warehouse where I can save my all product I do order to home base or anyone
else to send me millions of cokes to my warehouse suppose that home base is the
distribution channel who sells products. I have received the all product on my
warehouse but for my business saving I got same technology as distribution has
when they send me product also sending me the list of product code or can share
through network when I receive the all product if there is any missing distribution
may know which is missing every RFID tagged read in my local database and its
compare with the network database if the records exist its go through if its not it
will give me alert and we will inform to distribution if anything missing during
channels.

21 MSc Information Security


Royal Holloway University Of London
3.5.Retail Store

The second last step of goods is to sending goods in retail store where every
consumer can come to buy that product. Retail store interlink to their local
retailers and also read the each box of tagged which goes to data base for
rechecking of delivery, every retailer have their own key for unlocking the
product. For example some store we saw bottles of alcoholics drinks which
tagged with bar codes and physical locks when customer want to buy that product
they have to go to till operator for removing that lock manually. When customer
took any product any going to pay off to till, till operator scan those product
which goes to database and given confirmation that this product has been sold and
received valuable cost of product which help to manage business cost and help to
reduce stealing from thefts if products is not scanned from till operator and its
going out from the exit door its will give alert to guard that someone steal
something.

3.6. Consumer

Those who buying the product for using their own usage when they bought
product from retail stores its still can be track for example if customer buy any
expensive electric gadgets which cost very high those product are tagged with
RFID tags if you lost your gadgets or stolen by someone you can complain it
against the product and RFID tagged may track the product where its been using.
People who buying the products are feel safe about their gadgets because of
company‟s who‟s providing security for customer‟s valuables. Following figures
shows the complete chain of process:

Figure: 12[26]
22 MSc Information Security
Royal Holloway University Of London

3.7. Example of Retail Supermarkets


Some retail organizations are successfully using RFID
technology in their business like some retailers Wal-Mart, Target, Tesco and Albertson.

3.7.1. Tesco
Tesco is the market leader in UK there is more then 1200 store and distribution
centre around the UK. They are adopted the RFID technology with the help of
EPCglobal, after more then two years of testing they adopt the standard of RFID. They
choose the UHF tags for their cases, pallet, trays and cages. They are ensured their
manufacturing of all barcode frequencies and power levels conform to European
regulation authority. They are fitted the all technology from distribution to retail stores
now they are able to monitor their high value assets during supply chain. Tesco has
selected OATSystems to provide software infrastructure for their RFID system,
OATSystems are specialist in middleware applications and filtering data.

3.7.2. Wal-mart
Wal-mart is the largest retailer, operating 1100 stores, 1900 supercentres, and
575 Sam's clubs. They are using the gen2 RFID tags their suppliers are Alien
Technology, Avery Dennison, Texas Instruments, Impinj, Omron, STMicroelectronics,
for tracking and analysis in real time promotion execution they are following OAT
System. Their financial earning is $12.6 billion on $350 billion in sales with the profit
margin is 3.6%.Reducing out 30% of stock incidents in stores making additional $3.4
billion in sales.

3.8. Low Level and High level Inventory Management


Differentiate between low level and
high level inventory where is the right place to put tags every tags have different price
and different range we cant use the same tags to every single goods some products are
high cost and some of them are low for a retail example a crate of lose okra we can not
put RFID tags in every single peace of Okra but we can put tags on crate normally we
saw in supermarkets they are using barcode on crate which give detail information about
product like weight , quantity and date of expiration. This kind of low level cost of goods
can be tracked by their carrying stuff like crates, cases etc. To High level inventory in
retail which can be electronics goods because of high cost. For example a laptop or a
television or mp3 players or mobile devices which is cost high like £100 to £1000 if we
can put £1 tags in each device which is worth full for tracking assets and saving goods to
stealing and also giving information about live stock checking if the item is sold or
missing will find automatically and sending order to new deliveries.

3.9. Returnable Transport Item


In this section we will discuss about where we have to place
RFID tags for saving low level inventories and also how to track those assets which help
in real time transport during supply chain.

23 MSc Information Security


Royal Holloway University Of London
3.9.1. Pallets, Roll Container, Dolly, Rolly, Mainitainer, Crate
Pallets are used in retail business for loading crates and other groceries items such
as drinks, toiletries, fruits, vegetables and other home shops items. Every returnable
transport item are temporarily living to store it should be send it back to distribution
channel. To place tags in different angle of pallet can be good for assets tracking.

Figure: 13[15]
There is few more stuff which is currently using in retail business and other places for
loading and delivering goods those assets are called returnable transport items (RTI).
Following figures shows some of them which is currently used in retail and other delivery
purpose.

Figure: 14, 15, 16, 17, 18[15]

24 MSc Information Security


Royal Holloway University Of London
3.10. Logistics Customers and Organization
Following are some logistics customers
and logistics partners who are successfully using and supplying the RFID System for
their business purpose.

Figure: 19[17]

Figure: 20[18]

Figure: 21[19]

25 MSc Information Security


Royal Holloway University Of London

3.11. RFID Implementation and Pilot Projects


Following table shows those vendors their
technology was used and some information about cost, protocols and types .

Table: 1(23)

26 MSc Information Security


Royal Holloway University Of London

Chapter 4
------------------------------------------------------------------------------------------------------------
4. Benefits of RFID in Logistics and Standards………………………………...…27
4.1. Increased Accuracy………………………………………………………….…27
4.2. Faster Throughput……………………………………………………………..27
4.3. Lower Inventory………………………………………………………………..27
4.4. Management Exception………………………………………………………...27
4.5. EPC Global Standard Classes Protocols…………………………………….. .28
4.6. Characteristics Table of RFID Technology…………………………………...29
4.7. ISO Standards………………………………………………………………......30
4.8. ISO Standards for Supply Chain Management Applications………………..31

4. Benefits of RFID in Logistics and Standards

4.1. Increased Accuracy

RFID tags increase accuracy because it is not using any manual scanning or any human
interaction every tag read by automatic readers which reduce the manual scanning and
help to detect any unreadable item or missing goods its help to increase visibility and
accuracy of supply chain.

4.2. Faster Throughput

Reading for tags is too fast of RFID tags because of UHF high frequency which can read
up to 400 /sec with out any human interaction.

4.3. Lower Inventory

Lower inventory is very important and useful, lower inventory levels must be accurate
and visible because it will shows the 100% accuracy of capital. RFID allows checking
lover inventory visibility and the response from all technology of RFID which build up in
organization.

4.4. Management Exception


Manager will get few exceptions like checking deliveries,
counting, saving labor cost to using only one person who can receive the delivery before
that almost every where more the two people have to receiving the deliveries one can
receive and other one have to count, tracking asset which can be tracked automatically
when needed some of them like returnable transport item which is reusable if any item is
misplaces in warehouse to trace easily because of RFID tags.

27 MSc Information Security


Royal Holloway University Of London
4.5. EPC Global Standard Classes Protocols

EPC tags classes define in following table which describing the EPC middleware savant,
EPC tag reader, object name service (ONS) specification and physical markup
language(PML) which based on xml for communication on EPC Network. Following
table explain the EPC Global classes.

Table: 2(21)

28 MSc Information Security


Royal Holloway University Of London
4.6. Characteristics Table of RFID Technology:
RFID technology working on different range
of frequencies every single frequency has their own advantages and disadvantages
following table shows the characteristics of different frequencies which mostly in used.

Table: 3(21)

29 MSc Information Security


Royal Holloway University Of London
4.7. ISO Standards

There are two major Organizations which related to RFID Technologies in the world the
ISO (international organization for standards) and EPC Global (electronic product code)
both organizations developed the RFID standard for tags, readers and protocols, see the
following table:

Table: 4(21)

30 MSc Information Security


Royal Holloway University Of London

4.8. ISO Standards for Supply Chain Management Applications


Following table more focus on ISO standards such as frequency allocation, air interface
communication range, goods management, product identification.

Table: 5(21)

31 MSc Information Security


Royal Holloway University Of London

Chapter 5
------------------------------------------------------------------------------------------------------------
5. Security and Countermeasures of RFID…………………………………….......32
5.1 Virus Attack……………………………………………………………………..32
5.2. RFID Worms……………………………………………………………………32
5.3. RFID Tag Removing…………………………………………………………...32
5.4. Tag Cloning……………………………………………………………………..33
5.5. SQL Injection…………………………………………………………………...33
5.6. DOS Attack……………………………………………………………………..33
5.7. Middleware Attack……………………………………………………………..33
5.8 Radio Waves Jammer and Signal Blocking…………………………………...33
5.9. Tag Collision…………………………………………………………………....34
5.10. Lack of Knowledge……………………………………………………………34
5.11. RFID Backup Process………………………………………………………...34
5.12. Mutual Authentication………………………………………………...……..34
5.13. Countermeasure………………………………………………………………37
------------------------------------------------------------------------------------------------------------

5. Security and Countermeasures of RFID

Security of RDIF is a real issue in real world because of RFID chip is easy to hack it
work on radio waves which is easy for others to use any reader and read any tag contents
which is near to them without acknowledgment of owner. Cloning of RFID tags and
removing chips, collision with standards, effects on people privacy those issues are very
high and considerable. There are also some issues which are related to passport, smart
cards and viruses which cause the damage of the data.

5.1 Virus Attack


A virus is a code which automatically replicates their self if reader can read
any tags which source code is a virus once it‟s read it will automatically make their
copies inside the database there is no need for any network connection. If one tags is
infected it may cause to damage other RFID tags and their software‟s.

5.2. RFID Worms


A RFID worm may cause to interrupt whole network connection and help
to give remote access to unauthorized person. The worm can infect RFID system
software and compromise with middleware and server. It may also infect to RFID tags
and each tag infect to other tags It may continuously go on.

5.3. RFID Tag Removing


Some of active tags can be remove from the goods for example if
there you can put an oyster card to any ordinary nail polish cleaner for few hours after
when take it off it will make you easy to check oyster layers of the cards and you can
smoothly take it off the tag chip with using the coil from the oyster card layers we need to
make sure about the power management of the active tags when someone trying to

32 MSc Information Security


Royal Holloway University Of London

remove the tags from goods whole system should be corrupted for example attaching the
oyster chip power to oyster reader power together they both power merge to each other
whenever its trying to removing chip from the oyster it will be damage whole card.

5.4. Tag Cloning


Passive tags are easy to clone because of short memory and some tags are
only readable tags, attacker can scan the tags near them and clone it and write any
malicious code which can abused the whole data base and communicate with middleware
because the passive tags have less security and vulnerable for attacker if there is less
security management on middleware.

5.5. SQL Injection


SQL injection is short malicious code which access to system database,
communicate with middleware. It also help for payload to system and help for buffer
overflow for example,
“Lookup X = apples “
Reader may read all the X‟s but if there is one clone tag come with SQL source code like
“X= apples; loop X”
when the reader read that tag every time it will read the same product code because of
semi column is the exist command of SQL and it cause the multiple read of X which may
cause whole database corrupted until find the exact interruption. For avoiding SQL
injections we have to use single query acceptance, Oracle and SQL both system have that
option to use single query during API execution. MYSQL has different made of
commands which are impossible to damage because it will not accept any query of SQL
command.

5.6. DOS Attack


Denial of service (DOS) attack can happen when reader may not read the tag
or it may hanged for example of a simple door lock which open via RFID Tags key
whenever authorized user try to access in to the house they need to put tag key near to the
reader and get access to enter the house suppose if someone put false RFID tag key hide
near to the reader and leave it as it is that tags reader may continuously read and even the
authorized who got true RFID key cannot access to enter the house because of the false
tags which hidden to the reader.

5.7. Middleware Attack


During the process of reading tags it can be possible to read false
tags which can be damage whole database and give access to unauthorized user to the
central database. To getting UID may help for sniffing between reader and transponder
communication. Declaring false identification and blocking the administrative tasks.
Manipulating with product prices and groups disabling the visibility of product and
disabling the traceability of products these attacks are most generic attack against
middleware.

5.8 Radio Waves Jammer and Signal Blocking


Radio Waves Jammer is ban for ordinary people but attacker can
get easily as we assume every radio Jammer is working on certain limit of frequencies
and power which can block radio wave in some distance. If attacker can get the Jammer

33 MSc Information Security


Royal Holloway University Of London

and put it near to the reader or within certain distance which may cause the block all
readers to read tags until the Jammer switched off or scan manually to every pallets of
goods . Another way is to rape anything with foil paper can block the radio frequency for
example if any product tagged with RFID and to cover up all products with foil paper can
block the RFID signals even some tags can block in water , water can absorbed high level
of frequencies tags.

5.9. Tag Collision


Tag collision problem comes with active tags when too many tags come
same time to reader range because of active tags automatic signaling to near frequency
readers which may confuse the reader to read the tags. All of RFID standards define the
solution of this problem to work on application which read the deferent frequencies and
different product codes.

5.10. Lack of Knowledge


There is still measure problem of lack of knowledge of RFID tags
with compare to barcodes, most of organization has lack knowledge of technology but it
can be possible to get train with new technologies because small organization has a
problem to get trained their employees of hardware and software assembling they need to
hire such organization which may help and monitor their technology mostly big
organization are hiring the some technical company which may continuously monitoring
and tracking their all hardware and software technology. Installation and assembling is
the main hard task for organization, internal body should be familiar with the technology
for achieving the organizational goals.

5.11. RFID Backup Process


Every organization can not stay their business on machines they
need human interaction RFID backup process is also the technology which need human
interaction. Monitoring the each work of technology should be recorded in physically if
there is any fire or damage any electronics which cause the loose whole Goods Detail its
time to time backup process. Technology give us the fast pace to work but we should
need backup for every valuable assets.

5.12. Mutual Authentication


Symmetrical authentication used for identification of
legitimate entities of any tags because communication between reader and tags entities
must be verified from middleware applications. ISO-9798 2 based protocol achieves the
symmetrical authentication of gets challenge response. Another example is if any kind of
tags which pass through the antenna it‟s possible to detect and read by reader because
there is no anti detection method for tags verification therefore we must need the any
mutual authentication for verifying the tags.

34 MSc Information Security


Royal Holloway University Of London

Figure: 22[32]

RFID System must have to use any cryptographic functions such as symmetrical
cryptographic where we can share the key K between tags and receivers for example of
Challenge response of token mostly used nowadays in UK banks they provided card
reader to their customer when customer want to buy any thing online they have been
asked for providing challenge response number when user enter their card to card reader
and enter their pin to get challenge number that challenge number may help to
authorizing for buy any product. For getting challenge number request sending by reader
to transponder when transponder receive the challenge request it‟s generate a random
number “Alice A” and sent to reader , reader may generate their own random number
“Alice b” and verifying both random numbers with shared key K if its verified they will
generate encrypted token 1 sent to transponder and transponder will do the same
procedure with the shared key and decrypt the token 1 and generate their token 2 to send
reader for completing the authentication below figure shows the basic function of
authentication.

Figure: 23[33]

35 MSc Information Security


Royal Holloway University Of London

If there is any reason when a transponders unable to decrypt the token 1 it simply
terminate the session of tags. This kind of mutual authentication can be possible to break
because of random number and key K it might be possible to predict the random number
although the key K is a secret key which can not be shared and all authentication depends
on key K can be possible to get therefore standardized algorithms of cryptographic
function are advised.

For making strength of this protocol we can use “Alice x” numbers instead of “Alice A”
random numbers because of random numbers can be vulnerable for feasible attack such
as data sniffing but (x) number can not be possible to attack even attacker get the
information from the transponder like (Alice X number K key) but still unable to decrypts
the data. Cryptography may help to avoid these kinds of attacks some techniques are
mostly used in current market trend such as SSL, SSH and WEP for security and defense
purpose of an organization.

Nowadays RFID systems are mostly using the symmetric algorithms cryptography
because asymmetric algorithms cryptography needs much computational processing and
getting more power. We have two main classes of cryptographic function symmetric
cryptography and asymmetric cryptography. Symmetric cryptographic protocols are
using their own key for decryption and encryption the data such as AES, 3DES, RC4,
RC5 etc. Asymmetric cryptography is using the two different keys primary key
cryptography and public key cryptography such as like RSA and VISA.

36 MSc Information Security


Royal Holloway University Of London

5.13. Countermeasure
Cryptographic functions help to reduce those attacks like AES, 3DES,
RSA security etc, each tag contain their own key. Cipher system may help to stop
unauthorized access if attacker can read the tags near them they will got the result on
cryptographic form which they can not understand until they got correct key every
organization have their own key some of them are also using public key cryptography
(PKI), beside there is some active tags which playing biometric functions these all
technologies help to reduce risk and safe the capital.

If the reader can read one time function which may help against DoS attack. If there is
any request going to reader and if the reader read it once and giving reply can not take
any other request from same device and disconnect their session with in certain time limit
which may help to stop DoS attack. For example suppose the Denial of Service (DoS)
attack we assume there is door look with RFID tag key can not work if there is any false
tag key hidden near to the reader if we can write command inside the reader that each can
only reader for 20 second after that the device signal may disconnect, which can reduce
the denial of service attack and also giving alert about the false tags which read by reader.
Time session limit is way to stop denial of service attack.

For using Cryptographic techniques which is quite healthy but its depends on algorithms
which is using like DES Algorithms may unblock because of current system and research
3DES and AES are normally acceptable in current trends as we know that about moors
law technology is getting more faster quantum computing is in research there is only few
machine buildup at the moment which may able to block AES and 3DES but currently its
on research mode but it will change whole cryptographic algorithms which may need
more power and more processing. We must have to adopt RFID Principles of fair
information and to get some more valuable knowledge which help to provide assets
safety.

37 MSc Information Security


Royal Holloway University Of London

6. Conclusion

RFID system depends on appropriate tools which may provide security integrity and
privacy. Although, cryptography function such as symmetric and asymmetric
cryptography has playing very crucial role for their security mechanism. There is also
some lack of knowledge for small organization who need to adopt this technology but its
seems in current market that RFID is growing very fast even some of the countries like
Europe and Japan are using RFID system to their currency also British government
interested to make some investigation tools which belongs to RFID. barcodes are went
back because of RFID tags which is more reliable and capturing automates data, for
logistics organizations and goods handling companies RFID System is the gift but there
is some RFID systems are prohibited which can be vulnerable, for adopting the RFID
into the business may improve their efficiency, cost reduction and reduction of work of
employee.

International Standard Organization (ISO) set their all requirements and privacy for
consumer safety and for business relationship. We personally think that there is may
some issue regarding the cost of the tags like such active tags are higher cost and
and some of passive tags are also high because of their needs but it will be fall
down if their market demand will be rise. We note that security companies and
organization are rapidly adopting this technology such as US Department of Defense
(DoD) for their arms traveling monitoring. We must have to adopt RFID system and to
get knowledge of their security and principles and to participate for their developing and
research modules.

38 MSc Information Security


Royal Holloway University Of London

7. Bibliography

1. http://whitepapers.silicon.com/0,3800002489,60114730p,00.htm
2. http://www.rfidconsultation.eu/workshops/19/145.html
3. http://whitepapers.zdnet.co.uk/0,1000000651,260161875p,00.htm
4. http://www.indiainfoline.com/content/bschool/Your_Journal/2006/05/300520
06/Chan.pdf
5. http://www.gs1uk.org/downloads/RFID/rfid-web.pdf
6. http://www.acq.osd.mil/log/rfid/index.htm
7. http://www.rfid.com.au/rfid_animalid.htm
8. http://www.baselinemag.com/c/a/Projects-Supply-Chain/Cover-Story-
WalMarts-Faltering-RFID-Initiative/1/
9. http://www.rfidc.com/docs/introductiontorfid_business.htm
10. http://www.epcglobal.org.hk/modules.php?name=News&file=article&sid=28
0
11. www.ti.com/rfid/docs/manuals/appNotes/EPCGen2ConversionGuidelines.pdf
12. http://groups.csail.mit.edu/cis/cis-theses.html
13. www.atloaug.org/presentations/ATLOAUGRFID200601.pdf [4][5][12]
14. www.ti.com/asia/docs/india/tiidevconf2004/rfid/prateep.pdf [6]
15. http://www.logicacmg.com/pdf/RFID_study.pdf
[8][10][13][14][15][16][17][18]
16. www.ti.com/rfid/docs/manuals/appNotes/EPCGen2ConversionGuidelines.pdf
[9]
17. www.oracle.com/applications/logistics/Logistics.pdf[19]
18. www.sun.com (sun_rfid_golden_pitch_v8.5.pdf) [20]
19. www.sun.com (RetekCC.sept2004.pdf) [21]
20. http://www.forrester.com/rb/research (92315.pdf) [7]
21. http://www.nje.ca/Index_RFIDStandards.htm (2)(3)(4)(5)
22. http://www.logisticsit.com/absolutenm/templates/article-
critical.aspx?articleid=3508&zoneid=31 [2]
23. www.bear.com (bear_stearns_analysis_03.pdf) (1)
24. www.hp.com/Presentazione/Crippa.pdf [1]
25. www.andrewbibby.com UNI RFID workshop 2006 [1] [2][3]
26. GENPACT Global Impact RFID- technology overview 20 Jan 2006
ATLOAUGRFID200601.pdf
27. ISSCC d32_04.pdf 2007 / February 14, 2007
28. www.foxner.com autoid_demand [11]
29. http://www.astrec.jp
30. http://www.theregister.co.uk/2006/03/01/rfid_tibco_tnt/
31. http://www.rfidc.com/
32. http://www.theregister.co.uk/2006/03/01/rfid_tibco_tnt/
33. http://www.rfidjournal.com/article/articleview/509/1/1
34. http://www.epcconnection.com/preconference.php?sectionID=41&trackID=7

39 MSc Information Security


Royal Holloway University Of London
35. http://www.acmqueue.com/modules.php?name=Content&pa=showpage&pid
=216
36. www.rfidconsultation.eu/docs/ficheiros/Logica_CMG_RFID_HW_Survey_20
05.pdf
37. www.usingrfid.com
38. www.bsi.bund.de/fachthem/rfid/RIKCHA_englisch.pdf
39. www.rosiello.org/archivio/rfid-angelo-rosiello.pdf [23]
40. http://www.rfidjournal.com/article/articleprint/1338/-1/1
41. http://en.wikipedia.org/wiki/RFID
42. http://stinet.dtic.mil/cgi-
bin/GetTRDoc?AD=ADA475895&Location=U2&doc=GetTRDoc.pdf
43. http://ocw.mit.edu/NR/rdonlyres/Sloan-School-of-Management/15-
912Spring-2005/D8B41B98-2CC8-45A0-B59F-
5B4FE2A10E54/0/rfidwhyisndustry.pdf.#
44. www.waset.org/pwaset/v10/v10-16.pdf
45. http://ocw.mit.edu/NR/rdonlyres/Sloan-School-of-Management/15-
778Summer-2004/40D90A86-B27F-404F-AAE8-
112DA1E96C29/0/ups_temp_8_25_04.pdf.
46. www.syngress.com/book_catalog/340_RFID/sample.pdf
47. http://www.akersolutions.com/NR/rdonlyres/0E9AEF11-7434-4DEC-9963-
2D437D121DD5/15044/RFIDpresentasjon.pdf.
48. www.siemens.com.tr/i/assets/content/RFID_Presentation_Haas_PDF_e_1415
201.pdf -
49. www.confindustriaixi.it/documenti/RFID_@_HP.pdf
50. http://autoid.mit.edu/cs/convocation/2006_05_01_LasVegas/presentations%5
CUckelmann.pdf.
51. http://auto-
id.mit.edu/cs/convocation/2006_05_01_LasVegas/presentations%5CRoach.p
df.
52. http://autoidlabs.mit.edu/cs/convocation/2006_05_01_LasVegas/presentation
s%5CChung.pdf.
53. http://www.redjasper.com/simplify/files/kb/slides/presentation_is_there_a_re
alistic_business_case_for_logistics_2to1.pdf.
54. http://tii.developerconference.ext.ti.com/downloads/prateep-misra.pdf.
55. www.rfidvirus.org/papers/percom.06.pdf
56. http://www.oracle.com/applications/logistics/Logistics.pdf
57. http://ocw.mit.edu/NR/rdonlyres/Engineering-Systems-Division/ESD-
290Spring-2005/94F700A7-3819-4AD0-9739-A099A5AA7D19/0/lect1_2.pdf.
58. http://www.dtic.mil/ndia/2006dscc/kramlich.pdf.
59. http://www.smart-systems-integration.org/public/internet-of-
things/presentations/Introduction3_EC-
EPoSS%20Workshop%20_AIDC.pdf.
60. http://www.rfid-
rnet.com/Presentations_28_November_2007/IntelliSense%20RFID%20Work
shop%2028%20November%202007%20Geir%20Vevle%20Nortura.pdf.
61. http://www.inet-logistics.com/media/inet-logistics_lademittelmanagement-
rfid_EN.pdf.
62. http://spacelogistics.mit.edu/workshops/0106NASASpaceExploration/Day2/S
essionReportOut/GroupIReportOut_SpaceportAndEarthToOrbit.pdf.

40 MSc Information Security


Royal Holloway University Of London
63. http://www.ertico.com/download/bits_documents/fin_03.pdf.
64. http://www.ipshk.org/EPC-
RFID%20on%20P%20&%20S%20industry%20August31,%202004.pdf.
65. http://sdm.mit.edu/docs/cela_diaz_thesis.pdf.
66. ftp://ftp.cordis.europa.eu/pub/ist/docs/ka4/au_conf670306_biermann_en.pdf.
67. http://www.ndtatampabay.org/downloads/05%2010%202007%20Boyanton.
pdf.
68. http://cachefly.oreilly.com/radar/r1/06-03.pdf.
69. www.iij.ad.jp/en/news/pressrelease/2007/0124-2.html
70. www.iij.ad.jp/en/news/pressrelease/2004/0715.html
71. http://findarticles.com/p/articles/mi_m0EIN/is_2005_August_1/ai_n14838457
72. http://findarticles.com/p/articles/mi_m0EIN/is_2005_Sept_9/ai_n15377199.
73. www.autoidlabs.org/uploads/media/ACN-AUTOID-BC-002.pdf
74. http://www.idspackaging.com/Common/Paper/Paper_212/An%20Introducti
on%20to%20Smart%20Packaging.htm
75. www.idtechex.com/research/reports/rfid_knowledgebase_case_studies_00000
9.asp
76. www.ferroxcube.com/appl/info/RFID%20introduction.pdf
77. http://www.microlise.com/MEDIA/casestudies/CS_ECentre.pdf.
78. www.ferroxcube.com/appl/info/Ferroxtag%20with%20bar%20code.pdf
79. https://www.unisys.com/commercial/insights/insights__compendium/Pharma
ceutical_trade_and_the_FDA_anti-counterfeiting_guidelines.pdf.
80. http://www.iwi.uni-hannover.de/diplwww/heese/Heese.pdf.
81. www.hmkv.de/dyn/_data/how_I_learned_to_love_RFID_2006.pdf
82. http://www.paxar.com/products/barcoderfid/documents/PaxarWhitePaper-
TechnologyandTechniquesfortheSuccess.pdf.
83. http://www.ic.gc.ca/epic/site/dsib-
logi.nsf/vwapj/Pharma%20KPI%20ENL.pdf/$file/Pharma%20KPI%20ENL
.pdf.
84. www.rfidconsultation.eu/docs/ficheiros/Aberdeen___RFID_Benchmark_Rep
ort_2005.pdf
85. www.manh.com/library/MANH-RFID2_WhitePaper.pdf
86. www.esupplychain.eu/ro/info/viewart/411,Understanding_and_Managing_Su
pply_Chain_Risk
87. http://www.accenture.com/NR/rdonlyres/9F296FC4-8410-418A-A746-
893E68DB3254/0/Connectingwiththebottomline.pdf.
88. http://webpages.uncc.edu/~ajensen7/writing/pubs/SEInforms-DCJ-2007.pdf.
89. www.unisys.com/eprise/main/admin/corporate/doc/bl100083_100.pdf
90. http://books.google.com/books?id=NEI8QDUiApMC&pg=PA489&lpg=PA48
9&dq=%22Readers+are+one+of+the+fundamental+building+blocks+in+the
+RFID+infrastructure,+they+are+also+known+as+Interrogators.+A%22+O
R+%22reader+is+a+device+containing+the+Radiotronics+which+triggers+t
he+tags+to+respond,%22&source=web&ots=lfaNQ6yd6N&sig=UgzfCEwqP
jNPT3n3kKtK01EKlEs&hl=en&sa=X&oi=book_result&resnum=1&ct=resu
lt#PPA488,M1
91. http://www.unisys.co.uk/eprise/main/admin/corporate/doc/SSC_Exec_Summ
ary_5-18-04.pdf.
92. http://www.accenture.com/NR/rdonlyres/FD161FE8-610F-4B40-9899-
EFBBD79CEB0B/0/stealth.pdf.

41 MSc Information Security


Royal Holloway University Of London
93. http://ig.cs.tu-berlin.de/lehre/s2004/pvc/ablauf/08/Suhr-
DefenseAndCountermeasuresAgainstRfidATechnicalApproach-2004-07-
21.pdf.
94. http://www.exploit-rfid.com/rfid/slot/application/ah01/50f594c28_26.pdf.
95. http://www.accenture.com/NR/rdonlyres/2CF5ACF3-1A8D-4FAF-93D7-
CE14D60B660B/0/DrivingHPwithsilentcommerceinthesupplychain.pdf.
96. http://www.accenture.com/NR/rdonlyres/16AAD453-41F2-427E-9D38-
D040061FE18A/0/TheBenefitsofRFIDinSlabandCoilLogistics_FINAL.pdf.
97. http://www.portoftacoma.com/File.ashx?cid=533.
98. http://www.ti.com/rfid/docs/manuals/whtPapers/wp-
Privacy_RF_identity_docs.pdf.
99. http://www.idspackaging.co.in/Common/Paper/Paper_486/Y9268U8423.pdf.
100. http://www.unisys.com/services/insights/articles/articles.htm?insightsI
D=49876

42 MSc Information Security

You might also like