ADVANCED SUPPLY CHAIN MANAGEMENT

- Research Article Review

Authors: Qinghan Xiao, Cam Boulet and Thomas Gibbons

Title of the Paper: RFID Security Issues in Military Supply Chains
Journal Name: IEEE Computer Society
Issue: IEEE International Conference on Availability, Reliability and Security
Year of Publication: 2007
Web Link: http://ieeexplore.ieee.org/xpl/login.jsp?
tp=&arnumber=4159853&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls
%2Fabs_all.jsp%3Farnumber%3D4159853

Submitted to:
Prof. Dr. Arcot Purna Prasad
Faculty - CUIM
INTRODUCTION & STRUCTURE OF THE PAPER:
The article focuses on the technology advancements especially RFID
that is deployed by the military in order to attain in-transit visibility besides
improving inventory management. It portrays RFIDs advantages, analysis of
vulnerability issues, challenges faced upon installation of such system in
military supply chain systems and finally the countermeasures that are being
recommended in order stand against the attacks.
The author clarifies the meaning and purpose of RFID technology,
reinforcing the fact on how military supply chain differs from a civilian supply
chain on a certain number of aspects. The framework of RFID usage in
civilian supply chain is inclined towards profit, while in case of military supply
chain is troop readiness and safety by allowing military logisticians to
synthesize and generate end-to-end information about assets.
RESEARCH METHODOLOGY USED:

This article takes the advantages of RFID-enabled activities across the

globe and implements it as a non-contact and non-line-of-sight property.
Various attacks and security breaches are identified through exploratory
research, rendering RFID a vulnerable one and further the information and
defenses against these attacks are provided. The key variables considered
are the system components, RFID tag categories, its frequency bands and
their standards.
MAJOR FINDINGS / RESULTS:
Analysis reveals that RFID systems are vulnerable to attack and are
compromised at various stages, for which the attacks against such system
can be categorized into four major groups:

Attacks
Attacks
Attacks
Attacks

on
on
on
on

authenticity
integrity
confidentiality, and
availability

Moreover the system being vulnerable to common attacks such as

eavesdropping, man-in-the-middle and denial of service, RFID technology is
susceptible to spoof and power attacks. Countermeasures against
eavesdropping include establishing a secure channel and encrypting the
communication between the tag and reader. MIM threats can be reduced by
implementing several technologies such as encrypting the communication,
sending the information through a secure channel, and providing an
authentication protocol.
In the similar way, the DoS is identified to be a destroyer/disabler of RFID
tags but the key fact is that an attacker cannot get very close to the target or
use an extremely strong transmitter within an effective distance. Though it
has been identified that this kind of DoS attack has a low risk to threaten
military supply chains, the threats must be re-evaluated when outsourcing
military logistics. In case of spoofing, the common way has been followed
that is to implement RFID
authentication
and
data
encryption. In addition, replay
attacks are solved by using a
challenge
and
response
mechanism along with a timebased scheme. In order to

counter the power attacks, it is suggested to mask the spikes in power

consumption.
CRITISISM:
This paper could provide only the framework on various attacks and
countermeasures for a RFID system but does not extend to descriptive part.
In other words, metrics play a vital role in measuring any systems
functioning and in order to provide corrective actions, in case of any
deviations identified. Suggestions in this article prove an approach towards
the solution but are not quantified, in order that futuristic alterations
becomes a challenge.!