chrispeng [ad_1]
With the advent of the Internet of Things era, humans will hand over basic daily management to artificial intelligence to handle them, freeing them from tedious low-level management and devoting more manpower and material resources to the research and development of new technologies. RFID came into being based on this purpose. RFID stands for radio frequency identification technology. It uses the characteristics of radio frequency signal coupling and transmission to carry out non-contact two-way data transmission between the reader and the tag to achieve target identification and data. Technology for exchange purposes. As one of the cores of the Internet of Things, it is being widely used in procurement and distribution, commercial trade, manufacturing, logistics, anti-theft, and military applications.
At the same time, hidden dangers related to RFID have also arisen. Because the RFID system involves tags,Reader, Internet, database systems and other objects, the security issues are also more complicated, including label security, network security, data security and privacy protection. At present, the security problem of RFID system has become one of the main factors restricting the promotion and application of RFID technology. Among them, the protection of privacy data is a major challenge in the development of RFID.
More and more merchants and users are worried about the security and privacy protection of RFID systems, that is, how to ensure their security and privacy in the process of using RFID systems, so as not to cause personal information, business information, and property to be lost or misappropriated by others . It can be imagined that if the RFID system is attacked, there may be factory shutdowns, social disorder, and even a direct threat to human life. Therefore, privacy protection will become a bottleneck restricting the large-scale application of RFID systems, and it will also become a key supporting technology in its design, deployment and application.
Privacy protection is a very common basic service provided by the RFID system, which has a very wide range of applications. Typical application scenarios include: in the medical and health field, when doctors collect patient information, they need to protect the privacy of the patient’s identity and the privacy of collected physical sign-sensitive data; in the field of environmental protection, it is necessary to protect the location privacy and data of the collected objects (such as pandas). Privacy, quantity privacy, etc.; in the field of smart home, it is necessary to protect the privacy of relevant information of people at home; in the field of smart transportation and urban construction, it is necessary to protect the privacy of the identity of vehicle entities and the privacy of conditional traceability.
Currently, the issue of privacy data protection in RFID systems has not received extensive attention, and related research is basically in its infancy. Recent research has revealed that the privacy data protection problem of RFID systems cannot be solved by traditional methods.Therefore, there is an urgent need to develop new data protection methods based on RFID’s own characteristics to promoteRFIDThe development of the system in military, corporate, and government behavioral applications.
1. The main problems faced by RFID system privacy protection
Different from existing technologies in traditional networks, such as the use of encryption to protect the confidentiality of private data and the use of anonymous technology to protect user identities, the privacy protection in the RFID system presents unique characteristics such as high correlation with applications and severe resource constraints. The main new problems faced by privacy protection technology are as follows:
1. Application challenges. According to the target protection object, the privacy protection in the RFID system is mainly based on data protection, and most of the related research is in its infancy. The simple overlay of privacy protection technology in the traditional network is not enough to meet the privacy protection needs of the RFID system, and it is urgently needed Develop new protection technologies. In addition, the measures required for the privacy of the wireless sensor network, the most basic of the RFID system, also depend on the specific application scenarios of the network, involving many factors, such as the sensitivity of the collected information, the user’s own needs, the role of the service provider, and the availability. Degree of trust, etc.
2. Resource constraints. Due to the severe limitations of the computing power and programmability of the RFID system tags, the capabilities of energy, storage, computing and communication resources are severely limited. This also limits the encryption and other mechanisms that can be supported on it. Due to the limitation of the tag itself, the design of privacy protection protocols and all related protection methods must meet resource constraints. Therefore, we must find a suitable method to balance the many problems caused by resource constraints.
3. New features of data. Due to the massive, polymorphic, relevance and semantic characteristics of the data in the RFID system, these characteristics should be fully considered in the privacy data protection, especially how to eliminate the data redundancy and uncertainty in the query data results , Is a key technology related to the efficient management of private data in the RFID system. At the same time, the massive data in the RFID system presents the characteristics of large-scale fluidity. After the data is stored, the selection, encryption, and authentication of private data in different storage methods are also new challenges for private data management in the RFID system.
2. Introduction to the privacy protection method of the existing RFID system
RFID privacy protection methods mainly include the following aspects:
1. KiII label. It is used to ensure that the user is not illegally tracked after the product is sold. The disadvantage is that it limits the further application of the label.
2. Faraday net cover. By blocking the communication between tags and readers to protect user privacy, the disadvantage is that it is difficult to implement on a large scale.
3. Active interference. Prevent illegal reading of tag information by using interference signals. The disadvantage is that it will interfere with other legal signals.
4. Smart label. The label technology that uses multiple encryption technologies for access control has the disadvantage of higher cost.
The current research work on RFID system privacy protection has the following limitations:
①Insufficient research on privacy data protection system. Although privacy data protection methods have aroused widespread interest among researchers, fruitful research results have also emerged in recent years. However, the existing researches mainly focus on the decentralized research on several points in the traditional network privacy protection, which lacks integrity, systemicity and completeness. Especially at the overall level of the system, there is a lack of complete analysis and discussion of privacy protection requirements. So far, there has been a lack of a separate and comprehensive overview of privacy issues and solutions in the RFID system.
②Insufficient research on privacy data leakage prevention technology. Privacy data leakage prevention is an area of great research value. Although many organizations have devoted themselves to the research and practice of data leakage prevention, and have given relatively reasonable solutions in specific fields, there are still many unsolved problems, such as the lack of definition, screening, and search for private data. , Classification rules, lack of lightweight privacy data encryption and decryption technology suitable for RFID systems and fine-grained encryption methods for specific application requirements (such as only encrypting consumer names without encrypting consumer information, etc.).
③Insufficient research on key management methods. The key to privacy data protection is data encryption. Since encrypted data requires the use of a key, the strength of privacy data leakage prevention largely depends on the security of the key. Therefore, key management occupies a vital position in the encryption process. Although the research on the key management of the RFID system has achieved many results, the research is far from deep, comprehensive and systematic. There are still many blue problems to be solved, which are mainly reflected in the lack of consideration of the heterogeneous characteristics of the RFID system itself, and the high efficiency Performance, security, robustness and fault tolerance all need to be improved; the key management model of the system has not been proposed for the large-scale heterogeneous characteristics of the RFID system, so as to give a standard example of the key management protocol design of heterogeneous network elements.
To sum up, the communication between the RFID system tag and the reader uses wireless signals, which is a wireless network, and the simple overlay of privacy protection technology in the traditional network form is not enough to meet the new requirements of RFID system privacy protection technology. In particular, the privacy data screening method, data leakage prevention technology, key issuance method, authorization mechanism, etc. all need to be improved. Therefore, it is necessary to conduct research on new privacy data protection technologies in the RFID system environment.
3. Research methods of new privacy data protection technology in RFID system
In the RFID system environment, privacy data protection technology is not a simple superposition of traditional network privacy data protection technology, and cannot meet the new needs of RFID systems. Therefore, based on the new characteristics of the RFID system, this paper integrates the privacy data protection technology of the original network based on the research of the privacy data protection technology of the sensor network, and proposes the establishment of a new privacy data protection technology suitable for the large-scale development of RFID systems.
This technology includes three aspects: screening private data in the RFID system, encrypting the screened data, and how to perform key distribution management. The technology includes three contents: privacy data screening method, fine-grained encryption method of privacy data, and key management method.
1. Research on privacy data screening methods
The usual method of data protection is to encrypt the data in whole or in part. For an RFID system environment with insufficient resources, it is not feasible to encrypt data with relevance, semantics, mass, and polymorphism. This method will bring a very heavy encryption workload and the decryption time will be very long.
In addition, the overall encryption of structured data will also bring a new challenge, that is, how to query the information that needs to be encrypted. For example, a considerable part or even most of the data in the database is ordinary data, not private data, so a better solution is to only encrypt private data with different requirements. Therefore, it is necessary to formulate a complete set of privacy data definition, search, and classification rules, so that only the privacy data can be screened and protected, which can reduce the burden of encryption and decryption modules and reduce network delays.
2. Research on private data encryption methods
The data in the RFID system is stored in the network in the form of plaintext. Its storage form may be distributed or centralized, but it will be subject to security threats. Encryption technology can effectively protect private data. At the same time, security and performance must be considered. Balance, so the selection and design of encryption granularity and encryption algorithm are particularly important. Encryption granularity can be divided into table-level, row-level, column-level, and data-item level. Different encryption granularities have different characteristics. The smaller the encryption granularity, the higher the flexibility, the better the security, but the more complex the implementation technology is, and it needs to be filtered according to private data. , Choose the appropriate encryption granularity. For example: for table-level private data, table-level encryption is performed through different table keys distributed by the key management method established through research. This method is simple to implement, but not all data in the table is private data. Under different requirements, the definition of private data and the encryption object will be different, and the leakage of the table-level key will cause all the data in the table to be lost. Therefore, it is necessary to select fine-grained encryption methods for different application scenarios, even if data leakage is a data exposure at a certain granularity, it will not cause large-scale data leakage incidents to occur. This encryption method is more flexible and has the highest security, but the technology is also the most complex.
Encryption algorithm is the core of data encryption. The choice of encryption algorithm directly affects the security and performance of private data protection. At present, there is no encryption algorithm specifically for RFID system data encryption. In this way, when encrypting RFID system privacy data, the existing encryption algorithm can be selected according to the characteristics of the encryption object itself. Due to the RFID system’s own resource limitations and the relatively large amount of data, the encryption and decryption speed is limited. An important factor, so when encrypting, the block cipher algorithm in the symmetric encryption system is the most widely used. More commonly used database encryption algorithms are AES (Advanced Encryption Standard), AES128, AESI92, AES256, 3 DES (Data Encryption standard), IDEA (International Data Encryption Algorithm)
3. Research on key management methods
The key management method is the core content of data encryption. In many application scenarios, the network transmission between each tag and reader in the RFID system can and should be different. Heterogeneity is a natural attribute of the RFID system. Therefore, the main content of this research includes a key management model suitable for the new features of the RFID system and a key management protocol designed according to the model. The key management model provides a macroscopic architecture for the key management of the RFID system. The key management protocol is the most basic key management module. They form the basis of key management. They can be used independently or combined to provide more powerful functions.
Four, concluding remarks
With the continuous development and wide application of RFID systems, the privacy data protection issues of RFID systems have received widespread attention. In order to solve the security problems of the RFID system, prevent the leakage of the privacy data of the RFID system, and minimize the security risks it faces, a reliable security mechanism must be constructed for the RFID system to transmit privacy protection data between the tag and the reader. . This article proposes the establishment of a new method of RFID system privacy data protection, including data screening, encryption after screening, and how to distribute and manage the keys used for encryption. It provides theoretical basis and technical reference for solving the problem of RFID system privacy data protection. To promote the development of RFID systems in military, corporate, and government behavioral applications.
[ad_2]
