Advanced Security and Mobile Networks

Size: px

Start display at page:

Download "Advanced Security and Mobile Networks"

Helena Walsh
5 years ago
Views:

1 Advanced Security and Mobile Networks W.Buchanan (1)

2 Location-based travel information Stock control Locationbased travel updates Tagging prisoners Automated tolls Pet/child tracking Location-based statistics Locationbased map services Military Information Emergency services Some Applications of Location-based Services W.Buchanan (2)

3 Tracking by GPS A key key factor factor in in tracking tracking is is for for the the system system to to automatically automatically detect detect the the object object that that it it is is tracking. tracking. Solution: Solution: RFID RFID Tracking by mobile phone Tracking by wireless transmitter Types of Tracking W.Buchanan (3)

4 RFID (Radio Frequency ID) Identifying Objects Software Security W.Buchanan (4)

5 Radio wave propagation From 50kHz to 2.5GHz Frequencies used: less than135khz, 13.56MHz, MHz, 2.45GHz, 5.8GHz LF LF MF MF HF HF VHF VHF UHF UHF Microwave Microwave LF radio AM radio FM radio TV signals Radar/ Satellite/ Wireless 135kHz 13.56MHz MHz 2.45GHz (globally defined standard) Propagate well over large distances Line-of-sight communications Low range (<0.5m) Med range (1m) High range (5m) Med range (1m) Low read rate Large antenna Relatively large High read rate Small antenna Relatively small Radio Spectrum W.Buchanan (5)

6 RF Tag RF Reader 50kHz-2.5GHz Stock control ID cards Automated checkout Automated tolls Pet tracking Automated Remote payments Telemetry (temperature, pressure, humidity, and so on). Anti-fraud RFID Applications W.Buchanan (6)

7 RF Tag RF Reader 50kHz-2.5GHz Stock control Automated checkout Automated tolls Pet tracking Electronic Product Code (EPC) - Information on product. - Manufacturer. - Unique identity. Tags can be: - Read-only. - WORM (Write Once-Read Many) - Volatile Read/Write Tag information W.Buchanan (7)

8 RF Tag RF Reader 50kHz-2.5GHz Stock control Automated checkout Automated tolls Pet tracking Time: Description (EPC): Location: Temperature: Pressure: Humidity: etc. Typical storage of details to the database W.Buchanan (8)

9 RF Tag RF Reader 50kHz-2.5GHz Stock control Microchip Coiled antenna Active Tags contain their own power supply - these tend to be larger than passive tags Active Tag W.Buchanan (9)

10 RF Tag RF Reader Stock control Radio power coupled into tag Microchip Coiled antenna Passive Tags use the power Generate from the reader. - these tend to be smaller than active tags Passive Tag W.Buchanan (10)

11 Active tags: Larger, more reliable, more radio power, continuous transmission of Signal. Larger range (<100m). Short-range: Require less power. Passive tags: Smaller, less radio power. Last longer. Limited range (<5m) Long-range: Require more power. Active location: This provides additional information on the actual location of the tag. W.Buchanan (11)

12 The main classes are: Class Known as Memory Power Source Application 0 EAS None Passive Ant-theft ID 1 EPC Read -Only Any Identification 2 EPC Read-Write Any Data logging 3 Sensor Tags Read-Write Semi-Passive/Active Sensors 4 Smart Dust Read-Write Active Ad Hoc networking Class 0.These are factory programmed. Which have a simple tag which is preprogrammed with data, such as a simple ID number (EPC). The memory cannot be updated after it is manufactured. A typical application is EAS (electronic article surveillance) and in anti-theft devices. They are passive and only transmit when an antenna field is present. Class 1. These are factory or user programmed, where they programmed once only, either a manufacture or by the user. A typical application is in ID badges. Class 2. This type has a read-write type of memory, and is typically used for data loggers, as they contain a relatively large amount of memory space that can store data. Class 3. These are used with on-board sensors, and monitor parameters such as temperature, pressure, and humidity. The power supply can be active or passive. Class 4. These have integrated transmitters (and thus require active power), and can communicate with their neigbours and are thus used in ad-hoc networks. Passive tags have a range of around 5 meters for UHF, while it can be over 100m for active tags. Tag classes W.Buchanan (12)

13 Antenna is approx half the wavelength of the radio wave: 2.45GHz. Half wavelength: 0.06m (6 cm). 900MHz. Half w/l: 0.16m (16 cm). 13MHz. Half w/l: 11m. Examples include: Low Frequency passive: 4 to 5 ft. range with large tags(3.3 in disk) 1 to 2 ft. range with small tag (1 in.disk) This can be reduced if the wire is wrapped around magnetic material Radio coverage Monopole High Frequency passive: 19 to 23 in. range with credit size foil 4 to 6 in. range with 1 in. disk Low Frequency Active: 8 to 12 ft. range with 3 in. disk UHF passive: 8 to 10 ft. range with credit card size foil (900 MHz) 2 to 6 ft. range with 3 in. tag (2.4 GHz) 15 to 30 ft. range with 1.5 in. disk UHF active: 150 ft. range with 2 in. cube Radio coverage Patch Dipole Coverage of Different Types W.Buchanan (13)

Microchip Antenna Approximate Size: 95mm x 30mm Tag Type: epc class 1 compliant Operating frequency: 915 MHz (902-928 MHz ) Read Range: Up to 5 meters Simultaneous ID of Tags: 200 tags per second Tag

14 Microchip Antenna Approximate Size: 95mm x 30mm Tag Type: epc class 1 compliant Operating frequency: 915 MHz ( MHz ) Read Range: Up to 5 meters Simultaneous ID of Tags: 200 tags per second Tag Power: RF Beam Powered (Passive) Memory Capacity: 96 bits Memory Type: WORM Antenna Dimensions: 13x134mm Orientation Sensitivity: Good Applications: General Purpose This can be materials such as paper, plastic, and so on. Gold connection Substrate Epoxy covering Construction of the tag W.Buchanan (14)

15 Mastering Computing Mastering Delphi Bar codes use a Unique Product Code (UPC). The first one was on a pack of Wrigley's chewing gum on June 26, Example Bar Codes W.Buchanan (15)

16 Bar code readers normally require a line-of-sight transmission. They must be viewable on the surface of an object. Bar codes only contain manufacturer and product. RFID do not require a line-of-sight transmission. RFID can be embedded into a device, and thus more robust. RFID can contain other Information, such as a unique ID, manufacturing factory, and so on. Bar codes v. RFID W.Buchanan (16)

17 Header. Defines the umber, type and length of all subsequent data. EPC Manager. Identifies the originating entity (manufacturer) of the object/item. Object Class. This is a tracking mechanism for specific groups such as sub-group ID. Object Identification Number. This uniquely identifies the object/item. Electronic Product Code (EPC) ONS (Object Name Service) For example, EPC standard: (8bits, 28bits, 24bits, 36 bits) Full ID details 0-7 bits 8-35 bits bits Header EPC Man. Object Class B1F 00035B bits Object ID Number 00036EDE0 EPC and ONS W.Buchanan (17)

18 The Internet then becomes an integrated system of objects: computers, cars, components, and, ONS DNS PML (Physical Markup Language) <xml> <location> <x>1000</x> <y>2000</y></location> <manufacturer>xyz fac </manufacturer> <id> </id> <temperature>20</temperature? etc W.Buchanan (18)

19 Reader Reader (Senses (Senses tags) tags) Savent Savent (Processes (Processes Tags) Tags) Event data EPC EPC Information Information Service Service Organisation Static ONS: Dynamic ONS: Internal database ONS (Cache) Maps EPC to Internet Address to find information on product. Contains a mapping of current and previous EPC details, in order for tracking purposes, such as product recalls. ONS (Root) Links to external databases EPC (Electronic Product Code) Architecture W.Buchanan (19)

20 ) Reader Reader (Senses (Senses tags) tags) Savent Savent (Processes (Processes Tags) Tags) EPC EPC Information Information Service Service PML server Gillette Mach3 URI EPC in URI format urn:epc: WWW server onsroot.org Object MAN ID URI is converted into a Domain Name ONS (Cache) URL of PML or WWW server such as: EPC (Electronic Product Code) Architecture W.Buchanan (20)

21 Example of PML for sensor data <pmlcore:sensor> <pmluid:id>urn:epc:1: </pmluid:id> <pmlcore:observation> <pmlcore:datetime> t13:04:34-06:00</pmlcore:datetime> <pmlcore:data> <pmlcore:text>temp=22,24,25,22,22,23,22</pmlcore:text> </pmlcore:data> </pmlcore:observation> </pmlcore:sensor> W.Buchanan (21)

22 Manufacture Reader Readers track the car in the factory Reader Reader senses when the car leaves the factory S S Reader senses when the car arrives at the distribution centre Reader Reader Reader senses sale Sales Centre S Reader S Reader S Reader senses storage at distribution centre Reader Distribution Centre Enhancements to the Supply Chain W.Buchanan (22)

23 Manufacture Reader Reader Reader Security/ Insurance Services S Tracking info Stock control Security/fraud checking Reader Reader Service Centre Reader Sales Centre Reliability info Sales info Reader Product database Tracking info Reader Reader Distribution Centre Enhancements to the Supply Chain W.Buchanan (23)

24 There are many security problems with RFID, such as: Obtaining information on the object. Modifying the data on the object. Copy the details on the object (to create a duplicate). And can thus lead to: Industrial espionage. Industrial sabotage. Counterfeiting. Security Problems W.Buchanan (24)

25 Sun Microsystems at Linlithgow have invested heavily on a new facility to test RFID devices. RFID Testing at Sun Microsystem, Linlithgow W.Buchanan (25)

26 A Few Applications From Lego to M&S Software Security W.Buchanan (26)

27 Person Identification. Food Production Control. Blood Analysis Identification. Water Analysis. Refuse Collection Identification. Timber Grade Monitoring. Road Construction Material Identification. Toxic Waste Monitoring. Vehicle Parking Monitoring. Pigeon Flight Monitoring. Valuable Objects Insurance Identification. Oil Pipe Identification. Machine Tool Management Gas Bottle Inventory Control Duty Evasion Asset Management Stolen Vehicle Identification. Production Line Monitoring. Car Body Production Parts Identification Access Control Beer Barrel Stock Control Security Guard Monitoring Source: A few examples of passive RFID applications W.Buchanan (27)

28 Reader M&S Trail tagged men s suits, shirts and ties with RFID tags. The key factor was that the details only contained information on the product, and had no information on the user, or tracked them. This is key in user adoption, as users are sceptical of technologies which could track them. Stock: 6 Blue, 1 Green One blue suit sold. reorder another! At the end of the trail they claimed 100% stock accuracy. Thus ensuring that the right goods where delivered where they were required. Reader M&S Stock Control Trail W.Buchanan (28)

Many organisations feel that RFID is a suspect technology which will

M&S have detachable tabs, so the users never have any issues on their

Please retain this label for refund and exchange Antenna Tesco s are

29 Many organisations feel that RFID is a suspect technology which will allow organisations to track human movement. M&S have detachable tabs, so the users never have any issues on their usage. Please retain this label for refund and exchange Antenna Tesco s are also trailing the usage of RFID tags, such as this one on a DVD box. At present, the RFID tag is thrown-away after sale. S Detachable Tags at M&S W.Buchanan (29)

30 Gillette have bought over 500 million tags for their products, as razors are seen as high shrinkage goods, where their products are stolen throughout the supply chain. Gillette Wireless Tags W.Buchanan (30)

31 Possibility of smart shelves, which automatically detect products being taken. System detects non-killed products Tag is killed at the check-out Wireless Sensors W.Buchanan (31)

32 RFID devices are being used in hospitals in the US to track and manage mobile assets. This currently tracks equipment, but is likely to involve the tracking on personnel, so that they can be traced, in emergencies. Asset Management in Hospitals W.Buchanan (32)

33 Stolen motorbikes are often broken up and sold as spares ID Tags embedded into the metal of the castings and components W.Buchanan (33)

34 ID Tags can be embedded into printed circuit boards, as these are commonly used in products. It can thus be used to track stolen goods. Tracking PCB s W.Buchanan (34)

35 Reader Reader Reader SMS message: Where is my child? SMS Message: Next to the Tiger! Legoland Denmark have found that up to 1600 children can be reported lost in a single year. Thus they have implemented an active RFID system where children wear a bracelet which can be traced around the park. As they are active device there does not have to be many readers around. These use standard IEEE b communications (2.4GHz). The tag is 1.5inches by 2.5 inches, and is registered with the mobile phone of the parent. It uses triangulation to track children. The method is TDOA (Time Difference of Arrival) - see the previous unit. The system system can be used for electronic passes, which automatically authenticate users. Tracker in Legoland W.Buchanan (35)

36 The Law From Business to Business and from Business to User Software Security W.Buchanan (36)

and location finding Is obviously of great benefit.

37 Supplier Supplier Manufacturer Manufacturer Distribution Distribution Product Database Sales Sales B2B - Business-to-Business With Business-to-Business RFID and location finding Is obviously of great benefit. WAL*Mart now specify that suppliers should fit RFID to their goods Business-to-Business Tracking W.Buchanan (37)

38 Supplier Supplier Manufacturer Manufacturer Distribution Distribution Business s can data mine this information User Database Product Database Sales Sales By adding user details, companies can find out about users, such as which shops they shop-in, what products they buy, and so on. Business-to-User Tracking W.Buchanan (38)

39 The legal system often takes a while for laws to be developed on new technologies, but it California it is now a law that prohibit businesses and libraries from using RFID tags attached to consumer products or using an RFID reader that could be used to identify an individual, unless: The information collected via RFID can only be in regard to items customers actually are buying, renting or borrowing. Information can't be collected on what customers may have picked up but put back prior to a transaction, on what they're wearing or on items they are carrying in a wallet or purse. Fred bought: - Green car, Ford s R Us, 3 Dec Biscuits, Safeway, 4 Dec Cake, M&S, 4 Dec Fred Fred looked at a Red car. Fred picked up Cheese. Laws on the usage of RFID W.Buchanan (39)

40 HELLO Copper antennas are fairly large, even though the RFID chips are small These could be replaced by conductive inks, which could act as antennas. Conductive Inks W.Buchanan (40)

41 Batteries can be trickled charged Wireless range extended Integrated thin-film polymer batteries, reduce size of active devices, and range Substrate Thin-film Polymer Batteries W.Buchanan (41)

42 Conclusions The use of RFID is a definite improvement over the bar code, as it: - Allows for more information. - Integrates better with the Internet. - Can be reprogrammed. But the security of it need to be sorted. In most cases it is, but it is user doubts which must be overcome (as with any new technology). It is unlikely that users will be keen on items which can be tracked that they own, unless they feel it is of benefit to themselves. The adopt is likely to track objects until sale, after which the tag is taken off. W.Buchanan (42)