Presentation on theme: "Friendly Technologies 2007 Patent Pending PEARS – Privacy Ensuring Affordable RFID System Humberto Moran Friendly Technologies Ltd."— Presentation transcript:
Friendly Technologies 2007 Patent Pending PEARS – Privacy Ensuring Affordable RFID System Humberto Moran Friendly Technologies Ltd
Friendly Technologies 2007 Patent Pending Internet of Things 101 To have the Internet of Things, the first we need is a way of automatically identifying objects. RFID is one of many ways of doing so. However, it seems that this technology is immature, mostly due to its social implications (namely privacy and security). Privacy and security issues do not apply to all objects: only to sensitive and expensive ones! To solve this, we must first understand these two issues
Friendly Technologies 2007 Patent Pending RFID Privacy and Security Issues Before the POS Security: Detection Removal Cloning Transplanting Privacy: Industrial espionage Only two parties involved After the POS Security: Theft Terrorism Privacy: Snooping Sensitive objects Tracking people Third parties involved Data protection legislation only applies when there is a formal contract and the parties are identified – what about third parties? RFID is different from other existing intrusive technologies – e.g. mobile phones
Friendly Technologies 2007 Patent Pending The typical post-POS example
Friendly Technologies 2007 Patent Pending Limitations of proposed solutions The most usual – disabling, removal or killing of the tag Prevents many pre- and post-POS applications Requires additional action by consumers Vulnerable groups (e.g. children, the elderly or technology- unaware people) might fail to protect themselves Distrusted by consumers Use of cryptography Tags are either too expensive, too slow or both Public keys can always leak and threat an entire population of tags Watchdog devices or blocker tags Complex and unreliable Interfere with RFID networks
Friendly Technologies 2007 Patent Pending What is the fundamental issue with RFID? Privacy and security are context-dependent Tags are unaware of their context Tags should not talk to everyone This means control: User control Control by intelligent readers (or networks) RFID tags should be designed in such way that they are secure and privacy-friendly by design and by default; yet these essential capabilities should not increase tag costs
Friendly Technologies 2007 Patent Pending Introducing the Password Tag (yes, its passive and cheap) RFID Reader What is your ID? Silence Password Tags work with Closed Identification
Friendly Technologies 2007 Patent Pending The Password Tag only replies when interrogated with the right ID (we call it Identity Password) RFID Reader Are you ? I am Optionally: sensing or other data
Friendly Technologies 2007 Patent Pending Who invented Password Tags? Invented by Cardullo and Parks in 1973 and described in their original patent for the passive tag (US-A ): Such an answerback signal can take the form of an identification signal indicative of a particular transponder means or, alternatively, the answerback signal could be such that it would only be generated in response to a predetermined interrogation code wherein the device would operate as a verification system
Friendly Technologies 2007 Patent Pending The potential of Password Tags Although invented many years ago, Password Tags have not found commercial applications and there is no commercial version on the market, possible because: Difficulties distributing Identity Passwords Tags were not designed for public use Privacy and security issues were not that evident We have undertaken two years of research that demonstrate that this aged and obscure invention has the potential to solve all privacy and security issues around RFID at a very affordable tag cost
Friendly Technologies 2007 Patent Pending Your questions Privacy-friendly and Secure? Yes, the tag will not reply unless interrogated with its Identity Password What about trial and error? It would take an average of 1.26x10 16 years to guess a 96-bit Identity Password by trying 100,000 combinations per second What about eavesdropping? Wait a few more slides... Affordable? Yes, Password Tags are in theory cheaper than the cheapest RFID tags on the market If their interrogation requires the very information that tags are supposed to provide, how can Password Tags support the typical RFID applications?
Friendly Technologies 2007 Patent Pending Identification vs. location Most objects belong to someone, move with their owner or custodian, and are stored in controlled premises – cloud of objects For this reason, objects can only be in a limited number of places or move through a limited number of paths This means that the main requirement of item-level RFID applications is location, as opposed to identification Talkative tags address the question: who are you? Password Tags address the question: where are you?
Friendly Technologies 2007 Patent Pending PEARS – Privacy Ensuring Affordable RFID System Special software and network of readers to use the Privacy-friendly and Secure Password Tags in the industrial and domestic environments Consists of a network of readers (Polling Readers) deployed to monitor storage places and paths through which objects might move Polling Readers interrogate in quick sequence the Identity Passwords of objects likely within their interrogation field The Identity Passwords of moving objects are distributed by specialised intelligent software based on a technique that predicts object movement (Predictive RFID)
Friendly Technologies 2007 Patent Pending Predictive RFID Technique solely based on readers layout R R R RR RR R MO O O O
Friendly Technologies 2007 Patent Pending Other input for the Predictive RFID technique Layout Business Workflow Heuristics and learning algorithms Reader workload Security considerations Timeouts to broaden polling area Dynamic input for mobile readers Anti-interference and anti-eavesdropping mechanisms
Friendly Technologies 2007 Patent Pending Eavesdropping is not an issue! No protocol-level anti-eavesdropping mechanisms. However, privacy and security threats from eavesdropping are prevented through other mechanisms. This is possible because of certain characteristics of our system: * Control on communication. * Limited reading range. * Random ID Passwords. * Polling Readers must talk first. Trusted Environment (TE) ( e.g. Warehouse) Anonymous Environment ( e.g. Supermarket) Non-trusted Environments (e.g. public places) T.E. Trusted Environment ( e.g. Home or Car) Eavesdropping Example of some mechanisms to allay eavesdropping threats: Weak: nothing. Except for expensive or sensitive items, eavesdropping poses little privacy or security threats due to anonymity, control and limited reading distance. Medium: swamp eavesdroppers with fake ID Passwords (poison pills). This complicates trial-and- error attempts and enhances the use of watchdog devices. Strong: assign temporary ID Passwords to objects when in Trusted Environments. This allays all possible threats from eavesdropping. T.E.
Friendly Technologies 2007 Patent Pending Password dissemination strategies Global level An independent organisation can generate unique, confidential Identity passwords. These can be distributed to tag manufacturers to be individually pre- assigned to tags. Inter-organisational or inter-facility (SC) level Identity Passwords will follow objects as they move: Online secure connexions, routed by the Predictive RFID SW. In some cases, memory of active RFID tags on bundling devices. Facility level Predictive RFID SW as described. To consumers - whoever owns the object, owns its identity Near Field Communications Online services Temporary passwords (reusable) Distributed online to end users. Automatically or manually changed in Trusted Environments.
Friendly Technologies 2007 Patent Pending Advantages of PEARS Privacy and Security by Design and by Default Before POS: impossible to read, locate, clone or transplant by distrusted partners After POS: impossible to read by unauthorised parties, user control Cheaper tags Simpler (no anti-collision, authentication, cryptography, killing or disabling mechanisms) Can be built directly into products As they are in the public domain, no royalties Tags can be used beyond the POS Hundred of domestic applications The Internet of Things for consumers Potentially, tags perform better in challenging electromagnetic media Answer is a simple I am here signal
Friendly Technologies 2007 Patent Pending Current situation of PEARS Although theoretically possible, more R&D is required to prove feasibility in high-volume applications Research challenges include reading (polling) speed and reliability We have put together a number of funding proposals which have rated high but failed to secure funding – too risky, too early We have received some private funding We are working with a number of renowned European research centres and RFID leaders Help is welcomed!
Friendly Technologies 2007 Patent Pending Some applications under research: monitoring of sensitive products Company A: Trusted environment Company B: Trusted environment Transport network: Non-trusted environment Tagged sensitive products Internet ASN + Identity Passwords Monitoring by security forces Enterprise systems – reception of goods PEARS monitoring and authentication Enterprise systems – ASN PEARS Issuing of Identity Passwords
Friendly Technologies 2007 Patent Pending... Authentication of origin at the POS The customer chooses products in the retail store – e.g. supermarket. Upon scanning of the barcode of a product, PEARS automatically and quickly scans all valid Identity Passwords for the type of product. If the tag on the product replies to one of these passwords the origin is authenticated. PEARS will also issue several invalid Identity Passwords to detect random replies from fake tags. The customer knows that the product is authentic, and his/her privacy and security are not exposed because Password Tags cannot be read without authorisation. Polling Reader PEARS
Friendly Technologies 2007 Patent Pending... Airport security (1) The passenger arrives at check-in. (2) The luggage is tagged with a Password Tag, which improves handling and tracking (3) The luggage receipt given to the passenger (usually stuck on the Boarding Pass) is also tagged with a Password Tag (4) The passenger waves the luggage receipt upon arrival at the boarding gate. This indicates that his/her luggage can be safely loaded into the airplane (5) Upon arrival, IDs of luggage and collecting person are automatically compared for security purposes (6) During all this process and afterwards – even if tags are not removed, security and privacy of passengers are protected
Friendly Technologies 2007 Patent Pending... And many other applications! Item-level tagging of sensitive products in the retail environment (clothing, jewellery, drugs, books, consumer electronics etc.) Authentication of legally farmed trees (combining two tags: one talkative and one Password Tag) Authentication and monitoring of documents Creation of secure, affordable and privacy-friendly seals Domestic self-replenishment Selective recycling Finding objects at home – where are the keys?
Friendly Technologies 2007 Patent Pending IPR & Standars Friendly Technologies has filed international patent applications for the supporting system (Predictive RFID and network of Polling Readers) The patents are in a very advanced status (search and examination) and have already been published We will keep our IPR on the system (not on the interfaces) Existing standards are too slow for such a system There are no standards for the air interface – opportunity for innovators We also need standards for the number of bits and upper layers (middleware and beyond)
Friendly Technologies 2007 Patent Pending Interoperability possibilities No clash: Object tagged with Password Tags will be able to coexist with object tagged with other tags. Readers HW Infrastructure sharing: the possibility of interoperating Password Tags with other readers by using singulation in low-volume applications. Readers HW Infrastructure sharing: backwards compatibility by Polling Readers, which might talk to talkative and Password Tags. SW Infrastructure sharing: Identity Passwords could be mapped to other numbering codes and use other architecture and services – e.g. existing middleware. Example: EPCglobal PEARS Predictive RFID SW No clash: the Predictive RFID SW can coexist with other reader drivers, and interoperate with other services.
Friendly Technologies 2007 Patent Pending Conclusions PEARS shows that there are alternatives where no trade-off between social-impact and economic benefits is necessary PEARS can be used where privacy and security are important (expensive or sensitive products; identity proxies) Although the system does not exist commercially, its potential to solve all issues around item-level tagging deserves R&D investment Since there are no commercial versions of Password Tags, there is a need for thorough standardisation PEARS can be developed as a privacy-friendly, secure extension of existing standards for products where privacy and security are important
Friendly Technologies 2007 Patent Pending Invitations European Commission: funding for PET Regulators: require user control when privacy and security are at stake Technology developers: help us to create Password Tags and Polling Readers Industry: help us to develop and trial this technology Standardisation bodies: create standards for Password Tags; interoperate Investors: help us to make it happen Privacy advocates: challenge this solution and (if happy) help us to clean the face of RFID