Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 RFID Security Nicholas Alteen Computer Science Program Florida Gulf.

Slides:



Advertisements
Similar presentations
4 Information Security.
Advertisements

Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Using Your Knowledge – Security Threats
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Estimating Missing Parameters in a Distributed Real-Time System: Anti-Lock.
1 An Overview of Computer Security computer security.
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Bayesian Belief Networks in Anomaly Detection, Fault Diagnosis & Failure.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
The Impact of Physical Security on Network Security
Storage Security and Management: Security Framework
Architecting secure software systems
1 Threat Modeling at Symantec OWASP WWW, Irvine, CA, January 28, 2011 Threat Modeling at Symantec Edward Bonver Principal Software Engineer, Symantec Product.
Chapter 4.  Can technology alone provide the best security for your organization?
Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Nicholas Alteen Evan McKeon Michael Humphries Computer Science Program.
What does “secure” mean? Protecting Valuables
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Near Field Communication: Experiments with Android Michael Humphries.
1 Presented by July-2013, IIM Indore. 2  RFID = Radio Frequency IDentification.  RFID is ADC (Automated Data Collection) technology that:-  uses radio-frequency.
1 RFID Technology and Threat Modeling Presented by: Neeraj Chaudhry University of Arkansas.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
1 IT420: Database Management and Organization Database Security 5 April 2006 Adina Crăiniceanu
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Fault Prediction with Particle Filters by David Hatfield mentors: Dr.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Module 11: Designing Security for Network Perimeters.
Practical Threat Modeling for Software Architects & System Developers
Chap1: Is there a Security Problem in Computing?.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Module 2: Designing Network Security
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Lesson Title: Media Interface Threats, Risks, and Mitigation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Introduction to Security Dr. John P. Abraham Professor UTPA.
Computer Security By Duncan Hall.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Remotely Controlled Robotic Arm Kyle Rosier Adrian Saldivar Computer.
Computers and Security by Calder Jones. What is Computer Security Computer Security is the protection of computing systems and the data that they store.
Lecture1.1(Chapter 1) Prepared by Dr. Lamiaa M. Elshenawy 1.
Module 7: Designing Security for Accounts and Services.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
UNIT-4 Computer Security Classification 2 Online Security Issues Overview Computer security – The protection of assets from unauthorized access, use,
Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.
Threat Modeling: Employing the 5 Ws Security Series, December 13, 2013 Jeff Minelli Penn State ITS
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Module 5: Designing Physical Security for Network Resources
Threat Modeling for Cloud Computing
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Insiders are Today’s Biggest Security Threat
Chapter 5 Electronic Commerce | Security
Chapter 1: Introduction
Computing Disciplines Florida Gulf Coast University
Chapter 5 Electronic Commerce | Security
By Arisara Sangsopapun
CS 465 Terminology Slides by Kent Seamons Last Updated: Sep 7, 2017.
Lorenzo Biasiolo 3°AI INFORMATION SECURITY.
Copyright Gupta Consulting, LLC.
Computer System Security
Presentation transcript:

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 RFID Security Nicholas Alteen Computer Science Program Florida Gulf Coast University Mentor: Dr. Janusz Zalewski 28 April 2012

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 What is RFID? Small circuit boards containing data that can be accessed without Line of Sight: Passive (no power source); Active (dedicated power source).

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 What is a Security Threat? “A potential event that causes a system to respond in an unexpected or damaging way.” – Chaudhry Tampering with Data Information Disclosure Spoofing Identity Repudiation Denial of Service Elevation of Privilege

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Data Tempering “An attacker modifies, adds/deletes, or reorders data.” Tag killing is a serious threat to RFID security. Requires knowledge of the kill password. Commonly occurs during purchases. Information Disclosure “Information is exposed to unauthorized user.” Physical attacks are a threat to RFID systems. Aluminum wallets are an effective solution to prevent unauthorized access.

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Spoofing Identity “An attacker poses as an authorized user.” Protecting data using authorization passwords. Can we lock a tag to prevent it?

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Repudiation “An attacker denies an action and no proof exists to prove that the action was performed.” Blocking a valid user from performing a normal task within their authority. Locking a tag to prevent valid access.

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Denial of Service “Service is denied to valid and invalid users.” Common form of attack for web services. Rapid tag interrogations by an attacker block any valid attempts at reading tag data.

Computer Science, Software Engineering & Robotics Workshop, FGCU, April 27-28, 2012 Elevation of Privilege “Occurs when an unprivileged user gains higher privilege in a system which they are authorized.” If retail companies drop UPC in favor of RFID, this poses a significant threat (Tag cloning). Employees potentially have too much privilege.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.