Скачать презентацию Technical Issues in Library RFID Privacy David Molnar Скачать презентацию Technical Issues in Library RFID Privacy David Molnar

b5d27fe56aec5488a5caeec028df89c8.ppt

  • Количество слайдов: 8

Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science

What are we worried about? • RFID new technology – Law of “unintended consequences” What are we worried about? • RFID new technology – Law of “unintended consequences” • Read tags through backpacks, briefcases • Can we track books? – “track” = link sightings of same book • Can we figure out what you’re reading? • Who “we” is depends – FBI, marketers, teenagers, college students, pick your favorite

How RFID Works • Radio Frequency IDentification • Passive tags – no power source How RFID Works • Radio Frequency IDentification • Passive tags – no power source • Tag carries small amount of data – May be read-only or limited read/write • RFID reader powers tag, extracts data via radio Power Stored data

Two Main Questions • How to read tags? • What is on the tag? Two Main Questions • How to read tags? • What is on the tag?

How to read tags? • Need an RFID reader – Standardization not privacy issue How to read tags? • Need an RFID reader – Standardization not privacy issue in long term • Read range for 13. 56 Mhz tags low • Ubiquity of readers bigger problem! – Reader at door of every Starbucks? • Blocking tag signals, “kill”, not sufficient • “Security Bit” does not prevent tag read • Read passwords?

What is on the tag? • Varies by vendor and library decision • Library What is on the tag? • Varies by vendor and library decision • Library bar code – Unique, static ID can track book – Need library database to learn title/author • Unless see book later, learn bar code/title map • Some vendors suggest more info “The Lib~Chip stores data such as type of material, title, author, bar code and serial number, shelf location, last borrowed date, and last returned date. ” – Libramation site

“Encrypting” Tag Data • Several meanings to “encrypting” data – Proprietary encoding, not different “Encrypting” Tag Data • Several meanings to “encrypting” data – Proprietary encoding, not different per library • Buy reader from company or secondary market • Eventually reverse engineered – Encrypting bar code with per-library key • Does not currently exist • Non-library readers can’t understand data • Still leads to static data can track book

Bottom Line • Reading static ID is privacy risk – Risk will grow as Bottom Line • Reading static ID is privacy risk – Risk will grow as readers become cheaper, more available, more common • Minimize data on tag – No title, no author, etc. on tag – Protect bibliographic database! • Privacy depends on choices in deployment