An access control model for mobile physical objects

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn , Issue , 2010, Pages 193-202

  Kerschbaum, Florian ^a  

^a SAP RESEARCH   (Germany)

Author keywords

Access control; Distributed databases; RFID; Supply chain management

Indexed keywords

ACCESS CONTROL MODELS; ATTRIBUTE BASED ACCESS CONTROL; AUTHENTICATION PROTOCOLS; DATA SHARING; DECISION ALGORITHMS; DISTRIBUTED DATABASE; DISTRIBUTED DATABASES; DISTRIBUTED SYSTEMS; OBJECT TRACKING; PASSIVE RFID; PHYSICAL OBJECTS; POLICY MANAGEMENT; REAL-WORLD; RFID; SECURITY PROPERTIES; TRACKING DATA; TRAJECTORY-BASED;

DATABASE SYSTEMS; NETWORK PROTOCOLS; NETWORK SECURITY; RADIO NAVIGATION; SECURITY SYSTEMS; SUPPLY CHAIN MANAGEMENT; SUPPLY CHAINS;

ACCESS CONTROL;

EID: 77954900223     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1809842.1809873     Document Type: Conference Paper

References (49)

1. EPCglobal. EPCglobal architecture framework, Version 1.2. Available at http://www.epcglobalinc.org/, 2007.
2. R. Agrawal, A. Cheung, K. Kailing, and S. Schönauer. Towards Traceability across Sovereign, Distributed RFID Databases. Proceedings of the 10th International Database Engineering and Applications Symposium, 2006.
3. R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Hippocratic Databases. Proceedings of the 28th International Conference on Very Large Data Bases, 2002.
4. V. Atluri, S. Chun, and P. Mazzoleni. A Chinese wall security model for decentralized workflow systems. Proceedings of the 8th ACM Conference on Computer and Communications Security, 2001.
5. L. Batina, J. Guajardo, T. Kerins, N. Mentens, P. Tuyls, and I. Verbauwhede. Public-Key Cryptography for RFID-Tags Proceedings of 4th IEEE International Workshop on Pervasive Computing and Communication Security, 2007.
6. K. Birman, and T. Joseph. Exploiting virtual synchrony in distributed systems. ACM SIGOPS Operating Systems Review 21(5), 1987.
7. P. Blythe. RFID for Road Tolling, Road-Use Pricing and Vehicle Access Control. Proceedings of the IEE Colloquium on RFID Technology, 1999.
8. H. Bock, M. Braun, M. Dichtl, E. Hess, J. Heyszl, W. Kargl, H. Koroschetz, B. Meyer, and H. Seuschek. A Milestone Towards RFID Products Offering Asymmetric Authentication Based on Elliptic Curve Cryptography. Proceedings of the Workshop on RFID Security, 2008.
9. D. Boneh, H. Shacham, and B. Lynn. Short Signatures from the Weil Pairing. Journal of Cryptology 17(4), 2004.
10. J. Brainard, A. Juels, R. Rivest, M. Szydlo, and M. Yung. Fourth Factor Authentication: Somebody You Know. Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006.
11. D. Brewer, and M. Nash. The Chinese Wall Security Policy. Proceedings of IEEE Symposium on Security and Privacy, 1989.
12. S. Chou, and Y. Ekawati. Cost Reduction of Public Transportation Systems with Information Visibility Enabled by RFID Technology. Proceedings of the 16th ISPE International Conference on Concurrent Engineering, 2009.
13. T. van Deursen, S. Mauw, S. Radomirovic, and P. Vullers. Secure Ownership and Ownership Transfer in RFID Systems. Proceedings of the 14th European Symposium on Research in Computer Security, 2009.
14. W. Diffie, P. van Oorschot, and M. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes and Cryptography 2 (2), 1992.
15. M. Feldhofer, J. Wolkerstorfer, and V. Rijmen. AES Implementation on a Grain of Sand. IEE Proceedings on Information Security, 152(1), 2005.
16. K. Finkenzeller. RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification. John Wiley & Sons, Inc., 2003.
17. Fujitsu. Fujitsu Develops World's First 64KByte High-Capacity FRAM RFID Tag for Aviation Applications. Press Release. Available at http://www.fujitsu. com/global/news/pr/archives/month/2008/20080109-01.html 2008.
18. E. Grummt, and R. Ackermann. Proof of Possession: Using RFID for large-scale Authorization Management. Proceedings of AmI-07 Workshops, 2008.
19. E. Grummt, and M. Müller. Fine-Grained Access Control for EPC Information Services. Proceedings of the 1st International Conference on The Internet of Things, 2008.
20. M. Harrison. EPC Information Service (EPCIS). Proceedings of Auto-ID Labs Research Workshop, 2004.
21. D. Hein, J. Wolkerstorfer, and N. Felber. ECC is Ready for RFID - A Proof in Silicon. Proceedings of the Workshop on RFID Security, 2008.
22. U. Hengartner, and P. Steenkiste. Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information. Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, 2005.
23. A. Ilic, F. Michahelles, and E. Fleisch. Dual Ownership: Access Management for Shared Item Information in RFID-enabled Supply Chains. Proceedings of the 5th IEEE International Conference on Pervasive Computing and Communications Workshops, 2007.
24. T. Jaeger, A. Edwards, and X. Zhang. Managing access control policies using access control spaces. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002.
25. J. Joshi, E. Bertino, U. Latif, and A. Ghafoor. A Generalized Temporal Role-Based Access Control Model. IEEE Transactions on Knowledge and Data Engineering 17(1), 2005.
26. A. Juels. RFID security and privacy: a research survey. IEEE Journal on Selected Areas in Communications 24(2), 2006.
27. F. Kerschbaum. Practical Privacy-Preserving Benchmarking. Proceedings of the 23rd IFIP International Information Security Conference, 2008.
28. F. Kerschbaum, D. Dahlmeier, A. Schröpfer, and D. Biswas. On the Practical Importance of Communication Complexity for Secure Multi-Party Computation Protocols. Proceedings of the 24th ACM Symposium on Applied Computing, 2009.
29. F. Kerschbaum, N. Oertel, and L. Weiss Ferreira Chaves. Privacy-Preserving Computation of Benchmarks on Item-Level Data Using RFID. Proceedings of the 3rd ACM Conference on Wireless Network Security, 2010.
30. F. Kerschbaum, and A. Sorniotti. RFID-Based Supply Chain Partner Authentication and Key Agreement. Proceedings of the 2nd ACM Conference on Wireless Network Security, 2009.
31. T. Kriplean, E. Welbourne, N. Khoussainova, V. Rastogi, M. Balazinska, G. Borriello, T. Kohno, and D. Suciu. Physical Access Control for Captured RFID Data. IEEE Pervasive Computing (6) 4, 2007.
32. C. Kuerschner, F. Thiesse, and E. Fleisch. An analysis of data-on-tag concepts in manufacturing. Proceedings of the 3rd Konferenz Ubiquitäre und Mobile Informationssysteme, 2008.
33. H. Lee, K. Lee, and M. Chung. Enterprise Application Framework for Constructing Secure RFID Application. Proceedings of the 1st International Conference on Hybrid Information Technology, 2006.
34. D. Molnar, A. Soppera, and D. Wagner. A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags. Proceedings of the 12th International Workshop on Selected Areas in Cryptography, 2005.
35. NIST. A Survey of Access Control Models. Privilege (Access) Management Workshop, 2009.
36. OASIS. eXtensible Access Control Markup Language (XACML), Version 2.0. Available at http://docs.oasis-open.org/xacml/2.0/, 2005.
37. M. Rieback, B. Crispo, and A. Tanenbaum. Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags. Proceedings of the 13th International Workshop on Security Protocols, 2005.
38. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-Based Access Control Models. IEEE Computer 29(2), 1996.
39. B. Santos, and L. Smith. RFID in the supply chain: panacea or pandora's box? Communications of the ACM 51(10), 2008.
40. S. Sarma, D. Brock, and D. Engels. Radio frequency identification and the electronic product code. IEEE Micro 21(6), 2001.
41. S. Sarma, S. Weis, and D. Engels. RFID Systems and Security and Privacy Implications. Proceedings of the 4th International Workshop on Cryptographic Hardware and Embedded Systems, 2003.
42. B. Song. RFID Tag Ownership Transfer. Proceedings of the Workshop on RFID Security, 2008.
43. T. Staake, F. Thiesse, and E. Fleisch. Extending the EPC Network - The Potential of RFID in Anti-Counterfeiting. Proceedings of the 20th ACM Symposium on Applied Computing, 2005.
44. D. Terry, D. Goldberg, D. Nichols, and B. Oki. Continuous Queries over Append-Only Databases. Proceedings of the ACM International Conference on Management of Data, 1992.
45. R. Thomas, and R. Sandhu. Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management. Proceedings of the 11th IFIP International Conference on Database Securty, 1997.
46. L. Weiss Ferreira Chaves, and Florian Kerschbaum. Industrial Privacy in RFID-based Batch Recalls. Proceedings of the 1st IEEE International Workshop on Security and Privacy in Enterprise Computing, 2008.
47. M. Wu, C. Ke, and W. Tzeng. Applying Context-Aware RBAC to RFID Security Management for Application in Retail Business. Proceedings of the 2008 IEEE Asia-Pacific Services Computing Conference, 2008.
48. Y. Yousuf, and V. Potdar. A survey of RFID authentication protocols. Proceedings of the 22nd International Conference on Advanced Information Networking and Applications Workshops, 2008.
49. E. Yuan, and J. Tong. Attributed Based Access Control (ABAC) for Web Services. Proceedings of the IEEE International Conference on Web Services, 2005. 202.