A design of privacy conscious RFID system using customizing privacy policy based access control

Abstract

Recently, research related to RFID technology has progressed vigorously for the ubiquitous world. However, the privacy violation on tags embedded in products has become a major stumbling block. This paper suggests a new architecture for a user-friendly and secure RFID service, which uses customizing privacy policy based access control for collection or gathering of tagged information in an RFID information system. Proposals on feasible security mechanisms for low cost RFID systems and analyses of these mechanisms from both security and privacy points of view are also presented. The proposed architecture of an RFID privacy enhancing middleware system can expend the multi-domain level for various user services. Consequently, the proposed scheme effectively protects against abuse of tag related personal information using a consumer-configured privacy policy. © IFIP International Federation tor Intormation Processing 2005.