RFID Middleware Introduction

A key challenge to changing to a standards-based infrastructure is that tag data can be hijacked if there is no reliable multi-level security built into the system. This chapter look at ways that multi-layered security built into the Radio Frequency Identification (RFID) middleware layer can be used to prevent unauthorized access. We also look at the middleware implementation provided in Commerce Events AdaptLink , which provides a scalable security infrastructure to thwart RFID attacks.

We begin by examining the EPCnetwork protocols adopted by EPCglobal, the de facto standard for the current cryptographic techniques used within the enterprise. The Public Key Infrastructure (PKI) is used to authenticate the handshake between the tag and the reader, and RFID middleware is used to authenticate the handshake between the reader and the network.

In this chapter, we recall the security fundamentals and principles that are the foundation of any good security strategy, addressing a range of issues from authentication and authorization, to controls and audit. No primer on security would be complete without an examination of the common security standards, which are addressed alongside the emerging privacy standards and their implications for the wireless exchange of information.