Transcript 下載/瀏覽

Benjamin Fabian, Oliver G¨unther and Sarah Spiekermann
Humboldt-University Berlin
Spandauer Str. 1, 10178 Berlin, Germany
報告者：向峻霈
Outline
 1.
The EPC Network
 2. DNS Threat
 3. EPC Confidentiality and Privacy
 4. Mitigation Attempts
 5. Discussion
The EPC Network
 Electronic Product Code(EPC)
 Tags and Reader
 EPC Middleware
 Object Name Service---(ONS)
 EPC Information Services---(EPC-IS)
The EPC Network
RFID Tag-to-Reader Communication
The EPC Network
ONS Resolution
The EPC Network
EPC-IS Access
DNS Threat
 Packet interception(封包攔截)
 Query prediction(預測查詢)
 Cache poisoning(快取中毒)
 Betrayal by trusted server(背叛信任伺服器)
 Denial of service(阻斷服務攻擊)
EPC Confidentiality and Privacy
 There are many contexts where the EPC of a RFID tag
could be regarded as highly sensitive information
 the eavesdropper could easily add fake serial parts to
the captured incomplete EPC and query the
corresponding EPC-IS servers until a match is found
EPC Confidentiality and Privacy
 SSL/TLS 加密
 The main privacy enhancing strategy lies in obfuscating
the source IP or the real physical orign of the query
ONS Threat
 ONS context refers to the correctness and completeness
 if only due to its necessary widespread accessibility.
 ONS 將會成為一個在網路上高度暴露的被攻擊者
 可能會被下列攻擊
 Distributed Denial-of-Service (DDoS)
 man-in-the-middle
Mitigation Attempts
 Network Design
 Virtual Private Networks and Extranets
 Anonymous Mixes
 DNSSEC
Network Design
 internal and private version of the EPC network
without depending on outside information
 優點：EPC封包不會洩漏
限制內部攻擊者

降低風險完整性
 缺點：無法在網路作動態更新等動作

 prolonging of ONS and EPC-IS caching time
VPN and Extranets
Anonymous Mixes
Discussion
 什麼部分的EPC和儲存信息應考慮公開，以及如何存
取權限配置？
 如果這些存取權限已經影響結果查找的服務？
謝謝大家的聆聽