Skip to main content
SpringerLink
Log in
Book cover

International Conference on Network and System Security

NSS 2018: Network and System Security pp 202–211Cite as

SCARA: A Framework for Secure Cloud-Assisted RFID Authentication for Smart Building Access Control

  • Conference paper
  • First Online:

  • 1476 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11058))

Abstract

Managing security in an RFID system is a complex activity considering that it is imperatively challenging to implement trust among tags and readers. There is always the chance that an unauthorized individual might assume the identity of a trusted tag and manage to gain confidential data in an RFID system. The situation becomes worse in systems that use a backend server and a private Internet connection. In such a system, there is no comprehensive mechanism for authenticating a tag into the system. It is thus essential to consider the implementation of a robust framework that improves the trust and the authentication levels in an RFID system. In this paper, a system known as Secure Cloud-Assisted RFID Authentication (SCARA) is proposed, which uses cloud-assisted RFID authentication to reap benefits of cloud-like scalability, availability and fault tolerance. It has three parties such as a cloud server, RFID reader and issuer involved. Issuer provides system parameters to other parties through a secure channel. Server and RFID reader are included in the authentication process with the help of information obtained from the issuer. The proposed system is secure even if the private keys associated with server and RFID tag are compromised. It does mean that it can prevent server-side insider attack in addition to external attacks. Amazon EC2 is used to have experiments. We built a prototype application to demonstrate proof of the concept. The empirical results revealed that the proposed system is able to withstand various kinds of attacks and provides a more efficient solution with less overhead.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abughazalah, S., Markantonakis, K., Mayes, K.: Secure improved cloud-based RFID authentication protocol. In: Garcia-Alfaro, J., et al. (eds.) DPM/QASA/SETOP -2014. LNCS, vol. 8872, pp. 147–164. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17016-9_10

    Chapter  Google Scholar 

  2. Alabrah, A., Bassiouni, M.: A tree-based authentication scheme for a cloud toll/traffic RFID system. In: 2015 IEEE Vehicular Networking Conference (VNC), pp. 108–111. IEEE (2015)

    Google Scholar 

  3. Bu, K., Weng, M., Zheng, Y., Xiao, B., Liu, X.: You can clone but you cannot hide: a survey of clone prevention and detection for RFID. IEEE Commun. Surv. Tutor. 19(3), 1682–1700 (2017)

    Article  Google Scholar 

  4. Dong, Q., Tong, J., Chen, Y.: Cloud-based RFID mutual authentication protocol without leaking location privacy to the cloud. Int. J. Distrib. Sens. Netw. 11(10), 937198 (2015)

    Google Scholar 

  5. Fan, K., Luo, Q., Li, H., Yang, Y.: Cloud-based lightweight RFID mutual authentication protocol. In: 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pp. 333–338. IEEE (2017)

    Google Scholar 

  6. Juels, A., Pappu, R.: Squealing euros: privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45126-6_8

    Chapter  Google Scholar 

  7. Kiraz, M.S., Bingöl, M.A., Kardaş, S., Birinci, F.: Anonymous RFID authentication for cloud services. Int. J. Inf. Secur. Sci. 1(2), 32–42 (2012)

    Google Scholar 

  8. Lehtonen, M., Staake, T., Michahelles, F.: From identification to authentication-a review of RFID product authentication techniques. In: Cole, P., Ranasinghe, D. (eds.) Networked RFID Systems and Lightweight Cryptography, pp. 169–187. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71641-9_9

    Chapter  Google Scholar 

  9. Lehtonen, M.O., Michahelles, F., Fleisch, E.: Trust and security in RFID-based product authentication systems. IEEE Syst. J. 1(2), 129–144 (2007)

    Article  Google Scholar 

  10. Lin, I.C., Hsu, H.H., Cheng, C.Y.: A cloud-based authentication protocol for RFID supply chain systems. J. Netw. Syst. Manag. 23(4), 978–997 (2015)

    Article  Google Scholar 

  11. Rahman, M., Sampangi, R.V., Sampalli, S.: Lightweight protocol for anonymity and mutual authentication in RFID systems. In: 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), pp. 910–915. IEEE (2015)

    Google Scholar 

  12. Weber, R.H.: Internet of things-new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010)

    Article  Google Scholar 

  13. Xiao, H., Alshehri, A.A., Christianson, B.: A cloud-based RFID authentication protocol with insecure communication channels. In: 2016 IEEE Trustcom/BigDataSE/I SPA, pp. 332–339. IEEE (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Technology, Faculty of Science, Engineering and Built Environment, Deakin University, Geelong, Australia

    Ahmed Raad Al-Sudani, Wanlei Zhou & Ahmed Al-Mansoori

  2. School of Information Techonolgy, Swinburne University, Hawthorn, Australia

    Sheng Wen

Authors
  1. Ahmed Raad Al-Sudani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wanlei Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sheng Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ahmed Al-Mansoori
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmed Raad Al-Sudani .

Editor information

Editors and Affiliations

  1. The Hong Kong Polytechnic University, Hong Kong, China

    Man Ho Au

  2. The University of Hong Kong, Hong Kong, China

    Siu Ming Yiu

  3. Guangzhou University, Guangzhou, China

    Jin Li

  4. The Hong Kong Polytechnic University, Hong Kong, China

    Xiapu Luo

  5. City University of Hong Kong, Hong Kong, China

    Cong Wang

  6. University of Salerno and University of Naples Federico II, Fisciano, Italy

    Aniello Castiglione

  7. CISPA Helmholtz Center i.G. GmbH, Saarbrücken, Germany

    Kamil Kluczniak

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Al-Sudani, A.R., Zhou, W., Wen, S., Al-Mansoori, A. (2018). SCARA: A Framework for Secure Cloud-Assisted RFID Authentication for Smart Building Access Control. In: Au, M., et al. Network and System Security. NSS 2018. Lecture Notes in Computer Science(), vol 11058. Springer, Cham. https://doi.org/10.1007/978-3-030-02744-5_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02744-5_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02743-8

  • Online ISBN: 978-3-030-02744-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation