Skip to main content
SpringerLink
Log in
Book cover

The Internet of Things pp 35–49Cite as

Fine-Grained Access Control for EPC Information Services

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4952))

Abstract

Inter-organizational exchange of information about physical objects that is automatically gathered using RFID can increase the traceability of goods in complex supply chains. With the EPCIS specification, a standard for RFID-based events and respective information system interfaces is available. However, it does not address access control in detail, which is a prerequisite for secure information exchange. We propose a novel rule-based, context-aware policy language for describing access rights on large sets of EPCIS Events. Furthermore, we discuss approaches to enforce these policies and introduce an efficient enforcement mechanism based on query recomposition and its prototypical implementation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, R., Cheung, A., Kailing, K., Schönauer, S.: Towards Traceability across Sovereign, Distributed RFID Databases. In: IDEAS 2006: Proceedings of the 10th International Database Engineering and Applications Symposium, Washington, DC, USA, pp. 174–184. IEEE Computer Society, Los Alamitos (2006)

    Chapter  Google Scholar 

  2. Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, Inc., New York (2001)

    Google Scholar 

  3. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A Temporal Role-Based Access Control Model. In: RBAC 2000: Proceedings of the fifth ACM workshop on Role-based access control, pp. 21–30. ACM Press, New York (2000)

    Chapter  Google Scholar 

  4. Bornh”ovd, C., Lin, T., Haller, S., Schaper, J.: Integrating Automatic Data Acquisition with Business Processes – Experiences with SAP’s Auto-ID Infrastructure. In: Proceedings of the 30th International Conference on Very Large Data Bases, pp. 1182–1188 (2004)

    Google Scholar 

  5. Browder, K., Davidson, M.A.: The Virtual Private Database in Oracle9iR2. In: Oracle Technical White Paper, Oracle Corporation, 500 Oracle Parkway, Redwood Shores, CA 94065, U.S.A (January 2002)

    Google Scholar 

  6. De Capitani di Vimercati, S., Samarati, P.: Access Control in Federated Systems. In: NSPW 1996: Proceedings of the 1996 workshop on New security paradigms, pp. 87–99. ACM Press, New York (1996)

    Chapter  Google Scholar 

  7. Do, H.-H., Anke, J., Hackenbroich, G.: Architecture Evaluation for Distributed Auto-ID Systems. In: Bressan, S., Küng, J., Wagner, R. (eds.) DEXA 2006. LNCS, vol. 4080, pp. 30–34. Springer, Heidelberg (2006)

    Google Scholar 

  8. EPCglobal Inc. EPC Information Services (EPCIS) Version 1.0 Specification (April 2007), http://www.epcglobalinc.org/standards/EPCglobal_EPCIS_Ratified_Standard_12April_2007_V1.0.pdf

  9. Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. In: 15th National Computer Security Conference, Baltimore, MD, pp. 554–563 (October 1992)

    Google Scholar 

  10. Floerkemeier, C., Lampe, M., Roduner, C.: Facilitating RFID Development with the Accada Prototyping Platform. In: Proceedings of PerWare Workshop 2007 at IEEE International Conference on Pervasive Computing and Communications, New York, USA (March 2007)

    Google Scholar 

  11. Garfinkel, S., Juels, A., Pappu, R.: RFID Privacy: An Overview of Problems and Proposed Solutions. IEEE Security and Privacy 3(3), 34–43 (2005)

    Article  Google Scholar 

  12. Groba, C., Groß, S., Springer, T.: Context-Dependent Access Control for Contextual Information. In: ARES 2007: Proceedings of the The Second International Conference on Availability, Reliability and Security, Washington, DC, USA, pp. 155–161. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

  13. Grummt, E., Ackermann, R.: Proof of Possession: Using RFID for large-scale Authorization Management. In: Proceedings of the European Conference on Ambient Intelligence, Darmstadt, Germany (November 2007)

    Google Scholar 

  14. Grummt, E., Müller, M., Ackermann, R.: Access Control: Challenges and Approaches in the Internet of Things. In: Proceedings of the IADIS International Conference WWW/Internet 2007, Vila Real, Portugal, vol. 2, pp. 89–93 (October 2007)

    Google Scholar 

  15. Vincent, C., Hu, D.F.: Ferraiolo, and D. Rick Kuhn. Assessment of Access Control Systems. Interagency Report 7316, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930 (September 2006)

    Google Scholar 

  16. Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: SACMAT 2005: Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 111–119. ACM Press, New York (2005)

    Chapter  Google Scholar 

  17. Juels, A.: RFID Security and Privacy: A Research Survey. IEEE Journal on Selected Areas in Communication 24(2), 381–394 (2006)

    Article  MathSciNet  Google Scholar 

  18. Lampson, B.: Protection. In: Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437–443. Princeton University, Princeton (1971)

    Google Scholar 

  19. LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Limiting Disclosure in Hippocratic Databases. In: Proceedings of the 30th International Conference on Very Large Data Bases, Toronto, Canada, pp. 108–119 (August 2004)

    Google Scholar 

  20. Lorch, M., Proctor, S., Lepro, R., Kafura, D., Shah, S.: First Experiences Using XACML for Access Control in Distributed Systems. In: XMLSEC 2003: Proceedings of the 2003 ACM workshop on XML security, pp. 25–37. ACM Press, New York (2003)

    Chapter  Google Scholar 

  21. Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J., Ribagorda, A.: RFID Systems: A Survey on Security Threats and Proposed Solutions. In: Cuenca, P., Orozco-Barbosa, L. (eds.) PWC 2006. LNCS, vol. 4217, pp. 159–170. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Saltzer, J.H., Schroeder, M.D.: The Protection of Information in Computer Systems. Proceedings of the IEEE 63, 1278–1308 (1975)

    Article  Google Scholar 

  23. Sarma, S.: Integrating RFID. ACM Queue 2, 50–57 (2004)

    Article  Google Scholar 

  24. Stonebraker, M., Wong, E.: Access control in a relational data base management system by query modification. In: ACM 1974: Proceedings of the 1974 annual conference, pp. 180–186. ACM Press, New York (1974)

    Chapter  Google Scholar 

  25. Sybase, Inc. New Security Features in Sybase Adaptive Server Enterprise. Technical Whitepaper (2003)

    Google Scholar 

  26. Tim Moses (Editor). eXtensible Access Control Markup Language (XACML) Version 2.0 (February 2005), http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

  27. Traub, K., Allgair, G., Barthel, H., Burstein, L., Garrett, J., Hogan, B., Rodrigues, B., Sarma, S., Schmidt, J., Schramek, C., Stewart, R., Suen, K.: The EPCglobal Architecture Framework – EPCglobal Final Version of 1 July 2005 (July 2005), http://www.epcglobalinc.org/standards/Final-epcglobal-arch-20050701.pdf

  28. Wang, F., Liu, P.: Temporal Management of RFID data. In: VLDB 2005: Proceedings of the 31st international conference on Very large data bases, VLDB Endowment, pp. 1128–1139 (2005)

    Google Scholar 

  29. Yagüe, M.I.: Survey on XML-Based Policy Languages for Open Environments. Journal of Information Assurance and Security 1, 11–20 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SAP Research CEC Dresden,  

    Eberhard Grummt

  2. Technische Universität Dresden,  

    Eberhard Grummt & Markus Müller

Authors
  1. Eberhard Grummt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Markus Müller
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Christian Floerkemeier Marc Langheinrich Elgar Fleisch Friedemann Mattern Sanjay E. Sarma

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Grummt, E., Müller, M. (2008). Fine-Grained Access Control for EPC Information Services. In: Floerkemeier, C., Langheinrich, M., Fleisch, E., Mattern, F., Sarma, S.E. (eds) The Internet of Things. Lecture Notes in Computer Science, vol 4952. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78731-0_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-78731-0_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-78730-3

  • Online ISBN: 978-3-540-78731-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation