Abstract
Many industries are becoming dependent on Radio Frequency Identification (RFID) technology for inventory management and asset tracking. The data collected about tagged objects though RFID is used in various high level business operations. The RFID system should hence be highly available, reliable, and dependable and secure. In addition, this system should be able to resist attacks and perform recovery in case of security incidents. Together these requirements give rise to the notion of a survivable RFID system. The main goal of this paper is to analyze and specify the requirements for an RFID system to become survivable. These requirements, if utilized, can assist the system in resisting against devastating attacks and recovering quickly from damages. This paper proposes the techniques and approaches for RFID survivability requirements analysis and specification. From the perspective of system acquisition and engineering, survivability requirement is the important first step in survivability specification, compliance formulation, and proof verification.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Y. Zuo, “Secure and private search protocols for RFID systems”, Information System Frontiers: A Journal for Innovation and Research, Springer Netherlands, 2009.
M. Hoque, F. Rahman, and S. Ahamed, “Supporting Recovery, Privacy and Security in RFID Systems using a Robust Authentication Protocol”, The 2009 ACM Symposium on Applied Computing, 2009.
B. Glover, and H. Bhatt, "RFID Essentials", O'Reilly Publisher, 2006.
V. Westmark, “A Definition for Information System Survivability”, The 37th Hawaii International Conference on System Sciences, 2004.
W. Yurcik, D. Doss, and H. Kruse. “Survivability- Over-Security: Providing Whole System Assurance”, IEEE/SEI/CERT Information Survivability Workshop, 2004, pp. 201-204.
S. Myagmar, A. Lee, and W. Yurcik, “Threat Modelling as a Basis for Security Requirements”,Symposium on Requirements Engineering for Inforamtion Security (SREIS), 2006.
E. Oladimeji, S. Supakkul, and L. Chung, “Security Threat Modeling and Analysis: A Goal Oriented Approach”, The 10 th IASTED International Conference on Software, 2006.
R. Ellison, D. Fisher, R. Linger, and H. Lipson, “Survivable Network Systems: An Emerging Discipline”, Technical Report, Carnegie Mellon University, 1997. CMU/SEI-97-TR-013.
J. Knight, E. Strunk and K Sullivan, “Towards a Rigorous Definition of Information System Survivability”, DARPA Information Survivability Conference and Exposition, 2003, Washington D.C., USA.
M. Hiltunen, R. Schlichting, C. Ugarte and G. Wong, “Survivability Through Customization and Adaptability: The Cactus Approach”, DARPA Information Survivability Conference and Exposition, 2000, pp. 243-307.
M. Deutsch and R. Willis, “Software Quality Engineering: A Total Technical and Management Approach”, NJ: Prentice Hall, 1988.
B. Thiraisingham and J. Maurer, “Information Survivability for Evolvable and Adaptable Real-time Command Control Systems”, IEEE Transactions on Knowledge and Data Engineering, Jan./Feb. 1999, 11(1), pp. 228-238.
E. Strunk and J. Knight, “Dependability Through Assured Reconfiguration in Embedded Systems Software”, IEEE Transactions Dependable and Secure Computing, 3(3), July 2006, pp. 172-187.
A. Snow, U. Varshney and A. Malloy, “Reliablility and Survivability of Wireless and Mobile Networks”, IEEE Computer, 33(7), July 2000, pp. 49-55.
N. Mead, “Requirements Engineering for Survivable Systems”, Carnegie Melon University, 2003.
B. Schneier, “Attack Trees”, Dr. Dobb's Journal of Software Tools 24, December 1999, pp. 12-29.
A. Mitrokotsa, M. Rieback and A. Tanenbaum, “Classification of RFID Attacks”,Information System Frontiers: A Journal for Innovation and Research, Springer Netherlands, 2009.
C. Williams, R. Bhaumik, R. Burke, and B. Mobasher, “The Impact of Attack Profile Classification on the Robustness of Collaborative Recommendation”, WEBKDD’06, 2006, Philadelphia, PA, USA.
B. Schneier, “Secrets and lies : Digital Security in a Networked World”, New York, NJ: John Wiley & Sons, 2009.
F. Swiderski and W. Snyder, “Threat Modeling”, Microsoft Press, 2004.
M. Rieback, B. Crispo, and A. Tanenbaum, “Is Your Cat Infected with a Computer Virus?” 4th IEEE International Conference on Pervasive Computing and Communications, 2006. pp. 169–179
Acknowledgement
The authors are thankful to Dr. Robert Herklotz for his support, which made this work possible.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this paper
Cite this paper
Zuo, Y., Pimple, M., Lande, S. (2010). A Framework for RFID Survivability Requirement Analysis and Specification. In: Sobh, T., Elleithy, K. (eds) Innovations in Computing Sciences and Software Engineering. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-9112-3_26
Download citation
DOI: https://doi.org/10.1007/978-90-481-9112-3_26
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-9111-6
Online ISBN: 978-90-481-9112-3
eBook Packages: Computer ScienceComputer Science (R0)