Abstract
The content security requirements of a radio frequency identification (RFID) based logistics-customs clearance service platform (LCCSP) are analysed in this paper. Then, both the unified identity authentication and the access control modules are designed according to those analyses. Finally, the unified identity authentication and the access control on the business level are implemented separately. In the unified identity authentication module, based on an improved Kerberos-based authentication approach, a new control transfer method is proposed to solve the sharing problem of tickets among different servers of different departments. In the access control module, the functions of access controls are divided into different granularities to make the access control management more flexible. Moreover, the access control module has significant reference value for user management in similar systems.
Similar content being viewed by others
References
H. F. Deng, J. C. Huang. System integration and data exchange solution based on message queue software bus. Journal of South China University of Technology (Natural Science Edition), vol. 36, no. 5, pp. 1–5, 2008. (in Chinese)
W. Hussak, S. H. Yang. Formal reduction of interfaces to large-scale process control systems. International Journal of Automation and Computing, vol. 4, no. 4, pp. 413–421, 2007.
J. Kohl, C. Neuman. RFC 1510: The Kerberos Network Authentication Service (V5), USA: RFC Editor, 1993.
Liberty Alliance Project. Whitepaper on Liberty Protocol and Identity Theft, 2004, [Online], Available: http://www.projectliberty.org, August 15, 2008.
Microsoft. .Net Passport Technical Overview, 2001, [Online], Available: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/passport_about.mspx?mfr=true, March 15, 2010.
R. Chapman, A. Hilton. Enforcing security and safety models with an information flow analysis tool. ACM SIGAda Ada Letters, vol. 24, no. 4, pp. 39–46, 2004.
H. Zhang, T. Che, N. Li. Analysis and improvement of authentication protocol named Kerberos. Journal of Computer Applications, vol. 22, no. 12, pp. 25–27, 2002. (in Chinese)
L. Xue. Research and Implementation of Single Sign-on for Internet/Intranet, Master dissertation, Northwest University, PRC, 2006. (in Chinese)
B. C. Neuman, T. Ts’o. Kerberos: An authentication service for computer networks. IEEE Communications Magazine, vol. 32, no. 9, pp. 33–38, 1994.
The Open Group. Introduction to Single Signon, [Online], Available: http://www.opengroup.org/security/sso/sso intro.htm, April 25, 2008.
C. Xu. The Research of Accesses Control Theory and Methods, Master dissertation, University of Science and Technology, Nanjing, PRC, 2003. (in Chinese)
R. S. Sandhu, E. J. Coync, H. L. Fcinstcin, C. E. Youman. Role based access control model. IEEE Computer, vol. 29, no. 2, pp. 38–47, 1996.
J. Huang. Study and Design of Software Bus and Data Adapter for the Public Service Platform Based on RFID Technology, Master dissertation, South China University of Technology, PRC, 2007. (in Chinese)
A. Harbourne-Thomas, S. Dalton, S. Brown, B. Holm, T. Loton, M. Kunnumpurath, S. Allamaraju, J. Bell, S. Li. Professional Java Servlets 2.3, Beijing, PRC: Publishing House of Electronics Industry, 2002.
Y. Wang, D. Mao. Technological meaning of Java architecture for XML binding. Journal of Beijing University of Technology, vol. 32, no. 3, pp. 263–268, 2006. (in Chinese)
J. Li, Z. P. Zhang, B. Qiao, H. J. Yang. A component mining approach to incubate grid service in object-oriented legacy systems. International Journal of Automation and Computing, vol. 3, no. 1, pp. 47–55, 2006.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported by Department of Science & Technology of Guangdong Province (No. 2006A15006003) and National High Technology Research and Development Program of China (863 Program) (No. 2006AA04A120)
Hui-Fang Deng received the B. Sc. degree in physics from Hunan Normal University, PRC, the M. Sc. degree in theoretical physics from Wuhan University, PRC, and the Ph.D. degree in computer modeling from University College London, UK. From 1989 to 2004, he was studying, working, and living in the UK. From 2001 to 2004, he served as a chief technical officer at Sunrise Systems Limited in Cambridge, UK. In September 2004, he took a position of the dean of Software School at South China University of Technology, PRC. He is a also a professor at South China University of Technology.
His research interests include RFID technology and applications, computer modelling, service computing, and CAE/CAM.
Wen Deng received the B. Sc. degree in computer science at Central China Normal University, PRC in 2005, and the M. Sc. degree in computer software and theory at South China University of Technology, PRC in 2008. She is now working for Huawei Technologies Co. Ltd. as a software engineer in Shanghai, PRC.
Her research interests include information security and RFID technology and applications.
Han Li received the B. Sc. degree in computer science and technology in 2004 and the M. Sc. degree in computer application in 2007 from School of Electronic and Information Engineering in Dalian University of Technology (DUT), PRC. She is currently a Ph. D. candidate in School of Computer Science and Technology, DUT and also a research fellow in Software Technology Research Laboratory, Faculty of Technology, De Montfort University, UK.
Her research interests include software evolution and software security.
Hong-Ji Yang received the B. Sc. and M.Phil. degrees from Jilin University in 1982 and 1985, respectively, and the Ph.D. degree from Durham University, UK in 1994. Currently, he is a professor at the Software Technology Research Laboratory, Faculty of Technology, De Montfort University, UK and leads the Software Evolution and Reengineering Group. He served as a program co-chair at IEEE International Conference on Software Maintenance in 1999 and the program chair at IEEE Computer Software and Application Conference in 2002.
His research interests include software engineering and pervasive computing.
Rights and permissions
About this article
Cite this article
Deng, HF., Deng, W., Li, H. et al. Authentication and access control in RFID based logistics-customs clearance service platform. Int. J. Autom. Comput. 7, 180–189 (2010). https://doi.org/10.1007/s11633-010-0180-x
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11633-010-0180-x