Rambler's Top100
Main
Members
News

      Rambler's Top100
     Ïîñëåäíèå îáíîâëåíèÿ:
     10.06.2013
ïîèñê:
  

AIM RFID Experts Refute RFID Virus Claims
Industry Group Address Research Findings

Warrendale, PA – March 16, 2006 – AIM Global, the trade association for automatic identification and mobility, issued a statement today in response to a technical paper delivered during a conference 15 March 2006 in Pisa, Italy, entitled "Is Your Cat Infected with a Computer Virus?"  The paper claims that RFID tags can be used to corrupt databases and even potentially to spread computer viruses. 
 
“Many of the basic assumptions in the paper overlook a number of fundamental design features necessary in automatic data collection systems and good database design,” says AIM Global president, Dan Mullen.  “In other words, the researchers built a system with a weakness and then proceeded to show how the weakness could be exploited.  Not surprisingly poor system design, whether capturing RFID tag information, bar code information or keyboard-entered data will create vulnerabilities.”

AIM recognizes the efforts of the team from Vrije University and the academic community in general for bringing such issues forward, but the methodology of this particular research is questionable.

RFID scientists and experts from the International Organization for Standardization (ISO) were meeting in Kyoto, Japan this week with the leadership of the AIM Global RFID Experts Group as part of its ongoing effort to provide standards and implementation guidance in fielding RFID systems.

In response to this paper, these experts emphasize that there are two broad types of RFID tags, ones that have pre-encoded, or fixed data, and ones that have data that can be changed.  Systems with fixed data such as those used to identify pets cannot be changed and therefore are immune to infection by a virus.

Here are a few specific attributes in RFID systems that can protect the overall system:

• Most applications of RFID, including EPC Gen2, look for specific kinds of data.  Poor reader design might allow the reading of a “rogue” tag, but a good system will verify the data against pre-defined parameters, as do current bar code systems, and any code not in the database is typically ignored.

• Being able to insert a virus into the system implies that a tag contains executable code that is recognized by the software.  This is simply not possible with many applications of RFID since they look for specific kinds of data and will either flag or reject anything that doesn't fit the data template.

• Protection is a common process today in data transfer between computer systems and writeable media.  Global standards and commercial products are created to ensure that there is adequate data security, much the same way that running current virus software prevents virus attacks to your home computer.  Data collection system designers are aware that they must install, and have already installed, methods to authenticate any data into their software.

“Critical advancements in information processing and logistics made possible by RFID technology cannot be underestimated,” concludes Mullen.  “Corporations, government agencies and consumers will enjoy greater confidence when they select standardized RFID technology because the associated security issues have been addressed and resolved by the world’s leading experts.”

About AIM Global
For more than 30 years, AIM Global has served as the association and worldwide authority on automatic identification, data collection and networking in a mobile environment.  AIM members are providers and users of technologies, systems, and services that capture, manage, and integrate accurate data into larger information systems.  Serving more than 900 members in 43 countries, AIM is dedicated to accelerating the growth and use of Automatic Identification and Mobility technologies and services around the world.

AIM Global also has an active educational focus, providing accurate and unbiased information on AIDC technology, standards, and applications.  For more information on AIM programs, please visit www.aimglobal.org/calendar.

As part of its educational outreach, AIM Global publishes "RFID Connections," the industry's oldest and most respected e-newsletter on RFID.  For a free subscription, please visit http://subscriptions.aimglobal.org.

For more information on AIM Global, its technologies and its members, please visit www.aimglobal.org or www.rfid.org.

For more information, contact:
Diana Bowser
+1 724 934 4470
diana@aimglobal.org


Back