Research On The Security Architecture And Key Technologies Of RFID System

RFID system is a typical application of the Internet of things, is one of the most popular research direction in communication field. Using RFID system, man and machine, machine and machine can exchange information through the non-contact automatic identification of objects.RFID system will bring great convenience for human’s life and is the major progress of human way of life. However,while RFID sytem bring benefit for people’s life,it also introduces new security concerns. There are the huge number of tags in the RFID system which are unattended,and often exposed to the field whose own safety can not be guaranteed; on the other hand, RFID system uses wireless communication channel to obtain information on legal equipment, but also can a malicious attacker access to information at the same time which will acquire location information and privacy information.Therefore,it is required to strengthen the security of RFID system through the establishment of strong security mechanisms, to ensure system security in the construction of RFID system.In this thesis, starting from the security issues faced by RFID system,the security architecture,key management mechanism and equipment security authentication protocol of RFID system are mainly studied. Firstly,the characteristics and research situation of RFID system are analyzed.Secondly,from the perception of the transport layer,application layer, the security issues which may arise in RFID system are analyzed.According to the special security issues in RFID system, the security requirements are proposed and security architecture of the RFID system is established. Combined with the existing communication network security technology and RFID system architecture, the security key technology of RFID system is studied, including security requirements and security architecture of the RFID system, key management, security authentication technology and encryption communication technology.Finally, through the application of RFID in the field of emergencyresponse, the techniques of this thesis are verified.The main research results of our paper are as follows:1.A security architecture of RFID system is put forword based on trust chain. After analyzed the constituent elements of the RFID system and network architecture,a mixed RFID system security architecture model is proposed which is based on trust chain. In the model,the RFID security architecture is divided into security perception layer, transport layer security, application layer security.By constructing security chain of trust from the perception layer, transport layer to application layer,the security of the entire RFID system is achieved.Meanwhile,the security management of RFID equipment is layered according to the RFID system level which is suitable for more processing objects, less resource consumption,easy management, and direct proof of identification of the authenticity of the object itself without the third party certification,the equipment department,equipment department of large-scale off-line authentication and certification of RFID system application.The mode can be used in the RFID system applications that require large-scale deployment of equipment,equipment certification and offline direct certification requirements.2.A unified hybrid key management mechanism of RFID system which is based on PKI and CPK is put forward. In the mechanism,the terminal nodes are identitied according its tag, a unified identity space is established,and a unified key space is established.At the same time,PKI key management technology is used for the back-end devices of RFID system which solves the compatibility problem of traditional Internet authentication and the existing security solutions; CPK key management technology is used for the front end devices of RFID system which implement key "centralized generation and distributed storage" management mode in the the perception layer,and solve the security issues which there are more processing objects in the RFID system, less resource in a single device, and need more direct proof of identification of the authenticity of the device without the third party.3.A security authentication model of perception layer which is suitable for different environmental requirements is put forward. For the low-costRFID systems,an improved bidirectional authentication protocol based on Hash function is proposed which the security capacity of the protocol is demonstrated based on the protocol security requirements.For the higher security RFID system,a security authentication protocol based on key is proposed which the the inner structure of reader,tag,and the communication process between devices is described.4.A cross-domain security authentication and authorization model of RFID system is proposed. In previous approaches, it’s generally assumed that all tags of RFID belong to a single RFID domain system.This paper considers the security and privacy problems regarding that RFID tags used by different two or more RFID domains in EPC network. First, the security and privacy mechanisms in RFID multi-domain system are divided into 3conceptual parts: RFID forehand system security, RFID backend system security, and RFID inter-domain system security. Then, a SAML-based cross-domain security authentication and authorization model in RFID multi-domain system is present,and evaluated with a case study for RFID inter-domain system.The scheme makes the different domain RFID system users can easily realize the authentication and authorization, and has an important reference value for the security construction of cross domain RFID system.