• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2014, Vol. 36 ›› Issue (05): 874-878.

• 论文 • 上一篇    下一篇

基于RBAC的RFID安全认证协议

王桂超,王彦,李永珍   

  1. (延边大学工学院,吉林 延吉 133002)
  • 收稿日期:2012-12-04 修回日期:2013-03-25 出版日期:2014-05-25 发布日期:2014-05-25

A RFID secure authentication protocol based on RBAC              

WANG Guichao,WANG Yan,LI Yongzhen   

  1. (Yanbian University of Technology,Yanbian University,Yanji 133002,China)
  • Received:2012-12-04 Revised:2013-03-25 Online:2014-05-25 Published:2014-05-25

摘要:

对于低成本RFID系统,其安全隐私问题一直是研究的热点。为了保护用户的隐私安全,现有的RFID安全认证协议主要采用Hash函数、传统加密算法等来保证标签信息的安全,虽然在一定程度上保证了信息的安全,然而这些协议却忽略了对非授权标签信息的保护。为了弥补以上缺陷和不足,提出了一种基于角色访问控制RBAC的RFID安全认证协议。通过引入RBAC机制,能够有效地确保非授权标签信息的安全性,并且可以抵抗重传攻击、内部阅读器攻击等攻击。同时,利用部分ID、位运算等方法降低系统对标签的硬件要求,更适合低成本RFID系统。

关键词: RBAC, RFID, 访问权限, 安全级别

Abstract:

For the low-cost RFID systems, the security and privacy problems are always the research hot spot. In order to protect the users’privacy, the existing security protocols mainly use the Hash function or traditional encryption algorithms to ensure the safety of the tag’s information. Although, to some extent, they guarantee the security of the information, all of them are nothing but ignore protecting the unauthorized tag’s information. For the sake of filling in the gap, a RFID secure authentication protocol based on RBAC is proposed. Through introducing the RBAC mechanism, our proposal can effectively not only ensure the security of the unauthorized tag’s information but also resist the reply attack, the internal reader attack, etc. Besides, using the partial ID and bit operation can reduce the system hardware requirements for the tag so that the proposed protocol is more suitable for low-cost RFID systems.
   

Key words: RBAC;RFID;access authority;safety level