Paper 2013/165

A New Security and Privacy Framework for RFID In Cloud Computing

Süleyman Kardas, Serkan Çelik, Muhammed Ali Bingöl, and Albert Levi

Abstract

RFID is a leading technology that has been rapidly deployed in several daily life applications such as payment, access control, ticketing, and e-passport, which requires strong security and privacy mechanisms. However, RFID systems commonly have limited computational capacity, poor resources and inefficient data management. Hence there is a demanding urge to address these issues in the light of some mechanism which can make the technology excel. Cloud computing is one of the fastest growing segments of IT industry which can provide a cost effective technology and information solution to handling and using data collected with RFID. As more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. Therefore, while integrating RFID into the cloud, the security and privacy of the tag owner must be considered. Motivated by this need, we first provide a security and privacy model for RFID technology in the cloud computing. In this model, we first define the capabilities of the adversary and then give the definitions of the security and privacy. After that we propose an example of an RFID authentication protocol in the cloud computing. We prove that the proposal is narrow strong private+ in our privacy model.