Home' Technology Review : May June 2006 Contents TECHNOLOGY REVIEW /
When Dutch researchers an-
nounced in March they d man-
aged to use radio frequency ID
tags as a means of passing a virus to an
information system s database, they merely
demonstrated the obvious, says Daniel
Engels, first research director at the Auto-
ID Labs at MIT, a center of RFID research.
RFID systems, being computers, are as vul-
nerable to viruses as any other computer.
Good system designs and targeted applica-
tions minimize risk, Engels says.
TR: Generally, how vulnerable are RFID
systems to fraud, attacks, and viruses?
Engels: RFID systems, just like bar
code systems, are computing and informa-
tion systems. As such, they are potentially
vulnerable. At the simplest level, think of
a shoplifter who sticks a bar code for a
12-ounce jar of peanut butter over the bar
code on a 16-ounce jar. He only pays the
12-ounce price, because that s what the
information system is reading. The infor-
mation system is relying upon the cashier
to catch any discrepancies. An RFID tag
could theoretically be switched, too.
How, exactly, are viruses a threat?
Most RFID tags are simple database de-
vices. The data---commonly a product iden-
tifier plus a serial number---is either written
in the wafer fab facility or at the point the
tag is applied. Once data is written, it is
locked, preventing any modification. You d
have to destroy the tag and replace it. Tags
with rewritable memory may have a virus
written to its memory, but the memory con-
tents have no impact on the tag s opera-
tions. So most tags are not vulnerable to vi-
ruses, but some may be carriers of viruses.
What about the fancier tags?
Some RFID tags are able to store large
quantities of data, such as the active tags
used by the military to track its shipping
containers. These act as unsecured da-
tabases and should be treated as such.
Viruses may be stored in this user-memory
portion. But the data typically needs to be
in a specific format to be usable by the in-
formation system. This limits the potential
for attacks, since incorrectly formatted data
will be rejected by the system.
So it s up to the designers of the com-
puting systems to stop such an attack?
As with all computing and information
systems, security requires a multilayered
approach when any automated identifi-
cation system is used. RFID systems are
simply an enabling technology. The power
of the system lies within the information
system using the captured data.
When RFID systems are used to store
data other than the item s unique identi-
fier, security measures must be used to
authenticate the data and its authors. It is
incumbent upon the information system to
authenticate the data and verify that the
format and structure of the data are appro-
priate for the applications using it.
What does the future hold?
As RFID technologies become more
widespread and available at lower costs,
the likelihood of various attacks will in-
crease. But the potential security attacks
on RFID systems and the information sys-
tems that support them are well known and
well understood by experts within the in-
dustry. There is a price to be paid to imple-
ment countermeasures. As the cost and
frequency of successful attacks increases,
more security features will be integrated
into the RFID tags themselves and the in-
formation systems supporting them.
JASON SCHNEIDER (RFID); COURTESY OF YUNG JOON JUNG (DISPLAYS)
Carbon nanotubes unique electronic
properties make them promising as,
among other things, ultraefficient "elec-
tron emitters" for bright, low-power dis-
plays. Now, researchers have found a
way to pattern nanotubes onto plas-
tic sheets for flexible displays.
The new method, developed by
researchers at Rensselaer Polytech-
nic Institute, Northeastern Univer-
sity, and New Mexico State University,
starts with a surface prepatterned to
specify where multiwalled nanotubes
will grow on it. The researchers pour
a liquid over the nanotubes and cook
it until it forms a polymer. They then
peel off the polymer and nanotubes.
The polymer preserves the pattern
right down to the positions of individual
nanotubes, which it keeps aligned.
For displays, where single nano-
tubes must be isolated from others to
get the best efficiencies, the research-
ers strip off a layer of polymer to expose
the tips of nanotubes, then burn off long
or tangled nanotubes, leaving isolated
ones. "The results we ve seen are some
of the best that have been reported in
the literature," says Swastik Kar, a post-
doctoral researcher at RPI and a lead
author of the paper. Prototype displays
are still a few years off. KEVIN BULLIS
A new process
(black dots) on a
RFID: At Risk
As part of an information
system, even the lowly
RFID tag is vulnerable
Links Archive March April 2006 September October 2006 Navigation Previous Page Next Page