Contextual role-based security enhancement mechanism for 2G-RFID systems

Abstract

This paper investigates the use of second-generation radio frequency identification (2G-RFID) technology to enable better quality of service in future networks. With encoded rules as mobile codes stored in radio frequency identification (RFID) tags, the system extendibility and practicability can be effectively improved. However, due to the openness of the mobile codes, the realization of conveying intelligence brings a critical issue, i.e., how to prevent mobile codes from being misused or abused to avoid malicious attacks, which cause the disruption of back-end systems. We address this issue by the use of role-based access control (RBAC) through introducing context-aware computing. Then, we propose a two-level security enhancement mechanism (2L-SEM), i.e., joint contextual-authentication-based and role-analysis-based secure middleware design. According to the given contextual restrictions in terms of time and location, the proposed mechanism filtrates illegal and invalid mobile codes contained in the RFID tags. Finally, a typical case study is given to illustrate the deployment of the proposed 2L-SEM within a 2G-RFID system. The experimental results show the effectiveness of guaranteeing the safe execution of mobile codes in the 2G-RFID system.