Skip to main content
SpringerLink
Log in

Technical Guidelines for Implementation and Utilization of RFID-based Systems

  • Chapter
ISSE/SECURE 2007 Securing Electronic Business Processes

  • 809 Accesses

Abstract

The last years saw the introduction of contactless smartcard technology in prominent projects like ticketing for WC2006, nation-wide public transport solutions and electronic Passports. Currently major implementations of RFID in logistics and NFC-based ticketing and payment solutions are under preparation.

Especially above mentioned prominent projects have been confronted with significant public criticism. Influential parts of the society and the authorities had and still have the perception that contactless chip technology and RFID may not be secure and mature. This leads to the following situation:

  1. 1.

    Uncertainties concerning public response and customer acceptance are hampering the introduction of RFID systems

  2. 2.

    The data protection authorities are proposing dedicated legal rules for RFID usage.

By launching the project “Technical Guidelines RFID” the German Federal Office for Information Security (BSI) suggests an approach that considers and fulfills the legitimate interest of all involved parties: Citizens resp. customers, service providers and suppliers of RFID systems.

This year BSI will issue 4 Technical Guidelines for usage of contactless chip technology and RFID in major application areas: Event Ticketing, Ticketing in Public Transport, NFC-based Ticketing and Logistics.

These Technical Guidelines will contain technical advice on how to implement a system in a functional, secure and economically viable way. Potential threats for the system owner and the users are depicted, discussed and countered by appropreate security measures. Remaining risks will be described. All proposed solutions are based on standards or open specifications.

Gaining the acceptance from all parties is the most important project goal. An open discussion and integration of all potential contributors is a corner stone of BSI’s concept.

Therefore the Technical Guidelines are currently being drafted in close cooperations with leading companies from the respective application domains. These drafts have been discussed in dedicated expert workshops where all relevant groups -incl. the critics- were present. The final versions will include the comments gathered in these sessions.

In future BSI and probably also accredited evaluation facilities will offer a certification service / quality seal for implementations that follow the guidelines.

The Technical Guidelines will serve as comprehensive and neutral information source for German citizens, service providers and industry. This will build transparency and trust.

NXP Semiconductors is working the project on behalf of BSI.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Britta Oertel, Michaela Wölk, Lorenz Hilty, Andreas Köhler, Harald Kelter, Markus Ullmann, Stefan Wittmann: RFID — Security Aspects and Prospective Applications of RFID Systems. In: http://www. bsi.de/fachthem/rfid/RIKCHAenglischLayout.pdf. Bundesamt für Sicherheit in der Information-stechnik (BSI), SecuMedia Verlag Ingelheim, 2004

    Google Scholar 

  2. Bundesamt für Sicherheit in der Informationstechnik (BSI): BSI Standard 100-3 — Risk Analysis based on IT Grundschutz, Version 2.0. In: http://www.bsi.de/english/publications/bsistandards/ standard_1003_e.pdf 2005.

    Google Scholar 

  3. Tom Karygiannis, Bernard Eydt, Greg Barber, Lynn Bunn, Ted Phillips: Guidelines for Securing Radio Frequency Identification (RFID) Systems. In: http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf National Institute of Standards and Technology, 2007.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NXP Semiconductors, Canada

    Cord Bartels

  2. German Federal Office for Information Security (BSI), Germany

    Harald Kelter

Authors
  1. Cord Bartels
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Harald Kelter
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden

About this chapter

Cite this chapter

Bartels, C., Kelter, H. (2007). Technical Guidelines for Implementation and Utilization of RFID-based Systems. In: ISSE/SECURE 2007 Securing Electronic Business Processes. Vieweg. https://doi.org/10.1007/978-3-8348-9418-2_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-8348-9418-2_25

  • Publisher Name: Vieweg

  • Print ISBN: 978-3-8348-0346-7

  • Online ISBN: 978-3-8348-9418-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation