标题: RFID 无线射频识别技术安全加强之研究
Study on Enhancing Security of RFID Technology
作者: 蔡文能
TSAI WEN-NUNG
国立交通大学资讯工程学系(所)
关键字: RFID Tag;RFID Reader;EPC;PML;XML;CA;EPC;PKI;RFID;Tag;XKMS;XML
公开日期: 2009
摘要: 早在2002 年时,美国Wal-Mart 便主动推广RFID 技术,分别于2005 及2006 年要
求全球前一百大与接着的三百大供应商必须贴上RFID,在2007 年更进一步要求另三百
家供应商使用RFID。台湾的厂商大部分不瞭解RFID 是怎样的技术,但迫于无奈只能采
取“Slap-and-Ship”的配合策略,以便能够持续获得订单。国内政府直到2006 年才推
动RFID 公领域计画,开始培育国内种子厂商来仿效国外推动RFID 所能带来之获利。因
此RFID 成为目前最为关键的技术指标,在未来的十年内必定成为影响全球经济的主要
科技。美国Frost & Sullivan 发展顾问公司预测2009 年全球RFID 产值将达60 亿美金。
然而对于RFID 软体产业来说,因为RFID 硬体尚处于未成熟阶段,加上国内软体产业未
蓬勃发展,导致现在仍是处于一片浑沌不明的阶段。以国内系统整合的实力,整个RFID
价值炼上最为欠缺的就是中介软体的部分。
我们目前进行中的研究计画,已经发展模组化的RFID 软体关键技术与中界软体核
心。为了加强RFID 应用系统的安全性,确保资料在无线传输和网路上交换时的安全性,
本计画要把我们开发中的RFID middleware API 用W3C 的网路安全规范,包含XML 加密
(XML Encryption)、XML 签章(XML Signature)和XML 金钥管理规范(XML Key Management
Specification, XKMS 结合Web services 提供RFID 应用系统更安全的传输环境。
藉由此项计画,我们将会同时具有RFID 产业与资通安全整合能力与相关学术研究
能力。藉由我们所开发中介软体(Middleware)整合Web services 与XML 加解密和XKMS
技术,更进一步进行我们所谓的加强安全性的RFID 应用,以避免目前大部份研究都在
纸上谈兵停滞不前的状况。此外,透过我们所研发的整合中介软体与XML 加解密
/SOAP/XKMS 以及Web Services 和PKI,提升RFID 应用系统的安全性,将可快速带
动国内产业进入RFID 的领域。此外,因为有实质的RFID 硬体设备,我们的学术研究
将可以更扎实,更深入实际状况。
Starting from 2002,Wal-Mart company in USA decided to adopt the RFID technology
to improve the efficiency of the supply chain. Starting from January 2005, Wal-Mart
mandated their top 100 suppliers to ship pallets with RFID tag affixed.Wal-Mart then asked
300 more suppliers to use RFID tags on 2006, and another 300 more on 2007. Therefore,
RFID becomes the key technology and will affect global economics within following ten
years. Frost & Sullivan projects the global RFID market to exceed US$6.0 billion by 2009, a
six-fold increase from US$1.1 billion in 2005. However, RFID software industry in Taiwan is
still marking time partly because of immature RFID hardware development or straggled
software industry environment. All we need is a set of flexible and powerful middleware that
can be used as the bridge between RFID technology and existing application programs.
In previous research, we already developed a core set of RFID middleware API that can
help the reader to collect correct Tag information correctly, which can be used for various
RFID application system..
In this research, we will enhance the middleware, with XML/SOAP and Web Services,
and XML encryption/decryption along with XKMS and CA/PKI, to improve the security of
the RFID application system. We will integrate our RFID middleware APIs with Web services,
and as well as the OpenCA PKI platform.
By doing this research, we will have both the RFID industry integration capability with
information security and research energy.We will design and implement hardware
independent middleware and XKMS basedWeb services that can be used with various RFID
tag devices. Based on this self-designed middleware andWeb services, we will apply to
some applications to build a demo example.
官方说明文件#: NSC98-2221-E009-086
URI: http://hdl.handle.net/11536/101446
https://www.grb.gov.tw/search/planDetail?id=1902227&docId=315147
显示于类别:Research Plans