标题: | RFID 无线射频识别技术安全加强之研究 Study on Enhancing Security of RFID Technology |
作者: | 蔡文能 TSAI WEN-NUNG 国立交通大学资讯工程学系(所) |
关键字: | RFID Tag;RFID Reader;EPC;PML;XML;CA;EPC;PKI;RFID;Tag;XKMS;XML |
公开日期: | 2009 |
摘要: | 早在2002 年时,美国Wal-Mart 便主动推广RFID 技术,分别于2005 及2006 年要 求全球前一百大与接着的三百大供应商必须贴上RFID,在2007 年更进一步要求另三百 家供应商使用RFID。台湾的厂商大部分不瞭解RFID 是怎样的技术,但迫于无奈只能采 取“Slap-and-Ship”的配合策略,以便能够持续获得订单。国内政府直到2006 年才推 动RFID 公领域计画,开始培育国内种子厂商来仿效国外推动RFID 所能带来之获利。因 此RFID 成为目前最为关键的技术指标,在未来的十年内必定成为影响全球经济的主要 科技。美国Frost & Sullivan 发展顾问公司预测2009 年全球RFID 产值将达60 亿美金。 然而对于RFID 软体产业来说,因为RFID 硬体尚处于未成熟阶段,加上国内软体产业未 蓬勃发展,导致现在仍是处于一片浑沌不明的阶段。以国内系统整合的实力,整个RFID 价值炼上最为欠缺的就是中介软体的部分。 我们目前进行中的研究计画,已经发展模组化的RFID 软体关键技术与中界软体核 心。为了加强RFID 应用系统的安全性,确保资料在无线传输和网路上交换时的安全性, 本计画要把我们开发中的RFID middleware API 用W3C 的网路安全规范,包含XML 加密 (XML Encryption)、XML 签章(XML Signature)和XML 金钥管理规范(XML Key Management Specification, XKMS 结合Web services 提供RFID 应用系统更安全的传输环境。 藉由此项计画,我们将会同时具有RFID 产业与资通安全整合能力与相关学术研究 能力。藉由我们所开发中介软体(Middleware)整合Web services 与XML 加解密和XKMS 技术,更进一步进行我们所谓的加强安全性的RFID 应用,以避免目前大部份研究都在 纸上谈兵停滞不前的状况。此外,透过我们所研发的整合中介软体与XML 加解密 /SOAP/XKMS 以及Web Services 和PKI,提升RFID 应用系统的安全性,将可快速带 动国内产业进入RFID 的领域。此外,因为有实质的RFID 硬体设备,我们的学术研究 将可以更扎实,更深入实际状况。 Starting from 2002,Wal-Mart company in USA decided to adopt the RFID technology to improve the efficiency of the supply chain. Starting from January 2005, Wal-Mart mandated their top 100 suppliers to ship pallets with RFID tag affixed.Wal-Mart then asked 300 more suppliers to use RFID tags on 2006, and another 300 more on 2007. Therefore, RFID becomes the key technology and will affect global economics within following ten years. Frost & Sullivan projects the global RFID market to exceed US$6.0 billion by 2009, a six-fold increase from US$1.1 billion in 2005. However, RFID software industry in Taiwan is still marking time partly because of immature RFID hardware development or straggled software industry environment. All we need is a set of flexible and powerful middleware that can be used as the bridge between RFID technology and existing application programs. In previous research, we already developed a core set of RFID middleware API that can help the reader to collect correct Tag information correctly, which can be used for various RFID application system.. In this research, we will enhance the middleware, with XML/SOAP and Web Services, and XML encryption/decryption along with XKMS and CA/PKI, to improve the security of the RFID application system. We will integrate our RFID middleware APIs with Web services, and as well as the OpenCA PKI platform. By doing this research, we will have both the RFID industry integration capability with information security and research energy.We will design and implement hardware independent middleware and XKMS basedWeb services that can be used with various RFID tag devices. Based on this self-designed middleware andWeb services, we will apply to some applications to build a demo example. |
官方说明文件#: | NSC98-2221-E009-086 |
URI: | http://hdl.handle.net/11536/101446 https://www.grb.gov.tw/search/planDetail?id=1902227&docId=315147 |
显示于类别: | Research Plans |