RFID Security Guideline Published

Send to friend

AIM Global, the trade association recognized as the worldwide authority on automatic identification and mobility, is pleased to recognize the publication of ISO/IEC TR24729-4, Information technology Radio frequency identification for item management Implementation guidelines Part 4: Tag data security by the International Organization of Standards (ISO).

The Technical Report has its genesis as guidance from AIM Global's RFID Expert Group: RFID Guidelines on data access security. It looks at systemic solutions that prevent unauthorized or inadvertent access to data on an RFID tag and in an RFID system. It is intended to provide guidance to users and systems designers on potential threats to data security and countermeasures available to provide RFID data security.

Determining the appropriate approach to RFID data security is highly dependent on the type(s) of possible threat(s), the intended use of the tag, the type of data on the tag for a particular application, and the potential value of the data. Therefore, this Technical Report does not provide specific recommendations but, rather, offers sufficient guidance to enable users or developers to assess potential risks and determine appropriate techniques to mitigate the risks they may see in their own application.

Key contributors to the development of the document include Dr. Gisele Bennet, Georgia Tech Research Institute (project chair); Matthew J. and Craig K. Harmon, QED Systems; Steve Halliday, HighTech AID; Mark Buckner, Oak Ridge National Labs; Eldor Walk, FEIG Electronic GmbH; Dan Kimball, SRA International; Mark Reboulet, U.S. Air Force AIT; and Bert Moore, AIM Global.

AIM Global president, Dan Mullen noted, "As with every data collection system, the security of information is an essential element to the solution.  With increasing adoption of RFID, it is important for companies producing, implementing and using RFID to understand potential risks and rewards offered by the technology. This technical report is a tremendous resource to help companies understand and mitigate risks to maximize rewards."

All relevant automatic identification and data collection ISO documents are available for purchase from the AIM Global online store.  The RFID Tag Data Security technical report can be accessed directly.

 

About AIM Global
For 35 years, AIM Global has served as the association and worldwide authority on automatic identification, data collection and networking in a mobile environment.  AIM members are providers and users of technologies, systems, and services that capture, manage, and integrate accurate data into larger information systems.  Serving members in 43 countries, AIM is dedicated to accelerating the growth and use of Automatic Identification and Mobility technologies and services around the world.

AIM Global actively supports the development of AIDC standards through its own Technical Symbology Committee (TSC), North American and Global Standards Advisory Groups, and RFID Experts Group (REG) as well as through participation at the industry, national (ANSI) and international (ISO) levels. 

AIM Global has an active educational focus, providing accurate and unbiased information on data collection technology.  As part of its educational outreach, AIM Global publishes "RFID Connections" and "AIM Connections," the industry's oldest and most respected e-newsletters on RFID and automatic data collection.

For more information on AIM Global, its technologies and its members, please visit www.aimglobal.org or www.rfid.org.

About the RFID Experts Group (REG)
The REG is a committee of AIM Global and is responsible for addressing the standards and issues of RFID.  The REG was founded in 2004 and is currently comprised of over 40 organizations from the U.S., Europe, and Asia.  The REG has authored five ISO Technical Reports (on Security, Recycling, ISO/IEC 18000-6C Labeling, installation of ISO/IEC 18000-6C reading systems and ISO/IEC TR24729-4-Tag Security.).
 
The committee has also submitted The RFID Emblem (ISO/IEC 29160) as an ISO standard to assist in consumer notification of RFID and to assist in operational use of the technology.

 

 

Comments (0)

Add a Comment

This thread has been closed from taking new comments.