Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Research in Computer Security and Privacy: Emerging Trends
Guest editors: Vijay AtluriGuest Editor and Claudia DiazGuest Editor
Article type: Research Article
Authors: Kobsa, Alfreda | Nithyanand, Rishabb; * | Tsudik, Genea | Uzun, Ersinc
Affiliations: [a] University of California, Irvine, CA, USA. E-mails: kobsa@uci.edu, gene.tsudik@uci.edu | [b] Stony Brook University, Stony Brook, NY, USA. E-mail: rnithyanand@cs.stonybrook.edu | [c] Palo Alto Research Center, Palo Alto, CA, USA. E-mail: ersin.uzun@parc.com
Correspondence: [*] Corresponding author. E-mail: rnithyanand@cs.stonybrook.edu
Abstract: The recent emergence of RFID tags capable of performing public key operations enables a number of new applications in commerce (e.g., RFID-enabled credit cards) and security (e.g., ePassports and access-control badges). While the use of public key cryptography in RFID tags mitigates many difficult security issues, certain important usability-related issues remain, particularly when RFID tags are used for financial transactions or bearer identification. In this paper, we focus exclusively on techniques with user involvement for secure user-to-tag authentication, transaction verification, reader expiration and revocation checking, as well as pairing of RFID tags with other personal devices. Our approach is based on two factors: (1) recent advances in hardware and manufacturing have made it possible to mass-produce inexpensive passive display-equipped RFID tags, and (2) high-end RFID tags used in financial transactions or identification are attended by a human user (typically, their owner). Our techniques rely on user involvement coupled with on-tag displays to achieve better security and privacy. Since user acceptance is a crucial factor in this context, we conducted comprehensive user studies to assess usability of all considered methods. This paper reports on our findings.
Keywords: RFID, usability, security, authentication, device pairing
DOI: 10.3233/JCS-130470
Journal: Journal of Computer Security, vol. 21, no. 3, pp. 347-370, 2013
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl