Tempco Electric Heater Corporation Designs and Manufactures Heating Elements, Temperature Sensors and Controls, and Turnkey Process Heating Systems. Thousands of products including accessory items are available from stock. Request our 864 page Visionary Solution catalog for product and engineering information.
NIST issues guidelines to promote RFID security.
May 4, 2007 -
According to NIST report, organizations planning to use RFID technology should also systematically evaluate the possible security and privacy risks and use best practices to mitigate them. Publication focuses on RFID applications for asset management, tracking, matching, and process and supply chain control, and recommends using firewalls between RFID and other organization databases, as well as encryption, authentication, and shielding of tags.
(Archive News Story - Products mentioned in this Archive News Story may or may not be available from the manufacturer.)
National Institute of Standards & Technology
Release date: April 26, 2007
Gaithersburg, MD - Retailers, manufacturers, hospitals, federal agencies and other organizations planning to use radio frequency identification (RFID) technology to improve their operations should also systematically evaluate the possible security and privacy risks and use best practices to mitigate them, according to a new report* from the Department of Commerce's National Institute of Standards and Technology (NIST).
"RFID tags, commonly referred to as smart tags, have the ability to improve logistics, profoundly change cost structures for business, and improve the current levels of safety and authenticity of the international pharmaceutical supply chain and many other industries," said Under Secretary of Commerce for Technology Robert C. Cresanti. "This important report lays the foundation for addressing potential RFID security risks so that a thoughtful enterprise can launch a smart tag program with confidence."
RFID devices send and/or receive radio signals to transmit identifying information such as product model or serial numbers. They come in a wide variety of types and sizes, from the size of a grain of rice or printed on paper to much larger devices with built in batteries. Unlike bar coding systems, RFID devices can communicate without requiring a line of sight and over longer distances for faster batch processing of inventory and can be outfitted with sensors to collect data on temperature changes, sudden shocks, humidity or other factors affecting products.
As RFID devices are deployed in more sophisticated applications from matching hospital patients with laboratory test results to tracking systems for dangerous materials, concerns have been raised about protecting such systems against eavesdropping and unauthorized uses.
"The goal of our report," according to lead author Tom Karygiannis of NIST, "is to give organizations practical ways in a structured format with checklists and specific recommendations to address potential RFID security risks."
The new NIST publication focuses on RFID applications for asset management, tracking, matching, and process and supply chain control. Its list of recommended practices for ensuring the security and privacy of RFID systems includes:
firewalls that separate RFID databases from an organization's other databases and information technology (IT) systems; encryption of radio signals when feasible; authentication of approved users of RFID systems; shielding RFID tags or tag reading areas with metal screens or films to prevent unauthorized access; audit procedures, logging and time stamping to help in detecting security breaches; and tag disposal and recycling procedures that permanently disable or destroy sensitive data.
NIST prepared the new report as part of its responsibilities under the Federal Information and Security Management Act of 2002 to help federal agencies provide adequate security for their information technology systems. However, its recommendations for selecting appropriate security controls for RFID systems are likely to be useful to other types of organizations as well.
Two case studies-in health care and supply chain settings-provide examples for identifying and minimizing security risks throughout the various stages of an RFID project.
The full report is available at: http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf
CONTACT: Gail Porter, NIST (301) 975-3392
Contacts: General Information:
Gail Porter
USA
Phone: 301-975-3392 Company Information: Name: National Institute of Standards & Technology Address: 100 Bureau Dr., Stop 1070 City: Gaithersburg State: MD ZIP: 20899-1070 Country: USA Phone: 301-975-2762 http://www.nist.gov
News provided by ThomasNet News® (TNN). TNN is a comprehensive source
of new and timely product information in the industrial marketplace. TNN supplies new product
information to the web sites, e-marketplaces and print publications that serve the
industrial marketplace. For press release submissions please go to
http://news.thomasnet.com/submitpr.html.
BY ACCESSING, BROWSING AND/OR USING THIS WEB SITE AND/OR ANY WEB SITES PROVIDED BY
ProductNews.com, YOU AGREE TO BE BOUND BY THE TERMS OF USE
AGREEMENT.
del.icio.us
DIGG
Facebook
Reddit
StumbleUpon
Twitter
![[Get Copyright Permissions]](http://license.icopyright.net/images/icopy-w.gif){kind=small}
