NIST Issues Guidelines for Ensuring RFID Security
May 10, 2007 // Published as a news service by IHS
| |
| Electronics & Telecom Docs |
IHS sells a full selection of standards documents & collections from the industry's top organizations.
To learn more, and for a free quote, please complete the form below. |
|
Retailers, manufacturers, hospitals, federal agencies and other organizations planning to use radio frequency identification (RFID) technology to improve their operations should also systematically evaluate the possible security and privacy risks and use best practices to mitigate them, according to a report issued by the National Institute of Standards and Technology (NIST).
"RFID tags, commonly referred to as smart tags, have the ability to improve logistics, profoundly change cost structures for business and improve the current levels of safety and authenticity of the international pharmaceutical supply chain and many other industries," said Undersecretary of Commerce for Technology Robert C. Cresanti.
As RFID devices are deployed in more sophisticated applications from matching hospital patients with laboratory test results to tracking systems for dangerous materials, concerns are being raised about protecting such systems against eavesdropping and unauthorized uses.
The NIST report focuses on RFID applications for asset management, tracking, matching and process and supply chain control. Its list of recommended practices for ensuring the security and privacy of RFID systems includes:
- Firewalls that separate RFID databases from an organization's other databases and information technology (IT) systems.
- Encryption of radio signals when feasible.
- Shielding RFID tags or tag reading areas with metal screens or films to prevent unauthorized access.
- Other security measures for audit and recycling procedures and tag disposal.
Two case studies - in healthcare and supply chain settings - provide examples for identifying and minimizing security risks throughout the various stages of an RFID project.
IHS electronics & telecom standards subscriptions can save you money!
The full report is available at http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf.
Source: Association for the Advancement of Medical Instrumentation (AAMI).