Security White Papers
- Physical Asset Management and IT Security
Published April 2010
Information technology involves virtual assets and transactions, but security vulnerabilities may lurk in its physical foundations. Jim Caudill, Xterprise's senior VP of marketing and strategy, explains how identifying, tracking and managing risks to physical servers, storage devices and network hardware can help close security gaps that can not be addressed by electronic asset management. This document outlines RFID methods to integrate IT security across physical and virtual domains.
- Using PNR as a New Approach to Enhancing RFID Channel Security Via Direct Sequence Spread Spectrum (DSSS)
Published March 2010
Salman Altaf and Mumtaz A. Kamala, of the University of Bradford School of Computing, Information and Media, and Qudoos Yousuf, of Innovation North Leedsmet
University, outline how retailers, manufacturers, hospitals, federal agencies and other organizations can use RFID to improve functionality and product quality, and maintain a good checks-and-balances system, without experiencing data security and privacy vulnerabilities. The authors discuss a proposed technique for preventing data leakage and providing protection against eavesdropping and interference, by spreading spectrum over the wideband, utilizing a suitable pseudorandom (PNR) code. (7 pages)
- SmartDEGREE from TCS to Combat Certificate Malpractices
Published October 2009
Tata Consultancy Services' Chandrashekar Mudraganam explains how to employ radio frequency identification to curb fake degree certificates issued by universities, which can pose a threat to the integrity of degree holders and educational institutions alike. TCS has successfully implemented this solution at the University of Hyderabad, in India, since 2007. (9 pages)
- End-to-End Encryption and Chip Cards in the U.S. Payments Industry
Published September 2009
In this position paper, the Smart Card Alliance clarifies and defines end-to-end encryption, detailing which types of problems such encryption can help address. This document explores the advantages of an alternative strategy for protecting cardholder data—moving data protection to the payment card itself, using chip-card technology—and proposes the use of contactless chip cards, including a dynamic cryptogram with each transaction and authorizing transactions online. (12 pages)
- Secura Key Radio Key Technology
Published August 2009
Radio Key is Secura Key's brand name for its 125 kHz proximity cards. Radio Key cards, key tags and interrogators employ proximity technology and are suitable for a variety of applications, including access control, time and attendance, membership, parking, fuel management, and more. This document outlines basic operation, credentials, control applications and uses for non-access applications, to familiarize applications providers, consultants, resellers and end users with the capabilities of Radio Key. (9 pages)
- Secura Key e*Tag Technology
Published August 2009
e*Tag is Secura Key's brand name for its 13.56 MHz contactless smart cards. e*Tag cards, key tags, labels, interrogators and reader-writers employ 13.56 MHz ISO 15693 technology and are suitable for a variety of applications, including access control, time and attendance, membership and loyalty programs, logical access, storage of biometric templates, parking and ePurse, fuel management, data retrieval, asset and inventory management, data collection and more. This document provides an overview intended to familiarize applications providers, consultants, resellers and end users with the capabilities of e*Tag. (11 pages)
- Improving Security With Identification Printing
Published August 2005
Zebra Technologies explains how to improve security with identification printing solutions, featuring bar-code, radio frequency identification, graphics, logos, digitized photos and text, with real-world examples of how companies and law enforcement agencies have benefited from ID card and label printing technology.
- The Role of Chips in Making Identification Documents More Secure
Published July 2005
With the United States taking enormous strides toward strengthening its homeland security in the years following the terrorist attacks of Sep. 11,
2001, Infineon Technologies examines the use of chip-based identification in ePassports, as well as the role of education in assuaging public concerns. For further information about this white paper, please contact
- ASEMC: Authentication for a SEcure M-Commerce
Published June 2005
This white paper, written by Christina Braz and Esma Aimeur, describes a user-centered security authentication system against fraud, counterfeit and theft for the mobile commerce domain, specifically for mobile devices. This, the authors assert, is achieved through a microprocessor chip implanted under human skin.
- Security and Privacy in Radio Frequency Indentification Devices
Published May 2003
This white paper, submitted by Stephen August Weiss to the Department of Electrical Engineering and Computer Science, was written in partial fulfillment of the requirements for a Master of Science Degree in computer science from the Massachusetts Institute of Technology. RFID systems are a common and useful tool in manufacturing, supply chain management and retail inventory control. Due to advances in silicon manufacturing technology, RFID costs have dropped significantly. In the near future, low-cost RFID electronic product codes, or “smart-labels,” may be a practical replacement for optical bar codes on consumer items. However, the universal deployment of RFID devices in consumer items may expose new security and privacy risks not present in closed manufacturing environments. This thesis presents an introduction to RFID, identifies several threats to security and privacy and offers practical proposals for efficient security mechanisms, along with policy suggestions, open questions and areas of research.