 |
RFID Security
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
RFID Security reveals the motives of RFID hackers and then explains how to protect systems. Coverage includes how to prevent attackers from exploiting security breaches for monetary gain (hacking a store’s RFID system would allow a hacker to lower the pricing on any product); how to protect the supply chain (malicious/mischievous hackers can delete/alter/modify all identifying information for an entire shipment of products); and how to protect personal privacy (privacy advocates fear that RFID tags embedded in products, which continue to transmit information after leaving a store, will be used to track consumer habits).
- Understand RFID Standards
Learn the various country, application, and vendor frequencies and classes of tags.
- Manipulate Tag Data
See how someone looking to steal multiple items could change the data on the tags attached to those items.
- Implement Security Measures
Understand the types of RFID attacks to see how someone might try to steal a single object or even try to prevent sales at a single store or chain of stores.
- Review Tag Encoding and Tag Application Attacks
Review man-in-the-middle attacks, as well as chip clones, tracking, and disruption attacks to RFID systems.
- Prevent Unauthorized Access
Ensure secure communications by deploying RFID middleware.
- Prevent Backend Communication Attacks
Prevent man-in-the-middle and TCP replay attacks on the backend.
- Assess the Risk and Vulnerability of Implementing RFID
Learn the questions to ask to determine the risks to your company.
Table of Contents
What Is RFID?
RFID Uses
Threat and Target Identification
RFID Attacks: Tag Encoding Attacks
RFID Attacks: Tag Application Attacks
RFID Attacks: Securing Communications Using RFID Middleware
RFID Security: Attacking the Backend
Management of RFID Security
ABOUT THE AUTHORS:
Frank Thornton runs his own technology consulting firm, Blackthorn Systems, which specializes in wireless networks. His specialties include wireless network architecture, design, and implementation, as well as network troubleshooting and optimization. An interest in amateur radio helped him bridge the gap between computers and wireless networks. Having learned at a young age which end of the soldering iron was hot, he has even been known to repair hardware on occasion. In addition to his computer and wireless interests, Frank was a law enforcement officer for many years. As a detective and forensics expert he has investigated approximately one hundred homicides and thousands of other crime scenes. Combining both professional interests, he was a member of the workgroup that established ANSI Standard "ANSI/NIST-CSL 1-1993 Data Format for the Interchange of Fingerprint Information." He co-authored WarDriving: Drive, Detect, and Defend: A Guide to Wireless Security (Syngress Publishing, ISBN: 1-93183-60-3), as well as contributed to IT Ethics Handbook: Right and Wrong for IT Professionals (Syngress, ISBN: 1-931836-14-0) and Game Console Hacking: Xbox, PlayStation, Nintendo, Atari, & Gamepark 32 (ISBN: 1-931836-31-0). He resides in Vermont with his wife.
Brad 'RenderMan' Haines is one of the more visible and vocal members of the wardriving community, appearing in various media outlets and speaking at conferences several times a year. Render is usually near by on any wardriving and wireless security news, often causing it himself. His skills have been learned in the trenches working for various IT companies as well as his involvement through the years with the hacking community, sometimes to the attention of carious Canadian and American intelligence agencies. A firm believer in the hacker ethos and promoting responsible hacking and sharing of ideas, he wrote the 'Stumbler ethic' for beginning wardrivers and greatly enjoys speaking at corporate conferences to dissuade the negative image of hackers and wardrivers.
John Kleinschmidt (Technical Editor) is a self-taught, staunch wireless enthusiast from Oxford, Michigan. John is a security admin for a large ISP in Oakland County, Michigan. He spends much of his time maintaining personalwireless.org and enjoys reading up on IT security. John is also a moderator for netstumbler.org.
Anand Das has seventeen plus years of experience creating and implementing business enterprise architecture for the Department of Defense (DOD) and the commercial sector. He is founder and CTO of Commerce Events, an enterprise software corporation that pioneered the creation of RFID middleware in 2001. Anand is a founding member of EPCglobal and INCITS T20 RTLS committee for global RFID and wireless standards development. He formulated the product strategy for AdaptLink, the pioneer RFID middleware product, and led successful enterprise wide deployments including a multi-site rollout in the Air Force supply chain. Previously he was Vice President with SAIC where he led the RFID practice across several industry verticals and completed global rollouts of RFID infrastructure across America, Asia, Europe and South Africa. Anand and his wife, Annapurna, and their two children live in Mclean, VA.
Anita Campbell is a consultant, speaker, and writer who closely follows trends in technology, including the development of the RFID market. She writes for a number of publications, and serves as the Editor for the award-winning RFID Weblog, named to the CNET Blog 100, and syndicated on MoreRFID.com. She is a part-time instructor at the University of Akron and is also the host of her own talk radio program/podcast series on the VoiceAmerica.com Internet radio network. Anita has held a variety of senior executive positions culminating in the role of CEO of an information technology subsidiary of Bell & Howell. She also has served on a number of Boards, including Vice Chair of the Advisory Board, Center for Information Technology and eBusiness at the University of Akron. Anita holds a B.A. from Duquesne University and a J.D. from the University of Akron Law School.
|
|
