Intercepting mobile communications: the insecurity of 802.11
Proceedings of the 7th annual international conference on Mobile computing and networking
The blocker tag: selective blocking of RFID tags for consumer privacy
Proceedings of the 10th ACM conference on Computer and communications security
Mix Zones: User Privacy in Location-aware Services
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
Security and Privacy Issues in E-passports
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking
Proceedings of the 1st international conference on Mobile systems, applications and services
RFID traceability: a multilayer problem
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
| Hi-index | 0.00 |
The government has plans for electronic ID cards, passports and vehicle identification. In industry, smartcards, intelligent tickets, RFID and active tags are increasingly available at low cost. Technology that was not originally designed for identification and tracking is now being used in that role. Wi-Fi tags are now available, and a number of technology vendors provide Wi-Fi location-based services. We are seeing a proliferation of user and object identifiers (more correctly termed `identifying tokens') that can be read at a range. Barriers between the physical and information world are disappearing and contactless identifiers promise great benefits for their users. Identifiers can be read at high speeds and low cost without human intervention.The convergence of technologies causes an increased number of players to rely on identifiers that are reused in multiple domains and contexts. The result is that the user loses control over their identifiers, and security and privacy vulnerabilities affect the value of the identifiers to applications. In this paper, we describe what we mean by identifier security, and discuss the options available to the system designer to mitigate the security and privacy risks. We remark on the lack of a common regulatory framework for the control of identifiers, and suggest that technology should be used to provide the first and best layer of defence.