Information Technology Reference
In-Depth Information
data as weight or identification number that looks at first glance, it is easy check that
the weight has changed or the number does not match or is repeated. For more infor-
mation about avoiding tag cloning recommended reading [19], [23-28] and [29-31]
about detecting it.
4.2 Network and Transport Layer
There is no encrypted data in the tag, so there would be no problem if someone read
the content of the card with a legitimate reader. Similarly, if a fraudulent reader wrote
a tag, this would be detected at the next checkpoint since it would not be able to pro-
vide a valid signature.
4.3 Application Layer
As mentioned in the previous point, there is no problem about unauthorized readings
as all the information is plaintext and, as it has also been pointed out, modification of
the data is automatically detected by the security module.
Although the risk classification we are using deals only with buffer overflows and
malicious code injection, it is also possible to speak in general terms about malware
specifically designed to attack RFID systems [12], i.e. software designed to cause
damage in the systems. There are three main types of malware: RFID exploits, RFID
worms and RFID viruses [12].
Starting with the main threats, the greatest danger of the exploits in RFID is
precisely that they are frequently unexpected and their processing can exploit vulner-
abilities both in the RFID system and in the information system itself or the entire
network. Normally these attacks are aimed at specific components of the system, such
as databases, web interfaces or APIs managing readers. One of the simplest attacks
would be the injection of SQL commands such as shutdown or drop table that cause
serious damage to the system (switching off or deleting tables) or even data theft. For
example, some databases such as Microsoft SQL Server allow administrators to exe-
cute system commands, so that if the database is functioning as root all the system can
be jeopardised. The use of aggregate signatures guarantees that data have been input
by authorised entities, so that if the signature is not correct data is not passed to the
information system, and the security module discards the data and therefore does not
execute the command.
Another type of attack within the exploits category would be the insertion of code.
If the RFID applications use web protocols to consult the database, it is very likely
that clients will be able to interpret scripts, in which case they could be vulnerable to
this type of attack in the same way as web navigators but with a higher degree of
danger given that navigators normally have limited access to the host. To prevent this,
and as the cited codes habitually use non alphanumeric characters, a first measure is
the system cannot process any input that has any element of this kind. Additionally, as
in the previous case, the security module will filter the data reaching the information
system. If possible it would be advantageous not to allow the execution of script lan-
guages in the back-end system.
No less dangerous is a buffer overflow [1] that occurs when an area of the memory
writes more data than it can contain, and these extra data overwrites areas of the
Search WWH ::
Custom Search