Information Technology Reference
In-Depth Information
adjacent memory. The greatest danger is that an attacker intentionally producing an
overflow can execute arbitrary code. Although the majority of compilers, navigators
and systems are already protected against these attacks, an example of overflow in an
RFID system is presented in [12]. In this case, the previous filtering of the security
module through the confirmation of the validity of the signature meant that the mali-
cious data did not pass to the system. Special care should also be taken in the pro-
gramming, and it should be ensured that only the areas of the memory where there are
data should be read.
RFID worms exploit system faults to introduce malicious code into the reader that
overwrites the tags with a code that causes the infection of a new reader and so on.
Again, the previous checking of the signatures will obstruct the propagation of the
infection through the tags, but the security of the system should be audited to find out
how the reader has been infected (probably via the network). In this case, it is impor-
tant to emphasise again the importance of an appropriate security policy for all the
systems involved in the process.
The first RFID virus was presented and explained at length in [12]. It carries out an
SQL code injection when the tag is read, copying the instructions of the injection in
the database so that when a new tag is written it becomes infected and also propagates
the virus. From this initial idea, it is possible to programme payloads to cause more
dangerous effects.
Even if dealing with a virus with the improvements described, applying the basic
general norms such as limiting the permissions for the database and the number of
users, isolating the middleware server from the rest of the network and reviewing the
middleware code to avoid security gaps [32], [33], we can count on a high degree of
protection against these threats (at least at the moment). Also, the implementation of
the “security module” enables the propagation of the virus through the tags to be
limited, given that the data will not be processed by the information system.
4.4 Strategic Layer
Of the risks cited (industrial espionage, social engineering, threats to privacy, target-
ing of objects), we could only be affected to some extent by the possibility that
through social engineering techniques some person, in some position of privilege,
could perform an action that might compromise the security of the system. The coun-
termeasures proposed are appropriate training of personnel and implementing a gen-
eral security policy, as well as the impossibility of users having direct access to the
private keys of the devices. In other words, when a legitimate user starts a session, the
authenticity of the user should be verified for the system, after which the system will
be responsible to carry out the calculations, without the user having direct access to
the private key used in the operation.
4.5 Multilayer Attacks
We consider that attacks that could affect our system are: denial of service, reading /
writing of information in the free space of the tag without the knowledge of the user,
and relay attacks. The others do not affect us since privacy is not an issue.
Search WWH ::
Custom Search