]> 2006-02-22T10:30:00-05:00 2006-02-22T12:00:00-05:00 We develop a scheme to ensure that an RFID tagged item will reveal sensitive data to only an authorized agency. We develop a cost-effective security solution using common passive RFID tags and an agent for validation. We propose a novel method by which a tag can enforce validation/authentication by storing code (or a code fragment) on it. This code would be executed in a sand-box within the environment of an agent or a reader. Certificates would be used to verify the authenticity of the interacting entities. A reader would be granted varying level of access based on its capability certificates by the agent.

We target a scenario in which we protect the identity of specific goods being transported in a consignment of goods using a special RFID tag (or reader) which would act as a sentinel. The tag identifiers are of local significance, and can be decoded by the sentinel. The sentinel has state information and has code (or keys) for partial authentication, and directs the reader to the agent. The reader then contacts the agent to get access to the tag data, using its capability certificates.

This scheme leverages the existing technologies to provide an effective privacy protection mechanism for RFID tags. ]]>