IoT
Business & Finance
News
4/27/2007
03:22 PM
50%
50%

NIST Issues Security Recommendations For RFID

Federal agency guidelines help "smart tag" users evaluate and reduce potential security and privacy risks.

The National Institute of Standards and Technology (NIST) has issued guidelines for radio-frequency identification (RFID).

NIST's report on RFID security was released Thursday as it urges everyone using the technology to evaluate security and privacy risks and use best practices to mitigate them. The institute said it released the report to meet some of its responsibilities under the Federal Information and Security Management Act of 2002, which requires federal agencies to secure information technology systems.

NIST also said the report is likely to benefit other types of organizations as well.

"The goal of our report is to give organizations practical ways in a structured format with checklists and specific recommendations to address potential RFID security risks," lead author Tom Karygiannis of NIST said in a prepared statement.

The document focuses on asset management, tracking, matching and supply chain uses. It recommends the use of firewalls to separate RFID databases from other IT systems and databases. NIST also urges users to encrypt radio signals, authenticate approved users, and block tag signals with metal shields to prevent unauthorized skimming of information. The report states that auditing, logging, and time-stamping should be used to detect security breaches and it urges users to establish tag disposal and recycling procedures for disabling the devices and destroying data.

"RFID tags, commonly referred to as smart tags, have the ability to improve logistics, profoundly change cost structures for business, and improve the current levels of safety and authenticity of the international pharmaceutical supply chain and many other industries," Undersecretary of Commerce for Technology Robert C. Cresanti said in a prepared statement. "This important report lays the foundation for addressing potential RFID security risks so that a thoughtful enterprise can launch a smart tag program with confidence."

The 115-page report covers several aspects of RFID technology, including applications, requirements, middleware, networks, economics, environment, and durability.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of July 24, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.