Is RFID Secure Enough For Government Use? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
Commentary
3/7/2006
09:20 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Is RFID Secure Enough For Government Use?

With RFID use in the military going through the roof, I have to wonder about the security ramifications of a technology that hasn't yet been put through its full paces.

I truly don't know the answer to this question, but am raising it because I'm concerned. The Department of Defense is already making heavy-duty use of RFID in many different contexts, and even broader use is planned as the technology is integrated with satellites and GPS to be able to track items around the globe in real-time.

Increased reliance on any technology, however, should bring with it an accompanying raft of questions about security, especially in the defense context. Some observers are, for instance, questioning what happens if RFID and other technologies used in our ports and in the battlefield should fall into the wrong hands.

A panel at the RFID World trade show last week explored other security and privacy issues. In one case, a panelist said, wireless technology in a retail store transferred customer data unencrypted from the cash registers to the back-office computer system, so thieves could sit in the nearby coffee shop with a laptop, pick up transmissions and write down credit card numbers.

Could you imagine the potential national-security ramifications of something like this? What would prevent enemy combatants or would-be terrorists from doing something similar from a van parked near the Port of Newark (NJ), say? Once they know what weapons we're shipping and where, they could do their best to disrupt those operations.

Another problem was recently raised by a cryptographer who says that the rush to get RFID tags down to five cents each has led to nonexistent security as manufacturers rush to cut costs. In fact, the researcher used a directional antenna and digital oscilloscope to monitor power use by RFID tags while they were being read. Patterns in power use could be analyzed to determine when the tag received correct and incorrect password bits, he said.

Meanwhile, RFID use in the military continues to rise. The Army's been using RFID for at least a decade. In 2001, approximately 85% of equipment and other supplies from the Defense Logistics Agency going to support our troops in Afghanistan's "Operation Enduring Freedom" were RFID-tagged. (This is according to a recent article in Army Logistician.)

Since March of 2005, according to "Defense Business Transformation," the Marines have been using RFID for all materiel bound for combat units.

Not to be outdone, the Air Force is using RFID to track expensive gyroscopes moving around its repair facility at the Robins Air Force Base.

More broadly, the Department of Defense is planning on using RFID to share information among 23 different countries. Also, some police departments are planning on using RFID-implanted badges, and pending legislation is pushing RFID as a means to curb drug counterfeiting.

This seems like an awful lot to be putting on a technology that, while it has a lot of benefit if used correctly, is still not in widespread use quite yet. (Outside of Wal-Mart, other large chains and their suppliers, of course.) I understand that security is only as good as the effort you put into it, and that's as true for RFID as it is for any other technology. But I wonder if we're jumping into something here before we completely understand its full ramifications.

What do you think? Weigh in below with your comments.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Commentary
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll