Patent Application
20080129447
This application claims the benefit of Korean Patent Application No. 10-2006-0121815, filed on Dec. 4, 2006, in the Korean Intellectual Property Office, the disclosure of which is incorporated herein in its entirety by reference.
1. Field of the Invention
The present invention relates to an electronic tag for protecting privacy in a radio frequency identification (RFID) technique and a method of protecting privacy using the same, and more particularly, to an electronic tag for protecting the privacy of a user and protecting RFID tag data against being traced and exposed by controlling access of an RFID reader to the RFID tag and authenticating the RFID reader.
2. Description of the Related Art
Radio frequency identification (RFID) is a technique which serves to read and trace an object including a chip. The chip is obtained by inserting identification information into a subminiature semiconductor using a radio frequency.
RFID serves to manage information by attaching an RFID tag to a desired object or place, sensing all the information of the surroundings of the RFID tag on the basis of recognition information of the desired object or place, and transmitting the information to a network in real time.
In a communication network using RFID, first, RFID that provides recognition information is developed. Then a sensing function is added thereto, and a Ubiquitous Sensor Network (USN) type network is developed therebetween.
That is, when RFID is introduced into a circulation system and a physical distribution system, information stored in RFID tags, which are attached to products by a manufacturer, automatically informs workers which vehicle the products are to be loaded into, when the products are taken out of the warehouse.
When the products to which the RFID tags are attached arrive by vehicle, the management system recognizes the products to which RFID tags are attached, and thus the management system can automatically check the product items and number of product items and deliver the products. Through the aforementioned process, when a buyer buys a product at a store, it is possible to automatically recognize the amount of stock corresponding to the amount of stock bought by the buyer.
After a user buys a product, when the product belonging to the user experiences a fault, a fault diagnosis and the time at which the fault occurred are searched for, and the user may be previously informed of a replacement product. In other words a tailored, on-demand service is provided to the user.
In addition, the user is informed that the product is genuine. Since the user can also check the steps in the supply chain of the product, it is possible to improve service quality.
However, in an automated environment in which information is easily obtained, serious problems in security may occur. When the RFID tag is used, privacy of the user, such as location information on the product to which the RFID tag is attached and buying history, is seriously threatened.
For example, it is possible to easily reveal information corresponding to privacy such as information on a place where the product is sold, other products which are bought by the buyer who buys the product, and a place where the product is used.
The ID of the RFID tag is easily identified and the tag responds to the reader automatically and unconsciously. Thus, security is seriously threatened in the automated RFID/USN environment in which information is easily obtained.
In particular, since the RFID reader can read a code value stored in the passive type RFID tag (for example, ISO/IEC 18000-6 Type C tag) at any time without limitation, privacy invasion such as tracing of product information and location information through the RFID tag code easily occurs. In addition, the tags have been easily counterfeited or altered.
However, it is difficult to employ existing information protection techniques due to limited resources such as the capacity of an embedded memory used for RFID. Furthermore, it is expected that attacks widely occur with respect to various objects instead of with respect to each person.
In the USN environment, objects to be attacked include total personal information such as information on objects and information on a user's body in addition to information stored in a computer or communication information. The attack range includes all the personal spaces in addition to a personal computer.
Since the range of damage caused by attacks can be easily extended, and attacks are easy to execute due to the USN environment, there is a great need for a method of solving the problem of personal privacy invasion. Personal privacy guidelines have already been defined.
Other than the aforementioned method, there is provided a method of suppressing recycling of the RFID tag by preventing RFID readers from accessing data. In this method, a kill command is used after buying a product to which an RFID tag is attached to prevent readers from accessing data. However, the method departs from the spirit of providing convenience to a user by applying the electronic tags to the industries.
Accordingly, in the field in which the electronic tag including RFID is currently used, there is no basic solution other than legal or legislative systems for protecting personal privacy. Thus, there is a problem that the unsafe situation will worsen.
In order to solve the problem of privacy invasion in an RFID tag, the object of the present invention is to protect RFID tag data and privacy by allowing the RFID tag to transmit a code value stored therein to only an authorized RFID reader.
According to an aspect of the present invention, there is provided an electronic tag for transmitting information stored therein as a signal in a predetermined frequency band, the electronic tag comprising a privacy flag having a predetermined bit string value which is used to allow the information stored in the electronic tag to be accessed when the electronic tag receives a predetermined access password and the received password matches a previously stored password.
According to another aspect of the present invention, there is provided an electronic tag, which transmits information stored therein as a signal in a predetermined frequency band, comprising: an authentication parameter which is used to determine whether authority to access information stored in the electronic tag exists; and an authentication password which corresponds to the authentication parameter.
According to another aspect of the present invention, there is provided a method of protecting privacy using an electronic tag, the method comprising: (a) setting a privacy flag including a predetermined bit string value for allowing the information stored in the electronic tag to be accessed according to a received predetermined command; (b) determining whether authority to access the information stored in the electronic tag exists; and (c) transmitting the information stored in the electronic tag.
According to another aspect of the present invention, there is provided a method of protecting privacy using an electronic tag which transmits information stored therein as a signal in a predetermined frequency bandwidth, the method comprising: setting an authentication parameter, which is used to determine whether authority to access, and an authentication password, which corresponds to the authentication parameter; determining whether the authority to access the information stored in the electronic tag exists by examining whether a received authentication password value matches the set authentication password value; and transmitting the information stored in the electronic tag.
The above and other features and advantages of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings in which:
Now, preferred embodiments of the present invention will be described in detail with reference to the attached drawings.
Mobile RFID serves to provide various services through a mobile communication network by using a small RFID reader mounted on a mobile phone or the like, when the mobile phone reads an RFID tag.
The mobile phone on which the RFID reader is mounted reads an attached tag for a mobile RFID service, requests an object directory service (ODS) server, which includes mapping information of a tag ID and a uniform resource locator (URL), to provide the URL of content by using information on the tag.
The ODS server returns the URL of the content. The mobile phone requests the content server of the content to provide the content using the returned URL.
The memory of the TYPE C tag is divided into four physical blocks.
Bank 11 indicates an application data region. Bank 10 indicates a tag ID region.
Bank 01 indicates an ID region of an item. The Bank 01 is stored as a Unique Item Identifier (UII) code.
Bank 00 is a reserved region. A kill password serves to perform a permanent stop function. An access password serves to perform a lock function.
The method of protecting privacy according to an embodiment of the present invention adds a privacy tag so as to allow only an authorized RFID reader to access the RFID tag and reads the code stored therein.
When the privacy flag is added, there exists a Private state in a process of recognizing a tag unlike a process used to recognize an existing passive type RFID tag (for example, ISO/IEC 18000-6 Type C tag) (
In the method of protecting privacy by adding a privacy flag according to an embodiment of the present invention, the privacy flag is added to the tag, and to commands for setting and canceling the privacy flag in the reader.
Commands for setting and canceling the privacy flag have to be executed by using the access password when the tag is in a secured state.
(a) and (b) of
(a) of
(1) The RFID reader transmits an inventory command (Query, QueryAdjust, and QueryRep) to the tag in a Ready state.
(2) When a slot-counter value of the tag is 0(RN16), the state of the tag changes from an Arbitrate state to a Reply state. When the slot-counter value is not 0, the tag waits for the QueryAdjust or QueryRep command of the reader.
(3) The RFID reader recognizes the tag as a random number value received in (2).
(4) The tag transmits a Protocol control (PC), a UII, and a CRC-16 to the reader. The state of the tag changes from the Reply state to an Acknowledged state.
(5) The RFID reader transmits a command Req_RN for requesting the tag to provide a new RN16 value in (2) to the tag.
(6) The tag transmits ‘handle’ in response to the request Req_RN of the reader. The state of the tag changes from the Acknowledged state to the Open or Secured state.
(7) The reader accesses the tag using ‘handle’ as a parameter.
(b) of
(1) The RFID reader transmits an inventory command (Query, QueryAdjust, and QueryRep) to the tag in a Ready state.
(2) When a slot-counter value of the tag is 0(RN16), the state of the tag changes from an Arbitrate state to a Reply state. When the slot-counter value is not 0, the tag waits for the QueryAdjust or QueryRep command of the reader.
(3) The RFID reader recognizes the tag as a random number value received in (2).
(4) The tag in which the privacy flag is set transmits a value such as the RN16 value in (2). The state of the tag changes from the Reply state to the Private state.
(5) The RFID reader transmits a command Req_RN for requesting the tag to provide a new RN16 value in (2) to the tag.
(6) The tag transmits ‘handle’ in response to the Req_RN request of the reader. The tag state changes from the Private state to the Open state (when the privacy flag is set, the access password is required).
(7) The reader accesses the tag using ‘handle’ as a parameter. The reader allows the state of the tag to change to the Secured state using the access password and reads the PC, UII, and CRC-16 values of the tag in response to a command for reading the tag.
When the privacy flag according to an embodiment of the present invention is set, a random value (RN16) instead of the PC, the UII, and the CRC-16 is transmitted to the RFID reader with respect to the inventory protocol (the process of (4) of (b) of
When the privacy flag is not set, the PC, the UII, and the CRC-16 are transmitted to the reader with respect to the inventory protocol (the process of (4) of ISO 18000-6 TYPE C of (a) of
In order to use the privacy flag, write functions of a UII memory, a TID memory, and a user memory ((a) of
When the privacy flag is not set as shown in (a) of
However, when the privacy flag according to an embodiment of the present invention is set as shown in (b) of
(1) An RFID reader transmits an inventory command (Query, QueryAdjust, and QueryRep) to a tag in a Ready state.
(2) When a slot-counter value of the tag is 0(RN16), the state of the tag changes from an Arbitrate state to a Reply state. When the slot-counter value is not 0, the tag waits for the QueryAdjust or QueryRep command of the reader.
(3) The RFID reader recognizes the tag as a random number value received in (2).
(4) The tag including an authentication password transmits a value obtained by performing an XOR operation with respect to a value corresponding to the authentication password and the RN16 value to the reader. The state of the tag changes from the Reply state to an Authentication state.
(5) The RFID reader transmits a command Req_RN for requesting the tag to provide a new RN16 value to the tag.
(6) The tag transmits the new RN16 value in response to the request Req_RN of the reader.
(7) The reader, which analyzes the authentication parameter, performs an operation (an XOR operation in the embodiment of
(8) The RFID reader transmits a command Req_RN for requesting the tag to provide a new RN16 value to the tag.
(9) The tag transmits the new RN value in response to the request Req_RN of the reader.
(10) The reader performs an operation (an XOR operation in the embodiment of
(11) The tag verifies the top 16 bits and the bottom 16 bits of the received authentication password by using the authentication password of the tag. When the verification is successful, the PC, the UII, and the CRC-16 are transmitted to the reader. The state of the tag changes from the Authentication state to an Acknowledged state. When the verification fails, the tag does not respond to the reader, and the state of the tag returns to the Arbitrate state from the Authentication state.
The tag inventory process may include an authentication process as shown in
The RFID reader recognizes the authentication password with respect to the corresponding tag through the authentication parameter (Auth Param of
In order to protect privacy through the authentication process according to an embodiment of the present invention, as shown in
When an authentication password is not included, as shown in (a) of
However, when the authentication password according to an embodiment of the present invention is included as shown in (b) of
A process of recognizing an electronic tag depends on whether the privacy flag is set or not (S910).
When the privacy flag is set, the electronic tag requests an access password to an RFID reader by passing through the Private state of
When the privacy flag is not set, the electronic tag transmits a UII value in the Acknowledged state of
The electronic tag transmits stored information, when the electronic tag is in a Secured state (S940).
The electronic tag cancels setting of the privacy flag depending on whether the electronic tag in the Secured state receives a command for canceling the privacy flag from the reader (S950 and S960).
When the privacy flag is not set, the electronic tag transmits the UII value to all types of readers. Accordingly, privacy is not protected.
A process of recognizing an electronic tag depends on whether an authentication parameter and an authentication password are set or not (S1010).
When the authentication parameter and the authentication password are set, the electronic tag requests the authentication password (top 16 bits and bottom 16 bits) to be provided during the process of recognizing the electronic tag ((5) of
When the authentication parameter and the authentication password are not set, the electronic tag transmits a UII value in the Acknowledged state of
The electronic tag transmits stored information when the electronic tag is in a Secured state (S1040).
As described above, it is possible to protect tag data and privacy by allowing the RFID tag to transmit information to only the authorized RFID reader by using a device and a method of protecting privacy in RFID according to an embodiment of the present invention.
The invention can also be embodied as computer readable codes on a computer readable recording medium. The computer readable recording medium is any data storage device that can store data which can be thereafter read by a computer system. Examples of the computer readable recording medium include read-only memory (ROM), random-access memory (RAM), CD-ROMs, magnetic tapes, floppy disks, optical data storage devices, and carrier waves (such as data transmission through the Internet). The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. The exemplary embodiments should be considered in descriptive sense only and not for purposes of limitation. Therefore, the scope of the invention is defined not by the detailed description of the invention but by the appended claims, and all differences within the scope will be construed as being included in the present invention.
| Number | Date | Country | Kind |
|---|---|---|---|
| 10-2006-0121815 | Dec 2006 | KR | national |
