Securing RFID systems from SQLIA

Fernando, Harinda and Abawajy, Jemal 2011, Securing RFID systems from SQLIA, in Algorithms and architectures for parallel processing, Springer-Verlag, Berlin, Germany, pp.245-254.

Attached Files
Name Description MIMEType Size Downloads

Title Securing RFID systems from SQLIA
Author(s) Fernando, Harinda
Abawajy, Jemal
Title of book Algorithms and architectures for parallel processing
Editor(s) Xiang, Yang
Cuzzocrea, Alfredo
Hobbs, Michael
Zhou, Wanlei
Publication date 2011
Series Lecture notes in computer science; v. 7017
Chapter number 24
Total chapters 38
Start page 245
End page 254
Total pages 10
Publisher Springer-Verlag
Place of Publication Berlin, Germany
Keyword(s) SQL
RFID systems
web systems
Summary While SQL injection attacks have been plaguing web applications for years the threat they pose to RFID systems have only identified recently. Because the architecture of web systems and RFID systems differ considerably the prevention and detection techniques proposed for web applications are not suitable for RFID systems. In this paper we propose a system to secure RFID systems against tag based SQLIA. Our system is optimized for the architecture of RFID systems and consists of a query structure matching technique and tag data cleaning technique. The novelty of the proposed system is that it's specifically aimed at RFID systems and has the ability to detect and prevent second order injections which is a problem most current solutions haven't addressed. The preliminary evaluation of our query matching technique is very promising showing very high detection rate with minimal false positives.
Notes Proceedings, Part II of the 11th International Conference, ICA3PP 2011, Melbourne, Australia, October 24-26, 2011.
ISBN 9783642246494
ISSN 0302-9743
1611-3349
Language eng
Field of Research 080501 Distributed and Grid Systems
Socio Economic Objective 890103 Mobile Data Networks and Services
HERDC Research category B1 Book chapter
Copyright notice ©2011, Springer-Verlag Berlin
Persistent URL http://hdl.handle.net/10536/DRO/DU:30043145

Document type: Book Chapter
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 85 Abstract Views, 7 File Downloads  -  Detailed Statistics
Created: Tue, 13 Mar 2012, 09:47:47 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.