SCARA: a framework for secure cloud-assisted RFID authentication for smart building access control
Version 2 2024-06-06, 12:12Version 2 2024-06-06, 12:12
Version 1 2019-03-16, 00:38Version 1 2019-03-16, 00:38
conference contribution
posted on 2024-06-06, 12:12authored byAR Al-Sudani, W Zhou, S Wen, A Al-Mansoori
Managing security in an RFID system is a complex activity considering that it is imperatively challenging to implement trust among tags and readers. There is always the chance that an unauthorized individual might assume the identity of a trusted tag and manage to gain confidential data in an RFID system. The situation becomes worse in systems that use a backend server and a private Internet connection. In such a system, there is no comprehensive mechanism for authenticating a tag into the system. It is thus essential to consider the implementation of a robust framework that improves the trust and the authentication levels in an RFID system. In this paper, a system known as Secure Cloud-Assisted RFID Authentication (SCARA) is proposed, which uses cloud-assisted RFID authentication to reap benefits of cloud-like scalability, availability and fault tolerance. It has three parties such as a cloud server, RFID reader and issuer involved. Issuer provides system parameters to other parties through a secure channel. Server and RFID reader are included in the authentication process with the help of information obtained from the issuer. The proposed system is secure even if the private keys associated with server and RFID tag are compromised. It does mean that it can prevent server-side insider attack in addition to external attacks. Amazon EC2 is used to have experiments. We built a prototype application to demonstrate proof of the concept. The empirical results revealed that the proposed system is able to withstand various kinds of attacks and provides a more efficient solution with less overhead.