Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.
-
Upload
antonia-stevenson -
Category
Documents
-
view
212 -
download
0
Transcript of Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.
![Page 1: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/1.jpg)
Technical Issues in Library RFID Privacy
David Molnar
UC-Berkeley
Computer Science
![Page 2: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/2.jpg)
What are we worried about?
• RFID new technology– Law of “unintended consequences”
• Read tags through backpacks, briefcases• Can we track books?
– “track” = link sightings of same book
• Can we figure out what you’re reading?• Who “we” is depends
– FBI, marketers, teenagers, college students, pick your favorite
![Page 3: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/3.jpg)
How RFID Works
• Radio Frequency IDentification• Passive tags – no power source• Tag carries small amount of data
– May be read-only or limited read/write
• RFID reader powers tag, extracts data via radio
Power
Stored data
![Page 4: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/4.jpg)
Two Main Questions
• How to read tags?
• What is on the tag?
![Page 5: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/5.jpg)
How to read tags?
• Need an RFID reader– Standardization not privacy issue in long term
• Read range for 13.56Mhz tags low
• Ubiquity of readers bigger problem!– Reader at door of every Starbucks?
• Blocking tag signals, “kill”, not sufficient
• “Security Bit” does not prevent tag read
• Read passwords?
![Page 6: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/6.jpg)
What is on the tag?
• Varies by vendor and library decision• Library bar code
– Unique, static ID can track book– Need library database to learn title/author
• Unless see book later, learn bar code/title map
• Some vendors suggest more info“The Lib~Chip stores data such as type of
material, title, author, bar code and serial number, shelf location, last borrowed date, and last returned date.” – Libramation site
![Page 7: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/7.jpg)
“Encrypting” Tag Data
• Several meanings to “encrypting” data– Proprietary encoding, not different per library
• Buy reader from company or secondary market• Eventually reverse engineered
– Encrypting bar code with per-library key• Does not currently exist• Non-library readers can’t understand data• Still leads to static data can track book
![Page 8: Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.](https://reader035.fdocuments.us/reader035/viewer/2022072010/56649dab5503460f94a9a3bf/html5/thumbnails/8.jpg)
Bottom Line
• Reading static ID is privacy risk– Risk will grow as readers become cheaper,
more available, more common
• Minimize data on tag– No title, no author, etc. on tag– Protect bibliographic database!
• Privacy depends on choices in deployment