Eyad Abdullah Bogari, P. Zavarsky, Dale Lindskog, Ron Ruhl
{"title":"RFID护照发展过程中的安全弱点分析","authors":"Eyad Abdullah Bogari, P. Zavarsky, Dale Lindskog, Ron Ruhl","doi":"10.1504/IJITST.2012.054060","DOIUrl":null,"url":null,"abstract":"Since the introduction of Radio Frequency Identification (RFID) Enabled Passports, the system have been plagued with various vulnerability issues that prove to compromise the E-passport security. To date, three generations of E-passports have been introduced by the International Civil Aviation Organization (ICAO) and the European Union (EU). The first two generations of E-passports are being issued worldwide. This paper presents the evolution of these passports over the years to develop taxonomy of the weaknesses and to serve as a reference point detailing security vulnerabilities linked to the RFID E-passport features in the first and second E-passport generations. The findings can also assist in profiling possible attack vectors on the existing RFID enabled passports and in developing comprehensive RFID E-passport risk mitigation strategies. To illustrate the importance of a comprehensive risk strategy when using RFID E-passport, the attack process modeling method is used to highlight the possible attacks and weaknesses which could result from not using one or more security features.","PeriodicalId":216307,"journal":{"name":"World Congress on Internet Security (WorldCIS-2012)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"An analysis of security weaknesses in the evolution of RFID enabled passport\",\"authors\":\"Eyad Abdullah Bogari, P. Zavarsky, Dale Lindskog, Ron Ruhl\",\"doi\":\"10.1504/IJITST.2012.054060\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since the introduction of Radio Frequency Identification (RFID) Enabled Passports, the system have been plagued with various vulnerability issues that prove to compromise the E-passport security. To date, three generations of E-passports have been introduced by the International Civil Aviation Organization (ICAO) and the European Union (EU). The first two generations of E-passports are being issued worldwide. This paper presents the evolution of these passports over the years to develop taxonomy of the weaknesses and to serve as a reference point detailing security vulnerabilities linked to the RFID E-passport features in the first and second E-passport generations. The findings can also assist in profiling possible attack vectors on the existing RFID enabled passports and in developing comprehensive RFID E-passport risk mitigation strategies. To illustrate the importance of a comprehensive risk strategy when using RFID E-passport, the attack process modeling method is used to highlight the possible attacks and weaknesses which could result from not using one or more security features.\",\"PeriodicalId\":216307,\"journal\":{\"name\":\"World Congress on Internet Security (WorldCIS-2012)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"World Congress on Internet Security (WorldCIS-2012)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJITST.2012.054060\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"World Congress on Internet Security (WorldCIS-2012)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJITST.2012.054060","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An analysis of security weaknesses in the evolution of RFID enabled passport
Since the introduction of Radio Frequency Identification (RFID) Enabled Passports, the system have been plagued with various vulnerability issues that prove to compromise the E-passport security. To date, three generations of E-passports have been introduced by the International Civil Aviation Organization (ICAO) and the European Union (EU). The first two generations of E-passports are being issued worldwide. This paper presents the evolution of these passports over the years to develop taxonomy of the weaknesses and to serve as a reference point detailing security vulnerabilities linked to the RFID E-passport features in the first and second E-passport generations. The findings can also assist in profiling possible attack vectors on the existing RFID enabled passports and in developing comprehensive RFID E-passport risk mitigation strategies. To illustrate the importance of a comprehensive risk strategy when using RFID E-passport, the attack process modeling method is used to highlight the possible attacks and weaknesses which could result from not using one or more security features.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
