A Practical Security Solution for Real-Time Location Systems

Abstract The need for implementing adequate security services in industrial applications is increasing. Verifying the physical proximity or location of a device has become an important security service in ad-hoc wireless environments. Distance-bounding is a prominent secure neighbor detection method that cryptographically determines an upper bound for the physical distance between two communicating parties based on the roundtrip time of cryptographic challenge-response pairs. This paper gives a brief overview of distance-bounding protocols and discusses the possibility of implementing such protocols within industrial RFID and real-time location applications, which requires an emphasis on aspects such as reliability and real-time communication. The practical resource requirements and performance tradeoffs involved are illustrated using a sample of distance-bounding proposals, and some remaining research challenges with regards to practical implementation are discussed.

EXISTING SYSTEM This assumption is based on the fact that these devices are within communication range and that communication range is location limited, which implicitly proves physical proximity. In a hostile environment, this assumption no longer holds as a fraudulent device can manipulate the communication range and pretend to be a neighbor. As a result, a device might interact with a fraudulent device pretending to be its neighbor, placing it in a privileged position from where it could adversely affect the intended services. The assumption is therefore made that, if a reader manages to communicate with a tag, then the location of the tags in close physical proximity to the location of the reader. Suppose a fraudulent party removed a valuable asset and replaced it with an inexpensive radio transceiver that simply relays the commands from an RFID reader to the real tag embedded in the asset and then forward the real tags response back to the reader. In this case, the reader will still consider the asset to be in close proximity, as there is still an entity that appears exactly the same as the real tag from a communication perspective. Disadvantages This scenario, discusses further has been practically demonstrated against real-world RFID systems. The secure verification of a devicess location relative to another device, so-called secure neighbor detection, is therefore crucial to the secure and reliable operation of industrial real-time location applications. The RFID environment, it can be used to cryptographically prove the proximity of a RFID token to a reader, while in RTLSs its ability to verify the physical proximity of an item makes it a key building block in secure localization methods.

PROPOSED SYSTEM The propagation speed of sound is much slower than that of radiowaves.As a result, an attacker can intercept the U.S. communication and forward it over a faster radio or optical communication medium to an accomplice closer to the verifier or prover, thereby reducing the time measurement and decreasing the distance estimate. RF channels are therefore proposed as the channel of choice for implementing distance- bounding systems. The basic idea is to execute a challenge-response authentication protocol under a very tight time-out constraint, which was a concept first proposed The implementation of distance-bounding protocols can differ in a number of ways. As a result, characteristics like attack resistance, resource requirements and execution time varies for each protocol. the setup and verification stages can be transmitted via robust communication channels. However, taking into account the channel constraints, it is likely that bit errors will occur during the exchange stage. Without sufficient error-handling the protocol will fail, and it will either require that the protocol executes again or cause the disruption of subsequent services. These scenarios are not acceptable in systems delivering critical services, often with associated real-time constraints. Advantages The precipitation protocols, with no verification stage, without any modification, other protocol designs can also implement the threshold method, as long as the challenge bits received by the prover and the response bits sent by the prover are transmitted over an error-corrected channel during the verification stage. The main factors influencing execution time is the transmission time, i.e., the time required to transmit data, and the processing time. The Protocol proposals often do not consider all three main attacks to have equal priority. The majority of the protocols do not address terrorist fraud, although this is to be expected since this attack is impossible to prevent.

System Configuration

H/W System Configuration:Processor Intel core2 Duo Speed - 2.93 Ghz RAM 2GB RAM Hard Disk - 500 GB Key Board - Standard Windows Keyboard Mouse - Two or Three Button Mouse Monitor LED

S/W System Configuration:Operating System: XP and windows 7 Front End: Cygwin

Module Description Secure Neighbor Detection These nodes must also have synchronized clocks to ensure that a transmission was made to multiple reference nodes at the same time from the same location. Time synchronization to the accuracy required for distance estimation is a challenge in wireless networks. To determine the distance to another node would also require the node to be covered by at least two reference nodes. This limits the topology and the connection structures to a network cloud, where all nodes are covered by multiple reference nodes, which does not allow for the point-to-point connection between a RFID reader and tag. Distance-Bounding Protocols The verifier requires a reliable and secure estimate of the distance to the prover; distancebounding protocols should be integrated into the underlying communication channel. The security of the protocol therefore not only depends on the cryptographic mechanisms but also on the physical attributes of the communication channel that are used to measure proximity. This section starts by explaining the need for distance bounding. Distance-estimation methods are

discussed next, followed by protocol design aspects. This section serves only to introduce the basic principles of distance bounding. For a more formal analysis framework and extended overview of these protocols, the reader could refer. Industrial RFID A nodes physical proximity to another node is crucial to the secure and reliable operation of industrial RFID and RTLS applications. Here, we discuss the attacks addressed by distance bounding and demonstrates the threats posed by these attacks by means of providing practical examples of security issues that can arise in RFID and RTLS applications. It is also shown that basic security services such as authentication and confidentiality do not sufficiently address these threats.

Mafia fraud These proxies simply relay all communication between and , thereby creating an extended the communication link between them. If the verifier operates on the plain assumption that prover is in close proximity if it can successfully be reached for communication, and then that attacker succeeds in convincing the verifier that the prover is in close proximity. Conventional security services cannot prevent this attack as the proxies do not need to decrypt or encrypt communication, they forward on data as is, nor do the proxies need to authentication themselves to the prover and verifier, as they are effectively a transparent communication link.

Timed authentication protocols The simplest form of ToF-based distance bounding, with the verifier timing normal, authenticated data exchanges. The basic idea is to execute a challenge-response authentication protocol under a very tight time-out constraint, which was a concept first, proposed.

Reliability ` The Industrial applications are required to be reliable, and any related protocols need to

be suitably robust to operate in harsh environments. It should be noted that all of the protocols evaluated in this section require the transmission of a single data symbol during the timed exchange stage. The reason behind this choice is that conventional communication channels introduce latency at the physical demodulation and decoding, and packet framing bits, layers.

Flow Diagram

CONCLUSION The reliability of industrial applications is crucial and the need for adequate security measures is increasing. Verifying the physical proximity or location of a device is becoming an important security requirement in industrial applications relying RTLS and RFID technology. Distance-bounding provides cryptographic assurance as to the upper bound for the physical distance between two communicating parties, without requiring additional device

characterization or information from third parties. As a result, this method is adaptable to provide SND services in a variety of communication architectures, including point-to-point device communication in proximity identification systems, such as RFID-enabled supply chains or a RTLS with multiple reference nodes. The evaluation of a sample set of distance-bounding protocol proposals, using industry-standardized cryptographic algorithms, showed that the practical requirements with regard to hardware cost, energy efficiency, and execution time are reasonable for industrial implementation. By choosing an appropriate protocol and adjusting the number of exchanged challenge- responses these requirements can be optimized to suit all but the most restricted devices and applications. The attack success probability of the sample

proposals are relatively low and resistance to communication errors are already built in. The underlying channel implementation also affects the accuracy and security of the distance estimate of the protocol and affects the cost of practical implementation. Distance-bounding protocols have already been implemented in commercial RFID products and with off-the-shelf UWB equipment, achieving a level of computational security against practically demonstrated attacks. Nevertheless, as attacks improve and if distance- bounding is to become theoretically secure in real-world applications then existing work on suitable channels would need to be continued, by investigating cost effective means of implementing new channels and/or approaches that mitigate security issues in conventional channels.

REFERENCES [1] P. Papadimitratos, M. Poturalski, P. Schaller, P. Lafourcade, D. Basin, S. Capkun, and J. P. Hubaux, Secure neighborhood discovery: A fundamental element for mobile ad hoc networking, IEEE Commun. Mag., vol. 46, no. 10, pp. 132139, Oct. 2008. [2] S. S. Saad and Z. S. Nakadv, A standalone RFID indoor positioning system using passive tags, IEEE Trans. Ind. Electron., vol. 58, no. 5, pp. 19611970, Jul. 2010. [3] G. M. Gaukler, Item-level RFID in a retail supply chain with stock-out-based substitution, IEEE Trans. Ind. Inf., vol. 7, no. 2, pp. 362370, May. 2011. [4] S. Han, H.-S. Lim, and J.-M. Lee, An efficient localization scheme for a differential-driving mobile robot based on RFID system, IEEE Trans. Ind. Electron., vol. 54, no. 6, pp. 33623369, Nov. 2007.

[5] M. Henseler,M. Rossberg, and G. Schaefer, Credential management for automatic identification solutions in supply chain management, IEEE Trans. Ind. Inf., vol. 4, no. 4, pp. 303314, Nov. 2008. [6] A. Soylemezoglu, M. J. Zawodniok, and S. Jagannathan, RFID -Based smart freezer, IEEE Trans. Ind. Electron., vol. 56, no. 7, pp. 23472356, 2009. [7] S. Park and S. Hashimoto, Autonomousmobile robot navigation using passive RFID in indoor environment, IEEE Trans. Ind. Electron., vol. 56, no. 7, pp. 23662373, 2009. [8] G. P. Hancke, K. E. Mayes, and K. Markantonakis, Confidence in smart token proximity: Relay attacks revisited, Comput. Security, vol. 28, pp. 615627, 2009. [9] D. Lui, M.-C. Lee, and D. Wu, A node-to-node location verification method, IEEE Trans. Ind. Electron., vol. 57, no. 5, pp. 15261537, May 2010.