• Shopping Cart
    There are no items in your cart

CEN/TR 16670:2014

Current

Current

The latest, up-to-date edition.

Information technology - RFID threat and vulnerability analysis

Published date

06-04-2014

Sorry this product is not available in your region.

Foreword
Introduction
1 Scope
2 Terms and definitions
3 Symbols and abbreviations
4 Threats and Attack scenarios
5 Vulnerabilities
6 Mitigation measures
7 Conclusions
Annex A (informative) - Attack scenarios
Annex B - Original Test Set ups and Results
Annex C - Additional Test Set ups and Results
Bibliography

The scope of the Technical Report is to consider the threats and vulnerabilities associated with specific characteristics of RFID technology in a system comprising:—the air interface protocol covering all the common frequencies;—the tag including model variants within a technology;—the interrogator features for processing the air interface;—the interrogator interface to the application.The Technical Report addresses specific RFID technologies as defined by their air interface specifications. The threats, vulnerabilities, and mitigating methods are presented as a toolkit, enabling the specific characteristics of the RFID technology being used in an application to be taken into consideration. While the focus is on specifications that are standardized, the feature analysis can also be applied to proprietary RFID technologies. This should be possible because some features are common to more than one standardized technology, and it should be possible to map these to proprietary technologies.Although this Technical Report may be used by any operator, even for a small system, the technical details are better considered by others. In particular the document should be a tool used by RFID system integrators, to improve security aspects using a privacy by design approach. As such it is also highly relevant to operators that are not SME’s, and to industry bodies representing SME members.Although this Technical Report may be used by any operator, even for a small system, the technical details are better considered by others. In particular the document should be a tool used by RFID system integrators, to improve security aspects using a privacy by design approach. As such it is also highly relevant to operators that are not SME’s, and to industry bodies representing SME members.

Committee
CEN/TC 225
DocumentType
Technical Report
PublisherName
Comite Europeen de Normalisation
Status
Current

Standards Relationship
PD CEN/TR 16670:2014 Identical
S.R. CEN/TR 16670:2014 Identical
NEN NPR CEN/TR 16670 : 2014 Identical

PD CEN/TR 16968:2016 Electronic Fee Collection. Assessment of security measures for applications using Dedicated Short-Range Communication
DIN EN 16571:2014-10 INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS
BS EN 16571:2014 Information technology. RFID privacy impact assessment process
CEN/TR 16968:2016 Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication
UNI EN 16571 : 2014 INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS
EN 16571:2014 Information technology - RFID privacy impact assessment process
DIN EN 16571 E : 2014 INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS
I.S. EN 16571:2014 INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS
S.R. CEN/TR 16968:2016 ELECTRONIC FEE COLLECTION - ASSESSMENT OF SECURITY MEASURES FOR APPLICATIONS USING DEDICATED SHORT-RANGE COMMUNICATION

ISO/IEC 18000-6:2013 Information technology — Radio frequency identification for item management — Part 6: Parameters for air interface communications at 860 MHz to 960 MHz General
ISO/IEC 18000-7:2014 Information technology Radio frequency identification for item management Part 7: Parameters for active air interface communications at 433 MHz
ISO/IEC 18000-61:2012 Information technology — Radio frequency identification for item management — Part 61: Parameters for air interface communications at 860 MHz to 960 MHz Type A
ISO/IEC 18046-1:2011 Information technology — Radio frequency identification device performance test methods — Part 1: Test methods for system performance
ISO/IEC 18000-2:2009 Information technology — Radio frequency identification for item management — Part 2: Parameters for air interface communications below 135 kHz
ISO/IEC 18000-4:2015 Information technology Radio frequency identification for item management Part 4: Parameters for air interface communications at 2,45 GHz
ISO/IEC 18000-62:2012 Information technology — Radio frequency identification for item management — Part 62: Parameters for air interface communications at 860 MHz to 960 MHz Type B
ISO/IEC 18000-1:2008 Information technology Radio frequency identification for item management Part 1: Reference architecture and definition of parameters to be standardized
ISO/IEC 18000-64:2012 Information technology — Radio frequency identification for item management — Part 64: Parameters for air interface communications at 860 MHz to 960 MHz Type D
ISO/IEC 18000-63:2015 Information technology Radio frequency identification for item management Part 63: Parameters for air interface communications at 860 MHz to 960 MHz Type C
TR 101 543 : 1.1.1 ELECTROMAGNETIC COMPATIBILITY AND RADIO SPECTRUM MATTERS (ERM); RFID EVALUATION TESTS UNDERTAKEN IN SUPPORT OF M/436 PHASE 1
ISO/IEC 18000-3:2010 Information technology — Radio frequency identification for item management — Part 3: Parameters for air interface communications at 13,56 MHz

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.