Real-time Security Extensions for EPCglobal Networks: Case by Matthieu-P. Schapranow

By Matthieu-P. Schapranow

The transformation in the direction of EPCglobal networks calls for technical apparatus for shooting occasion information and IT platforms to shop and alternate them with offer chain contributors. For the first actual time, offer chain contributors therefore have to face the automated trade of occasion info with enterprise companions. facts safeguard of delicate enterprise secrets and techniques is for this reason the main point that should be clarified prior to businesses will begin to undertake EPCglobal networks.

This ebook contributes to this proposition as follows: it defines the layout of obvious real-time safeguard extensions for EPCglobal networks in accordance with in-memory expertise. For that, it defines authentication protocols for units with low computational assets, similar to passive RFID tags, and evaluates their applicability. in addition, it outlines all steps for imposing history-based entry keep watch over for EPCglobal software program parts, which allows a continual regulate of entry in line with the real-time research of the whole question heritage and a fine-grained filtering of occasion info. The applicability of those leading edge facts safeguard mechanisms is underlined through their exemplary integration within the FOSSTRAK architecture.

Show description

Read or Download Real-time Security Extensions for EPCglobal Networks: Case Study for the Pharmaceutical Industry PDF

Similar security books

Simple Steps to Data Encryption: A Practical Guide to Secure Computing

All people wishes privateness and safeguard on-line, whatever that the majority desktop clients have kind of given up on so far as their own information is worried. there's no scarcity of excellent encryption software program, and no scarcity of books, articles and essays that purport to be approximately the way to use it. but there's worthwhile little for usual clients who wish barely enough information regarding encryption to exploit it appropriately and securely and appropriately--WITHOUT having to turn into specialists in cryptography.

Comprehensive Security in Asia: Views from Asia and the West on a Changing Security Environment

This can be an exam of "Comprehensive safeguard" as a coverage that is going past the necessities of army defence opposed to a specific "enemy" to emphasize the necessity to take note of different features important to nationwide balance: meals, strength, setting, communique and social safety.

Protecting Human Security in Africa

Maintaining Human protection in Africa discusses probably the most powerful threats to human safeguard in Africa. It bargains in particular with these threats to the safety of African humans that are least understood or explored. In issues various from corruption, the proliferation of small palms and lightweight guns, nutrients safety, the devastation of inner displacement in Africa, the hyperlink among usual assets and human protection, to the issues of pressured labour, threatsto women's protection, and environmental safeguard, the publication examines the criminal and coverage demanding situations of defending human safety in Africa.

Additional resources for Real-time Security Extensions for EPCglobal Networks: Case Study for the Pharmaceutical Industry

Example text

The contributed HBAC combines RBAC and RuBAC to control access to event data in a holistic way as described in Sect. 1. Extensible Access Control Markup Language: The eXtensible Access Control Markup Language (XACML) is an eXtensible Markup Language (XML) dialect specified by the OASIS consortium. It aims to define access control rights for subjects representing users, resources, and action based on rules and policies [4]. In addition, XACML introduces a conceptual SoD for access control systems, which is also applicable for the given work.

5 incorporate the latter three aspects to restrict access of clients to event data. ] the EPCIS specification does not take a position as to how authorization decisions are taken’’ [17]. I value my work as a concrete contribution to show how to handle these decisions and how to protect sensitive event data. The term security services was recently mentioned in the context of EPCglobal standards. However, an actual definition or a draft is still missing during creation of this document. I consider the results of this work as a major step towards making security services for EPCglobal networks come true.

RuBAC results in the advantage of defining various kinds of complex rules based on any kind of additional attributes, such as remote host name, current time, user details, etc. As a result, RuBAC enables a more finegrained access control than RBAC. However, a concrete definition of rules and its interpretation needs to be implemented individually. RuBAC defines a set of rules Ru consisting of predicates P that are evaluated specifically when a concrete user u is accessing a certain resource r to perform an action a.

Download PDF sample

Rated 4.73 of 5 – based on 49 votes