Scalable data access control in RFID-enabled supply chain

Saiyu Qi, Yuanqing Zheng, Mo Li, Yunhao Liu, Jinli Qiu

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

8 Citations (Scopus)

Abstract

By attaching RFID tags to products, supply chain participants can identify products and create product data to record the product particulars in transit. Participants along the supply chain share their product data to enable information exchange and support critical decisions in production operations. Such an information sharing essentially requires a data access control mechanism when the product data relates to sensitive business issues. However, existing access control solutions are ill suited to the RFID-enabled supply chain, as they are not scalable in handling a huge number of tags, introduce vulnerability to the product data, and performs poorly to support privilege revocation of product data. We present a new scalable data access control system that addresses these limitations. Our system provides an item-level data access control mechanism that defines and enforces access policies based on both the participants' role attribute and the products' RFID tag attribute. Our system further provides an item-level privilege revocation mechanism by allowing the participants to delegate encryption updates in revocation operation without disclosing the underlying data contents. We design a new updatable encryption scheme and integrate it with Cipher text Policy-Attribute Based Encryption (CP-ABE) to implement the key components of our system.
Original languageEnglish
Title of host publicationProceedings - IEEE 22nd International
PublisherIEEE Computer Society
Pages71-82
Number of pages12
ISBN (Electronic)9781479962044
DOIs
Publication statusPublished - 1 Jan 2014
Externally publishedYes
Event22nd IEEE International Conference on Network Protocols, ICNP 2014 - Research Triangle, United States
Duration: 21 Oct 201424 Oct 2014

Conference

Conference22nd IEEE International Conference on Network Protocols, ICNP 2014
CountryUnited States
CityResearch Triangle
Period21/10/1424/10/14

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Cite this