 | Tuesday, May 13, 2008
Issue 837 | | Will Smith, Editor |  |
|
|
Editor's Note: Today's top story is a startup called NeoCatena Networks that next month plans to release RF-Wall, a firewall appliance for networked RFID systems that promises to block malware from entering enterprise systems through RFID readers, and to detect tags that have been cloned or tampered with. NeoCatena was founded by Lukas Grunwald, the hacker who caused a stir in 2006 by demonstrating how to clone German e-passports.
Tim Downs, who ran the first RFID World show in 2002 and subsequently sold the event (and his company Shorecliff Communications) to CMP in 2006, has been hired back by CMP (recently rebranded TechInsights) as a strategic consultant to ensure the success of the upcoming show this fall.
Emco Wheaton, a manufacturer of petroleum tanker truck equipment, has partnered with Hi-G-Tek, a provider of RFID-based sense and control solutions for fuel distribution and global trade lanes. Emco Wheaton will offer active RFID technology from Hi-G-Tek that monitors the valves and apertures of petroleum and fuel-oil tanker trucks. The technology also enables GPS tracking and fleet management. The companies indicate that improved tracking of petroleum and fuel oil has become more important as energy prices have risen to record levels.
Lastly, Axcess International has announced the selection of its Dot technology by the US military to track and secure weapons assets at an arms storage facility. The active RFID-based system monitors the location of weapons within the facility, and also signals alerts when weapons are moved outside the perimeter of the facility by unauthorized parties. |
|
| RFID Tags & Labels | | - Ferroxtag HF tags: Smart on Metal! (site) | | - Confidence in RFID - Confidex tags and tickets (site) | | | RTLS & Active RFID | | 
Sponsored by Ekahau | |
| | - Locate it now. How? Ekahau. That's how! (site) | | | Products & Services | | - PCB Tracking & Visibility Solution from Omnitrol Networks (site) | | - Employees steal over $1 billion per week from employers (site) | | | Upcoming Events | | - AWA PABS08 N. America Conference, Sept 11-12, Chicago, IL (site) | | - AWA PABS08 Asia Conference, Dec 4-5 - Hong Kong, China (site) | | - European Supply Chain & Logistics, 13-15 May, Germany (site) | | - SCAN & RFID CHINA 2008, June 19-21, Guangzhou, China (site) | | | Employment | | - RFID Recruiters - 100% Focused on RFID Recruiting (site) | | | Research & Whitepapers | | - RFID Marketing Strategies Report (site) | |
|
Startup Says System Can Detect, Block Cloned RFID Tags
By John Burnell
NeoCatena Networks plans to release a new product next month that will serve as a firewall to prevent fraudulent or malicious tag data from entering enterprise systems. The Silicon Valley startup was formed by a researcher who previously demonstrated RFID passports could be cloned, and who maintains that most RFID systems used today are insecure.
"RFID is just another data channel into the enterprise, and it is a channel that hasn't been secured," NeoCatena Networks co-founder Lukas Grunwald told RFID Update. "The security available for the internet has not been used for RFID."
In response, NeoCatena Networks is developing RF-Wall, an appliance to be installed between RFID readers or controllers and middleware servers, edge servers, or host applications in networked RFID systems. The product acts as a firewall that authenticates RFID tags prior to allowing their data to pass into enterprise systems, and also scans input to detect and block malware. RF-Wall works by using the unique tag ID to create a digital signature. If the tag has been cloned or the ID otherwise tampered with, the digital signature calculation will detect it, according to Grunwald.
NeoCatena is the second startup to recently advance digital signature-based RFID security, joining Veratag, which announced a system based on MEMS resonator technology (see Startup Adapting MEMS Technology for RFID Authentication).
NeoCatena's RF-Wall can be applied to multiple RF frequencies and has worked well with HF and UHF systems. The first release planned for late June will support the EPCglobal Low Level Reader Protocol (LLRP) standard to simplify integration with Gen2 systems, and will also support two vendor-specific reader protocols, Grunwald said. A single RF-Wall appliance can support up to 15 LLRP-compatible readers. NeoCatena will initially focus its marketing to RFID systems integrators, and will also offer it to reader manufacturers to integrate with their offerings.
Grunwald said the system would not be used in fare collection applications because it is designed for networked systems, but the technique would detect fare cards that had been counterfeited or altered, which recently became a concern (see Yet Another RFID Hack Could Affect Up To 1 Billion Cards).
NeoCatena is focusing on the supply chain market. The RF-Wall is currently in beta testing with a European pharmaceutical company and a company in the Middle East with extensive supply chain operations, according to Grunwald. Potential applications include pedigree and product authentication. The company's literature describes what it claims was a real-world hack in which an RFID tag on a bottle of Dom Pérignon was rewritten with another SKU so the champagne rang up for $4.25 at the checkout counter.
"There are plenty of attacks you can do on RFID tags throughout the supply chain," said Grunwald. "For example, the kill command for an EPC tag is one byte, so you can easily guess it."
The memory on EPC Gen2 tags can be password-protected against reading and writing, and the standard also supports other reader authentication features, but Grunwald said these measures are inadequate.
Questions about RFID security have been raised repeatedly through the years. The industry has often responded by pointing out there have been very few successful, real-world hacks, and that various RFID standards support encryption and authentication, while other security techniques can be applied to equipment and networks. The result is confusion among potential users, which a recent study confirmed (see Study: Consumers Misunderstand RFID and Its Security).
Grunwald has seemingly made it his mission to raise awareness about potential RFID security shortcomings. He is the hacker who caused a stir in 2006 when he demonstrated the cloning of German e-passports (see New RFID Passport Scare -- Does it Matter?), and was profiled by Wired and the BBC. Two years before that he authored RFDump, an RFID-hacking utility. Grunwald told RFID Update he has eight years experience in IT security and previously founded DN-Systems, an information security consulting company in Germany, which gained attention for its efforts in exposing passport flaws.
Forward this to a colleague | Request reprints: reprints at rfidupdate dot com |
|
|
|
|
| RFID Tags & Labels | Ferroxtag HF tags: Smart on Metal!
Ferroxtag is a new family of HF RFID tags suitable for operation on metallic surfaces. Ferroxtag's special ferrite antenna was developed using Ferroxcube's years of experience in ferrite technology. The high performance antenna means longer read range with a smaller tag. Visit www.ferroxtag.com | Confidence in RFID - Confidex tags and tickets
The challenges of various industries lead Confidex to develop a comprehensive offering of special tags and labels. Confidex tags are used in a variety of applications ranging from tracking items in the retail supply chain to automotive manufacturing and petrochemical installations. Confidex designs and manufactures contactless tickets for public transport. Visit www.confidex.fi | | | RTLS & Active RFID | Locate it now. How? Ekahau. That's how!
Ekahau RTLS (Real-Time Location System) automatically tracks assets and people via your existing Wi-Fi network. Control costs and improve asset management with Ekahau. For more information, visit us at www.ekahau.com. | | | Products & Services | PCB Tracking & Visibility Solution from Omnitrol Networks
Off-the-shelf solution provides automated real-time visibility and complete electronic pedigree for traceability on parts and WIP providing real-time dashboards, alerts and reports for shop-floor management. The pedigree information is automatically programmed into Texas Instruments' RFID tag for access to critical data without the need for connection to a back-end database. Learn more. | Employees steal over $1 billion per week from employers
the American Management Association reports. 95% of businesses are victimized by employee theft. Managers are reluctant to ask questions, because trusted employees may feel offended, leaving business owners in a difficult situation. What can you do? Nox: Intelligent Perimeter Defense from Simply RFID provides advanced security and protection for business assets. | | | Upcoming Events | AWA PABS08 N. America Conference, Sept 11-12, Chicago, IL
AWA is organizing the Product Authentication & Brand Security Conference 2008 on September 11-12 in Chicago, IL. The event includes presentations and panel discussions with brand owners, legal authorities, associations, converters and suppliers; also networking sessions, a supplier forum, a social program and more. Find more on the program here. | AWA PABS08 Asia Conference, Dec 4-5 - Hong Kong, China
AWA presents the Asian Product Authentication & Brand Security Conference 2008, to be held on 4 & 5 December in Hong Kong, China. PABS08 Asia focuses on the threats specific to the Asia Pacific region, various elements of IP Theft, and leading-edge solutions. Find more on the program here. | European Supply Chain & Logistics, 13-15 May, Germany
Bringing together Europe's leading providers of supply chain management to evaluate best practices and to move the supply chain agenda into the boardroom. Also, featuring the AMR Research Strategy Session: What makes a supply chain world class in today's global market? More information here: www.supplychain.eu.com | SCAN & RFID CHINA 2008, June 19-21, Guangzhou, China
As one of the earliest, most specialized and authoritative exhibitions in China, approved and supported directly from State Ministry, the 8th SCAN & RFID CHINA 2008 will present you the impressive up-dated development and market of RFID technology in rising China. To know more, please go to www.scan-china.com. | | | Employment | RFID Recruiters - 100% Focused on RFID Recruiting
Whether your company is looking for the best RFID talent or you have the best RFID talent and are looking for the best RFID employer, RFID Recruiters offers the most focused approach to your objective. To learn how the RFID industry and the RFID job market are evolving, visit www.rfidrecruiters.com | | | Research & Whitepapers | RFID Marketing Strategies Report
Thirty-nine pages of original research on RFID audience perceptions, including 30+ figures of tactics, content & messaging, and recommendations to guide marketing strategy. Also, Top-10 RFID company rankings based on 550+ survey respondents. View the executive summary free, with Top-3 sample rankings. Only $495 Individual License or $795 Corporate License. Available now |
This email was intended for , who subscribed
RFID Update is the RFID industry daily. Launched in early 2004 to provide timely analysis of RFID industry news, RFID Update publishes editorial briefings every weekday for the growing ranks of top level executives involved in the deployment of RFID. Each issue delivers the breaking news and analysis most pertinent to successful RFID implementations, allowing readers to understand global RFID developments as they happen.
RFID Update Editor: Will Smith, editor at rfidupdate dot com
Press releases and public relations inquiries should be directed to Will.
To advertise in RFID Update, email advertising08 at rfidupdate dot com to request a media kit.
RFID Questions? Ask at RFID Talk (www.RFIDtalk.com).
Forward this issue of RFID Update to your colleagues, or tell them to subscribe free at: www.RFIDupdate.com
View all past issues of RFID Update in the archive.
Update your subscription settings: subscriptions08 at rfidupdate dot com
We take your privacy seriously. View our Privacy Policy here.
RFID Update -- The RFID Industry Daily
3213 Duke Street #266
Alexandria, VA 22314
http://www.rfidupdate.com
© 2008, ALX Technologies. All Rights Reserved. |
|
|
