All:
Pointer to article:
http://www.it-analysis.com/frame.php?name=The+Register&url=http://go.theregister.com/feed/2005/02/18/rsa_rfid/
Kobielus kommentary:
This raises a nightmare scenario in the “identity of things”: a scenario in which every personal “thing” we own or hold becomes a tattletale: a silent RFID beacon of who we are, who they are, and where we/they are.
How to keep this scenario from becoming a reality? Most important, it will have to involve the relying party presenting credentials before the RFID of a personal “thing” can be released. One approach is to require readers to transmit their identity, permissions, and other credentials to the holder of the RFID-tagged thing. The RFID thingholder—a human being or intelligent software agent—will then have the option of granting or not granting the request for RFID, once it has validated the credentials. The thing itself might display the results of that credentials check, or the results might be transmitted via an SMS to the thingholder’s cellphone display. Authorizing release of RFID might then involve pressing some key on the thing, or responding to the SMS, or some other dynamic handshake interaction.
Obviously, such a scenario demands several critical chunks of infrastructure. First of all, it would require that RFID “personal things” (we’re talking your personal possessions, not the RFID-bearing things in a manufacturing supply chain) come equipped with receivers as well as transmitters. Second, it would require a federated IdM infrastructure for registering, issuing, managing, and validating credentials for RFID readers—one that has the capacity to handle the huge and ever-growing transaction volumes. Third, it would require that all RFID-bearing things be engineered to participate in this federated RFIDm environment. Fourth, it would require serious rethinking of user interfaces associated with RFID-bearing things, so as to make it as easy as possible for ordinary people to set up the appropriate rules governing controlled, secure release of their personal, privacy-sensitive RFIDs.
If this sounds like a big kettle of public policy, technical, and usability issues, you’re quite right. We’ve barely begun to think through the many issues that will surface as RFIDs—and RFIDm as a discipline—begin to pervade our lives.
Jim
skip to main |
skip to sidebar
Content to be content.
Blog Archive
-
▼
2005
(187)
-
▼
February
(25)
- fyi Michigan City Provides Free WiFi to Residents
- poem Fit
- fyi Spam Controls Imperil E-Mail Reliability
- rip Dr. Hunter S. Thompson
- lol Hilton Cell Phone Numbers Posted on Net
- fyi Relics of computer history in New York auction
- imho The difference between prose and poetry
- fyi RSA looks ahead on RFID security
- fyi 145,000 Americans' identity data stolen
- poem Sum Things
- fyi Prepaid Phones Get a Bad Rap From Crime Use
- fyi "Far Out"... of Compliance (school district R...
- fyi Cisco To Target XML Messaging Market
- fyi IBM Sees Hackers Going Mobile, Targeting Phone...
- poem Sheer Enthusiasm
- fyi Spyware vs. anti-spyware: get it together please!
- lol Why Wilco is The Future of Music (According to...
- fyi Databases Can't Handle RFID
- fyi Microsoft turns spotlight on its search engine
- imho Critique of Cameron’s Seventh Law
- poem Sustain
- fyi SAP plans new platform as competitive weapon
- imho Kim Cameron’s thoughts on messaging federation
- lol Doodling Megalomaniac Not Tony Blair, But Bill...
- fyi CipherTrust: Mail Senders 'Guilty Until Proven...
-
▼
February
(25)
James Kobielus
