Securely Disseminating RFID Events

摘要

More and more companies are collecting data about each item of their supply chain using RFID tags in order to increase visibility across the supply chain and improve its performance. The data generated by reading an RFID tag is (also) called an event. These events are frequently distributed using event-based networks following the publish-subscribe pattern. This method of dissemination immediately raises security concerns, since supply chain operations' data is considered sensitive by companies. Attribute-based encryption has proven successful in enforcing access control in publish-subscribe networks. Nevertheless, existing schemes do not support access control for RFID events. In this paper we present an encryption scheme that enables disseminating events that can only be decrypted by a selected set of parties that have been in possession of the RFID tag. Our scheme enables broadcasting event messages of constant ciphertext size to an entire network while enforcing access control policies via encryption. We prove our scheme secure under the Modified Bilinear Decisional Diffie-Hellman Assumption.