AnonEPC - making the querying user anonymous in EPCglobal network

The EPCglobal network is a major step towards automating supply chain by providing each product with an RFID tag and a unique EPC number. In an EPCglobal Network, it is important to make the querying users anonymous in order to prevent others in the supply chain from knowing that they are querying for a particular EPC number. This type of behavior is motivated by competitive strategies and the sensitive nature of the information being shared through the EPCglobal Network. In this paper, we suggest a design which enables the querying users to remain anonymous by using security tokens to authenticate themselves while keeping their identities hidden. To the best of our knowledge, this is the first work which deals with the user anonymity in the case of EPCglobal network. We propose an enhanced EPCglobal Network which consists of a secure EPCDS, a secure EPCIS and a mechanism by which the user can remain anonymous without compromising the security of the data and at the same time conforming to the access control policies published by each of the EPCISes. Our analysis shows that our solution is more practical in comparison to the original EPCglobal network design and the SecDS model that we are extending.