DocumentCode :
1976961
Title :
Assessment of visibility restriction mechanisms for RFID data Discovery Services
Author :
Pardal, Miguel L. ; Harrison, Mark ; Marques, José Alves
Author_Institution :
Dept. of Comput. Sci. & Eng., Tech. Univ. of Lisbon, Lisbon, Portugal
fYear :
2012
fDate :
3-5 April 2012
Firstpage :
165
Lastpage :
171
Abstract :
RFID is a technology that enables the automated capture of observations of uniquely identified physical objects as they move through supply chains. Discovery Services provide links to repositories that have traceability information about specific physical objects. Each supply chain party publishes records to a Discovery Service to create such links and also specifies access control policies to restrict who has visibility of link information, since it is commercially sensitive and could reveal inventory levels, flow patterns, trading relationships, etc. The requirement of being able to share information on a need-to-know basis, e.g. within the specific chain of custody of an individual object, poses a particular challenge for authorization and access control, because in many supply chain situations the information owner might not have sufficient knowledge about all the companies who should be authorized to view the information, because the path taken by an individual physical object only emerges over time, rather than being fully pre-determined at the time of manufacture. This led us to consider novel approaches to delegate trust and to control access to information. This paper presents an assessment of visibility restriction mechanisms for Discovery Services capable of handling emergent object paths. We compare three approaches: enumerated access control (EAC), chain-of-communication tokens (CCT), and chain-of-trust assertions (CTA). A cost model was developed to estimate the additional cost of restricting visibility in a baseline traceability system and the estimates were used to compare the approaches and to discuss the trade-offs.
Keywords :
authorisation; data handling; inventory management; radiofrequency identification; supply chain management; CCT; CTA; EAC; RFID data discovery services; access control; automated capture; chain-of-communication tokens; chain-of-trust assertions; discovery service; discovery services; enumerated access control; physical objects; supply chain; supply chain situations; supply chains; visibility restriction mechanism assessment; Access control; Companies; Computational modeling; Data models; Data structures; Supply chains;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
RFID (RFID), 2012 IEEE International Conference on
Conference_Location :
Orlando, FL
Print_ISBN :
978-1-4673-0329-3
Type :
conf
DOI :
10.1109/RFID.2012.6193045
Filename :
6193045
Link To Document :
بازگشت