Security techniques in the RFID framework

US 7,944,355 B2
Filed: 05/31/2005
Issued: 05/17/2011
Est. Priority Date: 09/01/2004
Status: Active Grant

First Claim

Patent Images

1. A system that facilitates employing security to a Radio Frequency Identification (RFID) network, comprising:

an RFID device that is associated with at least one RFID process;

a processor that executes the following computer executable components stored on a computer readable medium;

an interface that receives a role-based authorization model associated with an operating system, wherein the role-based authorization model defines a security hierarchy;

a security component that applies the role-based authorization model to an RFID network to define security permissions for the RFID network, wherein the security component comprises a first security layer that regulates processing of the RFID process and a second security layer that regulates use of the RFID device such that the RFID process and the RFID device are protected from threats and breaches, wherein the security component is configured to analyze possible threats and/or breaches to the security of the RFID network that could be introduced via the RFID process or the RFID device, wherein the possible threats and/or breaches relate to at least one of manipulation of the at least one associated RFID process and the utilization of the RFID device within the RFID network, the possible threats and/or breaches being determined before any actual threat or breach has occurred; and

a threat component that utilizes a track model analysis to dynamically determine RFID network vulnerabilities and threat conditions that the security component is configured to prevent, wherein the threat conditions are determined before the occurrence of an actual intrusion, and wherein the track model analysis provides a list of one or more vulnerabilities including the resources, entry points, trust levels, data flow diagrams, and determined ways of compromising the RFID network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The subject invention provides a system and/or a method that facilitates employing a security technique to an RFID network. An interface can receive role-based authorization data related to an operating system. A security component can enhance security to at least one of a manipulation of a process and a utilization of a device within the RFID network based at least in part upon role-based authorization data.

115 Citations

View as Search Results

20 Claims

1. A system that facilitates employing security to a Radio Frequency Identification (RFID) network, comprising:
- an RFID device that is associated with at least one RFID process;
  
  a processor that executes the following computer executable components stored on a computer readable medium;
  
  an interface that receives a role-based authorization model associated with an operating system, wherein the role-based authorization model defines a security hierarchy;
  
  a security component that applies the role-based authorization model to an RFID network to define security permissions for the RFID network, wherein the security component comprises a first security layer that regulates processing of the RFID process and a second security layer that regulates use of the RFID device such that the RFID process and the RFID device are protected from threats and breaches, wherein the security component is configured to analyze possible threats and/or breaches to the security of the RFID network that could be introduced via the RFID process or the RFID device, wherein the possible threats and/or breaches relate to at least one of manipulation of the at least one associated RFID process and the utilization of the RFID device within the RFID network, the possible threats and/or breaches being determined before any actual threat or breach has occurred; and
  
  a threat component that utilizes a track model analysis to dynamically determine RFID network vulnerabilities and threat conditions that the security component is configured to prevent, wherein the threat conditions are determined before the occurrence of an actual intrusion, and wherein the track model analysis provides a list of one or more vulnerabilities including the resources, entry points, trust levels, data flow diagrams, and determined ways of compromising the RFID network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 18, 20)
- - 2. The system of claim 1, the RFID network includes at least one of an RFID reader;
    - an RFID writer;
      
      an RFID printer;
      
      a printer;
      
      a reader;
      
      a writer;
      
      an RFID transmitter;
      
      an antenna;
      
      a sensor;
      
      a real time device;
      
      an RFID receiver;
      
      a real time sensor;
      
      a device extensible to a web service;
      
      or a real time event generation system.
  - 3. The system of claim 1, the RFID network includes at least one of an outbound process;
    - a manufacturing process;
      
      a shipping process;
      
      a receiving process;
      
      a tracking process;
      
      a data representation process;
      
      a data manipulation process;
      
      a security process;
      
      or a process utilizing one of an RFID device service, a device collection, a tag read, an event, an event queue, a tag write, a device configuration, or a number count.
  - 4. The system of claim 1, the RFID network comprises a collection of devices that form a sub-system, which includes:
    - an RFID reader that receives an RFID signal; and
      
      an RFID tag that transmits the RFID signal.
  - 5. The system of claim 1, further comprising a role component that creates an RFID administrator and an RFID user group with respective permissions corresponding to permissions from the role-based authorization model.
  - 6. The system of claim 5, the RFID administrator manipulates a process within the RFID network.
  - 7. The system of claim 6, the manipulation of the process is at least one of an execution;
    - a modification;
      
      a creation;
      
      a deletion;
      
      a deployment;
      
      or a termination.
  - 8. The system of claim 5, the RFID administrator incorporates at least one of a user or a group from the role-based authorization model into the RFID user group to utilize the security hierarchy.
  - 9. The system of claim 8, the RFID administrator dictates permission to at least one of the user or the group to manipulate a process within the RFID network, wherein the manipulation is at least one of a creation of the process, a modification of the process, or a deletion of the process.
  - 10. The system of claim 9, at least one of the user or the group dictates permission to at least one of a disparate user or a disparate group to manipulate a process within the RFID network, wherein the manipulation is at least one of a creation of the process, a modification of the process, or a deletion of the process.
  - 11. The system of claim 8, the RFID administrator dictates permission associated with a device within the RFID network to at least one of the user or the group.
  - 12. The system of claim 1, further comprising a threat component that utilizes a track model analysis to determine a threat condition that the security component prevents.
  - 13. The system of claim 1, further comprising at least one of an analyzer component that determines a characteristic of the role-based authorization model within the operating system to incorporate with the RFID network;
    - or a manager component that manages at least one of a role or a permission associated with the RFID network.
  - 14. The system of claim 1, further comprising at least one of an application programming interface (API) component that invokes an API to modify permissions associated with at least one of an RFID administrator or an RFID user group;
    - or a notification component that alerts an administrator of at least one of a security breach or an attempted security breach, wherein the security breach is at least one of internal or external.
  - 18. The system of claim 12, the track model analysis provides a security model that exposes vulnerabilities of the RFID network.
  - 20. The system of claim 5, wherein the RFID user group comprises both structured query language (SQL) users and SQL roles.

15. A method that facilitates employing security to a Radio Frequency Identification RFID network, comprising:
- employing a processor to execute computer readable instructions stored in a computer readable medium to perform the following acts;
  
  creating an RFID administrator and an RFID user group;
  
  incorporating existing roles associated with an authorization model within an operating system into the RFID user group;
  
  invoking a security component in the RFID network based upon the authorization model, wherein the security component comprises a first security layer that regulates processing of the RFID process and a second security layer that regulates use of the RFID device such that the RFID process and the RFID device are protected from threats and breaches, wherein the security component is configured to analyze possible threats and/or breaches to the security of the RFID network that could be introduced via the RFID process or the RFID device, wherein the possible threats and/or breaches relate to at least one of manipulation of the at least one associated RFID process and the utilization of the RFID device within the RFID network, the possible threats and/or breaches being determined before any actual threat or breach has occurred; and
  
  invoking a threat component that utilizes a track model analysis to dynamically determine RFID network vulnerabilities and threat conditions that the security component is configured to prevent, wherein the threat conditions are determined before the occurrence of an actual intrusion, and wherein the track model analysis provides a list of one or more vulnerabilities including the resources, entry points, trust levels, data flow diagrams, and determined ways of compromising the RFID network.
- View Dependent Claims (16, 19)
- - 16. The method of claim 15, further comprising:
    - receiving a threat condition;
      
      utilizing a track model analysis to determine a threat condition to protect against;
      
      assigning at least one permission to at least one of the RFID administrator or the RFID user group;
      
      providing a notification of a breach; and
      
      utilizing an API to manage the security of the RFID network.
  - 19. The method of claim 16, wherein the track model analysis dynamically identifies the threat condition.

17. A computer-implemented system that facilitates employing security to a Radio Frequency Identification (RFID) network, comprising:
- an RFID device that is associated with at least one RFID process;
  
  means for receiving a hierarchy of security related to an operating system;
  
  means for incorporating the hierarchy of security into an RFID network, wherein a security component comprises a first security layer that regulates processing of the RFID process and a second security layer that regulates use of the RFID device such that the RFID process and the RFID device are protected from threats and breaches, wherein the security component is configured to analyze possible threats and/or breaches to the security of the RFID network that could be introduced via the RFID process or the RFID device, wherein the possible threats and/or breaches relate to at least one of manipulation of the at least one associated RFID process and the utilization of the RFID device within the RFID network, the possible threats and/or breaches being determined before any actual threat or breach has occurred; and
  
  means for utilizing a track model analysis to dynamically determine RFID network vulnerabilities and threat conditions that the security component is configured to prevent, wherein the threat conditions are determined before the occurrence of an actual intrusion, and wherein the track model analysis provides a list of one or more vulnerabilities including the resources, entry points, trust levels, data flow diagrams, and determined ways of compromising the RFID network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ahmed, Mohamed Fakrudeen Ali, Goteti, Janaki Ram, Venkatesh, Ramachandran, Kumar, Anush, Agarwal, Abhishek, Sriram, Balasubramanian
Primary Examiner(s)
Bugg; George A
Assistant Examiner(s)
Labbees; Edny

Application Number

US11/141,533
Publication Number

US 20060055508A1
Time in Patent Office

2,177 Days
Field of Search

340/5.27, 340/5.61, 340/10.1, 340/10.5, 3405721-5729, 726/2, 726/4, 726/9, 726/20, 726/27, 726/29, 709/203, 709208-277, 235/375, 235/376
US Class Current

340/572.1
CPC Class Codes

G06F 21/35   communicating wirelessly

G06Q 10/08   Logistics, e.g. warehousing...

G06Q 10/087   Inventory or stock manageme...

Security techniques in the RFID framework

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

115 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security techniques in the RFID framework

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

115 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links