Security Threats to Business Information Systems Using NFC Read/Write Mode
Autor:
Rios-Aguilar, Sergio
; Beltrán Pardo, Marta
; González-Crespo, Rubén
Fecha:
2021Palabra clave:
Revista / editorial:
Computers, materials and continuaTipo de Ítem:
Articulo Revista IndexadaDirección web:
https://www.techscience.com/cmc/v67n3/41595Resumen:
Radio Frequency IDentification (RFID) and related technologies such as Near Field Communication (NFC) are becoming essential in industrial contexts thanks to their ability to perform contactless data exchange, either device-to-device or tag-to-device. One of the three main operation modes of NFC, called read/write mode, makes use of the latter type of interaction. It is extensively used in business information systems that make use of NFC tags to provide the end-user with augmented information in one of several available NFC data exchange formats, such as plain text, simple URLs or enriched URLs. Using a wide variety of physical form factors, NFC-compatible tags (wireless transponders) are currently available in many locations with applications going from smart posters, contactless tokens, tap-and-go payments or transport ticketing to automated device configuration, patient identification at hospitals or inventory management within supply chains. Most of these applications handle sensitive processes or data. This paper proposes a complete security threat model for the read/write operation mode of NFC used in Next Generation Industrial IoT (Nx-IIoT) contexts. This model, based on a well-known methodology, STRIDE, allows developers and users to identify NFC applications vulnerabilities or weaknesses, analyze potential threats, propose risk management strategies, and design mitigation mechanisms to mention only some significant examples.
Este ítem aparece en la(s) siguiente(s) colección(es)
Estadísticas de uso
Año |
2012 |
2013 |
2014 |
2015 |
2016 |
2017 |
2018 |
2019 |
2020 |
2021 |
2022 |
2023 |
2024 |
Vistas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
62 |
117 |
96 |
111 |
Descargas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
Ítems relacionados
Mostrando ítems relacionados por Título, autor o materia.
-
Anonymous Assessment Information System for Higher Education Using Mobile Devices
Rios-Aguilar, Sergio ; González-Crespo, Rubén ; de-la-Fuente-Valentín, Luis (2014 14TH IEEE international conference on advanced learning technologies (ICALT), 2014)The lack of anonymity when being examined is a problem for students and teachers alike. So far, student identification in examination processes consists in a physical mark that unmistakably represents the student. New ... -
NFC and Cloud-Based Lightweight Anonymous Assessment Mobile Intelligent Information System for Higher Education and Recruitment Competitions
Rios-Aguilar, Sergio; Pascual-Espada, Jordán; González-Crespo, Rubén (Mobile Networks & Applications, 04/2016)The lack of anonymity when being examined is a problem for students and teachers alike. So far, student identification in examination processes consists in a physical mark that unmistakably represents the student. New ... -
Platform for controlling and getting data from network connected drones in indoor environments
Arenal Pereira, Adrián; Pascual-Espada, Jordán; González-Crespo, Rubén; Rios-Aguilar, Sergio (Future Generation Computer Systems, 01/2018)Nowadays drones can be used to complete a wide range of different tasks, like patrol, transportation and data collection. Many of these tasks are developed in indoor environments, like industrial premises, factories and ...