RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
NIST issues Guidance on RFID Security
From:
Larry Medina <[log in to unmask]>
Reply To:
Records Management Program <[log in to unmask]>
Date:
Tue, 22 May 2007 07:19:34 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (52 lines) 
In the past we've spoken about the uses of RFID for tracking records in
libraries, office spaces, and warehouses and had some "fringe discussions"
about privacy and security issues related to the technology.   Anyone
interested in the technology to a more serious degree may be interested in
reading this introduction:

http://www.nist.gov/public_affairs/releases/rfidsecurity.html

(snip)

The new NIST publication focuses on RFID applications for asset management,
tracking, matching, and process and supply chain control. Its list of
recommended practices for ensuring the security and privacy of RFID systems
includes:

   -  firewalls that separate RFID databases from an organization's other
   databases and information technology (IT) systems;


   - encryption of radio signals when feasible;


   -  authentication of approved users of RFID systems;


   - shielding RFID tags or tag reading areas with metal screens or films
   to prevent unauthorized access;


   - audit procedures, logging and time stamping to help in detecting
   security breaches; and


   - tag disposal and recycling procedures that permanently disable or
   destroy sensitive data.



The full report is available here (158 pages)

http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf


Larry
-- 
Larry Medina
Danville, CA
RIM Professional since 1972

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

ATOM RSS1 RSS2