Smartcards: An Introduction
advertisement
IC Card v.s. RFID 資訊科技一 P9374717 李駿達 P9374711 顏世坤 Agenda Smart Cards Technology Radio Frequency Identification (RFID) Q&A Smart Cards Technology CD Lee, Sam Yen IC Card (Smart Card) 是在塑膠卡片上裝置積體電路(IC),並在卡上外接 接點,使讀寫裝置可以傳輸資料。IC卡內的積體電路 可包含微處理器(MCU) 和記憶體,只有記憶體的稱 為記憶卡(Memory Card),只能儲存資料;具微處 理器的則有運算和資料處理能力,被稱為智慧卡 (Smart Card)。 IC卡的特色有:記憶容量大,資料可重複多次寫入或 更新;資料控管功能;安全性高不易偽造,防止卡片 犯罪的損失;可採離線(off-line)作業,減少通訊 成本。國內目前在金融、醫療、電信方面,已陸續導 入IC卡的應用。 Plastic Cards Visual identity application Magnetic strip (e.g. credit cards) Plain plastic card is enough Visual data also available in machine readable form No security of data Electronic memory cards Machine readable data Some security (vendor specific) Smart Cards Processor cards (and therefore memory too) Credit card size With or without contacts. Cards have an operating system too. The OS provides A standard way of interchanging information An interpretation of the commands and data. Cards must interface to a computer or terminal through a standard card reader. Loosely defined, a smart card is any card with a capability to relate information to a particular application such as: Magnetic Stripe Cards Optical Cards Memory Cards Microprocessor Cards Magnetic Stripe Cards Standard technology for bank cards, driver’s licenses, library cards, and so on…… Optical Cards Uses a laser to read and write the card CANPASS Contains: Photo ID Fingerprint Memory Cards Can store: Financial Info Personal Info Specialized Info Cannot process Info Microprocessor Cards Has an integrated circuit chip Has the ability to: Store information Carry out local processing Perform Complex Calculations Microprocessor Cards Contact Smart Card VCC Reset Clock Reserved GND VPP I/O Microprocessor Cards Contactless Smart Card Microprocessor Cards Combi / Hybrid Cards Hybrid Card Has two chips: contact and contactless interface. The two chips are not connected. Combi Card Has a single chip with a contact and contactless interface. Can access the same chip via a contact or contactless interface, with a very high level of security. Smart Cards devices VCC Reset Clock Reserved GND VPP I/O What’s in a Card? CLK RFU RAM, 3–5 Mhz clock rate RST Vcc Upcoming GND RFU Vpp I/O Typical Smartcard at time of our research 8-bit CPU, 384 bytes 32-bit RISC CPU, 4 Kbytes RAM, 50 Mhz clock Typical Configurations 256 bytes to 4KB RAM. 8KB to 32KB ROM. 1KB to 32KB EEPROM. Crypto-coprocessors (implementing 3DES, RSA etc., in hardware) are optional. 8-bit to 16-bit CPU. 8051 based designs are common. The price of a mid-level chip when produced in bulk is less than US$1. Smart Card Readers Dedicated terminals Usually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner. Computer based readers Connect through USB or COM (Serial) ports Communication mechanisms Communication between smart card and reader is standardized ISO 7816-4 standard Commands are initiated by the terminal Interpreted by the card OS Card state is updated Response is given by the card. Commands have the following structure CLA INS P1 P2 Lc 1..Lc Le Response from the card include 1..Le bytes followed by Response Code Security Mechanisms Password Cryptographic challenge Response Entity authentication Biometric information Card holder’s protection Person’s identification A combination of one or more Data storage Data is stored in smart cards in E2PROM Card OS provides a file structure mechanism File types MF DF DF EF DF EF EF EF EF Binary file (unstructured) Fixed size record file Variable size record file Access control on the files Applications may specify the access controls A password (PIN) on the MF selection • For example SIM password in mobiles Multiple passwords can be used and levels of security access may be given Applications may also use cryptographic authentication How does it all work? Card is inserted in the terminal ATR negotiations take place to set up data transfer speeds, capability negotiations etc. Terminal sends first command to select MF Terminal prompts the user to provide password Terminal sends password for verification Terminal sends command to select MF again Terminal sends command to read EF1 Card gets power. OS boots up. Sends ATR (Answer to reset) Card responds with an error (because MF selection is only on password presentation) Card verifies P2. Stores a status “P2 Verified”. Responds “OK” Card responds “OK” Card supplies personal data and responds “OK” CAT_TP and BIP application protocol 03.48 security layer CAT_TP BIP* * Mechanism originally specified by 3GPP T3 by which the ME provides the UICC with access to the data bearers supported by the ME and the network Server How are Smart Cards Used? Commercial Applications Banking/payment Identification Parking and toll collection Universities use smart cards for ID purposes and at the the library, vending machines, copy machines, and other services on campus. By 2007 end all credit cards will be smart. EMV standard Mobile Telecommunications SIM cards used on cell phones Over 300,000,000 GSM phones with smart cards Contains mobile phone security, subscription information, phone number on the network, billing information, and frequently called numbers. How are Smart Cards Used? Information Technology Secure logon and authentication of users to PCs and networks Encryption of sensitive data Other Applications Over 4 million small dish TV satellite receivers in the US use a smart card as its removable security element and subscription information. Pre-paid, reloadable telephone cards Health Care, stores the history of a patient Fast ticketing in public transport, parking, and road tolling in many countries JAVA cards What is Smart Card for Government? A Multi-Application, Multi-Tech Proximity Smart Card A Hybrid / Composite Card Authentication Architecture Digital Photo Smart Card Chip * Mag Stripe on back Barcode Digital Photo, Biometrics, Finger Print, Voice Print, Hand Geometry, Iris Scan, Keyboard Dynamics, Digitized Signature, Signature Dynamics, Personal ID, Electronic Signature Encryption, Compression Public/Private Key, Digital Signature (DSS), RSA for Off-line, Wireless, Telephony Hardware/Software Based, Crypto Co-Processor Uses Pre-paid Money, Credit, Debit, Authorizations, ID, Certificate Secure eMail, eForms, Digital signature * Proximity / Combi Chip are imminent - combining smart card and radio frequency into one chip * RF indicates Radio Frequency Chip Source: John G Moore, GSA, 1994 E-Government Smart Card Specification ISO 7816, 1,2,3 compliant • FIPS 140-2, level 3 • Java Applications – PKI Applet – ID PIN Verification and Management Applet – GCA Applet – Authentication Applet – Biometric Authentication Applet – Stake Holder applets (future) • JavaCard 2.1 • Global Platform 2 Compliant • 64 K RAM (42K available for applets) • DES/3DES/AES(when available) • RSA asymmetric 1024 / 2048 • PTS speed in access of 9600 bps • EEPROM endurance > 250,000 r/w cycles • MIFARE Proximity (contactless) chip – DESFire (ISO 14443-A) – 4 k NV memory Smart Card Applications Identity Management Mobile Communications Ticketless Travel Loyalty Programs Mary Carver Building Security/Area Access Time and Attendance Administration Mary Carver Debit/Credit Card Electronic Purse Mass Transit Training Management Qualification Certification Distance Learning Secure Network Access Information Security Healthcare Drivers License Work/Entry Permits Parking Advantages In comparison to it’s predecessor, the magnetic strip card, smart cards have many advantages including: Life of a smart card is longer A single smart card can house multiple applications. Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc. Smart cards cannot be easily replicated and are, as a general rule much more secure than magnetic stripe cards. it has relatively powerful processing capabilities that allow it to do more than a magnetic stripe card (e.g., data encryption). Data on a smart card can be protected against unauthorized viewing. As a result of this confidential data, PINs and passwords can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a transaction. Disadvantages NOT tamper proof Can be lost/stolen Lack of user mobility – only possible if user has smart card reader every he goes Has to use the same reader technology Can be expensive Working from PC – software based token will be better No benefits to using a token on multiple PCs to using a smart card Still working on bugs Over 20 programs world-wide Over 20 programs world-wide across the financial, id/security, government, mobile telecom, public healthcare, retail, and transit markets Mobile OTA application management for USIM/SIM cards (SIMToolKit, CAT) US DoD CAC card Taiwan Health Card Moscow Social Card Finnish National Smart Card Program Smart Visa Card Amex Blue Card Etc.. OS Based Classification Smart cards are also classified on the basis of their Operating System. There are many Smart Card Operating Systems available in the market, the main ones being: 1. MultOS 2. JavaCard 3. Cyberflex 4. StarCOS 5. MFC Smart Card Operating Systems or SCOS as they are commonly called, are placed on the ROM and usually occupy lesser than 16 KB. SCOS handle: • File Handling and Manipulation. • Memory Management • Data Transmission Protocols. International Standardization Mobile Telecom Standards ETSI: GSM 03.48, TS 23.048 ETSI & 3G Smart Card Platform (SCP): TS 102.225, 102.226 Government Standards US Federal Government: GSC-IS Under review (US): FIPS 201, PIV ISO: new part 13 of 7816 series New Work Item from Japan: approved by ISO SC17 Work assigned to ISO SC17/WG4, editor: Japan Scope: commands for application management in multi application environment Contribution: a subset of GlobalPlatform Card Specification, endorsed by ANSI US official contribution to ISO Global Deployment Over 70 million GlobalPlatform cards deployed worldwide Additional 450+ million GSM cards globally use GlobalPlatform technology for over-the-air (OTA) application download Over 30 implementations across the financial, ID/security, government, mobile telecom, healthcare, retail, and transit markets Estimates predict these figures to increase dramatically in 2005 and 2006 Worldwide Industry Radio Frequency Identification (RFID) CD Lee, Sam Yen Internet of THIINGS RFID Overview(1) What is RFID? Radio Frequency IDentifier RFID combines the features of traditional IDs • Barcodes : used to identify and track objects • OCR and biometrics : enables automatic ID and verification • Smart cards/IC card : store information and provide interactive processing How RFID different? Used to identify objects and store information about the object Used to locate and identify objects from a distance using RF signals Used to detect and read things that are not in line of sight Data can be interactively managed and processed by the RFID chip and RFID system The RFID Tag Components The RFID tag is made up of several parts: A microchip that stores data and modulates and demodulates analog radio waves An antenna that gathers RF energy from a reader and reflects back a signal A protective layer that can be used to create a label or other type of transponder How it works The reader emits radio waves The tag coverts the radio waves into electricity to power up the microchip The microchip modulates and demodulates the antenna and sends backs long and short waves or waves of different amplitude The reader converts these waves into a string of ones and zeros A computer turns the ones and zeros into digital information RFID Overview(3) • Web service vs RFID service Web Service RFID Service DNS www.nida.or.kr 203.254.110.10 203.254.110.10 4.3.2.1.rfid.or.kr object information server’s domain name RFID ODS object info server’s IP address object info Homepage (HTML) Web server object info server ODS: Object Directory System RFID Operation (Passive Tags) APPLICATION INTERROGATOR RF TAG Tag Physical Memory Decoder AIR Application Program Interface Encoder INTERFACE DEVICE COMMANDS APPLICATION COMMANDS APPLICATION RESPONSES Command / Response Unit Tag Driver and Mapping Rules Logical Memory Map COMMANDS RESPONSES DEVICE RESPONSES Logical Memory DATA PROTOCOL PROCESSOR PHYSICAL INTERROGATOR Note: The Logical Memory Map in the Tag Physical Memory is given by the Tag architecture and the mapping rules in the Tag Driver. All the information in the Logical Memory is represented in the Logical Memory Map ISO/IEC 15961 ISO/IEC 15962 ISO/IEC 15962 Annexes ISO/IEC 18000 The RFID reader also has several parts: A digital signal processor and a microcontroller An internal or external antenna A network or serial port connection Input/output ports for linking to other devices RFID’s Unique Capabilities No “line of sight” required to read tags Simultaneous communication with multiple tags Each Item is unique; prevents double counting Bulk reading capability Can store information directly on tags High memory capacity Long read ranges Performance not limited by harsh environments versus bar codes Are All Tags The Same? Basic Types: Active Tag transmits radio signal Internally powered memory, radio & circuitry High Read Range (300 feet) Passive Tag reflects radio signal from reader Reader powered Shorter Read Range (4 inches - 15 feet) Active RFID Active tags transmit an RF signal (instead of reflecting the signal) Active tags have longer range than passive tags Most active tags have batteries, though emerging technology may provide active transmission WITHOUT batteries. Passive RFID Passive tags (also referred to as “field disturbance devices”) reflect and modulate radio waves received by the tag from the interrogator. Passive devices have ranges of 1 to 4 meters depending upon national regulations Passive tags do not require an on-board power source, but some do have batteries to support sensors and faster response times. RFID Operation (Passive Tags) Sequence of Communication Host Manages Reader(s) and Issues Commands Reader and tag communicate via RF signal Carrier signal generated by the reader (upon request from the host application) Carrier signal sent out through the antennas Carrier signal hits tag(s) Tag receives and modifies carrier signal “sends back” modulated signal (Passive Backscatter - FCC and ITU refer to as “field disturbance device”) Antennas receive the modulated signal and send them to the Reader Reader decodes the data Results returned to the host application How far, how fast, how much, how many, attached to what? Frequency Regulation Range Data Speed Comments 120 – 150 kHz 18000-2 (passive) Basically unregulated < 1m Low Animal identification and factory data collection 13.56 MHz 18000-3 (passive) ISM band, differing power levels and duty cycle < 1m Low to moderate Popular frequency for I.C. Cards (Smart Cards), Libraries 433 MHz 18000-7 (active) Non-specific Short Range Devices (SRD), Location Systems 1 – 100 m Moderate Container Security and Tracking. Asset tracking for U.S. DoD (Pallets) – Active 860 – 960 MHz 18000-6 (passive) ISM band, increasing use in other regions, differing power levels and duty cycle 2–5m Moderate to high MH 10.8.4 (RTI), AIAG B11 (tires), EPC (18000-6C), DoD Passive 2450 MHz 18000-4 Mode 1 (passive) ISM band, differing power levels and duty cycle 1–2m High IEEE 802.11 b/g, Bluetooth, cordless telephones Minimum Requirements Passive Technology Active Technology How far 3 meters How far 100 meters How fast 10 mph How fast 35 mph How much 256 bitsNote How much 256 bytesNote How many 500 tags/second How many 500 tags/minute Technology 860-960 MHz ISO/IEC 18000-6 UHF Gen 2 (Type C) EPC Class I, II, III Technology 433 MHz ISO/IEC 18000-7 EPC Class IV RFID Scenario(1) RFID Scenario(2) Supply chain process from Metro Distribution Chain Center Implementation Issues Read zone control Application of tags Where in the process Where on the container How are the labels being applied Use ISO standards EPC requires pre-population of data at the recipient (X12 856 / EDIFACT DESADV / XML) or access to the EPCIS Back-up in case of tag failure Recycling Data concerns Return on investment RFID Standardization-ISO(1) Automatic Identification in ISO Identification of Things TC122/Ad Hoc Group Packaging TC23/SC19/WG3 Animals TC104/SC4/WG2 Container JTC1/SC17 Personal ID JWG Supply Chain App ISO/IEC JTC1/SC31/WG4 Automatic Identification and Data Capture Technique TC: Technical Committee JTC: Joint Technical Committee SC: Sub-Committee WG: Woking Group ISO: International Organization for Standards TC204 Transportation TC68/SC6 Financial Transaction Application Standards Radio Frequency Identification - Open Standards ISO 10374 - Freight containers — Automatic identification ISO 18185 - Freight Containers - Radio-frequency communication protocol for electronic seal ISO 11784 – Radio-Frequency Identification of Animals - Code Structure ISO 11785 – Radio-Frequency Identification of Animals - Technical Concept ISO 14223-1 – Radio-Frequency Identification of Animals - Advanced Transponders - Part 1: Air Interface ISO 21007-1 – Gas Cylinders - Identification and Marking Using Radio Frequency Identification Technology - Part 1: Reference Architecture and Terminology ISO 21007-2 – Gas Cylinders - Identification and Marking Using Radio Frequency Identification Technology - Part 2: Numbering Schemes for Radio Frequency ANSI MH10.8.4 - RFID for Returnable Containers AIAG B-11 - Tire & Wheel Identification Standard ISO 122/104 JWG - Supply Chain Applications of RFID ISO 17363 - Freight containers ISO 17364 - Returnable transport items ISO 17365 - Transport units ISO 17366 - Product packaging ISO 17367 - Product tagging RFID Standardization-ISO(2) ISO/IEC JTC1/SC31/WG4 ARP: Application Requirement Profile SG: Sub-Group SG1 Data Protocol: Application Interface Data Protocol: Data Encoding Rules and Logical Memory Functions ISO/IEC 15961:2004, 2004.10 ISO/IEC 15962:2004, 2004.10 SG2 Unique Identification for RF Tag IOS/IEC 15963:2004, 2004.10 SG1 Part1: Reference Architecture and Definition of Parameters to be standaized IOS/IEC 18000-1: 2004, 2004.9 ISO/IEC Part2: Parameters for Air Interface Communications below 135kHz ISO/IEC 18000-2: 2004, 2004.9 Part3: Parameters for Air Interface Communications at 13.56MHz ISO/IEC 18000-3: 2004, 2004.9 Part4: Parameters for Air Interface Communications at 2.45GHz ISO/IEC 18000-4: 2004, 2004.9 Part6: Parameters for Air Interface Communications at 860 MHz to 960 MHz ISO/IEC 18000-6: 2004, 2004.9 Part7: Parameters for Air Interface Communications at 433MHz ISO/IEC 18000-7: 2004, 2004.9 ARP Application Requirements Profiles Implementation Guidlines – Part1: RFID-Enabled Labels Implementation Guidlines – Part2: Recyclability of RF Tags Implementation Guidlines – Part3: RFID Interrogator/ Antenna Installation ISO/IEC TR 18000:2004.10 ISO/IEC 24729-1, Now ISO/IEC 24729-2, Now ISO/IEC 24729-3, Now Technology Standards Radio Frequency Identification Open Standards ISO/IEC 18000 - RFID for Item Management Part 2 - 125 - 150 kHz Part 3 - 13.56 MHz Part 4 - 2450 MHz Part 6 - 860 - 960 MHz Part 7 - 433.92 MHz (active) Data Standards ISO/IEC 15418 - Application Identifiers & Data Identifiers ISO/IEC 15434 - Syntax ISO/IEC 15459 - Unique Item Identification ISO/IEC 15961 - Data Protocol: Application Interface ISO/IEC 15962 - Data Protocol: Data Encoding Rules and Logical Memory Functions ISO/IEC 15963 - Unique Identification for RF Tags Conformance Standards ISO/IEC 18047 - RFID device conformance test methods (at) Part 2 - 125 - 150 kHz Part 3 - 13.56 MHz Part 4 - 2450 MHz Part 6 - 860 - 960 MHz Part 7 - 433.92 MHz (active) RFID Standardization-EPCgobal(1) EPCglobal (EPC: Electronic Product Code) History • Developed by Auto-ID center, an academic research project headquartered at MIT with five universities around the globe • VerSign initiative Work scope • EPCglobal Network • EPCglobal Services RFID Standardization-EPCgobal(2) EPCglobal specifications and ratified standards Spec/Stardnard Project Title Remarks 900MHz Class 0 RF Identification Tag Specification EPCglobal Specification 13.56 MHz ISM Band Class 1 RF Identification Tag Interface Specification RF and tag requirements for each band 860 MHz – 930 MHz Class 1 RF Identification Tag Radio Frequency & Logical Communication Interface Specification EPC Tag Data Standard Version 1.1 rev 1.26 Ratified EPCglobal Standards Class 1 Generation 2 UHF Air Interface Protocol Standard version 1.0.9 Tag data encoding schemes Physical/logical requirements for passive RFID systems RFID Components and Standardization Antenna Reader Memory map RFID Tag Tag drivers Identification code Application Host Data protocol processor Data collection Event handling READER/HOST INTERFACE Application condition ISO/IEC object identification code - WG2, EPCglobal Data protocol ISO/IEC AIR interface tag identification code - ISO/IEC 15963 WG4/SG2 WG4/SG1 Management protocol 15961, 15962 ISO/IEC 18000-1 ~ 7 WG4/SG3 UHF GEN2 EPCglobal TR18001,24729 WG4/ARP Auto-ID Reader Protocol EPCgobal Event handling ALE EPCglobal Object information search ONS, EPCIS EPCglobal Standards Organizations International International Telecommunications Union (ITU) (United Nations) International Electrotechnical Commission (IEC) International Organization for Standardization (ISO) Universal Postal Union (UPU) (United Nations) ISO/IEC Joint Technical Committee 1 (JTC 1) TC 122 Packaging TC 104 Freight Containers SC 31 Automatic Data Capture ITU-T (fka CCITT) Telecommunications SC 17 IC Cards WG 1 - Symbology WG 2 - Data Content TC 122/104 JWG SC Apps RFID SC 6 Telcom & info exch btwn systems WG 3 - Conformance WG 4 - RFID WG 5 - RTLS TC 8 Ships & Marine Tech Regional Comité Européen Normalisation (CEN) ITU-D (fka BDT) Telecommunications Development Comité Européen Normalisation Electrotechnique (CENELEC) ECMA ODETTE ITU-R (fka CCIR & IFBR) Radio-frequency Issues Comité Européen Postal & Telegraph (CEPT) National Standards Assoc of China (SAC) British Standards Institution (BSI) MHI GS 1 AIM Deutches Institut fur Normung (DIN) ANSI AFNOR CEA IEEE INCITS JISC Other T6 B10 Industry DoD ATA CEA AIA HIBCC AIAG GS 1 Other VDA ISO/IEC JTC 1/SC 31 Structure International Electrotechnical Commission (IEC) International Organization for Standardization (ISO) ISO/IEC Joint Technical Committee 1 (JTC 1) - IT ISO/IEC JTC 1 Subcommittee 31 WG 1 Data Carrier WG 2 Data Structure Convener S. Ackley (US) Convener T. Yoshioka (JP) WG 3 Conformance Convener C. Biss (US) Secretariat GS 1 WG 4 RF Tags Convener H. Barthel Code 39 DAI Linear Print Quality Air Interface ITF Data Syntax 2D Print Quality Unique RF Tag ID MaxiCode Unique ID Printing Specs Data Matrix Test Specs BC Printers Defs. Logical Mem Map Application Interface Encoding Rules EAN/U.P.C. Test Specs BC Readers Code 128 Test Specs BC Verifiers PDF417 QR Code RFID Performance Symbology Identifiers RFID Conformance WG 5 RTLS Convener M. Harmon API 2450 MHz 433 MHz GLS Near Field SC 31/WG 4 (RFID) Technology Projects ISO Designation Title Status Information technology - AIDC techniques - RFID for item management ISO/IEC 18000, Part 1 Part 1 - Definition of parameters to be standardized Published 2004-08-06 Revision in process ISO/IEC 18000, Part 2 Type A - ISO 11785 based Type B - Yoshikawa RF Part 2 - Parameters for air interface communications below 135 kHz Published 2004-07-30 Revision in process ISO/IEC 18000, Part 3 Mode 1 - ISO/IEC 15693 based Mode 2 - Magellan based Part 3 - Parameters for air interface communications at 13.56 MHz Published 2004-08-06 Revision in process ISO/IEC 18000, Part 4 Mode 1 - Intermec based Mode 2 - Siemens/NEDAP based Part 4 - Parameters for air interface communications at 2.45 GHz Published 2004-05-31 Revision in process ISO/IEC 18000, Part 6 Type A - BTG based Type B - Intermec/Philips based Type C - UHFGen2 (v1.0.9) based Part 6 - Parameters for air interface communications at 860-960 MHz Published 2004-08-15 Amendment FDIS Ballot 2006-03-03 thru 2006-05-03 Revision beginning 2006-03 ISO/IEC 18000, Part 7 Savi based Part 7 - Parameters for active air interface communications at 433 MHz Published 2004-05-31 Revision in process ISO/IEC 15961 Data protocol: Application interface Published 2004-10-15 Revision in process ISO/IEC 15962 Protocol: Data encoding rules and logical memory functions Published 2004-10-15 Revision in process ISO/IEC 15963 Published 2004-09-01 Unique Identification of RF Tag ISO/IEC 24752 System Management Protocol ISO/IEC 24753 NP Approved 2005-04-05 NP Approved 2005-04-07 Air Interface Commands for Battery Assist and Sensor Functionality ISO/IEC TR 24729 Implementation guidelines: Part 1: RFID-enabled labels, Part 2: Recyclability of RF tags, Part 3: RFID interrogator/antenna installation NPs Approved 2005-01-12 The Layers of Logistic Units (Radio Frequency Identification - RFID) Layer 5 Movement Vehicle (truck, airplane, ship, train) Layer 4 (433 MHz) ISO 17363 (Freight containers) Container (e.g., 40 foot Sea Container) Layer 3 (860-960 MHz) (Other 18000 with TPA) Unit Load “Pallet” ISO 17364 (Returnable transport items) Unit Load “Pallet” Layer 2 (860-960 MHz) ISO 17365 (Transport units) Transport Unit Transport Unit Transport Unit Transport Unit Layer 1 (860-960 MHz) ISO 17366 (Product packaging) Pkg Pkg Pkg Pkg Pkg Pkg Pkg Pkg Layer 0 (860-960 MHz) (13.56 MHz with TPA) ISO 17367 (Product tagging) Item “TPA” - Trading Partner Agreement Item Item Item Item Item Item Item Item Item Item Concept Source: Akira Shibata, DENSO-Wave Corporation Item Item Item Item Item Three tags - different purposes Supply Chain Tag ISO 17363 Electronic Seal ISO 18185 Container ID Tag ISO 10374.2 Sealing and anti-tamper capability Bolt Seal Security Tag Electronically secures ocean containers, air cargo ULD containers, trailers, Monitors presence and integrity of bolt seal, generates alarm upon bolt removal or breakage Re-usable tag Reduces manual inspections Minimizes theft, loss and tampering ASC MH10 PINS Today Container Reader/ Communicator Customs Proposed On Board Unit (OBU) 10374.2 Tag 17364 Tags 18185 Tag/Seal Fingerprint Reader 17365 Tags Transportation Worker ID Card (TWIC) with Fingerprint Biometric ISO/IEC 14443 17363 Tag Chassis Tag TC 204 Standard Tractor Tag TC 204 Standard On Board Unit (OBU) Tomorrow Customs Part of CALM Network Road Side Unit (RSU) EPCglobal and ISO ISO Requirement EPC UHF Gen2 v1.0.9 Standard to cover the widest possible set of applications for a common protocol Restricted to “EPC-only” data structures Top-down architecture Bottom-up architecture Standard to embrace global applications Restricted to EPC applications Active tags to comply with ISO/IEC 18000-7 No accommodation for active tags Extensible commands, e.g., sensors, write No extensibilities beyond Class 1 RAND EPCglobal’s I.P. not disclosed, “royaltyfree” AFIs for multi-application use No AFIs Consistent and common use of Tag ID, Item ID Object ID, Chip ID, etc. Usages are not mainstream and are confusing ??? IC Card Comparison Maximum Data Capacity Processing Power Cost of Card Cost of Reader and Connection Magnetic Stripe Cards 140 bytes None $0.20 $0.75 $750 Integrated Circuit Memory Cards 1 Kbyte None $1 - $2.50 $500 Integrated Circuit Processor Cards 8 Kbytes 8-bit cpu, moving to 16- and 32bit $7-$15 $500 Optical Memory Cards 4.9 Mbytes None $7 - $12 $3,500 $4,000 RFID vs Smart Card RFID Smart Card No need for contact or line-of-sight Contact and Contactless (short distance) Data retrive Can scan entire pallets at once Need to issue command for response for data request Communication Simultaneous communication with multiple tags One at a time speed Greater speed Lack of user mobility Size Size – a grain of rice Credit Card size Storage 64 – 128 bits EEPROM: 8K - 128K bit. Cost 2005: $0.05 per tag; hundreds of dollars per reader 2008: $0.01 per tag; several dollars per reader (?) Typical costs range from $2.00 to $10.00. RFID Smart Card Application Multiple data storage, but no applet. multiple applications- Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc. rewrite EPC tags, are read-only Also have rewritable tags (containing EEPROM) Rewritable Processing Power Little computational power -A few thousand gates -Static keys for read/write permission -No real cryptographic functions available Capable of processing, not just storing information - Smart cards can communicate with computing devices through a smart card reader - information and applications on a card can be updated Security EPC tags, no computing power for basic cryptographic More expensive tags can perform basic cryptographic algorithms, such as symmetric-key encryption and challenge-response identification protocols Chip microprocessor and Co-processor supports DES, 3-DES, RSA or ECC standards for encryption, authentication, and digital signature for non-repudiation. Error Correction The anti-collision protocol used in HF tags is generally a variant of the classic ALOHA protocol. ALOHA-based RFID reading leaks less information than most UHF tree-walking protocols. Current Chip Operating Systems (COS) perform their own error checking Usage General Merchant Personal use Proprietary Features On expensive tag could handle some encryption feature include Chip Operating System and System Development Kits
