Security and Privacy in the "Internet of Things"
Referat von Prof. Oliver Günther, Ph.D. im BBK am 6. Mai 2008
Abstract
The much touted “Internet of Things” requires a global IT
infrastructure providing information about "things" in a secure and
reliable manner. The EPCglobal Network is a popular industry proposal
for such an IT infrastructure. Here the "things" are physical objects
carrying RFID tags with a unique Electronic Product Code (EPC). A
DNS-based Object Naming Service (ONS) locates the information sources
relevant for a given object. In this talk we show that EPCglobal's
current design harbors some serious privacy and security risks. We also
discuss some countermeasures and their effectiveness. In particular, we
show how distributed hash tables (DHTs) can be used to improve data
access control, to reduce dependencies on individual root name servers,
and to increase privacy. The strength of privacy protection, however,
depends on the availability of secure out-of-band key distribution
mechanisms.
(Der Vortrag wird in Deutsch sein.)