Coordination
And
Support
Action for
Global
RFID-related
Activities and
Standardisation
EU Project Number 216803
CASAGRAS will provide a framework of foundation studies to assist the European
Commission and the global community in defining and accommodating international
issues and developments concerning radio frequency identification (RFID) with
particular reference to the emerging ‘Internet of Things’.
WP7: Socio-economic components
of RFID usage
in the Internet of Things
White Paper, v4a (Issued 6 April 2009
WP7 1
DRAFT White Paper WP7
Issued May 2009
1 Introduction
1.1 The Social Connection with the Internet of Things
1.1 Awareness, Public Perception and Social Change
2 Technology enablers of things ubiquitous and Internet of Things
2.1 The Privacy Imperative
2.2 Outline Methodology for Designing Privacy into RFID Applications
2.3 A Standard for Design for Privacy and Security
3 Safety Issues concerning RFID and Radio-based Systems
4 Structure and Governance for the Internet of Things
WP7 2
WP7: Socio-economic components
of RFID usage
in the Internet of Things
Contents
In principle the Internet of Things (IoT), based upon popular perceptions, may be considered as a
structure in which human intervention is minimised, but in which activities are directed at serving
human-kind either directly or indirectly and at various levels of human enterprise, domestic, corporate,
public, national and international. A paradigm shift in nature and scale is envisaged within the Internet
of Things which will inevitably have a profound impact upon society, in much the same way as the
Internet and the world-wide-web have impacted upon everyday life and the commercial world. While
the level of impact is likely to be different the nature of the impact is likely to be as far reaching and as
radical and revolutionary as the Internet itself.
In considering the socio-economic issues arising from the developments in RFID and the Internet of
Things it is both relevant and important to reflect upon the opinion expressed by the European
Economic and Social Committee (EESC) in its published statement of the 18th September 2008. This
was in response to a consultation request from the European Commission, under Article 262 of the
Treaty establishing the European Community, on the subject of The Internet of Things (exploratory
opinion).
The conclusions and recommendations presented in this opinion were as follows:
“The EESC encourages the EU Commission to:
2.4 Invest in research, to support dissemination (such as the past presidency
events) and standard setting activities because they consider the Internet of
Things (IOT) domain important.
2.5 Take measures to remove barriers that would hamper the taking-up of the
technology.
2.6 Assess whether centralised systems will be able to handle the amount of traffic
that can be expected of IOT applications and if local governance (of names and
services) are a better approach to manage mass deployment.
2.7 Investigate whether the current existing directives handle the data protection
and security requirements adequately or if new legislative measures are
needed.
2.8 Consider the need for some laboratories in Europe with combined funding
from universities and private companies, in order to ensure that research
results are taken up in Europe and to counter a brain-drain of researchers to
research facilities and enterprises in other parts of the world (US).
2.9 On the issue of eventual electromagnetic risks - the principle of precaution
should apply for these new environments with a high density of wave readers,
in particular for the workers in such environments. They should be informed
about any potential risks and methods of protection should be put in place. All
the same, the question should be seriously assessed, through scientific studies.
WP7 3
WP7: Socio-economic components
of RFID usage
in the Internet of Things
1 Introduction
2.10 Remember that technology development should be done for the people and that
there is a need to evaluate the related ethical risks.
2.11 For trans-European services, the European Commission or the independent
administrative authority that may regulate the spectrum in the future, should
consider the spectrum needs of the Internet of Things.
2.12 Research will be crucial to win the race to deliver computing capacity to handle
future real time Internet of Things applications.”
Within this opinion statement there is clear support for RFID and the concept being developed for the
Internet of Things. Removing barriers to take-up and for research to advance the realisation of the Internet
of Things are also explicit in the statement. From a clearly social perspective data protection, privacy,
security, ethical risk assessment and safety of systems constitute particularly important issues.
Governance is a further issue that is likely to have impact from a social perspective but only features in a
closing paragraph, pointing to the notion that the new network poses problems of governance in view of its
scale, content and universal standards requirements. There is insufficient reference to international
ISO/IEC standards for RFID suggesting that RFID is “currently regulated through private standards and
commercial relations with global EPC”. In addressing these issues as part of this communication a more
inclusive approach will be adopted.
1.1 The Social Connection with the Internet of Things
The word social is indicative of issues of a human nature. It is therefore important to establish how the
Internet of Things, and developments towards the Internet of Things, are likely to have the profound social
implications suggested above. As expressed in the CASAGRAS white paper on Applications for the Internet
of Things, integration with the existing and evolving Internet is, at the very least, a migratory feature of
achieving the Internet of Things, in which various categories of application or service may be distinguished:
1. Object-to-Internet-to-human (eg object initiated service that results in an email to a
human respondent)
2. Human-to-Internet-to-object (eg human communicates via Internet to activate a control
device in the home)
3. Object-to-Internet-to-object (eg object activated control service via the Internet that results
in an object or systems activation, control event or information update, possibly with a
human interface to allow monitoring of events)
4. Object-to-dedicated IoT infrastructure-to-object (eg similar to 3, but exploiting a dedicated
infrastructure and domain features to support a new range of object-oriented applications
and services, possibly with human interfaces as appropriate for interactive functions)
While the categories indicating explicit human intervention could, depending upon the application, have
implications with respect to privacy and security, it should be recognised that the object-to-object category
may also have privacy implications if linked to personal information and or activities.
WP7 4
In drawing upon this categorisation of applications and the issues raised in the EESC opinion statement
the following socio-economic factors can be recognised:
Awareness, Public Perception and Social Change
Privacy, Security and Risk Assessment
Safety Issues concerning RFID and Radio-based Systems
Structure, Revenue Streams and Governance
While governance is included in this list the other issues clearly come into the considerations and aspects
of governance. Adding to this list of issues for which governance assumes a role are issues concerning
business models and aspects of application and service. Governance will also need to cover aspects of
network functionality and protection.
1.2 Awareness, Public Perception and Social Change
One of the principal barriers to take-up of RFID resides in the lack of awareness of RFID and its
capabilities. Unfortunately, a decade or so characterised by hype, mis-understanding and misconceptions
have suppressed awareness and willingness on the part of non-users to recognise the potential that RFID
has to offer. As there are many applications, such as those in retail, travel and leisure that may be seen to
involve personal data or potential access to personal data the need may also be seen for privacy protection
along with public awareness and measures to gain public acceptance.
A European Commission consultation process on RFID, conducted in 2006, revealed that 61% of the 2190
respondents were of the view that the public in general were not sufficiently informed about or aware of
RFID. It also revealed privacy to be their biggest concern. While awareness-raising was seen as a
necessary expedient in addressing this situation the need was also seen for awareness accompanied by
confidence-building directives that demonstrate that privacy is appropriately supported.
While public consultation has already been exercised within Europe on RFID and privacy it remains a
substantive objective to raise awareness and promote the take-up of RFID. A thematic network is about to
be established within the European member states to realise this objective.
Privacy and associated security with respect to radio frequency identification (RFID) has been the focus
for a great deal of media and campaign attention over recent years, with a lot of emphasis upon the
potential infringement of privacy and infringement scenarios.
A legislative framework is emerging that helps to distinguish the various facets of privacy and what
constitutes violation of privacy. Such developments have been influenced by consumer or campaign
concerns. While these and others rightly seek to protect privacy and human rights in respect of technology
usage, media hype, exaggerated claims, misconceptions and misinformation often arise that confuse and
present difficulties in deriving coherent and effective measures for handling privacy and satisfying
consumer and campaign group concerns. It becomes increasingly difficult to exploit technological
developments, such as RFID, where multiple factors, including some that are application-specific, impact
upon privacy. The situation is exacerbated when technological developments and concepts such as the
‘Internet of Things’ are not sufficiently explained and insufficient attempts are made to seek public
acceptance.
A seemingly open-ended flow of problems can be seen to arise with respect to RFID and people-related
applications where privacy is an important consideration. The solutions derived can be considered robust if
techniques for accommodating privacy and associated security issues are clearly identified and effectively
applied. When viewed as part of a design methodology these techniques constitute part of a framework or
WP7 5
2 Privacy, Security and Risk assessment - A design
Approach
‘tool-box’ to be used in selecting techniques and technologies to meet particular application needs. Viewed
in isolation privacy protection techniques may yield a degree of confidence on the part of consumers and
campaign groups but to have more impact in this respect they need to be viewed in context of overall
application requirements.
Core to these considerations, particularly within Europe, are the EU directives, and corresponding
member state enactments in law that govern the protection of individuals with regard to processing of
personal data and freedom of movement for such data. Similar directives, albeit concerned with RFID in
particular or data protection in general, may be found in other nations around the world that are likely to
have bearing upon privacy and security in relation to the Internet of Things. With respect to RFID in Europe
the EC Directive 95/46/EC can be seen to be key. However, as identified in the European Parliament
Scientific Technology Options Assessment (STOA) report, RFID and Identity Management in Everyday Life,
the directive may not be adequate to accommodate fully the requirements in respect of governance.
In view of such limitations it is important from a design perspective to consider national guidelines and
supporting principles with respect to privacy and data protection. An example of such guidelines are the
OECD “Guidelines on the Protection of Privacy and Trans-border Flows of Personal Data” and basic
principles of data protection used in formulating data protection legislation. The concept of Identity
Management introduced through the European Parliament Scientific Technology Options Assessment
(STOA) report is also significant in this respect and is covered in more illustrative terms in the booklet
“RFID & Identity Management in Everyday Life”.
In Japan, a set of Guidelines for Privacy Protection, with particular reference to RFID, was issued in 2004
by the Ministry of Internal Affairs and Communications (MIC) and the Ministry of Economy, Trade and
Industry (METI). Ten Articles comprise these Guidelines:
1. Purpose
2. Scope
3. Indication etc. of the fact that products are tagged with RFID tags
4. Reservation of the right of final choice of consumers with respect to reading of RFID tags
5. Information offerings concerning social benefits of RFID tags
6. Handling of RFID tags in cases where information is used by linking personal information,
databases etc. stored in computers with RFID information
7. Limitations on information collection and use in cases where recording personal
information in RFID tags
8. Ensuring of information accuracy where recording personal information in RFID tags
9. Establishment of information administrator
10. Explanation and information offerings to consumers
The guidelines draw attention to the view that the problem of privacy protection is due to characteristics
peculiar to RFID tags. For example, if RFID tags were removed at the point when a retail store hands a
product to a consumer, there would not be a question of risk. However, in the future it is likely that RFID
tags will be required to ensure some kind of consumer benefit or satisfy some social and/or societal need.
Such developments raise the question of risk and the need for appropriate protective measures.
WP7 6
There are a number of useful policy and solution guidance documents to be found that can assist in
addressing privacy issues and in designing protection systems. An example of such a document is the AIM
Global RFID Expert Group “RFID – Guidelines on Data Access Security”, AIM working document REG 352.
The document looks at systemic solutions that prevent unauthorised or inadvertent access to data on an
RFID tag and in an RFID system. It is intended to provide guidance to users and systems designers on
potential threats to data security and countermeasures available to provide RFID data security.
Design methodology for systems where privacy requirements are indicated, also demand attention to risk
identification and assessment and appropriate consideration of range of factors that impact on privacy and
associated security, including:
Directives and legislation on protection of personal data
Privacy guidelines and standards
Attack and system failure modes and risk assessment
Technologies and techniques
From the standpoint of privacy-attack a RFID, or comparable, technological system may be considered as
an identification and data transfer facility with vulnerabilities that potential attackers, individual or corporate,
might exploit with intent to track, gather personal information or otherwise compromise privacy.
Understanding attack modes, the effects and criticality of effects is a necessary requirement in seeking
effective application-specific solutions. Such an approach is analogous to failure modes and effects
analysis (FMEA) used effectively in engineering design. Correspondingly, failure is a further aspect for
consideration since in practice systems cannot be expected to be immune from technical failure that can
lead to personal data being lost or stolen. However, analysis and contingency can assist in alleviating or
minimising such problems.
With these considerations in mind a framework may be identified as a basis for developing appropriate
risk assessment and application design methodology.
2.1 The Privacy Imperative
The privacy imperative is not simply a consequence of RFID, it is clearly arises from a broader base of
technological concerns. A recent UK study , undertaken by the Royal Academy of Engineering has drawn
attention to these broader issues and provides a contribution to the public debate on information technology
in general and its possible impact on privacy. Although its recommendations are focused upon the UK it
stresses the importance of influencing policy on an international basis. The broader considerations extend
to all aspects of data collection, storage, transmission and processing of data, how they are monitored and
managed so that effects are effectively understood and controlled in the interests of privacy.
In considering the privacy imperative for RFID it is important to consider it in context of broader
information technology issues, particularly where RFID systems are linked to wider communication, storage
and processing systems. It is also expedient to consider the legal framework to which RFID relates and the
broader information systems’ considerations that relate. Moreover, with expanding usage of RFID and
prospectively applications with global dimensions, including those relating to the proposed ‘Internet of
Things’, considerations should where appropriate extend to global privacy policy .
WP7 7
The Royal Academy of Engineering (2007) , Dilemmas of Privacy and Surveillance – Challenges of
Technological Change, ISBN 1-903496-32-2
Perrin, S (2006) RFID and Global Privacy Policy, RFID Applications, Security and Privacy (Edited:
Garfinkel, S & Rosenberg, B) Addison Wesley. ISBN 0-321-29096-8
1
1
2
2
In presenting an inclusive framework for considering technologies the Royal Academy of Engineering
study distinguishes a roadmap or feature space in which three layers of technologies are defined with
components identified on a time line for existing or mass market, early adopter and horizon technologies.
The three layers comprise:
Connection technologies
technologies that affect how organisations move data around, including how they deliver
information and services to customers. Included in this category are personal related
technologies which in turn include RFID, WiFi, Bluetooth, zigbee and near field
communication (NFC) technologies.
Disconnection technologies
technologies that provide access control to services and resources, to maintain security of
data. Included in this category are passwords, PINs, SIM cards, and cryptographic
technologies and thus have relevance with RFID.
Processing technologies
technologies that affect how data are handled internally within organisations, embracing
both hardware and software technologies.
While such classification can help position RFID as one of a range of technologies that present privacy
issues when used in people-based applications it does not indicate the relative significance of these
technologies.
Unfortunately, much of the attention has been without due consideration of a number of significant
associated factors that impact upon the nature and extent to which RFID poses a problem. These factors
include:
Insufficient attention to the positioning of RFID with respect to other technologies and
practices that impact upon privacy.
Insufficient attention to the distinction between privacy and security functions.
Insufficient understanding of the practicalities of RFID in relation to the scenarios that are
presented as examples of privacy and security violation.
Insuffic
本文档为【欧盟物联网白皮书】,请使用软件OFFICE或WPS软件打开。作品中的文字与图均可以修改和编辑,
图片更改请在作品中右键图片并更换,文字修改请直接点击文字进行修改,也可以新增和删除文档中的内容。
该文档来自用户分享,如有侵权行为请发邮件ishare@vip.sina.com联系网站客服,我们会及时删除。
[版权声明] 本站所有资料为用户分享产生,若发现您的权利被侵害,请联系客服邮件isharekefu@iask.cn,我们尽快处理。
本作品所展示的图片、画像、字体、音乐的版权可能需版权方额外授权,请谨慎使用。
网站提供的党政主题相关内容(国旗、国徽、党徽..)目的在于配合国家政策宣传,仅限个人学习分享使用,禁止用于任何广告和商用目的。