关闭

关闭

关闭

封号提示

内容

首页 欧盟物联网白皮书.pdf

欧盟物联网白皮书.pdf

欧盟物联网白皮书.pdf

上传者: togter 2012-06-28 评分 0 0 0 0 0 0 暂无简介 简介 举报

简介:本文档为《欧盟物联网白皮书pdf》,可适用于IT/计算机领域,主题内容包含CoordinationAndSupportActionforGlobalRFIDrelatedActivitiesandStandardisati符等。

CoordinationAndSupportActionforGlobalRFIDrelatedActivitiesandStandardisationEUProjectNumberCASAGRASwillprovideaframeworkoffoundationstudiestoassisttheEuropeanCommissionandtheglobalcommunityindefiningandaccommodatinginternationalissuesanddevelopmentsconcerningradiofrequencyidentification(RFID)withparticularreferencetotheemerging‘InternetofThings’WP:SocioeconomiccomponentsofRFIDusageintheInternetofThingsWhitePaper,va(IssuedAprilWPDRAFTWhitePaperWPIssuedMayIntroductionTheSocialConnectionwiththeInternetofThingsAwareness,PublicPerceptionandSocialChangeTechnologyenablersofthingsubiquitousandInternetofThingsThePrivacyImperativeOutlineMethodologyforDesigningPrivacyintoRFIDApplicationsAStandardforDesignforPrivacyandSecuritySafetyIssuesconcerningRFIDandRadiobasedSystemsStructureandGovernancefortheInternetofThingsWPWP:SocioeconomiccomponentsofRFIDusageintheInternetofThingsContentsInprincipletheInternetofThings(IoT),baseduponpopularperceptions,maybeconsideredasastructureinwhichhumaninterventionisminimised,butinwhichactivitiesaredirectedatservinghumankindeitherdirectlyorindirectlyandatvariouslevelsofhumanenterprise,domestic,corporate,public,nationalandinternationalAparadigmshiftinnatureandscaleisenvisagedwithintheInternetofThingswhichwillinevitablyhaveaprofoundimpactuponsociety,inmuchthesamewayastheInternetandtheworldwidewebhaveimpacteduponeverydaylifeandthecommercialworldWhilethelevelofimpactislikelytobedifferentthenatureoftheimpactislikelytobeasfarreachingandasradicalandrevolutionaryastheInternetitselfInconsideringthesocioeconomicissuesarisingfromthedevelopmentsinRFIDandtheInternetofThingsitisbothrelevantandimportanttoreflectupontheopinionexpressedbytheEuropeanEconomicandSocialCommittee(EESC)initspublishedstatementofthethSeptemberThiswasinresponsetoaconsultationrequestfromtheEuropeanCommission,underArticleoftheTreatyestablishingtheEuropeanCommunity,onthesubjectofTheInternetofThings(exploratoryopinion)Theconclusionsandrecommendationspresentedinthisopinionwereasfollows:“TheEESCencouragestheEUCommissionto:Investinresearch,tosupportdissemination(suchasthepastpresidencyevents)andstandardsettingactivitiesbecausetheyconsidertheInternetofThings(IOT)domainimportantTakemeasurestoremovebarriersthatwouldhamperthetakingupofthetechnologyAssesswhethercentralisedsystemswillbeabletohandletheamountoftrafficthatcanbeexpectedofIOTapplicationsandiflocalgovernance(ofnamesandservices)areabetterapproachtomanagemassdeploymentInvestigatewhetherthecurrentexistingdirectiveshandlethedataprotectionandsecurityrequirementsadequatelyorifnewlegislativemeasuresareneededConsidertheneedforsomelaboratoriesinEuropewithcombinedfundingfromuniversitiesandprivatecompanies,inordertoensurethatresearchresultsaretakenupinEuropeandtocounterabraindrainofresearcherstoresearchfacilitiesandenterprisesinotherpartsoftheworld(US)Ontheissueofeventualelectromagneticriskstheprincipleofprecautionshouldapplyforthesenewenvironmentswithahighdensityofwavereaders,inparticularfortheworkersinsuchenvironmentsTheyshouldbeinformedaboutanypotentialrisksandmethodsofprotectionshouldbeputinplaceAllthesame,thequestionshouldbeseriouslyassessed,throughscientificstudiesWPWP:SocioeconomiccomponentsofRFIDusageintheInternetofThingsIntroductionRememberthattechnologydevelopmentshouldbedoneforthepeopleandthatthereisaneedtoevaluatetherelatedethicalrisksFortransEuropeanservices,theEuropeanCommissionortheindependentadministrativeauthoritythatmayregulatethespectruminthefuture,shouldconsiderthespectrumneedsoftheInternetofThingsResearchwillbecrucialtowintheracetodelivercomputingcapacitytohandlefuturerealtimeInternetofThingsapplications”WithinthisopinionstatementthereisclearsupportforRFIDandtheconceptbeingdevelopedfortheInternetofThingsRemovingbarrierstotakeupandforresearchtoadvancetherealisationoftheInternetofThingsarealsoexplicitinthestatementFromaclearlysocialperspectivedataprotection,privacy,security,ethicalriskassessmentandsafetyofsystemsconstituteparticularlyimportantissuesGovernanceisafurtherissuethatislikelytohaveimpactfromasocialperspectivebutonlyfeaturesinaclosingparagraph,pointingtothenotionthatthenewnetworkposesproblemsofgovernanceinviewofitsscale,contentanduniversalstandardsrequirementsThereisinsufficientreferencetointernationalISOIECstandardsforRFIDsuggestingthatRFIDis“currentlyregulatedthroughprivatestandardsandcommercialrelationswithglobalEPC”InaddressingtheseissuesaspartofthiscommunicationamoreinclusiveapproachwillbeadoptedTheSocialConnectionwiththeInternetofThingsThewordsocialisindicativeofissuesofahumannatureItisthereforeimportanttoestablishhowtheInternetofThings,anddevelopmentstowardstheInternetofThings,arelikelytohavetheprofoundsocialimplicationssuggestedaboveAsexpressedintheCASAGRASwhitepaperonApplicationsfortheInternetofThings,integrationwiththeexistingandevolvingInternetis,attheveryleast,amigratoryfeatureofachievingtheInternetofThings,inwhichvariouscategoriesofapplicationorservicemaybedistinguished:ObjecttoInternettohuman(egobjectinitiatedservicethatresultsinanemailtoahumanrespondent)HumantoInternettoobject(eghumancommunicatesviaInternettoactivateacontroldeviceinthehome)ObjecttoInternettoobject(egobjectactivatedcontrolserviceviatheInternetthatresultsinanobjectorsystemsactivation,controleventorinformationupdate,possiblywithahumaninterfacetoallowmonitoringofevents)ObjecttodedicatedIoTinfrastructuretoobject(egsimilarto,butexploitingadedicatedinfrastructureanddomainfeaturestosupportanewrangeofobjectorientedapplicationsandservices,possiblywithhumaninterfacesasappropriateforinteractivefunctions)Whilethecategoriesindicatingexplicithumaninterventioncould,dependingupontheapplication,haveimplicationswithrespecttoprivacyandsecurity,itshouldberecognisedthattheobjecttoobjectcategorymayalsohaveprivacyimplicationsiflinkedtopersonalinformationandoractivitiesWPIndrawinguponthiscategorisationofapplicationsandtheissuesraisedintheEESCopinionstatementthefollowingsocioeconomicfactorscanberecognised:Awareness,PublicPerceptionandSocialChangePrivacy,SecurityandRiskAssessmentSafetyIssuesconcerningRFIDandRadiobasedSystemsStructure,RevenueStreamsandGovernanceWhilegovernanceisincludedinthislisttheotherissuesclearlycomeintotheconsiderationsandaspectsofgovernanceAddingtothislistofissuesforwhichgovernanceassumesaroleareissuesconcerningbusinessmodelsandaspectsofapplicationandserviceGovernancewillalsoneedtocoveraspectsofnetworkfunctionalityandprotectionAwareness,PublicPerceptionandSocialChangeOneoftheprincipalbarrierstotakeupofRFIDresidesinthelackofawarenessofRFIDanditscapabilitiesUnfortunately,adecadeorsocharacterisedbyhype,misunderstandingandmisconceptionshavesuppressedawarenessandwillingnessonthepartofnonuserstorecognisethepotentialthatRFIDhastoofferAstherearemanyapplications,suchasthoseinretail,travelandleisurethatmaybeseentoinvolvepersonaldataorpotentialaccesstopersonaldatatheneedmayalsobeseenforprivacyprotectionalongwithpublicawarenessandmeasurestogainpublicacceptanceAEuropeanCommissionconsultationprocessonRFID,conductedin,revealedthatoftherespondentswereoftheviewthatthepublicingeneralwerenotsufficientlyinformedaboutorawareofRFIDItalsorevealedprivacytobetheirbiggestconcernWhileawarenessraisingwasseenasanecessaryexpedientinaddressingthissituationtheneedwasalsoseenforawarenessaccompaniedbyconfidencebuildingdirectivesthatdemonstratethatprivacyisappropriatelysupportedWhilepublicconsultationhasalreadybeenexercisedwithinEuropeonRFIDandprivacyitremainsasubstantiveobjectivetoraiseawarenessandpromotethetakeupofRFIDAthematicnetworkisabouttobeestablishedwithintheEuropeanmemberstatestorealisethisobjectivePrivacyandassociatedsecuritywithrespecttoradiofrequencyidentification(RFID)hasbeenthefocusforagreatdealofmediaandcampaignattentionoverrecentyears,withalotofemphasisuponthepotentialinfringementofprivacyandinfringementscenariosAlegislativeframeworkisemergingthathelpstodistinguishthevariousfacetsofprivacyandwhatconstitutesviolationofprivacySuchdevelopmentshavebeeninfluencedbyconsumerorcampaignconcernsWhiletheseandothersrightlyseektoprotectprivacyandhumanrightsinrespectoftechnologyusage,mediahype,exaggeratedclaims,misconceptionsandmisinformationoftenarisethatconfuseandpresentdifficultiesinderivingcoherentandeffectivemeasuresforhandlingprivacyandsatisfyingconsumerandcampaigngroupconcernsItbecomesincreasinglydifficulttoexploittechnologicaldevelopments,suchasRFID,wheremultiplefactors,includingsomethatareapplicationspecific,impactuponprivacyThesituationisexacerbatedwhentechnologicaldevelopmentsandconceptssuchasthe‘InternetofThings’arenotsufficientlyexplainedandinsufficientattemptsaremadetoseekpublicacceptanceAseeminglyopenendedflowofproblemscanbeseentoarisewithrespecttoRFIDandpeoplerelatedapplicationswhereprivacyisanimportantconsiderationThesolutionsderivedcanbeconsideredrobustiftechniquesforaccommodatingprivacyandassociatedsecurityissuesareclearlyidentifiedandeffectivelyappliedWhenviewedaspartofadesignmethodologythesetechniquesconstitutepartofaframeworkorWPPrivacy,SecurityandRiskassessmentAdesignApproach‘toolbox’tobeusedinselectingtechniquesandtechnologiestomeetparticularapplicationneedsViewedinisolationprivacyprotectiontechniquesmayyieldadegreeofconfidenceonthepartofconsumersandcampaigngroupsbuttohavemoreimpactinthisrespecttheyneedtobeviewedincontextofoverallapplicationrequirementsCoretotheseconsiderations,particularlywithinEurope,aretheEUdirectives,andcorrespondingmemberstateenactmentsinlawthatgoverntheprotectionofindividualswithregardtoprocessingofpersonaldataandfreedomofmovementforsuchdataSimilardirectives,albeitconcernedwithRFIDinparticularordataprotectioningeneral,maybefoundinothernationsaroundtheworldthatarelikelytohavebearinguponprivacyandsecurityinrelationtotheInternetofThingsWithrespecttoRFIDinEuropetheECDirectiveECcanbeseentobekeyHowever,asidentifiedintheEuropeanParliamentScientificTechnologyOptionsAssessment(STOA)report,RFIDandIdentityManagementinEverydayLife,thedirectivemaynotbeadequatetoaccommodatefullytherequirementsinrespectofgovernanceInviewofsuchlimitationsitisimportantfromadesignperspectivetoconsidernationalguidelinesandsupportingprincipleswithrespecttoprivacyanddataprotectionAnexampleofsuchguidelinesaretheOECD“GuidelinesontheProtectionofPrivacyandTransborderFlowsofPersonalData”andbasicprinciplesofdataprotectionusedinformulatingdataprotectionlegislationTheconceptofIdentityManagementintroducedthroughtheEuropeanParliamentScientificTechnologyOptionsAssessment(STOA)reportisalsosignificantinthisrespectandiscoveredinmoreillustrativetermsinthebooklet“RFIDIdentityManagementinEverydayLife”InJapan,asetofGuidelinesforPrivacyProtection,withparticularreferencetoRFID,wasissuedinbytheMinistryofInternalAffairsandCommunications(MIC)andtheMinistryofEconomy,TradeandIndustry(METI)TenArticlescomprisetheseGuidelines:PurposeScopeIndicationetcofthefactthatproductsaretaggedwithRFIDtagsReservationoftherightoffinalchoiceofconsumerswithrespecttoreadingofRFIDtagsInformationofferingsconcerningsocialbenefitsofRFIDtagsHandlingofRFIDtagsincaseswhereinformationisusedbylinkingpersonalinformation,databasesetcstoredincomputerswithRFIDinformationLimitationsoninformationcollectionanduseincaseswhererecordingpersonalinformationinRFIDtagsEnsuringofinformationaccuracywhererecordingpersonalinformationinRFIDtagsEstablishmentofinformationadministratorExplanationandinformationofferingstoconsumersTheguidelinesdrawattentiontotheviewthattheproblemofprivacyprotectionisduetocharacteristicspeculiartoRFIDtagsForexample,ifRFIDtagswereremovedatthepointwhenaretailstorehandsaproducttoaconsumer,therewouldnotbeaquestionofriskHowever,inthefutureitislikelythatRFIDtagswillberequiredtoensuresomekindofconsumerbenefitorsatisfysomesocialandorsocietalneedSuchdevelopmentsraisethequestionofriskandtheneedforappropriateprotectivemeasuresWPThereareanumberofusefulpolicyandsolutionguidancedocumentstobefoundthatcanassistinaddressingprivacyissuesandindesigningprotectionsystemsAnexampleofsuchadocumentistheAIMGlobalRFIDExpertGroup“RFID–GuidelinesonDataAccessSecurity”,AIMworkingdocumentREGThedocumentlooksatsystemicsolutionsthatpreventunauthorisedorinadvertentaccesstodataonanRFIDtagandinanRFIDsystemItisintendedtoprovideguidancetousersandsystemsdesignersonpotentialthreatstodatasecurityandcountermeasuresavailabletoprovideRFIDdatasecurityDesignmethodologyforsystemswhereprivacyrequirementsareindicated,alsodemandattentiontoriskidentificationandassessmentandappropriateconsiderationofrangeoffactorsthatimpactonprivacyandassociatedsecurity,including:DirectivesandlegislationonprotectionofpersonaldataPrivacyguidelinesandstandardsAttackandsystemfailuremodesandriskassessmentTechnologiesandtechniquesFromthestandpointofprivacyattackaRFID,orcomparable,technologicalsystemmaybeconsideredasanidentificationanddatatransferfacilitywithvulnerabilitiesthatpotentialattackers,individualorcorporate,mightexploitwithintenttotrack,gatherpersonalinformationorotherwisecompromiseprivacyUnderstandingattackmodes,theeffectsandcriticalityofeffectsisanecessaryrequirementinseekingeffectiveapplicationspecificsolutionsSuchanapproachisanalogoustofailuremodesandeffectsanalysis(FMEA)usedeffectivelyinengineeringdesignCorrespondingly,failureisafurtheraspectforconsiderationsinceinpracticesystemscannotbeexpectedtobeimmunefromtechnicalfailurethatcanleadtopersonaldatabeinglostorstolenHowever,analysisandcontingencycanassistinalleviatingorminimisingsuchproblemsWiththeseconsiderationsinmindaframeworkmaybeidentifiedasabasisfordevelopingappropriateriskassessmentandapplicationdesignmethodologyThePrivacyImperativeTheprivacyimperativeisnotsimplyaconsequenceofRFID,itisclearlyarisesfromabroaderbaseoftechnologicalconcernsArecentUKstudy,undertakenbytheRoyalAcademyofEngineeringhasdrawnattentiontothesebroaderissuesandprovidesacontributiontothepublicdebateoninformationtechnologyingeneralanditspossibleimpactonprivacyAlthoughitsrecommendationsarefocusedupontheUKitstressestheimportanceofinfluencingpolicyonaninternationalbasisThebroaderconsiderationsextendtoallaspectsofdatacollection,storage,transmissionandprocessingofdata,howtheyaremonitoredandmanagedsothateffectsareeffectivelyunderstoodandcontrolledintheinterestsofprivacyInconsideringtheprivacyimperativeforRFIDitisimportanttoconsideritincontextofbroaderinformationtechnologyissues,particularlywhereRFIDsystemsarelinkedtowidercommunication,storageandprocessingsystemsItisalsoexpedienttoconsiderthelegalframeworktowhichRFIDrelatesandthebroaderinformationsystems’considerationsthatrelateMoreover,withexpandingusageofRFIDandprospectivelyapplicationswithglobaldimensions,includingthoserelatingtotheproposed‘InternetofThings’,considerationsshouldwhereappropriateextendtoglobalprivacypolicyWPTheRoyalAcademyofEngineering(),DilemmasofPrivacyandSurveillance–ChallengesofTechnologicalChange,ISBNPerrin,S()RFIDandGlobalPrivacyPolicy,RFIDApplications,SecurityandPrivacy(Edited:Garfinkel,SRosenberg,B)AddisonWesleyISBNInpresentinganinclusiveframeworkforconsideringtechnologiestheRoyalAcademyofEngineeringstudydistinguishesaroadmaporfeaturespaceinwhichthreelayersoftechnologiesaredefinedwithcomponentsidentifiedonatimelineforexistingormassmarket,earlyadopterandhorizontechnologiesThethreelayerscomprise:Connectiontechnologiestechnologiesthataffecthoworganisationsmovedataaround,includinghowtheydeliverinformationandservicestocustomersIncludedinthiscategoryarepersonalrelatedtechnologieswhichinturnincludeRFID,WiFi,Bluetooth,zigbeeandnearfieldcommunication(NFC)technologiesDisconnectiontechnologiestechnologiesthatprovideaccesscontroltoservicesandresources,tomaintainsecurityofdataIncludedinthiscategoryarepasswords,PINs,SIMcards,andcryptographictechnologiesandthushaverelevancewithRFIDProcessingtechnologiestechnologiesthataffecthowdataarehandledinternallywithinorganisations,embracingbothhardwareandsoftwaretechnologiesWhilesuchclassificationcanhelppositionRFIDasoneofarangeoftechnologiesthatpresentprivacyissueswhenusedinpeoplebasedapplicationsitdoesnotindicatetherelativesignificanceofthesetechnologiesUnfortunately,muchoftheattentionhasbeenwithoutdueconsiderationofanumberofsignificantassociatedfactorsthatimpactuponthenatureandextenttowhichRFIDposesaproblemThesefactorsinclude:InsufficientattentiontothepositioningofRFIDwithrespecttoothertechnologiesandpracticesthatimpactuponprivacyInsufficientattentiontothedistinctionbetweenprivacyandsecurityfunctionsInsufficientunderstandingofthepracticalitiesofRFIDinrelationtothescenariosthatarepresentedasexamplesofprivacyandsecurityviolationInsuffic

用户评论(0)

0/200

精彩专题

上传我的资料

每篇奖励 +2积分

资料评价:

/21
1下载券 下载 加入VIP, 送下载券

意见
反馈

立即扫码关注

爱问共享资料微信公众号

返回
顶部