Risk adaptive hybrid RFID access control system

Al-Zewairi, Malek; Alqatawna, Ja'far; Atoum, Jalal Omer

doi:10.1002/sec.1303

Cited by 6 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Figure 1 illustrates the main parties to the NFC mobile payment application, as follows: (1) the credit card that is identified through the NFC mobile to deliver the payment service to the customer; (2) the point of sale (POS) that is integrated with the NFC technology; and (3) the authentication center (AuC) that serves as the trusted third party (TTP), which includes the security parameters of NFC mobiles and NFC POSs in the payment system. In general, payment is performed through the following operations [6,13,16,22,23,24]: (1) the customer tabs the NFC mobile in the range of the NFC POS to send the payment request message; (2) the NFC POS resends the payment request message to the AuC; (3) the AuC checks the security information of both POS NFC and NFC mobile devices; (4) the AuC transmits the response payment message to the NFC POS; (5) the latter authenticates the NFC mobile; (6) the NFC POS sends the response payment message to the NFC mobile; and (7) on receiving the response payment message, the NFC mobile verifies the NFC POS and completes the payment operation. Numerous authentication protocols have been proposed to overcome the security drawbacks in NFC mobile payment applications [25,26,27,28,29].…”

Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning

confidence: 99%

“…Moreover, to conceal the identities of the authentication parties, the SAP-NFC protocol renews the identities and the secret keys of the NFC devices in each successful authentication session. Consequently, this protocol can defeat existing attacks on NFC mobile payment applications [4,9,13]. NFC technology is used to establish the connection between the NFC mobile and the NFC POS [29].…”

Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning

confidence: 99%

See 1 more Smart Citation

Performance Analysis of SAP-NFC Protocol

Al-Fayoumi¹,

Nashwan²

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

The operations cost of authentication session is considered as strict indicator to evaluate the authentication protocols side by side with the security requirements achievements in the Near Field Communication (NFC) technology. The secure authentication protocol for the NFC mobile payment systems (SAP-NFC) one of the recent authentication protocols that have proposed to achieve high level of security features such as the fully mutual authentication, anonymity and untraceability. Moreover, the SAP-NFC protocol can prevent the current security attacks. This paper, analyzes the performance of the SAP-NFC protocol comparing with the other recent NFC mobile payment protocols in the NFC devices that are included in the system. The performance analysis has illustrated that the SAP-NFC protocol not only supports strong security features, but also offers low cost in term of amount of computations.

show abstract

Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning

confidence: 99%

Section: Figure 1 Nfc Mobile Payment Application Partiesmentioning

confidence: 99%

Performance Analysis of SAP-NFC Protocol

Al-Fayoumi¹,

Nashwan²

2022

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

show abstract

“…However, in mobile objects, the implementation of security significantly degrades the system's performance or changes the data capture, affecting the storage of information, which has led to the development of models and policies for improving confidentiality protection and governance for object tracking data [177,178]. There are access control methods based on IPv6 [179], more simple approaches that work without a backend system [180], and hybrid systems that support online and offline modes, to adapt according to the rules [181]. These methods are used, for example, to control access for vehicles [182] and healthcare environments [182].…”

Section: Access Controlmentioning

confidence: 99%

RFID Applications and Security Review

2021

View full text Add to dashboard Cite

Radio frequency identification (RFID) is widely used in several contexts, such as logistics, supply chains, asset tracking, and health, among others, therefore drawing the attention of many researchers. This paper presents a review of the most cited topics regarding RFID focused on applications, security, and privacy. A total of 62,685 records were downloaded from the Web of Science (WoS) and Scopus core databases and processed, reconciling the datasets to remove duplicates, resulting in 40,677 unique elements. Fundamental indicators were extracted and are presented, such as the citation number, average growth rate, and average number of documents per year. We extracted the top topics and reviewed the relevant indicators using a free Python tool, ScientoPy. The results are discussed in the following sections: the first is the Applications Section, whose subsections are the Internet of Things (IoT), Supply Chain Management, Localization, Traceability, Logistics, Ubiquitous Computing, Healthcare, and Access Control; the second is the Security and Privacy section, whose subsections are Authentication, Privacy, and Ownership Transfer; finally, we present the Discussion section. This paper intends to provide the reader with a global view of the current status of trending RFID topics and present different analyses from different perspectives depending on motivations or background.

show abstract

“…Numerous types of attacks have recently been found that could exploit existing weaknesses, such as desynchronization, impersonation, stolen verifier table, replay, tracking, insider, spoofing, man-in-themiddle, and password guessing attacks [28][29][30][31]. Therefore, mobile payment systems require significant improvement in order to support appropriate security services, while at the same time being reasonable for use.…”

Section: Introductionmentioning

confidence: 99%

Fully Authentication Services Scheme for NFC Mobile Payment Systems

Al-Shammari¹,

Nashwan²

2022

Intelligent Automation &Amp; Soft Computing

View full text Add to dashboard Cite

One commonly used wireless communication technology is Near-Field Communication (NFC). Smartphones that support this technology are used in contactless payment systems as identification devices to emulate credit cards. This technology has essentially focused on the quality of communication services and has somewhat disregarded security services. Communication messages between smartphones, the point of sale (POS), and service providers are susceptible to attack due to existing weaknesses, including that an adversary can access, block and modify the transmitted messages to achieve illegal goals. Therefore, there have been many research proposals in regards to authentication schemes for NFC communications in order to prevent various types of attacks. However, the proposed schemes remain inadequate to secure payment transactions in such systems. In this paper, we propose a fully authentication services scheme for NFC mobile payment systems in order to support a high security level. The proposed scheme has security services, such as a full authentication process, perfect forward secrecy, and simultaneous anonymity of the smartphone and POS. These security services have been validated using the BAN logic model and an automatic cryptographic protocol verifier (ProVerif) tool. A security analysis has clarified that the proposed scheme can prevent various types attacks. A comparison with recent authentication schemes demonstrates that the proposed scheme has an appropriate cost in different sides such as computation, communication and storage space. Therefore, the proposed scheme not only has appealing security features, but can also clearly be utilized in mobile payment systems.

show abstract

Risk adaptive hybrid RFID access control system

Cited by 6 publications

References 16 publications

Performance Analysis of SAP-NFC Protocol

Performance Analysis of SAP-NFC Protocol

RFID Applications and Security Review

Fully Authentication Services Scheme for NFC Mobile Payment Systems

Contact Info

Product

Resources

About