Embed Size (px)
Citation preview
Executive Summary
The long drawn out endeavor of US Government -Department of Homeland Security to have a
crack at the security which was the prime bone of contention, ebb away with the
implementation of Radio Frequency Identification (RFID) technology. Department of Homeland
Security has come out with several strategies to palliate the security risks but with the advent
of RFID implementation can provide new capabilities as well as an efficient method for federal
agencies to collect, manage, disseminate, store and analyze information on security controls by
providing real time access to information.
Radio Frequency Identification (RFID) is described as a technology used to track people/objects
using tags that are embedded or attached to those people/objects that respond to radio waves.
DHS is making optimum use of this technology by deploying RFID tags on all sorts of
identification cards prevalent in present-day, the concept of deploying the RFID chip in the
identification card is coined as e-Document.
With the advent in the technological advancements of RFID implementation lot of technical
snags and privacy issues tagged along, the challenge to furnish e-Documents across the country
while gradually eradicating the conventional ID’s, laying a secure foundation for identification
stipulates rigorous effort to counter-measure all the challenges that comes along with RFID
implementation.
Since RFID device system is a moot point when striking equilibrium between security and
privacy still RFID is the foremost identification and verification technology at the disposal of US
Government and the need to thwart implementation issues such as Counterfeit RFID Tag
Attacks, Replay Attacks, Eavesdropping Attacks, Electronic Collisions, Counter-act Rogue
Components are the pivotal concerns of DHS.
The purpose of this term paper RFID for use by the US Government - Department of Homeland
Security is to draw precise conclusion from the prevailing points in question and foresee the
undeniable benefits RFID technology has to offer in the field of Homeland Security.
Overview and Introduction
RFID (Radio Frequency Identification) is a moniker that describes a system of identification and
it is an enhanced version of bar-code system since RFID technological know-how is analogous to
that of bar-code theory. RFID works on signal transmission and the prime building blocks of a
RFID device are transceiver, transponder and integrated circuit.
RFID mechanism – The process of RFID reading is engineered by transmitting the data to a RFID
tag and remotely retrieving the data from the RFID tag through a receiver. RFID tag is glazed
with a plastic, glass or silicon material, within it the tag constitutes of a microchip and an
antenna, RFID tag is known as transponder.
The information stored in the RFID tag is accessed through a radio transceiver which garners
the information and deciphers the information garnered from the antenna of RFID tag, this
component is termed as transceiver. The information is manifested on a host computer i.e. host
process control.
RFID uses radio waves to identify and track people or objects to whom the RFID tags are
attached, hence it has been described as “tech’s official next big thing”. The purpos e of this
term paper is to render an analytical framework of RFID for use by the US Government -
Department of Homeland Security in ascertaining whether and how-to establish a RFID system
to espy and corroborate the presence of human beings and objects.
US Government - Department of Homeland Security needs to rethink its RFID technology
implementation, the underlying concerns with the use of RFID are explosives can be detonated
with the help of RFID emissions thus RFID possess a threat as it can serve as a trigger
mechanism for detonating an explosive which is tagged within an object with a RFID tag.
Additional perturbations triggered by RFID tags are illegal access of RFID tags by unauthorized
tag receivers, amplifying the efficiency of authorized entities to access the RFID tags whenever
required thus information should be accessible to a myriad of authorized US federal employees
from the back end enterprise system at any given time. (Ahsan, Shah, & Kingston, 2010)
With the technological advancements in RFID concept and its implementations the need to
assure no-alteration in data from either ends i.e. sender and receiver is imperative from US
Government - Department of Homeland Security point of view.
Adjunct threats to US Government - Department of Homeland Security with the employment of
RFID tags are eschewing the use of low cost RFID tags to nip the counterfeit RFID tag snag.
Eavesdropping attacks on RFID lightweight tags by rogue readers, emission of multitudinous
signals from multiple RFID devices at times engenders tag/receiver signal collision which
constitutes a threat to the system integrity and availability. (Holloway, 2006)
US Government - Department of Homeland Security have come out with several strategies to
palliate the security risks such as One-Way Hash Locks, Physical Shielding Sleeve, Selective
Blocker Tag, RSA Countermeasures, EPC Tag Pins and Anti-Collision Algorithms.
The pivotal concern of wielding a RFID device system is a moot point when striking equilibrium
between security and privacy still RFID is the foremost identification and verification technology
at the disposal of US Government - Department of Homeland Security; few projects which have
been implemented are e-Passport, PASS Card, Real ID and Enhanced Driver’s License.
Department of Homeland Security (DHS) is practicing mitigation strategies to address data
privacy issue besides addressing location privacy by fair information practices such as random
ID number and physical shielding. (Privacy Impact Assessment for the: Use of Radio Frequency
Identification (RFID) Technology for Border Crossings, 2008)
Assumptions and Rationale
Implementation of RFID technology by US Government - Department of Homeland Security
enkindles umpteen concerns such as –
Contactless technology being the bone of contention – Contactless technology enables intruders
to decipher the encrypted data when RFID vicinity technology is at use, vicinity technology pose
a great threat due to its larger reading range thus being the bone of contention for e-Passport
implementation. The process of interrogating an authorized RFID tag by a rogue reader in the
vicinity of the authorized reader and middleware access points is termed as Eavesdropping
attack.
The pivotal concern of wielding a RFID device system is a moot point when striking equilibrium
between security and privacy. To eschew such eavesdropping attack, RFID proximity technology
was brought forward to get a grip on large reading range issue as proximity technology has a
limited reading range and comprehends an access blockage technique against eavesdropping.
Thus addressing to the specific vulnerabilities of contactless technology with RFID proximity
technology which is invulnerable and facilitates expedite processing. (Nogueira & Greis, 2009)
Unified data management strategy to prevent national security breach - The challenge of
caching sensitive biometric data on three different storage platform that are –
Caching data on a chip – The data on a chip is generally embedded in the e-document,
example e-Passport. Caching of sensitive biometric data on e-document tags along with
the risk of data manipulation, if the e-document is acquired by an unauthorized person
then it is bound to have legal ramifications on the national security as well as
individual’s identity.
Data cached in a centralized database – Highly sensitive personal data all cached in a
central data repository pose a big threat to the national security, the grave ramification
of data breach are intruders can attack the data repository to access sensitive
information and can amend the data on the repository. The risk of unauthorized use can
be mitigated through encryption and authentication thus ensuring the security of
database used in RFID-enabled program, strengthening the password management
procedure and user account processes related to RFID–enabled program associated
with the database.
Distributed databases for caching data – To overcome the drawback of centralized
database integration of several fragment network databases were implemented, to
meet the security standards the distributed database system demanded additional
layers of security for each database network. Thus fragmenting the database ensures
the security and integrity of the system by protecting the database from skimming and
eavesdropping.
Financial implications driving the proposal of RFID implementation – With the advent of RFID
implementation in US department of homeland security the decision of security and privacy
were confounded with cost considerations. The few projects which have been implemented
with the association of RFID technology are e-Passport, PASS Card, Real ID and Enhanced
Driver’s License but the introduction of e-documents has aired a plethora of potential negative
economic impact.
The unconfirmed hypothesis of RFID financial implications were perceived by the states as an
unfunded mandate that would foist monetary encumbrance on their officials. E-Document
enactment was estimated to cost $23.8 billion over a period of 10 years which was one of the
umpteen concerns that enkindled a series of hiccups to drive the proposal.
The interplay of homeland security and jurisdictional issues – The necessity to outdo the
intruders posing a threat to the national security; impregnable measures were inexorable, the
urge to invent e-documents was essential to protect the identity and privacy of citizens which
necessitated unanimity between different federal agencies to curb the intruders.
(International Organization for Standardization, 2009) was formed in order to protect the
identity and privacy of the users, control access system, authenticate the legitimate receivers
and transponders and securing all the national databases. (Smart Border Alliance RFID
Feasibility Study Final Report )
Program Summary
Description – The purpose of this term paper is to address the use of Radio Frequency
Identification technology (RFID) by the Department of Homeland Security (DHS) to mitigate
privacy and data integrity risks, the term paper renders an analytical framework of RFID for use
by the US Government - Department of Homeland Security in ascertaining whether and how-to
establish a RFID system to espy and corroborate the presence of human beings and objects .
Specifically, this paper includes the following aspects –
Hugger-mugger – The continual effort to protect the sensitive information on the RFID
tag from unauthorized RFID readers by forming an algorithm for creating a unique ID
that cannot be re-engineered to form a new ID. The entire process of radio frequency
identification should be carried out within a secure communication channel to refrain
from illegitimate intruders.
Unification – Averting the scope of RFID tag duplication, auxiliary approach to support
the integrity of the RFID technology is precluding the modus operandi of altering the
data within the RFID tag by an unauthorized tag reader, implementing technique such as
anti-collision algorithms to hold the integrity of the system in presence of multitudinous
tags.
At-disposal – The certainty of having multitude of tags and receivers should not trigger
system failure thus enabling the device to function all the time. Retrieval of data from
the back-end system should be accessible to a myriad of authorized users at any given
time.
Non-repudiation – Confirming the denial of any data modification and transmission
amongst the three different entities of the system that are RFID tag, RFID reader and
RFID middleware. (Smart Border Alliance RFID Feasibility Study Final Report )
Objectives and Scope – Outlining an overview of the technology by laying emphasis on the
passive technology, distinguishing the prime initiatives at federal agencies that support and
proffer the use of RFID technology, debate and analyze the contemporary norms and potential
legal issues which hinder technology implementation and endmost alleviating the security and
privacy concerns with the widespread technological advancement in the field of RFID device
implementation.
Resource requirement and Implementation plan –
Establish radio frequency band identification spectrum at 433.5 to 434.5 MHz in US
ports that offers medium and long read range.
Establish interoperability standards and tamper resistant machine readable documents.
The continual effort to protect the sensitive information on the RFID tag from
unauthorized RFID readers by forming an algorithm for creating a unique ID that cannot
be re-engineered to form a new ID.
Implementing fair information practices, issuing random numbers for an ID, physical
shielding of an ID.
Proximity RFID chip and Vicinity RFID chip enabled with biometric data to be issued for
all type of ID’s thus implementing e-ID to enable authorized and secure identification.
Key metric areas and Key components –
RFID tag is glazed with a plastic, glass or silicon material, within it the tag constitutes of a
microchip and an antenna, RFID tag is known as transponder.
The information stored in the RFID tag is accessed through a radio transceiver which
garners the information and deciphers the information garnered from the antenna of
RFID tag, this component is termed as transceiver.
The information is manifested on a host computer i.e. host process control which is the
middleware that records and transmits the tag information to a central reposi tory.
The communication channel that extends from readers to middleware to RFID tags
should remain confidential using encryption technologies. (CBP’s Trusted Traveler
Systems Using RFID Technology Require Enhanced Security, 2006)
Cost Analysis
Major cost components are –
Hardware – RFID devices have a wide range of prices and vary in accordance to application
requirement, RFID tags can be applied to cases and pallets as smart labels for a price as less as
50 cents per tag and can notch up to $100 per tag with additional technicalities comprehended
in it, example – local power supply in the RFID tag. DHS can reap benefits from such exorbitant
tags as they can be legitimately reprogrammed thus stemming a very high return on
investment.
RFID reader price range is solely based on frequency or band-width, ultra high frequency
readers may range from $500 - $2000, whereas a high frequency reader ranges from $200 to
$500 and low frequency readers range from $350 to $750 per RFID reader. (Smart Border
Alliance RFID Feasibility Study Final Report )
Software – Engineering the RFID device is indeed the wildcard factor when one has to ponder
over software implementation cost, Software implementation varies from one reader
applications to back-end applications. Software designed for itty-bitty applications that are
oblivious of back-end systems are economical for instance middleware applications with a price
range from $800 to $1000. Applications that demand the use of back-end system are generally
licensed out at price greater than $100,000.
Network – Improvement in network security have an intrinsic utility which cannot be
adequately accessed in dollar terms, scrutinizing the network channel alleviates the risk of
unauthorized intruders accessing and modifying the biometric data. A myriad of mitigation
strategy for network security risk can be deployed such as anti-collision algorithms, the
selective blocker tag, eavesdropping attack and electronic collisions.
Encryption strategies such as secure reader protocol 1.0 implementation, one-way hash locks,
physical shielding sleeve (The Faraday cage), EPC tag pins and RSA countermeasures.
(INFORMATION SECURITY: Radio Frequency Identification Technology in the Federal
Government)
Training – Besides RFID hardware, network and software costs, training costs make up for the
total RFID system cost structure. By some estimates Department of Homeland Security is
spending $23.8 billion over a period of 10 years on RFID mandate compliance. Use of RFID by
DHS training encompasses software application developers for passive ultra-high frequency
RFID readers and peripherals, technical expertise to programmatically control RFID fixed and
handheld readers, readers and GPIO devices via Open Process Control servers. (Nogueira &
Greis, 2009)
Minor cost components are -
Data – The cost analysis of RFID data storage is expected to reach between $8 million to $13
million for a full implementation of RFID by DHS, auxiliary data cost analysis includes increased
productivity through more accurate data recording, data security and theft prevention and
improved utilization rate of existing assets.
Technical Support – Very low relative investment as compared to hardware, software and
network investments as the plethora of services offered by DHS after implementing RFID
technology needs to train the employees with all the technical expertise regarding RFID
components and networking system.
Administration – The expenditure aspect of DHS administration is categorized as minor cost
component as the Department of Homeland Security has been established long back and RFID
implementation is a new approach DHS has adopted to tackle the security aspect that does not
boost the outlay considering its financial implications administration wise. (The Use of RFID for
Human Identification )
Business Impacts and Benefits Analysis
Quantifiable
Innovation – Not just limiting the benefits of what RFID has to proffer du jour but thinking out
of the box approach can let individuals recognize more values from RFID service applications
which include convenience, safety, service availability and VIP treatment.
Improvement - With the advent of e-Documents the DHS should get the ball rolling and initiate
more electronic ID with RFID chip embedded in it thus providing more layers of security for
individual’s identity.
Cessation – DHS should nix the concept of orthodox ID’s which don’t incorporate RFID chip, as
prevailing orthodox ID’s hinder the security measures of DHS. (Privacy Impact Assessment for
the: Use of Radio Frequency Identification (RFID) Technology for Border Crossings, 2008)
Measureable
Innovation – Augment the myriad of benefits that tag along with the implementation of RFID by
kicking off the concept of e-document in different industries such as banking, logistics etc. One
example of innovation in banking industry can be introduction RFID credit card though it poses
a big threat of being misused but with the recent advancement in the field of e-Documents this
issue can overcome in couple of years down the line.
Improvement – Strengthening the security measures to meet the security standards by
fragmenting the centralized database into fragment network database to provide additional
layer of security for each database network, fragmenting the database ensures the security and
integrity of the system by protecting the database from skimming and eavesdropping.
Cessation – Treating the concept of centralized database system with contempt, the grave
ramification of centralized database breach are intruders can attack the data repository to
access sensitive information and can amend the data on the repository. Alleviate the potential
damage that can be done if a fragment network database system prevails instead of centralized
database. (The Use of RFID for Human Identity Verification , 2006)
Observable
Innovation – DHS with the use of RFID technology should conglomerate all kinds of e-
documents such as e-driving license, e-passport, PASS card etc. to form a REAL ID which can
revolutionize the concept of electronic identification.
Improvement – The risk of unauthorized use can be mitigated through encryption and
authentication thus ensuring the security of database used in RFID-enabled program,
strengthening the password management procedure and user account processes related to
RFID enabled program associated with the database.
Cessation – By gradual substitution of e-Documents and eradicating the orthodox ID system can
help DHS in a couple of ways such as, the identification system won’t be time consuming and
nix the concept of secret database by making their RFID system implementation public thus
allowing individuals to know about their policies and practices with an open and transparent
approach. (Radio Frequency Identification: Opportunities and Challenges in Implementation,
2005)
Financial
Innovation – Developing a low cost RFID antenna can be a phenomenal innovation as cut in
RFID antenna cost price is directly proportional to RFID tag’s which outlines the crucial part of
RFID system overall.
Improvement – With the wide-spread use of e-Documents across the country, DHS should hit
rock bottom price for all types of e-Documents for the citizens to encourage the use of RFID
equipped ID’s.
Cessation – Labor cost can be reduced by implementing RFID and data quality can be enhanced
thus providing a better service and performance at lower cost, hence the orthodox
identification system should be gradually ceased and the concept of e-Document should be put
into effect. (Nogueira & Greis, 2009)
Objective Type
Doing New Things Doing Things Better Stop Doing Things
Quantifiable Approach to let individuals
recognize more values from RFID service
Initiate more
electronic ID with RFID chip embedded
DHS should nix the
concept of orthodox ID’s which don’t
incorporate RFID chip
Measurable Implementation of RFID by kicking off the concept of e-document in different industries such as banking, logistics
Fragmenting the centralized database into fragment network
database to provide additional layer of
security for each database network
Treating the concept of centralized database system with contempt
Observable Conglomerate all kinds of e-documents
Risk of unauthorized
use can be mitigated through encryption
and authentication
Gradual substitution
of e-Documents and eradicating the
orthodox ID system
Financial Developing a low cost RFID antenna can be a phenomenal innovation
DHS should hit rock bottom price for all types of e-Documents
Labor cost can be reduced by implementing RFID
and data quality can be enhanced
Schedule and Milestones
Radio Frequency Identification abbreviated as RFID was invented as an espionage tool for
Soviet Union in 1945 by Leon Theremin, the RFID design constituted of Tags, Readers,
Antennas, dealt with frequencies and signals, RFID technology had too much to offer back then
but in 1995 the key factors of RFID were recognized by DHS which drove a significant increase in
RFID usage.
Department of Homeland Security could foresee the advantages that RFID technology has to
offer to secure the border by approving only low-risk travelers upon arrival in the United States,
from a traveler’s point of view the benefits were enticing to abide by the new law as travelers
can refrain themselves from processing lines, no paperwork, expedited entry benefits inn other
countries, availability at major airports and reduced wait times.
The use of RFID technology was introduced by Department of Homeland Security in November
1995 through NEXUS inspection program, NEXUS program facilitated pre-screening of travelers
thus expediting the border entry process.
NEXUS issued Radio Frequency Identification (RFID) card for applicants which are also referred
to as WHTI-compliant documents for land and sea travel. To support NEXUS dedicated
commuter lanes system was deployed to facilitate a vivid reading of RFID cards that were
issued to the travelers. (NEXUS)
In June 2002, further amendments were made to the inspection program by establishing
subsequent inspection program after NEXUS that was SENTRI, the advent of SENTRI expedited
CBP processing, enforced a ten fingerprint law along with a thorough biographical background
check.
The technical aspects of this program were chronicled as reading RFID card file number on
passenger arrival at the ports, file number triggers data of the passenger on the CBP officer’s
screen and upon data verification the passenger is either released or further investigation is
carried out by the DHS. (SENTRI)
November 2005 marked the successful beginning of biometric data verification stored in a FAST
program, RFID readers were installed on 19 border ports of US to verify passenger’s data such
as driver’s license, passport number, criminal record and biographic data.
The technology which is being used momentarily in FAST program is generation 1 passive RFID
tags, DHS in collaboration with Customs and Border Protection (CBP) are planning to take it to
the next level by introducing the generation 2 passive RFID tags to enhance technical controls
and ensure confidentiality, integrity and authenticity within the DHS information technology
infrastructure and operations. (INFORMATION SECURITY: Radio Frequency Identification
Technology in the Federal Government)
In 2006 Unites States incorporated RFID tags in the US national passport thus securing the
identification system by biometric data verification on the tag if the printed data on the
passport has been tampered.
DHS strategy to leverage the technology to enhance the ability to detect, determine, intent and
interdict suspicious small vessels by fostering research into low cost, non-intrusive RFID tags
was stated as the third goal on small vessel security implementation plan report to the public
by DHS in September, 2009. (The Use of RFID for Human Identity Verification , 2006)
Risk Analysis
Technical Risk -
Exposure to loss airing from technical activities are, foremost technical risk that Department of
Homeland Security needs to rethink its RFID technology implementation, the underlying
concerns with the use of RFID are explosives can be detonated with the help of RFID emissions
thus RFID possess a threat as it can serve as a trigger mechanism for detonating an explosive
which is tagged within an object with a RFID tag.
Additional perturbations triggered by RFID tags are illegal access of RFID tags by unauthorized
tag receivers by successful SQL injection attack to the database; RFID middleware if not
frequently scrutinized is likely to contain exploitable bugs which can grant full access of the
back-end database to illegitimate transceivers.
Technical risk can jeopardize business process, business intelligence and privacy of the DHS
database, to counter the technical risks practices such as bounds-checking where middleware
written in any other programming language should be compiled, technical risk of forming a new
ID from existing ID by illegitimate intruders are more if an algorithm is not formed for creating
unique ID that cannot be re-engineered to form a new ID. The entire process of radio frequency
identification should be carried out within a secure communication channel to refrain from
illegitimate intruders. (INFORMATION SECURITY: Radio Frequency Identification Technology in
the Federal Government)
Financial Risk -
With the advent of RFID implementation in US department of homeland security the decision of
security and privacy were confounded with cost considerations. The few projects which have
been implemented with the association of RFID technology are e-Passport, PASS Card, Real ID
and Enhanced Driver’s License but the introduction of e-documents has aired a plethora of
potential negative economic impact.
The unconfirmed hypothesis of RFID financial implications were perceived by the states as an
unfunded mandate that would foist monetary encumbrance on their officials. E-Document
enactment was estimated to cost $23.8 billion over a period of 10 years which was one of the
umpteen concerns that enkindled a series of hiccups to drive the proposal.
The possibility of US Government – Department of Homeland Security inheriting loss in
financing methods which may impair the ability to provide adequate return is racking up as the
challenge to hit rock bottom price to make the e-Documents affordable to all, the task to
eradicate all the conventional ID’s with RFID enabled ID’s is a big financial challenge for DHS
and US Government. (Nogueira & Greis, 2009)
Organizational Risk -
Adjunct threats to US Government - Department of Homeland Security with the employment of
RFID tags are eschewing the use of low cost RFID tags to nip the counterfeit RFID tag snag.
Eavesdropping attacks on RFID lightweight tags by rogue readers, emission of multitudinous
signals from multiple RFID devices at times engenders tag/receiver signal collision which
constitutes a threat to the system integrity and availability.
RFID tag upgrade to generation 2 can put DHS under the legal issue scanner as generation 2
tags augment the risk of tag cloning and thus terrorists can gain illegal entry into the US which
can pose a big threat to the Department of Homeland Security.
Internal sharing and disclosure of RFID number within the DHS organization can lead to
sensitive biographical data leak thus DHS organization faces a big challenge of how to confine
and limit the population of CBP personnel authorized to maintain and manage the GES. (Privacy
Impact Assessment for the: Use of Radio Frequency Identification (RFID) Technology for
Border Crossings, 2008)
Conclusion and Recommendation
Radio Frequency Identification (RFID) implementation by the Department of Homeland Security
is an exemplary concept to tackle issues with a technical approach in this present day. The
conclusion and recommendation for the implementation of RFID technology are as follows -
With the advent of e-Documents the DHS should get the ball rolling and initiate more
electronic ID with RFID chip embedded in it thus providing more layers of security for
individual’s identity.
Strengthening the security measures to meet the security standards by fragmenting the
centralized database into fragment network database to provide additional layer of
security for each database network, fragmenting the database ensures the security and
integrity of the system by protecting the database from skimming and eavesdropping.
The risk of unauthorized use can be mitigated through encryption and authentication
thus ensuring the security of database used in RFID-enabled program, strengthening the
password management procedure and user account processes related to RFID enabled
program associated with the database.
With the wide-spread use of e-Documents across the country, DHS should hit rock
bottom price for all types of e-Documents for the citizens to encourage the use of RFID
equipped ID’s.
DHS with the use of RFID technology should conglomerate all kinds of e-documents such
as e-driving license, e-passport, PASS card etc. to form a REAL ID which can revolutionize
the concept of electronic identification.
Augment the myriad of benefits that tag along with the implementation of RFID by
kicking off the concept of e-document in different industries such as banking, logistics
etc. One example of innovation in banking industry can be introduction RFID credit card
though it poses a big threat of being misused but with the recent advancement in the
field of e-Documents this issue can overcome in couple of years down the line.
Developing a low cost RFID antenna can be a phenomenal innovation as cut in RFID
antenna cost price is directly proportional to RFID tag’s which outlines the crucial part of
RFID system overall.
Reference List
1. http://arxiv.org/ftp/arxiv/papers/1002/1002.1179.pdf
RFID Applications: An Introductory and Exploratory Study
Author: Kamran Ahsan, Hanifa Shah and Paul Kingston
2. http://msdn.microsoft.com/en-us/library/aa479355.aspx
RFID: An Introduction
Author: Simon Holloway
3. http://sites.duke.edu/ihss/files/2011/01/Greis_RFIDBrief1.pdf
Uses of RFID Technology in U.S. Identification Documents
Author: Monica Nogueira, Noel Greis
4. https://www.dhs.gov/xlibrary/assets/foia/US-VISIT_RFIDattachE.pdf
Smart Border Alliance: RFID Feasibility Study Final Report
5. http://www.gao.gov/new.items/d05551.pdf
INFORMATON SECURITY Radio Frequency Identification Technology in the Federal
Government
6. http://www.cbp.gov/travel/trusted-traveler-programs/nexus
NEXUS
7. http://www.cbp.gov/travel/trusted-traveler-programs/sentri
SENTRI
8. http://www.oig.dhs.gov/assets/Mgmt/OIGr-06-36_May06.pdf
CBP’s Trusted Traveler Systems Using RFID Technology Require Enhanced Security
9. http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_rpt_rfid_draft.pdf
The Use of RFID for Human Identification
10. http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_12-2006_rpt_RFID.pdf
The Use of RFID for Human Identity Verification
11. http://all-experts.com/assets/roadmaps/437__RFID_April.pdf
Radio Frequency Identification: Opportunities and Challenges in Implementation
12. http://www.cbp.gov/sites/default/files/documents/privacy_jan08.pdf
Privacy Impact Assessment for the: Use of Radio Frequency Identification (RFID)
Technology for Border Crossings
