Technology in transportation can result in productivity gains, however a higher dependency on information technology also leads to greater exposure and potential of being a target for cyber-crimes such as denial of service, stealing of passenger private information and cyber terrorisms.
According to analysis for incidents from 2002-2004 transportation systems faced 16% of total cyber hackings and terrorisms on critical infrastructure (IEEE, 2007). Transportation information systems can face cyber-attacks on highway traffic controls systems, pipeline control systems, train control, and power/telecommunications.
What is RFID?
“RFID systems are relatively simple, consisting of readers and tags. Readers radiate …show more content…
Although adopting secure RFID technology continues to be a challenge due to lack of interoperability with vendors and hardware limitations with inadequate energy and computing power in devices. Standardization and security has become an afterthought with the growing demands of smart technology everywhere. Some vendors comply with security standards ISO/IEC 14443 but far too many have proprietary methods of applying …show more content…
In 2013 a University of Washington grad student was able to reverse engineer ORCA cards to obtain information on card holder’s travels. The grad student used a third-party software developer kit to access unprotected data transmitted by the smart cards. Protecting RFID tags from side-channel attacks is an expensive and time consuming process for large-scale RFID structures found in transportation systems. Many researchers seek to solve this problem by proposing cost efficient means of applying authentication as a way to impede side-channeling attacks. Authentication protocols are classified into two categories, non-encryption based and encryption based. Encryption based authentication systems are processor-intensive and are limited by the storage size of microchips on RFID tags. IEEE members proposed a new protocol based on randomized skip lists-based authentication (RSLA) as an alternative to existing slow and vulnerable authentication systems. (Sun, 2016) They introduced RSLA as a means to protect against authentication schemes compromised by brute force by demonstrating how the skip list-based protocol will offer larger key ranges without sacrificing storage space for stronger