Evidential Recovery in a RFID Business System

Authors

Brian Cusack, AUT University
Ar Kar Ayaw, AUT University

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University, Perth, Western Australia

Abstract

Efficient stock management in the commercial retail sector is being dominated by Radio Frequency Identification (RFID) tag implementations. Research reports of the security risk of RFID tags show that breaches are likely and that forensic readiness is a requirement. In this paper a RFID tag business simulation is reported that replicates previous research reports of security breaches with the purpose of identifying potential evidence after such attacks. A Read/Write Tag was cloned and used to replicate a SQL poisoning attack on a simulated Business System. A forensic investigation was then undertaken to identify potential locations for evidential recovery. This paper differentiates from the replicated studies in that the whole Business System is considered evidential. The scope of the inquiry includes the technical artefacts, the information artefacts and the human actors. The result of the investigation shows locations of evidence and the priority for investigations in RFID system architectures.

Comments

8th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, November 30th 2010

DOI

10.4225/75/57b291b040cd9