An investigative analysis of the security weaknesses in the evolution of RFID enabled passport Online publication date: Sat, 09-Aug-2014
by Eyad Abdullah Bogari; Pavol Zavarsky; Dale Lindskog; Ron Ruhl
International Journal of Internet Technology and Secured Transactions (IJITST), Vol. 4, No. 4, 2012
Abstract: Since the introduction of radio frequency identification (RFID) enabled passports, the system has been plagued with various vulnerability issues that prove to compromise the e-passport security. To date, three generations of e-passports have been introduced by the International Civil Aviation Organization (ICAO) and the European Union (EU). The first two generations of e-passports are being issued worldwide. This paper presents the evolution of these passports over the years to develop taxonomy of the weaknesses and to serve as a reference point detailing security vulnerabilities linked to the RFID e-passport features in the three generations. The findings can also assist in profiling possible attack vectors on the existing RFID enabled passports and in developing comprehensive RFID e-passport risk mitigation strategies. To illustrate the importance of a comprehensive risk strategy when using RFID e-passport, the attack process modelling method is used to highlight the possible attacks and weaknesses which could result from not using one or more security features.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Technology and Secured Transactions (IJITST):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com