Potential Problems
Cost
One
of the first problems with RFID for a library is the great cost of
converting to RFID. Although the cost of the tags is coming down,
equipment such as checkout scanners is very expensive. Laura Smart
in her 2004 paper puts the cost of converting a collection of 100,000
books and 5000 media items at $45,000 USD and this for tags alone. Schnell
indicates for the same period that a scanning station might be $ 4,000
USD and a server to connect the RFID system to the library Integrated
Library System (ILS) would cost $ 15,000. The
RFID labels used in retail or warehouse operations which are the model
for library tags do not need to last
for the lifetime of the product. In libraries, tags must last at least
as long as the book they identify. As a result we may expect library
RFID tags to be
more costly.
Workflow changes
Scanning logistics may be a problem for example: if a patron waiting for their turn at a self-check out station is too close to the patron checking out items, items of both patrons may be scanned and added to the one patron's account. This may be alleviated by callibrating the interrogator to have a very short range.Security Concerns
EKOS Research Associates Inc. reported in 2007: “More than 3 in 5 Canadians have not heard anything about this technology. In fact, despite the growing debate on RFIDs in privacy circles, most Canadians remain very unfamiliar with the technology in the first place.” |
| Another example of an RFID self-service checkout station |
Some writers such as Shien-Chiang Yu have suggested a more robust interrogation environment:
“If a reader is installed on each gate in the library, as soon as a patron takes one material and enters another room, the system will detect who took it and where it is. This information will pass to the automation system to record the position of this material. “
It is unlikely that North American patrons would submit to such precise monitoring of their movements in the library except perhaps in archives where such a regime might allow freer access within an archives facility.
Each tag has a unique manufacturer's ID for the purposes of collision avoidance in reading, thus each tag can be identified by other readers (interrogators). The above can contribute to a police method called hotlisting. Previously a labour-intensive procedure, police or other government body could borrow books that they feel are in some way controversial and contribute to a profile of a wrongdoer. They would scan them with a portable RFID scanner to obtain the unique identifier from the tags in the books. From this point on they can use this information to find these books anywhere that they may have a networked RFID scanner. This would facilitate the police pulling someone over based on what books they may have with them.
There is no reader authentication in place at this time. This means that any reader can read a tag. Shien-Chiang Yu suggests the encryption of RFID communications to help alleviate some or all of these security issues.
Danger to library collection
A thief equipped with RFID reader/writer might be able to set the security bit, the indicator to the security gate what has been properly checked out. If it were set to "checked out" the thief could remove library materials undetected.A similarly equipped vandal might set the security bit to "not checked out" in a semi-permament fashion. This would theoretically "lock" the items in the library
Alan Butters has the following concerns with RFID use in the library as it exists today:
Digital vandalism might take many forms but could include erasing RFID tag
memory, locking the security data to prevent a range of items from leaving the library (a type of denial-of-service attack), and overwriting valid tag data with scrambled or malicious data. It has also been demonstrated that a self-replicating tag-based virus is possible under certain controlled situations such as within a supermarket distribution centre (Tanenbaum et al., 2006). While it might be arguable that memory capacities within RFID tags currently employed in the library application are insufficient to allow this kind of attack, it would be premature to say that it couldn’t be done under any circumstances.
memory, locking the security data to prevent a range of items from leaving the library (a type of denial-of-service attack), and overwriting valid tag data with scrambled or malicious data. It has also been demonstrated that a self-replicating tag-based virus is possible under certain controlled situations such as within a supermarket distribution centre (Tanenbaum et al., 2006). While it might be arguable that memory capacities within RFID tags currently employed in the library application are insufficient to allow this kind of attack, it would be premature to say that it couldn’t be done under any circumstances.
Steps toward security
Butters suggests a number of steps can be taken to improve security upon the current RFID systems in place:- Use of write-once-read-many (WORM) tag would prevent attacks involving writing to tag memory.
- Do not use RFID in borrower's card as this identifies the patron.
- Minimal amount of data on the RFID tag. Only a unique identifier is necessary for circulation.
- Do not allow bibliographic searches on the unique identifier in the tag or barcode by the public. This will prevent persons from joining up tag information with the item information.
- improved authentication of readers (interrogators)
- improved password protection;
Butters sums it up as follows:
“Current standards do not offer a platform for secure RFID systems and have several vulnerabilities which may permit both theoretical privacy compromising activities as well as acts of digital vandalism. Current RFID chips are also not capable of handling many high-level encryption tasks due to their low memory capacity and processing power.”
Prepared for LIBR 500: : Foundations of Information Technology
November 9, 2007