Article: Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack Journal: International Journal of Ad Hoc and Ubiquitous Computing (IJAHUC) 2016 Vol.22 No.2 pp.71 - 83 Abstract: RFID binding proof protocols are suggested for the past decade to guard inpatient medication safety and to prevent medication errors in hospitals. In such protocols, the main goal is to authenticate two RFID tags (one for the patient and one for the patient's drug) simultaneously using an RFID reader by a nurse. This paper reveals that the existing RFID binding proof protocols are vulnerable to a relay attack. In the relay attack, an attacker is able to change the patient's drug without the nurse and the patient noticing the change. Furthermore, to overcome this weakness a paired distance bounding (PDB) protocol is proposed with two security parameters (N and t) to be deployed for RFID binding proof protocols. In a PDB protocol, two tags are authenticated simultaneously, and furthermore, an upper bound for the physical distance between these two tags and the reader is established. This implies the presence of both tags in the reader's area. The analytic results for the proposed protocol show that, with the appropriate selection of N and t parameters, the proposed protocol achieves a desirable security level against the relay attack. Inderscience Publishers - linking academia, business and industry through research

Title: Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack

Authors: Abolfazl Falahati; Hoda Jannati

Addresses: Department of Electrical Engineering (DCCS Lab), Iran University of Science and Technology, Tehran 1684613114, Iran ' Department of Electrical Engineering (DCCS Lab), Iran University of Science and Technology, Tehran 1684613114, Iran

Abstract: RFID binding proof protocols are suggested for the past decade to guard inpatient medication safety and to prevent medication errors in hospitals. In such protocols, the main goal is to authenticate two RFID tags (one for the patient and one for the patient's drug) simultaneously using an RFID reader by a nurse. This paper reveals that the existing RFID binding proof protocols are vulnerable to a relay attack. In the relay attack, an attacker is able to change the patient's drug without the nurse and the patient noticing the change. Furthermore, to overcome this weakness a paired distance bounding (PDB) protocol is proposed with two security parameters (N and t) to be deployed for RFID binding proof protocols. In a PDB protocol, two tags are authenticated simultaneously, and furthermore, an upper bound for the physical distance between these two tags and the reader is established. This implies the presence of both tags in the reader's area. The analytic results for the proposed protocol show that, with the appropriate selection of N and t parameters, the proposed protocol achieves a desirable security level against the relay attack.

Keywords: distance bounding protocol; mafia fraud attacks; medication errors; relay attacks; RFID binding proof protocol; inpatients; patient safety; patient medication; radio frequency identification; healthcare technology; patient drugs; authentication; medication security; hospital security.

DOI: 10.1504/IJAHUC.2016.077199

International Journal of Ad Hoc and Ubiquitous Computing, 2016 Vol.22 No.2, pp.71 - 83

Received: 24 Feb 2014
Accepted: 19 Jun 2014
Published online: 23 Jun 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack

Keep up-to-date