**4. Use cases and application examples**

RFID applications are numerous and far reaching [8]. The most interesting and widely used applications include those for security and access control, supply chain management, and the tracking of important objects and personnel. This section outlines a number of common‐ ly encountered use cases for RFID technology, and discusses these in the context of net‐ worked RFID tags.

#### **4.1. Access control**

is used, the transport layer binds to HITs. In this process it becomes unaware of the IP

To be able to setup communication between peers that use HI, a light-weighted protocol exchange called the HIP Base Exchange has been specified. In Figure 5, the HIP Base Ex‐ change is adapted to an RFID setup. The setup is somewhat similar to the one presented

Since the deployed tags are passive, there is a need for a proxy to act on behalf of the tags in

Initiate 1: HITI, HITR

Initiate 2: HITI, HITR, DHI, HII Respond 1: HITR, HITI, DHR, HIR

Respond 2: HITR, HITI

**Tag 1 Tag 2**

Passive RFID tags

Respon

proxy

der /

**Tag n**

Protected channel

The HIP Base Exchange is a four-way handshake between two hosts wanting to initiate com‐ munication (see Figure 4). The *Initiate 1* packet is the first packet sent in the handshake. It is an unencrypted and unsigned packet, meaning that the Initiator would like to talk HIP with the Responder. The HIP packet contains the HIT of the Initiator (HITI) and the Responder (HITR). The responder's IP address can be derived from the DNS. *Respond 1* is sent as a reply to the *Initiate 1* packet. Besides the HITI-HITR identity pair, it contains a cryptographic puz‐ zle challenge, and Diffie-Hellman parameters (DHR) for the Diffie-Hellman key agreement. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communication chan‐ nel. Subsequently, the secret key can be used for encryption and integrity protection of the communication channel. The purpose of the HIP puzzle mechanism is to protect the Res‐ ponder from denial-of-service attacks. The *Initiate 2* packet returns the corresponding Diffie-Hellman parameter (DHI) to the Responder. It carries an encoded solution to the puzzle.

Back-end server system

**Internet**

**Figure 5.** HIP Base Exchange adapted to a RFID communication scenario. Adapted from [15].

the protocol exchange. The role of this proxy will be explained further in Section 5.

addresses that are used for routing.

120 Radio Frequency Identification from System to Applications

by Urien et al. [11].

Reader ap

plication

Initiator

Access control systems are an important part of the security of government buildings, com‐ panies, schools, residences and private areas and RFID technology has been widely adopted in access control systems. These systems often use RFID identification cards based on the IEC/ISO 14443 [18], IEC/ISO 15693 [19], or IEC/ISO 18000 standards [20]. The identification cards work much like a traditional key for unlocking doors or otherwise granting access. However, RFID technology does not provide authentication to the holder of the RFID card (or tag). Any unauthorized people holding an authorized RFID card could get access to se‐ cured area. Therefore, RFID technology should be combined with other means of identifica‐ tion such as e.g., face recognition to strengthen the security of the access control system.

By associating a passive RFID tag such as a key card with a globally unique IPv6 address we will be able to use access control and security policy mechanisms with Internet technologies to provide the desired access control applications. In this scenario a door locking mechanism would be connected over the Internet resulting in a more open system architecture.

#### **4.2. Supply chain management**

Most supply chain applications involve the concept of inventory tracking. An example of a proposed use of RFID is to ensure safety in the supply chain [21].

To illustrate the potential of using network RFID tags with supply chain applications an ex‐ ample taken from the Tag Data Standard v1.6 issue 2 [10]. The example text is quoted below:

<sup>&</sup>quot;… a shipment arriving on a pallet may consist of a number of cases tagged with SGTIN identifiers and a returnable pallet identified by a GRAI identifier but also carrying an SSCC identifier to identify the shipment as a whole. If a por‐ tal reader at a dock door simply returns a number of binary EPCs, it is helpful to have translation software which can automatically detect which binary values correspond to which coding scheme, rather than requiring that the coding scheme and inbound representation are specified in addition to the input value."

Each of the cases tagged will be given a unique IPv6 address when they enter the electric field of a reader. This process involves the extracting of the essential bitstring of the SGTIN identifier for each case. Likewise, the returnable pallet and the shipment as a whole will be given IPv6 addresses that can be built based on the GRAI and the SSCC, respectively. By using the assigned IPv6 unicast addresses it is possible to establish communication to indi‐ vidual cases as well as the pallet. However, it may be of less interest to address individual cases at this point in the supply chain but rather to address the ensemble of cases. By intro‐ ducing multicasting at the network layer it can be possible to communicate with groups of cases on the pallet.

way similar to a loopback interface [17]. As the system works as a testbed the database is merely there as a logging service. In the future, it is planned to use the database as founda‐ tion for a local ONS. The corresponding node is there to illustrate possible communication

> Serial connection

> > RFID Reader

**Tag**

Integrating RFID with IP Host Identities http://dx.doi.org/10.5772/53525 123

IPv6

.NET connection software.

**Figure 6.** Simple setup to give RFID tags virtual identification on the Internet. A RedBee RFID Reader v1.1 is used. The

Figure 7 shows a state machine diagram for a single VNI resulting from a tag swiped in an

When the tag is swiped at the reader, the application host creates an IPv6 address by com‐ bining the network prefix configured at the reader with the tags identity as illustrated by the Example in Table 1. In the initial state, the software is waiting for a TagSwipe event to occur. Subsequently, the interface is put online with the address constructed, and it is kept alive as

Tags are only reachable while they are within reader range. This makes it hard to communi‐ cate with the real tag, simply because it is only reachable for a short duration of time. When the tag's attachment to the network is virtualized it is possible to set up an expiration value. This value effectively serves as the time the tags virtual representation on the network can

The tag identity together with the constructed IPv6 address and a timestamp is stored on the database. Table 1 shows an example of the steps taken to construct an IPv6 address from an

IPv6

**Internet**

Application Host

Corresponding node

long the *expiration time* is greater than 0 (zero) seconds.

over the Internet.

Virtual Network Interfaces representing the RFID tags swiped

> Back-end database

application is built on the Microsoft®

access control application.

be reached.

EM4100 tag ID.

#### **4.3. Object/asset tracking**

Because moving objects can easily carry RFID tags, a common use is to track the movement of people and the information associated with them. By associating a particular tag's EPC with a global network address the task of tracking the object/asset become equivalent to lo‐ cating a mobile host in the network. In general, this is a key challenge in mobility research and several solutions have been proposed [22][26], and this will be the subject of our discus‐ sion in Section 7. Another interesting use case can be applied to sensor-tags. When these sensor-tags connect to a network sensor data can be retrieved from the tag.
