Privacy Issues of Applying RFID in Retail Industry

Haifei Li (Union University, USA), Patrick C.K. Hung (University of Ontario Institute of Technology, Canada), Jia Zhang (Northern Illinois University, USA), and David Ahn (Nyack College, USA)
Copyright: © 2006 |Pages: 52
EISBN13: 9781605665573|DOI: 10.4018/ijcec.2006070103
OnDemand PDF Download:
OnDemand PDF Download
Download link provided immediately after order completion


Retail industry poses typical enterprise computing challenges, since a retailer normally deals with multiple parties that belong to different organizations (i.e., suppliers, manufacturers, distributors, end consumers). Capable of enabling retailers to effectively and efficiently manage merchandise transferring among various parties, Radio Frequency Identification (RFID) is an emerging technology that potentially could revolutionize the way retailers do business. With the dramatic price drop of RFID tags, it is possible that RFID could be applied to each item sold by a retailer. However, RFID technology poses critical privacy challenges. If not properly used, the data stored in RFID could be abused and, thus, cause privacy concerns for end consumers. In this article, we first analyze the potential privacy issue of RFID utilization. Then we propose a privacy authorization model that aims to precisely define comprehensive RFID privacy policies. Extended from the role-based access control model, our privacy authorization model ensures the special needs of RFID-related privacy protection. These policies are designed from the perspective of end consumers, whose privacy rights potentially could be violated. Finally, we explore the feasibility of applying Enterprise Privacy Authorization Language (EPAL) as the vehicle for specifying RFID-related privacy rules.
InfoSci-OnDemand Powered Search