[转载]Privacy For RFID Through Trusted Computing

信息来源：http://www.cs.berkeley.edu/~dmolnar/

We introduce a new architecture that uses trusted computing primitives to solve this problem. Our design splits the RFID reader into three software mod- ules: a Reader Core with basic functionality, a Policy Engine that controls the use of RFID-derived data, and a Consumer Agent that performs privacy audits on the RFID reader and exports audit results to third party auditors. Readers use re- mote attestation to prove they are running a specific Reader Core, Policy Engine, and Consumer Agent. As a result, re- mote attestation allows concerned individuals to verify that RFID readers comply with privacy regulations, while also allowing the reader owner to verify that the reader has not been compromised.