Small devices, especially Radio Frequency Identification (RFID) tags, are being ubiquitously deployed in:  contactless ATM and credit cards, access cards, e-passports,  medical implants and even mobile phones (such as Google Wallet charged with NFC technology), to name a few. These devices, however, raise serious security and privacy concerns, perhaps more serious than those plaguing the traditional computers. In particular, it is possible for an attacker to read the contents of these devices from a close range, relay the information to a colluding entity, possibly clone these devices and track the whereabouts of their owners.  The NFC phones are also prone to a new generation of malware.

In a potentially transformative research project, Prof. Saxena and his students have been developing novel context-aware approaches to protect RFID and related devices. The idea is to attach low-cost, low-power sensors to these tags (or just use these sensors when already available, such as on NFC phones), and utilize the data
This project has recently been funded by NSF’s EArly-concept Grants for Exploratory Research (EAGER) program, which supports “high-risk, exploratory and potentially transformative research.”acquired by these sensors to make informed security decisions. For example, a UAB parking access card may only get activated if its on-board location sensor detects that it is in a UAB parking lot.

Project web pages: http://spies.cis.uab.edu/?page_id=149

NSF award abstract: http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1201927