Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Privacy Issues of Applying RFID in Retail Industry

Privacy Issues of Applying RFID in Retail Industry
View Sample PDF
Author(s): Haifei Li (Union University, USA), Patrick C.K. Hung (University of Ontario Institute of Technology, Canada), Jia Zhang (Northern Illinois University, USA)and David Ahn (Nyack College, USA)
Copyright: 2010
Pages: 16
Source title: Ubiquitous and Pervasive Computing: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Judith Symonds (AUT University, New Zealand)
DOI: 10.4018/978-1-60566-960-1.ch084


View Privacy Issues of Applying RFID in Retail Industry on the publisher's website for pricing and purchasing information.


Retail industry poses typical enterprise computing challenges, since a retailer normally deals with multiple parties that belong to different organizations (i.e., suppliers, manufacturers, distributors, end consumers). Capable of enabling retailers to effectively and efficiently manage merchandise transferring among various parties, Radio Frequency Identification (RFID) is an emerging technology that potentially could revolutionize the way retailers do business. With the dramatic price drop of RFID tags, it is possible that RFID could be applied to each item sold by a retailer. However, RFID technology poses critical privacy challenges. If not properly used, the data stored in RFID could be abused and, thus, cause privacy concerns for end consumers. In this article, we first analyze the potential privacy issue of RFID utilization. Then we propose a privacy authorization model that aims to precisely define comprehensive RFID privacy policies. Extended from the role-based access control model, our privacy authorization model ensures the special needs of RFID-related privacy protection. These policies are designed from the perspective of end consumers, whose privacy rights potentially could be violated. Finally, we explore the feasibility of applying Enterprise Privacy Authorization Language (EPAL) as the vehicle for specifying RFID-related privacy rules.

Related Content

Bin Guo, Yunji Liang, Zhu Wang, Zhiwen Yu, Daqing Zhang, Xingshe Zhou. © 2014. 20 pages.
Yunji Liang, Xingshe Zhou, Bin Guo, Zhiwen Yu. © 2014. 31 pages.
Igor Bisio, Alessandro Delfino, Fabio Lavagetto, Mario Marchese. © 2014. 33 pages.
Kobkaew Opasjumruskit, Jesús Expósito, Birgitta König-Ries, Andreas Nauerz, Martin Welsch. © 2014. 22 pages.
Viktoriya Degeler, Alexander Lazovik. © 2014. 23 pages.
Vlasios Kasapakis, Damianos Gavalas. © 2014. 26 pages.
Zhu Wang, Xingshe Zhou, Daqing Zhang, Bin Guo, Zhiwen Yu. © 2014. 18 pages.
Body Bottom