Risk Assessment in Securing Radio Frequency Identification (RFID) Systems: a Case Study on Petra Christian University Library

Authors

  • Lily Puspa Dewi Informatics Department – Faculty of Industrial Technology, Petra Christian University, Siwalankerto 121-131, Surabaya 60292, Indonesia
  • Ibnu Gunawan Informatics Department – Faculty of Industrial Technology, Petra Christian University, Siwalankerto 121-131, Surabaya 60292, Indonesia
  • Chris Winoto Informatics Department – Faculty of Industrial Technology, Petra Christian University, Siwalankerto 121-131, Surabaya 60292, Indonesia

DOI:

https://doi.org/10.11113/jt.v68.2953

Keywords:

Risk assessment, RFID, NIST, library

Abstract

Each library collection has an identification number which is unique number for each book. Identification numbers are used in searching process, and library’s circulation. Identification number is presented by barcode, and will be coupled with RFID, in order to facilitate collection information searching service, collection circulation service, and as a function of the collection security. The current barcode system problem lacks security features, the process of collection finding is very difficult, and the circulation process takes more time. This problem can result in losses of the library assets, and reduce library user satisfaction. Therefore, Petra Christian University Library plans to implement the RFID system as the solution of collection security. The RFID implementation process requires an analysis to be done to assess the risk factors that affect the library’s business processes and provide a response to those risks. This paper discusses the risk assessments for the RFID system to be implemented in the library. Risk assessments are based on the NIST SP800-98 standard Guidelines for Securing Radio Frequency Identification (RFID) System and NIST SP800-30 Guide for Conducting Risk Assessments. Risk factors are categorized into two, namely business process risk and risk intelligence process. The results show most of the risk factors are related to the server system.

References

National Institute of Standards and Technology. 2012. NIST 800:30 Rev 1 guide for conducting risk assessments. Retrieved September 3, 2013, from http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf.

Houeida Kammourie-Charara. 2005. Technology and libraries: RFID vs barcode. Alexandria: Egypt. MELCOM International 27th Conference.

Richard T. Sweeney. 1997. Creating Library Services with Wow! Staying Slightly Ahead of the Curve. Library Trends. 46(1): 129–151.

American Library Association. 2013. RFID and Libraries: ALA Library Fact sheet number 25. Retrieved September 19, 2013, from http://www.ala.org/tools/libfactsheets/alalibraryfactsheet25.

Syed MD. Shahid. 2005. Use of RFID Technology in Libraries: a New Approach to Circulation, Tracking, Inventorying, and Security of Library Materials. Library Philosophy and Practice. 8(1).

National Institute of Standards and Technology. 2012. NIST 800:98 Guidelines for Securing Radio Frequency Identification (RFID) Systems. Retrieved September 3, 2013, from http://csrc.nist.gov/publications/nistpubs/800-98/SP800-98_RFID-2007.pdf

Carl W. Stern, George Stalk, Jr. 1998. Perspectives on Strategy from the Boston Consulting Group. Toronto: Wiley.

Downloads

Published

2014-05-01

Issue

Vol. 68 No. 3: Special Issue on Current and Emerging Trends in Technology, Science and Engineering Vol. 1

Section

Science and Engineering

License

Copyright of articles that appear in Jurnal Teknologi belongs exclusively to Penerbit Universiti Teknologi Malaysia (Penerbit UTM Press). This copyright covers the rights to reproduce the article, including reprints, electronic reproductions, or any other reproductions of similar nature.

How to Cite

Risk Assessment in Securing Radio Frequency Identification (RFID) Systems: a Case Study on Petra Christian University Library. (2014). Jurnal Teknologi (Sciences & Engineering), 68(3). https://doi.org/10.11113/jt.v68.2953