Information security radio frequency identification technology in the federal government : report to congressional requesters.DIANE Publishing |
Other editions - View all
Common terms and phrases
access control Active tags Additionally Administration antenna Appendix assets associated with RFID available to mitigate baggage on flights CFO Act agencies ciphertext confidentiality considerations surrounding consumers contactless counterfeit drugs devices discuss documents e-waste electronic passports embedded system encryption EPCglobal federal agencies FISMA global interoperability Government Accountability Office Homeland Security identification cards implement the technology industry or country information security information systems initiatives at federal International ISO/IEC legal issues associated major initiatives multiple national standards operate pallet Passive tags placement practices and tools privacy considerations privacy issues private-sector profiling proposed proximity cards Radio Frequency Identification radio waves read range read-only read-write requirements RFID implementation RFID standards RFID Systems RFID tags RFID technology security and privacy security considerations Semipassive set of standards Standards Institute standards-setting organizations suppliers supply chain management tags and readers technology implementation tools and practices transmission unauthorized Universal Postal Union
Popular passages
Page 19 - Specifically, this program is to include * periodic assessments of the risk and magnitude of harm that could result from the unauthorized access, use, disclosure, disruption, modification, or destruction of information or information systems...
Page 37 - GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site (www.gao.gov). Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e~mai.i you a list of newly posted products every afternoon, go to www.gao.gov and select, "Subscribe to Updates.
Page 19 - This program should provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.
Page 20 - ... a process for planning, implementing, evaluating, and documenting remedial action to address any deficiencies in the information security policies, procedures, and practices of the agency; • procedures for detecting, reporting, and responding to security incidents; and • plans and procedures to ensure continuity of operations for information systems that support the operations and assets of the agency.
Page 22 - The history of the Social Security number, for example, gives ample evidence of how an identifier developed for one specific use has become a mainstay of identification for many other purposes, governmental and nongovernmental.25 Secondary uses of the Social Security number have been a matter not of technical controls but rather of changing policy and administrative priorities.
Page 19 - ... systems or groups of information systems; • security awareness training for agency personnel, including contractors and other users of information systems that support the operations and assets of the agency; • periodic testing and evaluation of the effectiveness of information security policies, procedures, and practices, performed with a frequency depending on risk, but no less than annually, and that...
Page 20 - Accordingly, cryptography has an important role in protecting information both within a computer system and when information is sent over the Internet and other unprotected communications channels. Encryption is the process of transforming ordinary data (commonly referred to as plaintext) into code form (ciphertext) using a special value known as a key and a mathematical process called an algorithm. Cryptographic algorithms are designed to produce ciphertext that is unintelligible to unauthorized...
Page 28 - We will also make copies available to others upon request. In addition, the report will be available at no charge on GAO's Web site at http ://www/gao. gov. If you or your staff have any questions about this report, please contact me at (202) 612-9619 or pickups@gao.gov.
Page 18 - An attack in which a valid data transmission is maliciously or fraudulently repeated, either by the originator or by an adversary who intercepts the data and retransmits it.
Page 1 - Technology Protect Privacy Consistently RFID is an automated data-capture technology that can be used to electronically identify, track, and store information contained on a tag. The tag can be attached to or embedded in the object to be identified, such as a product, case, or pallet. RFID technology provides identification and tracking capabilities by using wireless communication to transmit data. In May 2005, we reported that major initiatives at federal agencies that use or propose to use the...