Surveying the security of access systems in Uppsala, Sweden

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F23%3A00366805" target="_blank" >RIV/68407700:21240/23:00366805 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1109/MECO58584.2023.10154971" target="_blank" >https://doi.org/10.1109/MECO58584.2023.10154971</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/MECO58584.2023.10154971" target="_blank" >10.1109/MECO58584.2023.10154971</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Surveying the security of access systems in Uppsala, Sweden

Popis výsledku v původním jazyce

Today, many people use several access systems on a daily basis without paying attention to the fact that many of the technologies in use are obsolete and insecure. For example, there are published attacks against all generations of MIFARE Classic cards and cloning a MIFARE Ultralight card is trivial. In this paper, we look into the security of several access systems in a student town Uppsala in Sweden. We evaluate the security of the cards or tags used for access as well as some of the security of the systems themselves. We present a detailed report on the configurations, including any vulnerabilities, while also presenting attacks exploiting these vulnerabilities, as well as real-life examples of how these attacks can be dangerous to the end user. We compare these systems to a well-designed system in the same city and suggest fixes for all vulnerabilities we found. When presenting the potential fixes, we pay attention to the ease and cost of the fixes.

Název v anglickém jazyce

Surveying the security of access systems in Uppsala, Sweden

Popis výsledku anglicky

Today, many people use several access systems on a daily basis without paying attention to the fact that many of the technologies in use are obsolete and insecure. For example, there are published attacks against all generations of MIFARE Classic cards and cloning a MIFARE Ultralight card is trivial. In this paper, we look into the security of several access systems in a student town Uppsala in Sweden. We evaluate the security of the cards or tags used for access as well as some of the security of the systems themselves. We present a detailed report on the configurations, including any vulnerabilities, while also presenting attacks exploiting these vulnerabilities, as well as real-life examples of how these attacks can be dangerous to the end user. We compare these systems to a well-designed system in the same city and suggest fixes for all vulnerabilities we found. When presenting the potential fixes, we pay attention to the ease and cost of the fixes.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20206 - Computer hardware and architecture

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of 2023 12th Mediterranean Conference on Embedded Computing (MECO)

ISBN

979-8-3503-2291-0

ISSN

2637-9511

e-ISSN

2637-9511

Počet stran výsledku

5

Strana od-do

—

Název nakladatele

IEEE

Místo vydání

Piscataway

Místo konání akce

Budva

Datum konání akce

6. 6. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—