Reference is made to FIG. 1 a prior art system 101 for securing a group of elements or devices. Five RFID tags 10-14 are each attached to one of the devices. A monitor 100, a central controller of the system, monitors tags 10-14 by communicating with each of tags 10-14. The term “reader” is also used herein interchangeably to refer to a central controller or monitor 100. Prior art system 101 of FIG. 1 can be described as centralized. Monitor e.g. an RFID reader 100, monitors one or more RFID tags 10,11,12,13,14. Monitor 100 typically functions differently from tags 10-14. The main function of monitor 100 is to maintain group integrity. Any missing item, e.g. tag from the group is detected by monitor 100 and an action, e.g. an alarm, previously programmed into monitor 100 is activated. Other possible actions include reporting a security breach, or disabling a device for instance attached to one of tags 10-14. A system similar to system 10 is described in US patent application 20050148339, ‘Personal item monitor using radio frequency identification’ disclosed by R. Boman et al. A personal item monitoring system includes a monitor having a transmitter and a receiver located therein. A radio frequency identification (RFID) tag is adapted, coupled or pre-installed into a personal item. The monitor emits a radio frequency signal received by the radio frequency identification tag, and the radio frequency identification tag emits a responding signal if within a detection range. The monitor then alerts a user if the radio identification tag leaves the range of detection.
In US application publication 20050151623, ‘PDA security system’ disclosed by G. Von Hoffman, a system is described which secures a device such as a personal digital assistant (PDA) or a mobile phone, by requiring an ‘authentication process’ between the device and another specific element. If an alarm state occurs, when the specific element does not answer, or the specific element is not within the given range from the calling device, some selected functions of the calling device will be disabled.
In may applications the cost of a relatively expensive monitor (e.g. RFID reader 100), is typically more than hundred times the cost of an RFID tag. If a group of tagged devices includes about ten elements, the inclusion of monitor 100 increases the cost of implementation by tenfold. If monitor 100 is absent from centralized system 10, or malfunctioning, the modified system 10 cannot maintain any level of security. Furthermore, in prior art system 101 none of the tags 10-14 know about the existence of the any other tags 10-14 in the group, so information such as a list of members of the group cannot be obtained from any tag 10-14. A further limitation of prior art system 101 and other systems, is the inaccuracy of the range threshold in which the alarm is triggered. In the absence of an accurate distance measurement, system 10 may either trigger an alarm when the tagged devices are still close to each other, or too late, when one of tags 10-14 has been removed without prior authorization and the security breach is not prevented. In fact, prior art systems typically do not perform any distance determination measurement but rather than rely on attenuation of the RP signals which results in range varying by an order of magnitude because of differences in RF attenuation, reflections and multipath interference throughout the RF propagation pats between monitor 100 and tags 10-14. The lack of accurate range determination creates an increased potential for security breaches in prior art systems 10.
Another potential security breach known as “remote pickpocketing” is described in the article, Z. Kfir and A. Wool, Picking Virtual Pockets Using Relay Attacks on Contactless Smartcard Systems, (Cryptology ePrint Archive, Report 2005). A contactless smart card is a smart card that can communicate with other devices without any physical connection, typically using Radio-Frequency Identifier (RFID) technology. Contactless smart cards are becoming increasingly popular, with applications like credit-cards, national-ID, passports, physical access. The security of such applications is clearly critical. A key feature of RFID-based systems is their very short range: typical systems are designed to operate at a range of ˜10 cm-˜50 cm. Contactless smart card technology is vulnerable to relay attacks: An attacker can trick the reader into communicating with a victim smart card that is very far away. A ‘low-tech” attacker can build a pick-pocket system that can remotely use a victim contactless smart card, without the victim's knowledge. The attack system consists of two devices, a “ghost” and a “leech”. The ghost can be up to 50 m away from the card reader, two orders of magnitude higher than the nominal range. The leech can be up to 50 cm away from the victim card. The main characteristics of the attack are: orthogonality to any security protocol, unlimited distance between the attacker and the victim, and low cost of the attack system. The attack using a ghost and leech on a contactless smart card can be made very difficult if an accurate distance determination measurement is performed to the contactless smart card.
There is thus a need for, and it would be highly advantageous to have a system and viral group maintenance and security which overcomes the disadvantages of prior art centralized RFID systems, and particularly a non-centralized system in which additionally accurate range determination is provided.
The term “ultra-wide band” (UWB) as used herein is defined (by FCC and ITU-R) in terms of a transmission from an antenna for which the emitted signal bandwidth exceeds the lesser of 500 MHz or 20% center frequency. One type of Ultra-wide band (UWB) communication technology employs discrete pulses of electromagnetic energy that are emitted at for example, nanoseconds to microsecond intervals. For this reason, this type of ultra-wide band is often called “impulse radio.” A UWB pulse is a single electromagnetic burst of energy. A UWB pulse can be either a single positive burst of electromagnetic energy, or a single negative burst of electromagnetic energy, or a series of pulses. Ref: http://en.wikipedia.org/wiki/Ultra_wide band.
Reference is now made to FIG. 2 (prior art) which illustrates the use of ultra-wide band signals (UWB) in an RFID system 101 of the prior art (described in PCT/IL2003/00358, publication No. WO/2003/098528), entitled “Method and system for distance determination of RF tags” incorporated herein by reference for all purposes as if fully set forth herein. As described in WO/2003/098528, reader 100 transmits a short pulse sequence representing symbol 205. The ultra-wide band signal is organized into three intervals including three parts: a preamble, data and a response period. In each of the parts, symbols 205 are transmitted by means of pulse transmissions, where the time between symbols is denoted T1 typically on the order of 20 microseconds. The pulse sequence transmission duration T2 for each symbol is substantially shorter than T1, typically ˜100 nanoseconds. Such short sequence of pulses are beneficial for reducing the peak to average ratio of the transmitter, both for easier implementation and for complying with regulatory peak power limits where applicable. As an example in a pulse train, each pulse sequence 205 is composed of N e.g. 11 arrow pulses, each with a polarity determined by a binary sequence which is chosen for autocorrelation and synchronization properties with a flat spectrum. Tags 03a and 03b respond respectively with pulse sequences 207a and 207b also with time interval T2 of about 100 nanoseconds and time interval T1 between pulse sequences 207 (on the order of 20 microseconds, as mentioned above). The use of very short pulse sequences 205 and 207 with a long time interval between pulse sequences 205 and 207 allows a relatively large number of parallel-links between reader 100 and multiple tags 03a and 03b. According to one of the embodiments disclosed in WO/2003/098528, reader 100 receives one or more ultra-wide band response signals, respectively from one or more tags typically including overlapping wide band response signals from different tags. Reader 100 detects the response sequence and decides whether one or more tags answered the ultra-wide band interrogation signal transmitted by reader 100. Reader 100 determines the round trip delay between transmitting the interrogation signal and receiving the response signals and from the round trip delay an accurate distance measurement to tags 03a and 03b is obtained.
The terms “device”, “item” and “object” are used here interchangeably when referring to devices, items and objects attached to tags.
The term “determination of a distance” refers a method to determine distance absolutely or a relatively measurement of distance, not estimating of distance based on radio frequency attenuation which is dependent on radio frequency, propagation characteristics.