Modern RFID-supported supply chains envision a seamless sharing of item-level data across multiple supply chain participants in the “Internet of Things”. However, many companies are reluctant to propagate large amounts of their track and trace information to others, as they fear the uncontrolled disclosure of vital business intelligence. Without built-in safeguards, such systems thus run the risk of hindering the adoption of efficient supply chain management infrastructures.

In this paper we will define the cornerstones of a cryptographically sound security architecture for RFID-supported supply chains that will enable efficient logistical management with minimal data disclosure. We propose to replace the common centralized track and trace approach with an architecture that makes use of strong cryptographic primitives and secure storage on the tag and builds on top of those enhanced authentication and key-agreement protocols. The architecture will thus span the entire technology range from the RFID tag and its network infrastructure to the back-end system that is storing the supply chain information.