Risk Assessment in Securing Radio Frequency Identification (RFID) Systems: a Case Study on Petra Christian University Library
Each library collection has an identification number which is unique number for each book. Identification numbers are used in searching process, and library's circulation. Identification number is presented by barcode, and will be coupled with RFID, in order to facilitate collection information searching service, collection circulation service, and as a function of the collection security. The current barcode system problem lacks security features, the process of collection finding is very
... inding is very difficult, and the circulation process takes more time. This problem can result in losses of the library assets, and reduce library user satisfaction. Therefore, Petra Christian University Library plans to implement the RFID system as the solution of collection security. The RFID implementation process requires an analysis to be done to assess the risk factors that affect the library's business processes and provide a response to those risks. This paper discusses the risk assessments for the RFID system to be implemented in the library. Risk assessments are based on the NIST SP800-98 standard Guidelines for Securing Radio Frequency Identification (RFID) System and NIST SP800-30 Guide for Conducting Risk Assessments. Risk factors are categorized into two, namely business process risk and risk intelligence process. The results show most of the risk factors are related to the server system.