This paper focuses on RFID-based supply chain management system that adheres to the EPCglobal Architecture Framework specification. We approach this framework with a security point-of-view and the main idea is to secure this framework for a safe and secure RFIDbased\r\nsupply chain management system. At the outset this paper briefly describes the EPCglobal Architecture Framework and provides an example supply chain scenario. The framework is composed of entities like RFID Tag, RFID Reader, RFID Middleware, Electronic Product Code Information Service (EPCIS) Repository, EPCIS Accessing Application, Object Naming Service, and Subscriber Authentication. We analyze the various security threats that affect each of these entities and their communication interfaces. Some of these threats include cloned fake RFID tags, unauthorized access and/or modification of RFID tag\r\ninformation and its electronic pedigree (EPCIS data), and eavesdropping, spoofing and Denial of Service attack on EPCglobal Subscriber\'s network. Finally, we propose possible security requirements and needed security solutions to ward off these threats.
After a trademark dispute, the EPC Prototyping Platform is now called "Fosstrak" (previously Accada). Fosstrak stands for "free and open source software for track and trace".