Radio Frequency Identification (RFID) is expected to become pervasive and ubiquitous, as it can be embedded into everyday items as smart labels. A typical scenario of exploiting RFID is supply chain. The RFID based supply chain management yields convenience, efficiency and productivity gains. However, RFID systems create new risks to security and privacy. This paper briefly presents the current solutions to RFID security and privacy. A new approach is then proposed, which exploits randomized read access control and thus prevents hostile tracking and man-in-the-middle attack. In addition, compared with current schemes that achieve the similar security level, the proposed approach dramatically decreases the computation load. Another benefit is that it is suitable for RFID systems with a large number of tags.