Abstract
In this paper we focus on authentication and privacy aspects of an application scenario that utilizes mobile crowd sensing for the benefit of amusement park operators and their visitors. The scenario involves a mobile app that gathers visitors’ demographic details, preferences, and current location coordinates, and sends them to the park’s sever for various analyses. These analyses assist the park operators to efficiently deploy their resources, estimate waiting times and queue lengths, and understand the behavior of individual visitors and groups. The app server also offers visitors optimal recommendations on routes and attractions for an improved dynamic experience and minimized wait times. We propose a practical usable solution we call an anonymous authentication of visitors protocol that protects the privacy of visitors even while collecting their details, preferences and location coordinates; deters adversaries outside the park from sending in huge amounts of false data, which lead to erroneous analyses and recommendations and bring down the app server. We utilize queuing theory to analyze the performance of a typical app server receiving numerous simultaneous requests from visitors to process a core function of our protocol.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abe, M., Fujisaki, E.: How to date blind signatures. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 244–251. Springer, Heidelberg (1996)
Abe, M., Okamoto, T.: Provably secure partially blind signatures. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 271–286. Springer, Heidelberg (2000)
AECOM, TEA-AECOM 2011 Theme Index The Global Attractions Attendance Report, Themed Entertainment Association (TEA) (2011)
Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clone wars: Efficient periodic n-times anonymous authentication. In: CCS 2006, pp. 201–210 (2006)
Chaum, D.: Blind signatures for untraceable payments. In: CRYPTO 1982, pp. 199–203 (1982)
Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
Damgård, I.B.: Payment systems and credential mechanisms with provable security against abuse by individuals. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 328–335. Springer, Heidelberg (1990)
Disney’s FASTPASS Service, http://disneyworld.disney.go.com/guest-services/fast-pass/
Fahl, S., Harbach, M., Muders, T., Smith, M., Baumgartner, L., Freisleben, B.: Why Eve and Mallory love Android: An analysis of Android SSL (In)security. In: CCS 2012, pp. 50–61 (2012)
Berthold, O., Federrath, H., Köpsell, S.: Web mixes: A system for anonymous and unobservable internet access. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)
Ganti, R., Ye, F., Lei, H.: Mobile crowdsensing: Current state and future challenges. IEEE Communications Magazine 49(11), 32–39 (2011)
Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: Validating SSL certificates in non-browser software. In: CCS 2012, pp. 38–49 (2012)
Gross, D., Shortle, J.F., Thompson, J.M., Harris, C.M.: Fundamentals of Queueing Theory. Wiley (2008)
He, W., Liu, X., Ren, M.: Location cheating: A security challenge to location-based social network services. In: ICDCS 2011, pp. 740–749 (2011)
Internet Engineering Task Force (IETF), Network Working Group, HTTP Over TLS, RFC2818 (2000), http://tools.ietf.org/html/rfc2818
Menezes, A.J., vaz Oorschot, P.C., Vanstone, S.A.: Digital Signatures. In: Handbook of Applied Cryptography, ch.11. CRC Press (1997)
Merlin Entertainments iTunes App., LEGOLAND California (2012), https://itunes.apple.com/us/app/legoland-california-official/id452395530
Orbot: Tor on Android, The Tor Project (2012), https://guardianproject.info/apps/orbot/
Sherchan, W., Jayaraman, P.P., Krishnaswamy, S., Zaslavsky, A.B., Loke, S.W., Sinha, A.: Using on-the-move mining for Mobile crowdsensing. In: MDM 2012, pp. 115–124 (2012)
Tor, Anonymity Online, https://www.torproject.org/
Universal Express Passes, Universal Orlando Resort, http://www.universalorlando.com/Theme-Park-Tickets/Universal-Express/Express-Passes.aspx
Walt Disney iTunes App., Disney Mobile Magic (2012), https://itunes.apple.com/us/app/disney-mobile-magic/id500000336
Dai, W.: Speed Comparison of Popular Crypto Algorithms, http://www.cryptopp.com/benchmarks.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Konidala, D.M., Deng, R.H., Li, Y., Lau, H.C., Fienberg, S.E. (2013). Anonymous Authentication of Visitors for Mobile Crowd Sensing at Amusement Parks. In: Deng, R.H., Feng, T. (eds) Information Security Practice and Experience. ISPEC 2013. Lecture Notes in Computer Science, vol 7863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38033-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-38033-4_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38032-7
Online ISBN: 978-3-642-38033-4
eBook Packages: Computer ScienceComputer Science (R0)