Ensuring Privacy in Smartcard-Based Payment Systems: A Case Study of Public Metro Transit Systems

  • Seng-Phil Hong
  • Sungmin Kang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4237)


The advances in technology have enabled us to share information, process data transactions, and enhance collaborations with relevant entities effectively. Its unparalleled adoption in both the public and private sectors is raising heightened concerns, particularly in the areas of the collection and management of personal information. The use of personal information can provide great benefits, including improved services for customers and increased revenues and decreased costs for businesses. However, it has also raised important issues such as the misuse of their personal information and loss of privacy. In this paper, we propose a framework to preserve privacy in new Public Metro Transit Systems that incorporates smartcard-based payment systems. The proposed framework leverages cryptographic protocols and an innovative privacy model to ensure the protection of privacy information of the cardholders. We also overview our system architecture for the proposed framework including case learned.


Access Control Policy Policy Enforcement Privacy Condition Privacy Model Integrate Circuit Chip 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    A list of privacy surveys surveys, available at:
  2. 2.
    Liu, M., Sun, S., Xing, M.: Study on security based on PKI for e-commerce of statistics information system. In: ACM International Conference Proceeding Series, August 2005, vol. 113, pp. 729–732. ACM Press, Xi’an, China (2005)Google Scholar
  3. 3.
    Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A Community Authorization Service for Group Collaboration Policies for Distributed Systems and Networks. In: Proceedings of the Third International Workshop in 2002, pp. 50–59 (2002)Google Scholar
  4. 4.
    Samarati, P., Reiter, M.K., Jajodia, S.: An Authorization Model for a Public Key Management Service. ACM Transactions on Information and System Security 4(4), 453–482 (2001)CrossRefGoogle Scholar
  5. 5.
    Ellison, C., Schneier, B.: Ten Risks of PKI: What you are not being told about Public Key Infrastructure. Computer Security Journal 16(1), 1–7 (2000)Google Scholar
  6. 6.
    Zhang, X., Meinel, C., Dulaunoy, A.: A Security Improved OpenSST Prototype Combining with SmartCard. In: Proceeding of the International Conference on Computer Networks and Mobile Computing. IEEE, Los Alamitos (2003)Google Scholar
  7. 7.
    Rexha, B.: Increasing User Privacy in Online Transactions with X.509 v3 Certificate Private Extensions and Smartcards. In: Proceedings of the IEEE International Conference on E-Commerce Technology, Washington, USA (July 2005), pp. 293–300 (2005)Google Scholar
  8. 8.
    Yang, Y., Han, X., Bao, F., Deng, R.H.: A Smart-card Enabled Privacy Preserving E-prescription System. IEEE Transaction on Information Technology in Biomedicine 8(1), 47–58Google Scholar
  9. 9.
    Shamir, A.: How to share a secret. Communication of the ACM 22(11), 612–613Google Scholar
  10. 10.
    Lysyanskaya, A., Peikert, C.: Adaptive Security in the Threshold Setting: From Cryptosystems to Signature Schemes. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 331. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Canetti, R., Goldwasser, S.: An Efficient Threshold Public-Key Cryptosystem Secure against Adaptive Chosen Ciphertext Attack. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 90–106. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Seng-Phil Hong
    • 1
  • Sungmin Kang
    • 2
  1. 1.School of Computer Science & Engineering Sung Shin Women’s UniversitySeoulKorea
  2. 2.College of Business AdministrationChung-Ang UniversitySeoulKorea

Personalised recommendations