design of trustworthy smartphone-based multimedia services in cultural environments

Electron Commer Res (2013) 13:129–150DOI 10.1007/s10660-013-9112-5

Design of trustworthy smartphone-based multimediaservices in cultural environments

Dimitrios Koukopoulos · Georgios Styliaras

Published online: 21 March 2013© Springer Science+Business Media New York 2013

Abstract Smartphone is a dynamic new media that faces high popularity due to itsversatile services and the friendliness of its usage. It can be used in many activitiesof everyday life from e-commerce to e-tourism. In this work, we study smartphone’ssecure usability in cultural heritage sites and environments. Our goal is to make afirst attempt towards a trustworthy commercial multimedia guiding system target-ing cultural sites that will be executed in a set of smartphones. More specifically,we are interested in how the needs of curators and visitors, experts or not, of a cul-tural heritage site can be facilitated by the provided multimedia guiding services ofsmartphones employing trustworthy implementations of smartphone services that arecontrolled by a central server. Furthermore, we make an attempt to propose a simplebusiness model for the commercial exploitation of such services.

Keywords Smartphone · Multimedia guiding services · Cultural environments ·Service-based e-commerce systems

1 Introduction

The added value of cultural heritage exploitation for any national economy is by nowwell recognized as it relates directly the past with important markets of current life,

Part of this work has been appeared in the Proceedings of the 2011 International Conference onMultimedia Information Networking and Security (MINES’11), pp. 604–608, IEEE Computer Press,Shanghai, China, 2011.

D. Koukopoulos (�) · G. StyliarasDepartment of Cultural Heritage Management and New Technologies, University of Western Greece,George Seferi Str. 2, 30100, Agrinio, Greecee-mail: [email protected]

G. Styliarase-mail: [email protected]

mailto:[email protected]

mailto:[email protected]

130 D. Koukopoulos, G. Styliaras

mainly Education, Tourism, Entertainment and Commerce. A way to enhance thebenefits of the exploitation of cultural heritage is the adaptation of new technologieslike smartphones and multimedia for the demonstration and experience disseminationof cultural environments and sites, along with successful economic strategies likeelectronic commerce.

The use of mobile, distributed and networked systems for promoting cultural her-itage sites and activities is one of the main research challenges in the domain of cul-tural heritage informatics [3]. Another challenge is long-term availability of culturalheritage that includes digital rights management and intellectual rights protection [3].A multimedia service that combines mobile devices and long-term availability in thecontext of management of cultural heritage will offer users a trustworthy environ-ment for experience dissemination and communication. Technological advances inmultimedia systems, tracking and handheld devices provide customized interfacesfor the generation of virtual guides, the design of virtual exhibitions in various waysand the construction, acquisition and integration of cultural information targeting cul-tural sites visitors and curators [15]. The starting point of this study is our belief thatexhibits, static or interactive, is the main vehicle of communication among culturalheritage sites and visitors.

Electronic commerce is probably the hottest development in the everyday life ofconsumers and businesses [6]. A key challenge in this scientific field is the develop-ment and standardization of novel services [1, 27]. The appreciation of e-commercebenefits has not been a straightforward issue [4], but it now seems that its momen-tum has been able to generate wealth (and havoc) at a significantly larger rate thantraditional technologies. Still, certain types of businesses are more irresistibly drawnby the Web’s promise than others. Cultural environments and sites like museum e-shops and art galleries, for instance, have been among the first segments of the busi-ness community to stake out the Web as a potentially lucrative supplemental venuefor sales. Recently, museums and cultural heritage sites have begun to provide e-commerce services based on mobile devices and the Web to raise their profits. Theusage of mobile devices permits an individual to make more purchases in a friendlyway because their key characteristics permit convergence of technologies, locationindependence, cultural adaptation and service personalization [11, 29, 30]. Till now,the supported mobile e-commerce services by cultural heritage sites and environ-ments are mainly oriented to the purchasing of souvenirs [30]. However, we believethat the use of smartphone-based multimedia services for guiding purposes can helpcultural heritage sites and environments to attract more visitors.

In this paper, we explore the possibilities for using smartphones with safety in cul-tural heritage environments and other sites, such as archaeological sites, large muse-ums, or city historic centers. Nowadays, the popularity of smartphones has increasedas they offer a large variety of appealing features. The current generation of smart-phones is loaded with complete operating systems and a set of hardware features thatcannot be found even in personal computers. The overwhelming presence of thesedevices, starting from Apple’s iPhone, has imposed a new category of computing de-vices among mobile phones and laptops. Their dominance is turning obsolete the useof other devices such as palmtops and handhelds and has been an inspiration for thecreation of a new category of devices, such as tablet personal computers.

Design of trustworthy smartphone-based multimedia services 131

We have seen the use of smartphones in various domains such as audio, visual andtext communication, e-commerce, social networking, internet and multimedia brows-ing, multimedia capturing and playback, messaging entertainment and car navigation.On the other hand, there are many applications intended for cultural heritage sitesand environments that are executed on personal computers, infokiosks or handhelddevices. We believe that a smartphone can provide a complete hosting infrastructurefor cultural applications. In other words, smartphones can become the link betweennew technologies and culture. People tend to use such devices more and more andare accustomed by their navigation, multimedia and other content access facilities.Cultural content and its presentation needs are adaptable to these facilities, as differ-ent parts of this content is multimedia based, can be expressed on a map or can bedescribed by a set of field values. This content may be retrieved and transferred bywireless network from a central server and users may access and comment it throughsocial networking.

Moreover, smartphones can benefit the commercial exploitation of services pro-vided in cultural environments. For example, smartphones permit the availability ofsuch services to the final end user anytime and anywhere in a familiar and pervasiveway. Also, smartphones allow the development of service-based electronic commerceservices which are maintained by service-providers themselves (i.e. museum admin-istrators). giving customers a low-cost business model. Thus, customers can have amobile-based access to e-commerce services using their own phones.

Having these potentials in mind, we undertake a study about the secure use ofsmartphones for cultural heritage environments and sites. Our goal is to make a firstattempt towards a commercial multimedia guiding system targeting cultural sites thatwill be executed in a set of smartphones. Thus, we propose a system architecturefor the secure usability of smartphones in cultural heritage environments and othersites for guiding purposes (archaeological sites, large museums, city historic cen-ters). The presented system facilitates the needs of curators and visitors, experts ornot, of a cultural heritage site. Also, we deal with security issues in cultural contentperforming authorization actions in user’s requests, along with certification-basedauthentication of the entities sending cultural content on both the Web server andthe user’s smartphone. Finally, we make an attempt to propose a simple businessmodel for the commercial exploitation of smartphone-based multimedia guiding ser-vices.

The rest of this paper is organized as follows. Section 2 presents some relatedworks regarding applications and services in cultural environments. Section 3 demon-strates the different user types and content attributes concerning cultural environ-ments. An extended role based access control model that permits trustworthy accessand processing of cultural content is presented in Sect. 4. After that a simple busi-ness model is proposed as a first step for the commercial exploitation of multimediaguiding services in Sect. 5. Section 6 presents the authorization mechanism that ap-plies the proposed extended role based access control model and realizes the businessmodel. Section 7 shows how the authentication mechanism certifies user operationson cultural content. The architecture of the proposed system is discussed in Sect. 8.In Sect. 9, we present a complete case study that employs smartphones and providesmultimedia services to the end users. Some implementation guidelines of the pro-posed services are mentioned in Sect. 10. Section 11 discusses the significance and


the implications of the proposed services for the different users of cultural environ-ments. Finally, Sect. 12 concludes our results and mentions some open problems.

2 Related work

Cultural heritage environments online services Nowadays, a lot of museum andgallery administrators have embraced digital technology and the Web as a viablemeans to explore new contexts, expand their audiences and fund their organizations.A lot of major museums and collections have already established Web sites dedicatedto showcasing particular exhibits and commercially exploiting various cultural prod-ucts and souvenirs (copies or not) as the National Museum of Contemporary Art [22]and the Museum of Modern Art [21]. Moreover, two of the main targets of the devel-opment of mobile commerce applications include information-oriented services andentertainment [29]. These targets are common in cultural environments where thereis a necessity for the provision of trustworthy mobile multimedia services to the end-user (like guiding services) in a friendly and entertaining manner. These services willhelp the administrators of such environments to exploit commercially their culturalcontent in a popular way.

Multimedia services for managing cultural environments Recently, the subfield ofmultimedia services for managing cultural heritage environments received a lot ofinterest. Virtual Museum Net of Magna Graecia [10] is a system that provides educa-tional contents on the basis of a thematic search or a map where the user can selectboth the contents to visualize and their level of detail. This system is suitable for e-commerce support because it permits territory exploitation due to the geo-referencedplaces and contents (Google maps). This facility allows tourists the creation of cus-tomized tours and the access to the territory on the basis of personal needs (i.e. work-ing hours of a museum). A system that offers several retrieval strategies for queryingthe multimedia archive database in order to multimodally navigate into the archiveof ethnography and social history of the Italian Lombardy Region is presented in [9].In [18] a secure web-based system that permits collaboration among art communitieshas been presented.

Multimedia mobile services in cultural environments The usage of multimedia tech-nology for designing personal guides and public projections on Apple iPod touchdevices is presented in [7]. A new paradigm of video recording through two relatedprojects, Faucet and Record2ME, which work together in order to achieve the goal ofubiquitous interaction is discussed in [13]. City co-visiting system [12] combines vir-tual reality, hypermedia technology, handheld devises and ultrasound tracking tech-nology to allow one visitor on-site and two remote visitors in a gallery. Finally, mobilecomputing including the use of third-generation phones and PDAs is used in [25].

Smartphone applications security risks Systems and applications using smart-phones face various security risks due to the smartphones inherent characteristics,the smartphones’ usage and the technologies associated with their use. Security risks


associated with smartphones inherent characteristics are mainly due to the securitygaps of their operating systems and the absence of access control and data securitymechanisms. A number of security challenges for smartphone environments is givenin [23]. In [14] the vulnerability of Symbian 9.1 operating system is tested. Thereis no form of data protection inside the devices against anyone that has physical ac-cess to the device. The only authentication method for the most used smartphonesis the PIN code. For example, smartphones using Android 2.2 operating system per-mit alpha-numeric pins or password patterns as their main authentication mechanism[24]. Users usually store confidential data on their smartphones although data storedon a smartphone device can easily become accessible to a third party. Connectingsmartphones to wireless networks increases security risks due to the nature of wire-less medium and the always-on connectivity at 3G networks [26].

Authentication and authorization in cultural applications The study of certification-mechanisms for web-based applications has raised a lot of interest. In [19] a placeand time certification-based authentication scheme is proposed for cultural assets. In[5] digital signatures are employed for securely built web services in a cooperativeenvironment. A lot of research has been done in the field of role-based access controlmodels. The original role-based access control [20] describes access control basedon subjects, roles and permissions. In this work, we extend role-based access con-trol model permitting adequately the formation of groups, the promotion of a userto administration and the different access rights a multimedia file is permitted ac-cording to user requested operation. An authorization and access control policy ispresented in [2] where multimedia objects features are combined with textual de-scriptors, whereas an authorization model specialized for multimedia content storedin digital libraries is described in [17]. In [8], SMARXO is proposed to address thesecurity issues in multimedia applications adopting RBAC. This kind of models isusually based on authorization models for multimedia content that combines fea-tures of content and textual descriptors. However, these models tend to support singlefiles. In [18] content-based access control is applied on multiple files on digital artprojects. To the best of our knowledge, our approach applies for the first time anextension of role-based access control on smartphone devices for protecting multi-media content which is disseminated though multimedia guiding services in a culturalenvironment.

3 Users and content classification

Each user is identified with a unique user id (UserID). Users of cultural environmentscan be organized in four groups:

• Curators who create virtual guides (galleries), view, classify and comment them.Users exhibiting and reproduce virtual guides, including museums and gallery di-rectors.

• Specialists involved in the creation of the gallery providing raw material (archae-ological archives, physical scenery details, artefacts guides, GPS coordinates ofmonuments, etc.) and their expertise may be attached next to their UserID.


• Tourists perceiving the gallery by viewing it, interacting with it or editing it inorder to create their own virtual tour and path.

• Students perceiving the gallery by viewing it in a predefined manner.

In every group, and especially in the Specialists and Curators groups, a certain usermay be denoted as the group leader. The group leader may add or remove users froma group. As with users, groups are assigned a unique ID (GroupID). A certain gallery(tagged by a unique GalleryID) needs to be related with a Specialists group or aCurators group or a Tourists group, which populates the users that are involved in thecreation process. Furthermore, for a certain gallery, the role of Administrator may beassigned to a user, who may be different from the group leader and will focus on thetechnical details of the creation process.

A gallery project is composed by cultural content items drawn from a database thatstores and organizes the content in two main categories: (i) Primitive gallery content(image, sound, text and video files) and (ii) Composite gallery content deriving fromthe primitive content or/and material obtained from the user in real-time after editing,annotating and combining it by using the following operations.

Three categories of attributes are defined in order to describe a cultural item:(i) Content-based attributes that include short and extended textual annotations(title and description) that describe the thematic information of the item; attributesthat describe the technical details of an item according to the item’s type (size,GPS coordinates, color, distances from certain points, archaeological documentationarchives information, field-based information); and time and location of the item’screation or discovery, (ii) Context-based attributes that include the context explana-tion of certain items with the level of information and the amount of detail a userprefers (era, construction material of a finding, current status, decorative issues) and(iii) Model-based attributes that derived from the model proposed, such as the editingand viewing levels permitted.

4 Extended role-based access control model

4.1 Operations

Given the user and content definitions in Sect. 3, the following operations permit acurator/tourist/specialist group to set up and implement a new virtual guide/gallerybased on cultural content on the central server databases or raw material captured inreal-time during virtual tour (Fig. 1). Complementary, students, tourists, specialistsand curators may view and further exploit the outcome. At any time, gallery creatorsuse operations in order to refine the gallery.

InsertingCurator, specialist or tourist groups insert primitive cultural content in the databaseand annotate it.

SearchingSpecialists may search all inserted content, whereas the curators, students and touristsmay perform searches based on all but the content’s technical attributes. Curators and


Fig. 1 Operations workflow

specialists may search other users of desired expertise, while curators may also searchsimilar items to the given ones. Searching levels include:

(i) Comparative study: specialists and students have access to multiple galleriesbased on their interests. A curator discovers some new points of interest basedon oral testimonies associated to map and physical points on a map.

(ii) Optimal and alternative routes: Draw an optimal or alternative routes for visitinga set of specified areas on a map based on shortest time or thematic criteria and

(iii) Tour supervision: A group’s curator visiting the archaeological site can super-vise the locations of the group’s users.

EditingCurators/tourists/specialists compose a project through editing cultural content gath-ered during the previous operation with increasing level of intervention. In thisway, curators/tourists/specialists can produce composite items, based on the primi-tive ones. Editing levels include:

(i) As is: Usage of an item as is, that is no further editing is performed on theprimitive content.

(ii) Annotating on primitive (maps) or processed objects: Definition of a non-destructive layer over an object.

(iii) Tourists specialised tours: Creation of their own virtual tour and paths.(iv) Visit recording: A visitor can record her/his visit to the system’s database, while

taking a certain route.


(v) Filtering: A user can display on the map some or multiple interesting informa-tion by enabling or disabling the appropriate filters.

ViewingIt permits read-only access to the edited content by curators/students/tourists/specialists. Viewing levels include:

(i) As is: Simple viewing of the gallery content.(ii) Segmented and demo viewing: Viewing parts of edited gallery content (e.g. five

seconds of a certain tour). Viewing only selected parts of the final gallery fordemo purposes.

(iii) Combined viewing: Viewing current views of the site’s areas combined with rep-resentations of the original view of the same areas. The student/tourist/specialist/curator can toggle among the current view and the representation.

(iv) Map viewing and zoom: Scrolling the site’s map. By touching continuously apoint on the map, this point becomes the center of the map and directions aredisplayed and/or heard in order to guide the user to the new point of interest.

(v) Optimal route viewing: A visitor can view an optimal route specified by a curatorfor visiting a set of specified areas on a map after inserting her/his interests.

(vi) Context viewing: Field-based information, multimedia content and encyclopedicmaterial may be displayed on demand.

(vii) Nomadic viewing: Tourists can introduce a nomadic way for visiting a culturalsite. They can remain informed about where the rest of the group is, what pointsof interest are chosen by the majority of the group, what comments they leaveafter visiting a point of interest etc.

(viii) Guided tour: Students follow a specified route by a curator or specialist.

DisseminatingThis operation allows further exploitation of galleries that are based on primi-tive and composite cultural content. It addresses the needs of curators and visitors(students/tourists/specialists). Dissemination operations include:

(i) Packaging: Organize a gallery based on edited content as an autonomous pre-sentation (e.g. a slideshow of a set of images).

(ii) Gallery sharing: Nomadic users (tourists) can share their galleries with otherusers.

(iii) Transactions and educational games: Permitted operations are online sales,sharing items and galleries with other groups. Provision of educational gamesfor learning purposes to the visitors of a site.

(iv) Comments and announcements: Post comments after viewing a gallery, gradeit, propose improvements or changes and trigger new gallery development. Sup-port announcement of new gallery implementation, exhibitions in forms such asHTML or RSS.

4.2 Actions

Users may perform the following actions according to their types:

• The group leader may add and remove users from a group; he can define projectpackages (galleries) and decide dissemination strategies.


• Curators and specialists may search artefacts and galleries based on all their at-tributes and locate other curators or specialists for including them in the develop-ment of a new gallery. They may perform all viewing operations, assign contentto a new gallery by inserting it and perform all editing operations. Also, they mayperform processing on content and searches on curators. Curators may perform allactions permitted by tourists/students/specialists and apply editing operations ongallery copies.

• Tourists/students/specialists may search and view items, slideshows and demo ver-sions and participate as end-users in the disseminating operations. Tourists can ex-change their routes suggesting new points of interest. Tourists may create their owngalleries using cultural content, but they cannot process primitive cultural contentor make editing to galleries created by specialists/curators.

5 A simple business model

All different actions performed by users may provide the basis for a simple businessmodel. According to this model the permitted user actions will be offered in differ-ent quality levels depending on the cultural content resolution, especially regardingsearching, editing, viewing and disseminating operations. According to whether thedifferent cultural content and operations should be paid or not, the business model canbe classified into four types: Free Model, Once-Pay Low-Resolution Model, Once-Pay High-Resolution Model, and Full-Pay Model as follows:

(i) Free Model: All the permitted user actions are provided without payment. Usersmay freely view, search and disseminate the content.

(ii) Once-Pay Low-Resolution Model: There is a fee for actions concerning low-resolution data. In this model, users are allowed only to search, view and dis-seminate low-resolution cultural content after paying a fee (e.g. Tourists, Spe-cialists).

(iii) Once-Pay High-Resolution Model: There is a fee for actions concerning high-resolution content. In this model, users are allowed only to search, view anddisseminate high-resolution cultural content after paying a fee (e.g. Tourists,Specialists).

(iv) Full-Pay Model: All the permitted actions are provided with a subscription pay-ment.

To realize the four business models, the Two-Right scheme is proposed for control-ling access into cultural content. The access permission in high-resolution data (X) isincluded in the first access right, while the access permission in low-resolution data(Y ) is included in the second access right. According to the two rights’ properties,the four models can be constructed. Therefore, in a cultural environment, the mul-timedia guiding services can be classified into different categories according to thebusiness models, e.g., Free services, Once-pay Low-Resolution services, Once-payHigh-Resolution services and Full-pay searching, editing, viewing and disseminatingservices for curators, tourists, students and specialists.


More specifically, Free services include simple search and Comparative Studies.In editing use of content As Is and Annotations are permitted. In the same way, AsIs, Segmented and Demo Viewing will be allowed for viewing and only Packag-ing during dissemination. Once-pay models support the same operations and differonly on the quality of the content to be edited, viewed or disseminated. Searchingis the same as the Free Services. In editing, the Tourist specialized tours and Visitrecording operations allowed. In viewing, Combined viewing and Map viewing andzoom are permitted on high or low resolution material in addition to Free services.Transactions and educational are permitted in Once-pay models. During transactions,only material of the supported quality (low or high) is supported. Full-pay servicescomplement the offered services especially by offering optimal routes and filteringoperations.

The information of access rights of each multimedia cultural content file accom-panies it as metadata when it is inserted into the cultural content database. Thus,whenever a user requests an operation to a file the file’s access rights are monitoredby the authorization manager and the user is informed if the requested operation isprovided free or with a payment by the system. After that, the user informs the systemif she/he wants to proceed.

6 Authorization manager

6.1 Authorization control

The goal of the authorization manager is to verify whether a user u, trying to accessa gallery file m, using an operation o, under a certain role r with permitted actions a,is authorized to fulfill its request according to the restrictions enforced by that role.The authorization manager first checks if the user u is authorized for role r (cura-tor/specialist/tourist/student) and if the asked operation o is a permitted one to thisrole. Then, the manager checks if user u, the asked operation o and the gallery file m

can perform action a that is associated with role r .The authorization control algorithm follows in Fig. 2.

6.2 Request scenario

A user’s (specialist/student/tourist) request of a gallery file is illustrated in Fig. 3.Such a request consists of the following steps:

(1) A user makes a request for a gallery file to the interaction manager.(2) The interaction manager sends the request to the authorization manager that is

responsible to approve or reject the user’s request.(3) The authorization manager accesses the user database to recover the user at-

tributes, permitted operations and actions. Also, it accesses the cultural contentdatabase to recover the access rights of the requested gallery file.

(4) Depending on the data the authorization manager recovers from the userdatabase and cultural content database, she/he rejects or accepts the request.


INPUT: User request (u, r,m,o), the user attributes, operations,actions

OUTPUT: ACCEPT or REJECT

METHOD:

If (Is_role_specialist(u, r)) OR (Is_role_tourist(u, r) OR(Is_role_student(u, r) OR (Is_role_curator(u, r)) AND(Is_role_operation(o, r))

Then If (constraints_check(u, r,m,o, a))

Then ACCEPT

Else REJECT

Else REJECT

Is_role_specialist(u, r): returns true if user u is authorized forspecialist role else returns false.

Is_role_tourist(u, r): returns true if user u is authorized fortourist role else returns false.

Is_role_student(u, r): returns true if user u is authorized forstudent role else returns false.

Is_role_operation(o, r): returns true if role r is authorized foroperation o else returns false.

Is_role_curator(o, r): returns true if role r is authorized forcurator role else returns false.

constraints_check(u, r,m,o, a): returns true if user u, operationo and virtual guide file m satisfy action a that is associated withrole r else returns false

Fig. 2 Authorization control algorithm

Fig. 3 Request scenario


If the request is accepted, the authorization manager informs the user aboutthe charging status of the requested operation. If the user wants to proceed,the authorization manager receives the appropriate payment and retrieves therequested gallery file from the cultural content database.

(5) The authorization manager forwards the gallery file to the galleries databasealong with information about the user that made a request for the files. Also, theauthorization manager sends its approval to the interaction manager in order tofulfil the request.

(6) After the creation of the new gallery, the gallery database sends the files to theinteraction manager.

(7) The interaction manager asks the web server a certificate from the authenticationmechanism.

(8) The interaction manager forwards the received file to the user along with thecertificate of the web server.

7 Authentication mechanism

The authentication mechanism plays the role of certification authority. Among allthe entities involved into the system the Web server’s authentication mechanism canusually be trusted. The creation of digital certificates follows X.509 standard [16].The certificate is identified by a serial number and contains the issuer (authenticationmechanism), the subject (server or user) information, the period of validity, the publickey of the subject and the issuer signature. The related private key must be kept safely.Here, the private keys are generated by the authentication mechanism and deliveredoffline to the issued entities.

Certification assignment The first time a user requests an action over a gallery file,the authentication mechanism verifies user identification information recovered fromthe user database and issues a digital certificate to the user. The public key of the userwhich is contained into its certificate is stored into an appropriate field into the users’database. This certificate is installed on the user’s smartphone and the user databaseon the Web server. Furthermore, the first time the server is executed the authenticationmechanism assigns to the server a digital certificate which accompanies any galleryfile sent as a response by the web server to any user’s request.

Monitoring digital certificates Tourists and students are not trusted because theycan benefit from counterfeiting the cultural assets. Specialists and curators are nottrusted when they perform actions on cultural content they do not own. Monitoringdigital certificates takes place on both the Web server and the user’s smartphone de-pending on the destination of the gallery file. If the user makes a request for retrievinga file, the user reads the digital certificate of the web server that is associated to the re-quested file and verifies the authenticity of the related multimedia file [28]. The publickey of the certification authority is sent to the user by the authentication mechanismand installed prior to the verification. If the user (curator/specialist/tourist) wants toinsert cultural content to the system, then the authentication mechanism reads the


Fig. 4 System architecture

digital certificate of the user and verifies the authenticity of the related multimediafile [28]. The public key of the curator/specialist is retrieved by the authenticationmechanism from the user database. The goal of the certificate-based authenticationmechanism is to authenticate an entity sending cultural content by digital certificateson both the Web server and the user’s smartphone. The authentication mechanismtakes place after the authorization manager verifies user’s access control rights.

8 System architecture

The architecture of our system is illustrated in Fig. 4. The system comprises of adatabase server that manages three databases that store the gallery cultural content,access rights and information about users, user certificates, roles and gallery projects.Also, the system contains a web server that requests the database server for retrievinginformation. The web server contains an interaction manager and an authorizationmanager that transform user requests to appropriate content access and vice versaand an authentication mechanism that associates digital certificates to gallery filesthat are transferred among users and the system.

9 Case study

The following case study outlines a scenario that engages all users of the modelduring a visit to an archaeological site. An application is deployed for a smart-phone, which shows current views of the site’s areas combined with represen-tations of the original view of the same areas. From a visitor’s point of view


(tourist/student/specialist), a visitor points the smartphone towards a certain area. Af-ter pointing to the area for a certain time, by exploiting the GPS and digital compassfeatures, the application shows the visitor a graphic representation of the same area.By exploiting Combined viewing, the visitor can toggle among the current view andthe representation in order to understand the changes and have a certain feel of theoriginal site.

Continuing, by using the touch interface, the visitor can scroll the site’s maploaded in the application and discover new points of interest, by using Map view-ing and zoom. The map is enriched with several galleries of interesting points andsubareas. For example, the visitor may choose to focus on temples, commercial areasor houses, by using Searching services and Filtering. He/she may choose to displayon the map some or multiple interesting information by enabling or disabling theappropriate filters. Based on the selection, the map is updated and displayed appro-priately. The map also is oriented based on the visitor’s direction. At every moment,it shows the area in front of the visitor’s viewing direction. At any time, the visitorcan show or hide the overlaid information and focus on either the map, or the extrainformation, according to his/her interests.

By touching continuously a point on the map, this point becomes the center of themap and directions are displayed and/or heard in order to guide the visitor to the newpoint of interest (by using Context viewing). This feature can be operative for a singlepoint or a set of points. In the latter case, the visitor can use the Optimal route viewingfor visiting the areas that correspond to the set of points. In this case, optimality mayrefer to shortest time or be calculated according to thematic criteria. The applicationcan suggest alternative routes and after a selection, it guides the visitor towards vis-iting the route. It provides information such as remaining time and distance for theroute.

Every point of interest is documented in a database and its information is trans-mitted wirelessly from the archaeological site’s main server. Field-based informa-tion, multimedia content and encyclopedic material may be displayed on demand asa gallery, by using Context viewing, if the visitor has paid for one of the Once-Paymodels.

While taking a certain route, a visitor may choose to record the visit by using theVisit Recording operation. If the visitor is a student, he/she may choose to record thevisit for later exploitation in the class or for preparing an essay. Recording informa-tion includes the map, the exact route upon it that the visitor follows and the pointsvisited. In parallel, a visitor may take notes and enhance the delivered information.More specifically, the visitor may take text and narration notes (by using the Annotat-ing operation), still pictures and video clips. All these notes are linked to the visitor’scurrent location. The whole route enhanced by the visitor’s notes may be packagedas a gallery and stored both in the smartphone and the web, by exploiting the Packag-ing and Gallery sharing operations. The gallery may be uploaded wirelessly on largeactive displays located in the area that permit to share the presentation to a group oftourists or students. The visitor can pause and continue the gallery’s presentation, takenew notes and save a new edition. The presentation can be exploited by other usersas a guide for visiting the certain area and specific points of interest. Other visitorsmay post new comments by using the synonymous operation.


Fig. 5 Site topology withvisitors scattered around pointsof interest

From a curator’s point of view, through the Nomadic Viewing and Guided Touroperations, the group leader visiting the archaeological site can supervise the loca-tions of every member in the group (i.e. students). He/she can check what pointshave been visited by group members and their current locations. They can exchangetheir routes and suggest in this way new points of interest. Group members can alsointroduce a nomad way for visiting a cultural site, as through connectivity and mapdisplay, they can remain informed about where the rest of the group is, what pointsof interest are chosen by the majority of the group, what comments they leave af-ter visiting a point of interest etc. A useful outcome of processing the routes of thegroup members is to suggest points of interest to group members with similar inter-ests.

Conclusively, by using the operations of the model, visitors can locate and com-bine cultural content that they can reuse at a later time. They can share the content toother visitors and suggest visiting areas at a site. In case of students, they can workalone or in groups, depending on the requested activity. A hypothetical scattering ofusers and points of interest in a site follows in Fig. 5.

10 Implementation guidelines of multimedia services

Nowadays, new editions of smartphones have allowed the implementation of thecharacteristics and case studies described in the previous sections. Firstly, regardinganimation, new editions of Flash are available for smartphones. Adobe had deliv-ered a special edition of Flash for handheld devices, called Flash Lite. Specifically,


Flash animation combined with touch and multitouch capabilities can improve theinteraction in animation clips. Whereas touch capability is similar to a simple mouseoperation, multitouch offers more interaction capabilities, not feasible by a simplemouse. Nowadays, multitouch is offered on all high-end smartphones with large dis-plays. These capabilities allow for building, editing and interacting with multimediaanimated content.

Regarding multimedia playback, we have discovered that smartphones can sup-port the interaction of all popular types of multimedia files including starting, pausingand stopping playblack and be informed on total and remaining playback duration ofa media clip. Apart from offline clips, online streaming from popular video servers,such as YouTube are supported. For example, TCPMP and Streaming Player for Win-dows Mobile phones provide such a combination. The same applications support theload of subtitles enabling multilingual content. Media playback includes also images.For example, viewing images is supported in Windows Mobile phones with TouchPlayer and Media Player. These applications offer single image preview, zoom in animage and slideshow playback.

Taking notes along with viewing and editing text is also supported in smartphones.Notepad-type applications, document viewing and editing suites are available in Ap-ple, Android and Windows smartphones. Writing text is supported by using a key-board or a hand. Audio notes are also permitted. Notes are saved and can be retrievedat a later time ordered chronologically. Finally, we have tested wireless and Blue-tooth connectivity and managed to exchange text and multimedia files of varioussizes, although activation of connectivity and choosing a suitable network were donemanually.

These operations complement the necessary infrastructure needed in order to im-plement the services designed in Sect. 4. The glue connecting these scattered appli-cations will be provided by the APIs offered by every smartphone platform.

Figures 5, 6, 7 and 8 present a first attempt towards the implementation of a mul-timedia guiding system for a cultural heritage environment. In particular, these fig-ures illustrate the implementation of an information system for the Ancient Agora ofAthens, a project implemented by the authors for the Hellenic Ministry of Culture(http://www.culture.gr). Similar photos and operations may be performed on a visi-tor’s smartphone. Figure 5 shows a site’s topology with points of interest and visitorsthat gather around them. Every piece of information is drawn from a central server.Figure 6 shows the positioning of points of interest on a map. The user is near acertain point of interest (Eponimon Iroon station) on the top towards the left of thesite. In the points shown on the map, there are fixed info-kiosks that provide guid-ance information to visitors. Similar maps can be implemented easily for the mobiledevices.

Figure 7 shows a set of available monument photos around the same point ofinterest. Figure 8 shows the projection of an artifact’s photo along with its relativeposition in a site’s artifact room. The artifact’s photo and related details appear whenthe visitor gets close to the artifact. There is also a projection room, whereas materialgathered in the smartphone may be projected for a large tourist group.

http://www.culture.gr


Fig. 6 Points of interest on a map

11 Discussion

The adaptation of smartphone devices in the context of virtual guiding services forcultural heritage environments enhances the usage of such services for commercial,touristic and educational purposes. All the participants in a commercial transaction,a tourist management scenario or an educational process regarding such an environ-ment can benefit from such an adaptation.

Using smartphone devices can make the creation and the dissemination of mul-timedia material considering a cultural heritage site more familiar technically forcurators because it permits the exploitation of smartphone tools that can be usedeasily even by inexperienced users. Furthermore, smartphone facilities allow the su-pervision and interaction among the cultural material and visitors (students/tourists)helping curators to improve their virtual guides receiving valuable information as afeedback from such visitors. Especially regarding students, smartphones permit cu-rators the efficient interaction with student groups, the better supervision of studentvisits and the creation of specified virtual guides depending on the needs and interestsof students. Also, in the case of tourists, smartphones facilitate the interaction withother nomadic users, the sharing of their experiences and the creation of specifiedvirtual guides depending on their needs and interests.

On the other hand, smartphones can transform a visit to a cultural heritagesite from a boring activity into an interesting and pleasant experience allowingtourists/students to interact with encyclopedic material, graphical representations and


Fig. 7 Points of interest as selectable thumbnails

Fig. 8 Projection of an artifact

the current view of a site. Also, students can have collaborative learning experienceswith each other by sharing multimedia content they create/capture. This collaborationcan lead them to build their own collaborative virtual guides. Furthermore, single stu-


dents and tourists can take notes, associate them with multimedia content they take onsite in real-time and content obtained by the system in order to build their own virtualtours. These capabilities turn visits at cultural heritage environments into experiencesof virtual learning enhancing learning process. Finally, developing guiding scenariosthrough mobile devices has characteristics of playing games which contributes evenmore to the better understanding of the background of a cultural heritage environ-ment, as it transforms a visit to such an environment into an entertaining experiencesuitable even for younger students.

Moreover, cultural heritage sites and environments can benefit from the commer-cial exploitation of added value cultural content management services like the pur-chasing of high resolution multimedia cultural content and their usage in buildingprivate personal guides (tourists) or the permission for accessing and using specificoperations in raw and combined multimedia cultural content like comparative studyor historical viewing (specialists). Such transactions can be an alternative and com-plementary financial source to the funding of cultural organizations, which can bememory institutions (museums), especially these days where such organizations faceinsufficient budgets. Moreover, participating a user (tourist or specialist) in such atransaction the gain is two fold. The user not only buys a cultural product or usesa service that helps him to achieve his goal, but she/he is also informed about thecultural background of the environment or site that offers this service in a friendlymanner because all these transactions happen employing their own smartphone de-vices at anytime and anywhere.

All the mentioned implications for the participants/users of multimedia servicesemploying smartphone devices into a cultural heritage environment/site show that allthe users can benefit. However, students benefit more from those services. This is dueto the fact that the design of educational scenarios by the curators, which are basedon smartphones, may apply easily a student-centered learning approach due to theircharacteristics. Such scenarios can efficiently combine learning with student visits incultural heritage environments applying an interactive approach that converts such avisit to an entertaining experience permitting interaction among students and curatorsin an easy and friendly way.

12 Conclusions and open remarks for future work

In this paper, we have discussed ideas for the trustworthy adaptation of smartphone-based multimedia services in cultural heritage environments. All these services can berealized due to the inherited hardware and software characteristics of smartphone de-vices (wireless connectivity that supports Internet access, GPS device, built-in cam-era, touch screen, microphone and speakers, digital compass, phone and text mes-saging, text processing like handwriting recognition, animations and images display,object display on maps, video playback and playback control, screen display to otherlarger displays). Furthermore, we extend role-based access control model on smart-phone devices for protecting multimedia content which is disseminated though mul-timedia guiding services in a cultural environment. Also, we use a certification-basedauthentication mechanism for ensuring the authenticity of transactions among users


and system. We believe that the proposed multimedia services can be composed toa large information system which will cover administrative, guiding and commercialneeds of cultural environments and sites.

We intend to work towards this direction and, as first steps, we have presented theproposed business model, along with specific case studies and possible features torepresentative curators of large archaeological sites in Greece. The first feedback isencouraging. Taking these comments as starting point, we plan to conduct a properrequirement analysis process that will include curators and visitors, overview of exist-ing practices in other sites and documentation of managerial, guidance and commer-cial operations that can be transferred to the system proposed. Based on the analysis,an information system will be designed providing discrete trustworthy multimediaservices for visitors and curators which will be suitable for commercial exploitation.In particular, we plan to extend the proposed simple business model incorporatingmore multimedia services, like auctioning of high-quality cultural products in an at-tractive way to the end user. Also, the installation of the system in multiple sitesand devices will facilitate the conduction of a large scale evaluation of the system’seffectiveness.

Furthermore, as a future work, we plan to investigate the provision of multime-dia services which will use the cultural content of various interconnected culturalenvironments and sites, like archaeological museums, in order to provide commonexhibitions of artifacts and environments in different places without space and timelimitations.

References

1. Adolphs, C., & Winkelmann, A. (2010). Personalisation research on e-commerce—a state of the artreview (2000–2008). Journal of Electronic Commerce Research, 11(4), 326–341.

2. Al Bouna, B., & Chbeir, R. (2006). Multimedia-based authorization and access control policy speci-fication. In Proc. of the 3rd ACM workshop on secure web services (pp. 61–68).

3. Arnold, D. (2008). Paster’s quadrant: cultural heritage as inspiration for basic research in computerscience. Journal on Computing and Cultural Heritage, 1(1).

4. Bakos, Y. (1998). The emerging role of electronic marketplaces on the Internet. Communications ofthe ACM, 41(8), 35–42.

5. Bengtsson, A., & Westerdahl, L. (2005). Secure choreography of cooperating web services. In Proc.of the 3rd European conference on web services (pp. 152–159).

6. Bichler, M., Field, S., & Werthner, H. (2001). Introduction: theory and application of electronic mar-ket design. Journal of Electronic Commerce Research, 1, 215–220.

7. Celentano, A., Orsini, R., Pittarello, F., & Barbieri, G. (2009). Design and evaluation of a mobileart guide on iPod touch. In Proc. of the ID&A interaction design & architecture(s) (Vol. 5–6,pp. 77–80).

8. Chen, S., Shyu, M., & Zhao, N. (2004). SMARXO: towards secured multimedia applications byadopting RBAC, XML and object-relational database. In Proc. of the 12th annual ACM internationalconference on multimedia (pp. 432–435).

9. Ciocca, G., Colombo, A., Gagliardi, I., & Schettini, R. (2008). Intangible heritage management andmultimodal navigation. In Proc. of the 4th international conference AXMEDIS (pp. 95–102).

10. Cutrí, G., Naccarato, G., & Pantano, E. (2008). Mobile cultural heritage: the case study of locri. InProc. of the edutainment (pp. 410–420).

11. Davison, J., Walsh, A., & Brown, D. (2000). Mobile e-commerce: market strategies. London: OvumResearch Ltd.

12. Galani, A., Chalmers, M., Brown, B., McColl, I., Randell, C., & Steed, A. (2003). Developing amixed reality co-visiting experience for local and remote museum companions. In Proc. of the 10thconference human computer interaction (pp. 1143–1147).


13. Giordano, C., Modeo, S., Bernardi, G., & Ricchiuti, F. (2007). Using mobile phones as remote controlfor ubiquitous video-recording. In Proc. of the 6th international conference MUM (Vol. 284, pp. 125–130)).

14. Habib, S. M., Jacob, C., & Olovsson, T. (2009). An analysis of the robustness and stability of thenetwork stack in symbian-based smartphones. Journal of Networks, 4(10), 968–975.

15. Hjorth, L. (2009). The big bang: an example of mobile media as new media. Computer in Entertain-ment, 7(2), 1–13.

16. Housley, R., & Ford, W. (1999). Internet X.509 public key infrastructure certificate and CRL profile.RFC 2459.

17. Kodali, N. B., Farkas, C., & Wijesekera, D. (2004). An authorization model for multimedia digitallibraries. Journal of Digital Libraries, 4(3), 139–155.

18. Koukopoulos, D. K., & Styliaras, G. D. (2010). Security in collaborative multimedia web-based artprojects. Journal of Multimedia, 5(5), 404–416.

19. Mostarda, L., Dong, C., & Dulay, N. (2008). Place and time authentication of cultural assets. In Proc.of the IFIP (Vol. 263, pp. 279–294).

20. Mukkamala, R., Kamisetty, V., & Yedugani, P. (2009). Detecting and resolving misconfigurations inrole-based access control. Information Systems Security, 5905, 318–325.

21. Museum of Modern Art (2013). http://www.moma.org.22. National Museum of Contemporary Art (2013). http://www.emst.gr.23. Oberheide, J., & Jahanian, F. (2010). When mobile is harder than fixed (and vice versa): demystify-

ing security challenges in mobile environments. In Proc. of the 11th international workshop mobilecomputing systems and applications (pp. 43–48).

24. Renaud, K., & Angeli, A. (2009). Visual passwords: cure-all or snake-oil. Communications of theACM, 52(12), 135–140.

25. Sauer, S., & Gobel, S. (2003). Focus your young visitors: kids innovation-fundamental changes indigital edutainment. In Proc. of the conference museums and the web (pp. 131–141).

26. Sharma, A. (2008). Bluetooth security issues: threats and consequences. In Proc. of the 2nd nationalconference COIT (pp. 78–80).

27. Sinkovics, R., Yamin, M., & Hossinger, M. (2007). Cultural adaptation in cross border e-commerce:a study of German companies. Journal of Electronic Commerce Research, 8(4), 221–235.

28. Stallings, W. (2006). Cryptography and network security: principles and practice. New York: PrenticeHall.

29. Tarasewich, P., Nickerson, R. C., & Warkentin, M. (2002). Issues in mobile e-commerce. Communi-cations of the Association for Information Systems, 8, 41–64.

30. Tsekleves, E., & Cosmas, J. (2003). Promoting and disseminating cultural heritage sites to people onthe move. In International cultural heritage informatics meeting 2003. Archives & Museums Infor-matics Europe

Dimitrios Koukopoulos is a lecturer at the Department of CulturalHeritage Management and New Technologies (University of WesternGreece, Greece). His major fields of study cover algorithms, networkstability, heterogeneous networks, trustworthy multimedia networksand cultural technology. He has served as a member of program com-mittee in various conferences and as a reviewer in various journals. Re-cently, he is a co-editor of a handbook for applications in cultural her-itage environments published by IGI. He participated as a researcher inmany EU funded projects.

http://www.moma.org

http://www.emst.gr


Georgios Styliaras is an assistant professor in Multimedia Systems atthe Department of Cultural Heritage Management and New Technolo-gies (University of Western Greece) since January 2009. He receivedhis diploma degree in computer engineering and informatics in 1996and his Ph.D. degree in 2001 from the University of Patras. GeorgiosStyliaras worked for the Hellenic Ministry of Culture from 2002 until2005. His duties were to design and manage the implementation of mul-timedia information systems for museums and archaeological sites. In2006 he joined the Department of Plastic Arts and Art Sciences (Uni-versity of Ioannina) as a lecturer in Multimedia Applications. His re-search interests include multimedia applications and systems for cul-ture, hypermedia systems and modeling cultural content.

design of trustworthy smartphone-based multimedia services in cultural environments

Documents