There is an interesting protocol at work at Chuck E. Cheese. This restaurant/arcade makes its money by hosting kids parties, birthday parties and such. There are a lot of kids and big parties in and out of there, and of course a lot of chaos. I would assume this makes them extra careful about protecting their customers especially kids. So here is one thing they do: when you enter there is a checkpoint at the front door. You are greeted and everyone in your party gets a stamp thats only visible under a certain kind of light on your hand. The stamp is supposed to be unique to your party.
Then when you go to leave the adult(s) and kid(s) are checked to make sure that they are part of the same group that entered by checking the stamps match on the outbound side.
the problem is the 17yo that checks you in and out makes $3/hr and is more interested in his tweets than your kids... social engineer that protocol at will without difficulty...
Posted by: wpt | August 25, 2009 at 02:16 PM
I think the continued 122db noise level and and damages the internal organs of small animals and scares adults away, making it safe for children to play. Rumor is NASA performs acoustical tests on shuttle components there prior to launch.
Posted by: Adrian Lane | August 27, 2009 at 07:17 PM
I like these "real world" protocol solutions. It's also fun wondering what "our industry" would have advised... all kids to bring identification? Bring formal invites on unforgeable paper? Pay with their credit cards on entry? ...
Any clues as to the nature of the light? I'm guessing that it is UV. Does this mean you can get UV reflecting skin ink? I can imagine lots of fun apps for that.
Posted by: Iang | September 03, 2009 at 10:51 AM
@iang: that's what I liked about it too, its the opposite of typical infosec.
real world infosec protocol would have a huge, cumbersome, error prone registration process on entry, then no further authorization, and none on the outbound side (the most important part in this case)
Chuck E Cheese has no up front "authentication" per se, just a group used for authorization, and believe me the outbound side was much more stringent than the inbound side (again the inverse)
Posted by: Gunnar | September 03, 2009 at 11:03 AM
I doubt if that's really true. At times, they have 10 parties going at the same time and I don't remember the checkin guy shuffling through to get the right stamp.
I've always wondered why they stamp everyone on the way in.
-Ashish
Posted by: itickr | September 11, 2009 at 11:15 AM
barcode wrist bands would be more effective I think. Everyone gets scanned on the way in and on the way out. The stamps are not always that clear.
Posted by: Brenda | December 03, 2009 at 03:57 AM