A Privacy-Friendly Architecture for Mobile Social Networking Applications

Abstract

The resources and localization abilities available in modern smartphones have provided a huge boost to the popularity of location-based applications. In these applications, users send their current locations to a central service provider and can receive content or an enhanced experience predicated on their provided location. Privacy issues with location- based applications can arise from a central entity being able to store large amounts of information about users (e.g., contact information, attributes) and locations (e.g., available businesses, users present). We propose an architecture for a privacy-friendly location hub to encourage the development of mobile location-based social applications with privacy- preserving features. Our primary goal is to store information such that no entity in our architecture can link a user’s identity to her location. We also aim to decouple storing data from manipulating data for social networking purposes. Other goals include designing an architecture flexible enough to support a wide range of use cases and avoiding considerable client-side computation. Our architecture consists of separate server components for storing information about users and storing information about locations, as well as client devices and optional com- ponents in the cloud for supporting applications. We describe the design of API functions exposed by the server components and demonstrate how they can be used to build some sample mobile location-based social applications. A proof-of-concept implementation is provided with in-depth descriptions of how each function was realized, as well as experi- ments examining the practicality of our architecture. Finally, we present two real-world applications developed on the Android platform to demonstrate how these applications work from a user’s perspective.