Abstract
The key issue for any mobile application or service is the way it is delivered and experienced by users, who eventually may decide to keep it on their software portfolio or not. Without doubt, security and privacy have both a crucial role to play towards this goal. Very recently, Gartner has identified the top ten of consumer mobile applications that are expected to dominate the market in the near future. Among them one can earmark location-based services in number 2 and mobile instant messaging in number 9. This paper presents a novel application namely MILC that blends both features. That is, MILC offers users the ability to chat, interchange geographic co-ordinates and make Splashes in real-time. At present, several implementations provide these services separately or jointly, but none of them offers real security and preserves the privacy of the end-users at the same time. On the contrary, MILC provides an acceptable level of security by utilizing both asymmetric and symmetric cryptography, and most importantly, put the user in control of her own personal information and her private sphere. The analysis and our contribution are threefold starting from the theoretical background, continuing to the technical part, and providing an evaluation of the MILC system. We present and discuss several issues, including the different services that MILC supports, system architecture, protocols, security, privacy etc. Using a prototype implemented in Google’s Android OS, we demonstrate that the proposed system is fast performing, secure, privacy-preserving and potentially extensible.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Askwith, B., Merabti, M., Shi, Q., & Whiteley, K. (1997). Achieving user privacy in mobile networks, in Proc. 13th Annual Computer Security Applications Conference, ACSAC, 108–116. doi:10.1109/CSAC.1997.646180.
Bellare, M. (1997). Practice-oriented provable-security, in Proc. 1st International Workshop on Information Security (ISW ’97), 221–231.
Bønes, E., Hasvold, P., Henriksen, E., & Strandenæs, T. (2006). Risk analysis of information security in a mobile instant messaging and presence system for healthcare. International Journal of Medical Informatics, 76, 677–687. doi:10.1016/j.ijmedinf.2006.06.002.
BuddyMob (2009). BuddyMob. Retrieved from http://www.buddymob.com/. Accessed September 2009.
Chen, G., & Rahman, F. (2008). Analyzing privacy designs of mobile social networking applications, in Proc. IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC ’08, 2, 83–88. doi:10.1109/EUC.2008.156.
Deriaz, M. (2008). The Uncertainty of the Truth, in Proc. 2008 Sixth Annual Conference on Privacy, Security and Trust, PST ’08, 177–188.
Deriaz, M., & Seigneur, J. M. (2006). Trust and Security in Spatial Messaging: FoxyTag, the Speed Camera Case Study, in Proc. 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business services, PST ‘06. doi:10.1145/1501434.1501459.
Deriaz, M., & Seigneur, J. M. (2007). Towards trustworthy spatial messaging. Electronic Notes in Theoretical Computer Science, ENTCS, 179, 123–133. doi:10.1016/j.entcs.2006.08.036.
Frier, A., Karlton, P., & Kocher, P. (2006). The SSL 3.0 Protocol. Retrieved from http://home.netscape.com/eng/ ssl3/draft302.txt. Accessed December 2009.
GFindster (2008). GFindster Review. Retrieved from http://www.androidapps.com/t/gfindster. Accessed August 2009.
Gow, A. G. (2004). Pinpointing consent: location privacy, public safety, and mobile phones, in Proc. Conference on the Global and Local in Mobile Communications.
Han, T. D., Yoon, H. M., Jeong, S. H., & Kang, B. S. (2005). Implementation of personalized situation-aware service, in Proc. 1st International Workshop on Personalized Context Modeling and Management for UbiComp Applications, ubiPCMM ’05.
IMEasy (2008). Introduction to Hi AIM. Retrieved from http://im-easy.com/. Accessed September 2009.
Isaacs, E., Walendowski, A., & Ranganathan, D. (2002). Hubbub: A sound-enhanced mobile instant messenger that supports awareness and opportunistic interactions, in Proc. SIGCHI conference on Human factors in Computing Systems: Changing our world, changing ourselves, SIGCHI ’02, 179–186.
Kawada, M., Mimura, N., Morikawa, H., & Aoyama, T. (2005). A user-oriented presence synthesizing system for facilitating on-line communication, in Proc. 2005 Symposium on Applications and the Internet Workshops, SAINT ’05 Workshops, 242–245. doi:10.1109/SAINTW.2005.1620021.
Liao, J., Qi, Y. H., Huang, P. W., Rong, M. T., & Li, S. H. (2006). Protection of mobile location privacy by using blind signature. Journal of Zhejiang University – Science A, 7(6), 984–989. doi:10.1631/jzus.2006.A0984.
Liu, K., Giannella, C., & Kargupta, H. (2006). An Attacker’s View of Distance Preserving Maps for Privacy Preserving Data Mining, in Proc. 10th European Conference on Principles and Practice of Knowledge Discovery in Databases, PKDD ’06. doi:10.1007/11871637_30.
Long Wong, F., Lin, M., Nagaraja, S., Wassell, I., & Stajano, F. (2007). Evaluation Framework of Location Privacy of Wireless Mobile Systems with Arbitrary Beam Pattern, in Proc. 5th Conference on Communications Networks and Services Research, CNSR ’07, 157–165.
Mannan, M., & Van Oorschot, P. C. (2004). Secure public Instant Messaging: A survey, in Proc. 2nd Annual Conference on Privacy, Security and Trust, PST ’04, 69–77.
Palazzi, C. E. (2004). Buddy-Finder: A Proposal for a Novel Entertainment Application for GSM, in Proc. 1st IEEE International Workshop on Networking Issues in Multimedia Entertainment, NIME '04, GLOBECOM 2004.
Qi, H., Wu, D., & Khosla, P. (2004a). The quest for personal control over mobile location privacy. IEEE Communications Magazine, 42(5), 130–136.
Qi, H., Wu, D., & Khosla, P. (2004b). A Mechanism for Personal Control over Mobile Location Privacy, in Proc. IEEE/ACM 1st International Workshop on Broadband Wireless Services and Applications, BroadWISE ’04.
Quercia, D., Ellis, J., & Capra, L. (2010). Nurturing Social Networks Using Mobile Phones. Journal of Pervasive Computing, IEEE. PP(99). doi:10.1109/MPRV.2010.43.
Ren, K., & Lou, W. (2007). Privacy-enhanced, attack-resilient access control in pervasive computing environments with optional context authentication capability. Mobile Networks and Applications, 12(1), 79–92. doi:10.1007/s11036-006-0008-7.
Ruppel, P., Treu, G., Kϋpper, A., & Linnhoff-Popien, C. (2006). Anonymous user tracking for location-based community services. Location and Context-Awareness, LNCS, 3987, 116–133. doi:10.1007/11752967_9.
Safar, M., Sawwan, H., Taha, M., & Al-Fadhli, T. (2008). Virtual social networks online and mobile systems, in Proc. 1st International Conference on Applications of Digital Information and Web Technologies, ICADIWT’08, 119–126.
Sermersheim, J. (2006). Lightweight Directory Access Protocol (LDAP): The Protocol. Retrieved from http://www.rfc-editor.org/rfc/rfc4511.txt. Accessed December 2009.
UWYN (2007). Use what you need. Class Base64. Retrieved from http://rifers.org/docs/api/com/uwyn/rife/tools/Base64.html. Accessed 15 September 2009.
Zimmermann, P. (1995). The official PGP user’s guide. Massachusetts: MIT.
Zhong, H., Bi, L., Feng, Z., & Li, N. (2008). Research on the design methods of mobile social network services, in Proc. International Conference on Information Management, Innovation Management and Industrial Engineering, ICIII ’08, 2, 458–461. doi:10.1109/ICIII.2008.206.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Loukas, A., Damopoulos, D., Menesidou, S.A. et al. MILC: A secure and privacy-preserving mobile instant locator with chatting. Inf Syst Front 14, 481–497 (2012). https://doi.org/10.1007/s10796-010-9254-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-010-9254-0