Skip to main content
SpringerLink
Log in

Privacy in Mobile Devices

  • Chapter
  • First Online:
Privacy in a Digital, Networked World

Part of the book series: Computer Communications and Networks ((CCN))

  • 2180 Accesses

Abstract

The mobile ecosystem is a collection of network operators, application developers, users, law makers, and associated technologies and policies. This collection provides the most prominent personal computing environment of the day. As application designers continue to innovate in this ecosystem, users are becoming more and more tempted to provide service providers access to their personal data. This chapter provides an overview of data collection, data leakage and data interception methods in mobile devices that make the user’s personal data susceptible to unwanted access. This brings forth the issue of privacy of the user whose private data is now open for analysis by unknown individuals, businesses with which the user has no trust relationship, and the prying eyes of monitoring agencies. It is hoped that awareness efforts and novel technologies will help eliminate the issue. We discuss how mobile application developers can follow best practices to control personal data collection, the options that users have to control how applications access their data, and novel privacy preserving architectures for mobile applications. Nonetheless, the challenges ahead of us are overwhelming, and call for another collective endeavor to prevent the mobile device from transforming into the tool that dissolved all notions of privacy in modern society.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 59.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://developer.mozilla.org/en-US/docs/WebAPI.

  2. 2.

    An attack where an eavesdropper intercepts messages between two parties, and relays them either after simple observation or after modification, without detection by either party.

  3. 3.

    http://android-developers.blogspot.com/2010/08/best-practices-for-handling-android.html.

  4. 4.

    https://developer.apple.com/library/ios/documentation/iphone/conceptual/iphoneosprogramming guide/AppDesignBasics/AppDesignBasics.html.

References

  1. Baden R, Bender A, Spring N, Bhattacharjee B, Starin B (2009) Persona: an online social network with user-defined privacy. In: Proceedings of the ACM SIGCOMM 2009 conference on data communication, pp 135–146

    Google Scholar 

  2. Bamba B, Liu L, Pesti P, Wang T (2008) Supporting anonymous location queries in mobile environments with privacy grid. In: Proceedings of the 17th international world wide web conference, pp 237–246

    Google Scholar 

  3. Barbaro M, Zeller T (2006) A face is exposed for AOL Searcher No. 4417749. New York Times

    Google Scholar 

  4. Cutillo LA, Molva R, Strufe T (2009) Safebook: a privacy-preserving online social network leveraging on real-life trust. IEEE Commun Mag 94–101

    Google Scholar 

  5. Dewri R, Ray I, Ray I, Whitley D (2010) Query m-invariance: preventing query disclosures in continuous location-based services. In: Proceedings of the 11th international conference on mobile data management, pp 95–104

    Google Scholar 

  6. Dewri R, Thurimella R (2013) Can a Phone’s GPS lie intelligently? IEEE Comput Mag 46(2):91–93

    Article  Google Scholar 

  7. Dewri R, Thurimella R (2014) Exploiting service similarity for privacy in location based search queries. IEEE Trans Parallel Distrib Syst 25(2):374–383

    Article  Google Scholar 

  8. Dingledine R, Mathewson N, Syverson P (2004) TOR: the second-generation onion router. In: Proceedings of the 13th USENIX security symposium, p 21

    Google Scholar 

  9. Enck W, Gilbert P, Chun BG, Cox L, Jung J, McDaniel P, Sheth A (2010) TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX symposium on operating systems design and implementation, pp 393–407

    Google Scholar 

  10. Federal Trade Commission: mobile privacy disclosures: building trust through transparency. Technical report. www.ftc.gov/os/2013/02/130201mobileprivacyreport.pdf

  11. Federrath H, Jerichow A, Pfitzmann A: MIXes in mobile communication systems: location management with privacy. In: Proceedings of the 1st international workshop on information hiding, pp 121–135

    Google Scholar 

  12. Fredrikson M, Livshits B (2011) RePriv: re-imagining content personalization and in-browser privacy. In: Proceedings of the 2011 IEEE symposium on security and privacy, pp 131–146

    Google Scholar 

  13. Fuchs A, Chaudhuri A, Foster J (2009) SCanDroid: automated security certification of android applications. Technical report, University of Maryland (2009)

    Google Scholar 

  14. Gedik B, Liu L (2008) Protecting location privacy with personalized k-anonymity: architecture and algorithms. IEEE Trans Mob Comput 7(1):1–18

    Article  Google Scholar 

  15. Golle P (2006) Revisiting the uniqueness of simple demographics in the US population. In: Proceedings of the 5th ACM workshop on privacy in electronic society, pp 77–80

    Google Scholar 

  16. Golle P, Partridge K (2009) On the anonymity of home/work location Pairs. In: Proceedings of the 7th international conference on pervasive computing, pp 390–397

    Google Scholar 

  17. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th conference on computer and communications security, pp 89–98

    Google Scholar 

  18. Gruteser M, Grunwald D (2003) Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of the 1st international conference on mobile systems, applications, and services, pp 31–42

    Google Scholar 

  19. Guha S, Cheng B, Francis P (2011) Privad: practical privacy in online advertising. In: Proceedings of the 8th USENIX conference on networked systems design and implementation, p 13

    Google Scholar 

  20. Hazay C, Lindell Y (2008) efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. Theory Cryptogr 155–175

    Google Scholar 

  21. Hoh B, Gruteser M, Xiong H, Alrabady A (2006) Enhancing security and privacy in traffic-monitoring systems. IEEE Pervasive Comput 5(4):38–46

    Article  Google Scholar 

  22. Jarecki S, Liu X (2010) Fast secure computation of set intersection. In: Proceedings of the 7th conference on security and cryptography for networks, pp 418–435

    Google Scholar 

  23. Kesdogan D, Federrath H, Jerichow A, Pfitzmann A (1996) Location management strategies increasing privacy in mobile communication. In: Proceedings of the 12th IFIP international information security conference, pp 39–48

    Google Scholar 

  24. Krishnamurthy B, Wills CE (2009) Privacy diffusion on the web: a longitudinal perspective. In: Proceedings of the 18th international conference on world wide web, pp 541–550

    Google Scholar 

  25. Krumm J (2007) Inference attacks on location tracks. In: Proceedings of the 5th international conference on pervasive computing, pp 127–143

    Google Scholar 

  26. Kushilevitz E, Ostrovsky R (1997) Replication is not needed: single database, computationally-private information retrieval. In: Proceedings of the 38th annual symposium on foundations of computer science, p 364

    Google Scholar 

  27. Malin B (2006) Re-identification of familial database records. In: AMIA annual symposium proceedings, pp 524–528

    Google Scholar 

  28. Mayer JR, Mitchell JC (2012) Third-party web tracking: policy and technology. In: Proceedings of the 2012 IEEE symposium on security and privacy, pp 413–427

    Google Scholar 

  29. Narayanan A, Shmatikov V (2008) Robust de-anonymization of large sparse datasets. In: Proceedings of the 2008 IEEE Symposium on security and privacy, pp 111–125

    Google Scholar 

  30. Narayanan A, Shmatikov V (2009) De-Anonymizing social networks. In: Proceedings of the 2009 IEEE symposium on security and privacy, pp 173–187

    Google Scholar 

  31. Narayanan A, Thiagarajan N, Lakhani M, Hamburg M, Boneh D (2011) Location privacy via private proximity testing. In: Proceedings of the network and distributed system security symposium

    Google Scholar 

  32. O’Clair B, Egnor D, Greenfield LE (2011) Scoring local search results based on location prominence. US Patent 8046371 B2

    Google Scholar 

  33. Qiu D, Boneh D, Lo S, Enge P (2009) Robust location tag generation from noisy location data for security applications. In: The Institute of navigation international technical meeting

    Google Scholar 

  34. Reznichenko A, Guha S, Francis P (2011) Auctions in do-not-track compliant internet advertising. In: Proceedings of the 18th ACM conference on computer and communications security, pp 667–676

    Google Scholar 

  35. Shin H, Vaidya J, Atluri V (2011) A profile anonymization model for location based services. J Comput Secur 19(5):795–833

    Google Scholar 

  36. Souppaya M, Scarfone K (2013) Guidelines for managing the security of mobile devices in the enterprise. Technical report 800-124 Rev 1. National Institute of Standards and Technology

    Google Scholar 

  37. Thurm S, Kane YI (2010) Your apps are watching you. What They Know: The Wall Street J

    Google Scholar 

  38. Truste: US 2013 Consumer data privacy study—mobile edition. Technical report, Truste Inc

    Google Scholar 

  39. United States Department of Justice: Retention Periods of Major Cellular Service Providers. https://www.aclu.org/files/pdfs/freespeech/retention_periods_of_major_cellular_service_providers.pdf

  40. Xi Y, Schwiebert L, Shi W (2013) Privacy preserving shortest path routing with an application to navigation. Pervasive Mobile Comput

    Google Scholar 

Download references

Acknowledgments

We thank the graduate and undergraduate students of Computer Science at the University of Denver who explored the privacy issues and solutions highlighted here, and helped bring it together in the form of this chapter.

Author information

Authors and Affiliations

  1. University of Denver, Denver, CO, 80210, USA

    Rinku Dewri & Ramakrishna Thurimella

Authors
  1. Rinku Dewri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ramakrishna Thurimella
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rinku Dewri .

Editor information

Editors and Affiliations

  1. University of Kentucky, Lexington, Kentucky, USA

    Sherali Zeadally

  2. Zayed University, Dubai, United Arab Emirates

    Mohamad Badra

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Dewri, R., Thurimella, R. (2015). Privacy in Mobile Devices. In: Zeadally, S., Badra, M. (eds) Privacy in a Digital, Networked World. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-08470-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-08470-1_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-08469-5

  • Online ISBN: 978-3-319-08470-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation