Background: User-generated digital content, typically from mobile devices, can be of a personal nature. There have been several instances in which this personal content, including but not limited to, photographs, videos, messages and personal information, has been misused by the recipients. The misuse has ranged from violating privacy through unauthorized sharing to manipulating/ modifying the original content and finally forgery and fraud.
Objectives: The study aims to create an Advanced Secure Messaging Application (ASMA), allowing personal digital content to be shared across mobile devices in a secure, controlled and privacypreserving manner. The application allows the user to explicitly specify a micro-policy to control the way digital content sent by the user, is consumed, shared or modified by the recipient(s). The users should be able to check the veracity of a shared news item besides controlling group formation and enforcing content sharing guidelines within a group.
Methods: A micro-policy based novel mechanism is introduced for exercising fine-grained control over the manner in which digital content generated by users is shared and distributed among their contacts. Fact-checking is supported by cross-checking the message content against credible news sources.
Results: Measurements of message throughput show a consistent and manageable overhead, due to a per-message micro-policy travelling with the message data compared to traditional message sharing applications. The high user-ratings received from users in a pilot test establish acceptance of the app and the need for its advanced features. Moreover, the overheads in implementing additional security features are imperceptible at the user level.
Conclusion: ASMA is a highly secure and privacy-preserving messaging application, as demonstrated by experimental results and the pilot usability study. It offers novel security and content control features, which are not available in existing mobile messaging applications.