Analysis of access control mechanisms for users' check-ins in Location-Based Social Network Systems

Location-Based Social Network Systems (LBSNSs) are becoming increasingly popular. In LBSNSs, users can check in at various places, connect with their friends and share their check-ins (including users' locations and timestamps) with their friends and even the public. However, most LBSNSs pay on more attention to attracting users to join and actively use their systems rather than protecting users' privacy preferences for their check-ins. In this paper, we analyze access control mechanisms for users' check-ins in four of the most popular existing LBSNSs: Facebook Places, Foursquare, Google Latitude and Yelp. We first generalize a model for users' check-ins based on these LBSNSs. Considering users' check-ins as the protection objects, we then generalize an access control policy model for them. We use these two models as criteria to analyze these access control mechanisms for users' check-ins and compare them in these LBSNSs. Additionally, we identify the common vulnerabilities in these access control mechanisms. Understanding the access control mechanisms for users' check-ins and their limitations can help users who care more about their privacy to choose a LBSNS where their location privacy is better protected.