Mobile devices are often considered important personal devices for communications, business and entertainment. They can collect various data or information related to their users, such as location, mobile application usage information, communication statistics, device connectivity status, web service access statistics, as well as user personal activities or the like. Meanwhile, a number of online services have developed that attempt to collect the mobile users' personal data in order to provide desired services, and more particularly personalized mobile services based on user data mining.
For example, mobile user location-based services have shown business potential. A reputation service may provide personalized recommendations on downloadable software (e.g., mobile) applications based on widely-collected user feedback and software/application usage statistics. These and other similar types of services generally apply a centralized service center to collect users' personal data from their mobile phones and then offer services based on the collected data. This service center may be deployed over a wide area network such as the Internet and may be susceptible to various internal and external attacks.
In practice, users may be hesitant to share their personal data to the service center of a service provider located in an insecure network. Privacy is often cited as a main concern for this hesitation. Firstly, a service center may suffer an internal or external attack in which a user's personal data may be accessed by unauthorized individuals. Secondly, even if the service center is properly running, some personal data may be derivable from accessible data records stored in a database of service center.