Privacy Properties in Software Architectures: Analyzing Messenger Applications

Messenger applications are an increasingly popular form of communication because of their real-time, convenient,

and free service, but they also bring privacy concerns. Modern Messenger apps are working on integrating different

privacy properties (i.e., privacy requirements) through implementing privacy technologies. In this thesis, we use these

two terms––“privacy properties” and “privacy requirements”––interchangeably. However, it is generally unclear which

privacy requirements would significantly impact the software architecture and therefore should be considered early on

in the design process. If this is known, architects can save time and make the right requirement decisions by reducing

system design iterations and being aware of the consequences of fulfilling the requirements. Against this background,

this study identifies and analyzes the architectural significance of privacy requirements in messenger apps. Through

analyzing the architecturally significant requirements, this study finds that unlinkability, anonymity, confidentiality, and

plausible deniability requirements are usually architecturally significant. In contrast, undetectability, content awareness,

and policy and consent compliance requirements are usually not. However, the architectural significance of the requirements

sometimes differs depending on their realization, i.e., the technologies utilized. The results of this study can be used in software

design to ease the design process and avoid repeated work, e.g., in software architecture design methods. In this thesis, we apply

the results to the Attribute Driven Design method, demonstrating the practical application of this work. We find that the analysis

of architectural significance helps prioritize and evaluate different requirements in the design process.