Dynamically Regulating Mobile Application Permissions [article]

Primal Wijesekera, Arjun Baokar, Lynn Tsai, Joel Reardon, Serge Egelman, David Wagner, Konstantin Beznosov
2018 Zenodo  
Current smartphone operating systems employ permission systems to regulate how apps access sensitive resources. These systems are not well-aligned with users' privacy expectations: users often have no idea how often and under what circumstances their personal data is accessed. We conducted a 131-person field study to devise ways to systematically reduce this disconnect between expectations and reality. We found that a significant portion of participants make contextual privacy decisions: when
more » ... termining whether access to sensitive data is appropriate, they consider what they are doing on their phones at the time, including whether they are actively using the applications requesting their data. We show that current privacy mechanisms do not do a good job of accounting for these contextual factors, but that by applying machine learning to account for context, we can reduce privacy violations by 80, while also minimizing user involvement.
doi:10.5281/zenodo.3264735 fatcat:xnwdxobsknfsri6s3yvckjoviy