OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. This is an author-deposited version published in : http://oatao.univ-toulouse.fr/ Eprints ID : 18779 The contribution was presented at ARES 2016 : Abstract-Today, permissions management solutions on mobile devices employ Identity Based Access Control (IBAC) models. If this approach was suitable when people had only a few games (like Snake or Tetris)

more »

... ed on their mobile phones, the current situation is different. A survey from Google in 2013 showed that, on average, US users have installed 33 applications on their Android smartphones. As a result, these users must manage hundreds of permissions to protect their privacy. Scalability of IBAC is a well-known issue and many more advanced access control models have introduced abstractions to cope with this problem. However, such models are more complex to handle by non-technical users. Thus, we present a permission management system for Android devices that 1) learns users' privacy preferences , 2) proposes them abstract authorization rules, and 3) provides advanced features to manage these high-level rules. We prove this approach is more efficient than current permission management system by comparing it to Privacy Guard Manager.