3P framework: Customizable permission architecture for mobile applications

Sujit Biswas; Kashif Sharif; Fan Li; Yang Liu

doi:10.1007/978-3-319-60033-8_39

3P framework: Customizable permission architecture for mobile applications

Sujit Biswas, Kashif Sharif^*, Fan Li, Yang Liu

^*Corresponding author for this work

School of Computer Science and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

10 Citations (Scopus)

Abstract

Mobile applications & smart devices have drastically changed our routine tasks, and have become an integral part of modern society. Along with the numerous benefits we get, major challenges like privacy and safety have become complicated than before. The permission based system for mobile applications is designed to empower the user to decide which resources and information they want the application to access. Most of these permissions are granted during installation of application, but our study shows that the users make weak decisions in protecting their information. Majority of the users, even with technical backgrounds, blindly grant all permissions requested by the application even if they are not necessary for the application to run. In order to give more control to the user, and to enable them to make informed decisions regarding permission, we have proposed a Privacy Permission Policy Framework in this paper. This framework enables the user to have greater control over the permission granting while installing the mobile applications. The implementation and testing of the framework also enabled us to run forensic analysis and understand the scope of permissions requested, based on which this framework can advise the user to select minimum required permissions for the application to work. This makes the users’ privacy more secure, and grants full control over the process.

Original language	English
Title of host publication	Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings
Editors	Yan Zhang, Abdallah Khreishah, Mingyuan Yan, Liran Ma
Publisher	Springer Verlag
Pages	445-456
Number of pages	12
ISBN (Print)	9783319600321
DOIs	https://doi.org/10.1007/978-3-319-60033-8_39
Publication status	Published - 2017
Event	12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017 - Guilin, China Duration: 19 Jun 2017 → 21 Jun 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10251 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017
Country/Territory	China
City	Guilin
Period	19/06/17 → 21/06/17

Keywords

Android security
Mobile app privacy
Privacy behaviors
Users privacy consciousness

Access to Document

10.1007/978-3-319-60033-8_39

Cite this

Biswas, S., Sharif, K., Li, F., & Liu, Y. (2017). 3P framework: Customizable permission architecture for mobile applications. In Y. Zhang, A. Khreishah, M. Yan, & L. Ma (Eds.), Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings (pp. 445-456). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10251 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-60033-8_39

Biswas, Sujit ; Sharif, Kashif ; Li, Fan et al. / 3P framework : Customizable permission architecture for mobile applications. Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings. editor / Yan Zhang ; Abdallah Khreishah ; Mingyuan Yan ; Liran Ma. Springer Verlag, 2017. pp. 445-456 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{703ba0c1b774443e809e27bad32791aa,

title = "3P framework: Customizable permission architecture for mobile applications",

abstract = "Mobile applications \& smart devices have drastically changed our routine tasks, and have become an integral part of modern society. Along with the numerous benefits we get, major challenges like privacy and safety have become complicated than before. The permission based system for mobile applications is designed to empower the user to decide which resources and information they want the application to access. Most of these permissions are granted during installation of application, but our study shows that the users make weak decisions in protecting their information. Majority of the users, even with technical backgrounds, blindly grant all permissions requested by the application even if they are not necessary for the application to run. In order to give more control to the user, and to enable them to make informed decisions regarding permission, we have proposed a Privacy Permission Policy Framework in this paper. This framework enables the user to have greater control over the permission granting while installing the mobile applications. The implementation and testing of the framework also enabled us to run forensic analysis and understand the scope of permissions requested, based on which this framework can advise the user to select minimum required permissions for the application to work. This makes the users{\textquoteright} privacy more secure, and grants full control over the process.",

keywords = "Android security, Mobile app privacy, Privacy behaviors, Users privacy consciousness",

author = "Sujit Biswas and Kashif Sharif and Fan Li and Yang Liu",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.; 12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017 ; Conference date: 19-06-2017 Through 21-06-2017",

year = "2017",

doi = "10.1007/978-3-319-60033-8\_39",

language = "English",

isbn = "9783319600321",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "445--456",

editor = "Yan Zhang and Abdallah Khreishah and Mingyuan Yan and Liran Ma",

booktitle = "Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings",

address = "Germany",

}

Biswas, S, Sharif, K, Li, F & Liu, Y 2017, 3P framework: Customizable permission architecture for mobile applications. in Y Zhang, A Khreishah, M Yan & L Ma (eds), Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10251 LNCS, Springer Verlag, pp. 445-456, 12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017, Guilin, China, 19/06/17. https://doi.org/10.1007/978-3-319-60033-8_39

3P framework: Customizable permission architecture for mobile applications. / Biswas, Sujit; Sharif, Kashif; Li, Fan et al.
Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings. ed. / Yan Zhang; Abdallah Khreishah; Mingyuan Yan; Liran Ma. Springer Verlag, 2017. p. 445-456 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10251 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - 3P framework

T2 - 12th International Conference on Wireless Algorithms, Systems, and Applications, WASA 2017

AU - Biswas, Sujit

AU - Sharif, Kashif

AU - Li, Fan

AU - Liu, Yang

N1 - Publisher Copyright: © Springer International Publishing AG 2017.

PY - 2017

Y1 - 2017

N2 - Mobile applications & smart devices have drastically changed our routine tasks, and have become an integral part of modern society. Along with the numerous benefits we get, major challenges like privacy and safety have become complicated than before. The permission based system for mobile applications is designed to empower the user to decide which resources and information they want the application to access. Most of these permissions are granted during installation of application, but our study shows that the users make weak decisions in protecting their information. Majority of the users, even with technical backgrounds, blindly grant all permissions requested by the application even if they are not necessary for the application to run. In order to give more control to the user, and to enable them to make informed decisions regarding permission, we have proposed a Privacy Permission Policy Framework in this paper. This framework enables the user to have greater control over the permission granting while installing the mobile applications. The implementation and testing of the framework also enabled us to run forensic analysis and understand the scope of permissions requested, based on which this framework can advise the user to select minimum required permissions for the application to work. This makes the users’ privacy more secure, and grants full control over the process.

AB - Mobile applications & smart devices have drastically changed our routine tasks, and have become an integral part of modern society. Along with the numerous benefits we get, major challenges like privacy and safety have become complicated than before. The permission based system for mobile applications is designed to empower the user to decide which resources and information they want the application to access. Most of these permissions are granted during installation of application, but our study shows that the users make weak decisions in protecting their information. Majority of the users, even with technical backgrounds, blindly grant all permissions requested by the application even if they are not necessary for the application to run. In order to give more control to the user, and to enable them to make informed decisions regarding permission, we have proposed a Privacy Permission Policy Framework in this paper. This framework enables the user to have greater control over the permission granting while installing the mobile applications. The implementation and testing of the framework also enabled us to run forensic analysis and understand the scope of permissions requested, based on which this framework can advise the user to select minimum required permissions for the application to work. This makes the users’ privacy more secure, and grants full control over the process.

KW - Android security

KW - Mobile app privacy

KW - Privacy behaviors

KW - Users privacy consciousness

UR - http://www.scopus.com/inward/record.url?scp=85026380837&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-60033-8_39

DO - 10.1007/978-3-319-60033-8_39

M3 - Conference contribution

AN - SCOPUS:85026380837

SN - 9783319600321

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 445

EP - 456

BT - Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings

A2 - Zhang, Yan

A2 - Khreishah, Abdallah

A2 - Yan, Mingyuan

A2 - Ma, Liran

PB - Springer Verlag

Y2 - 19 June 2017 through 21 June 2017

ER -

Biswas S, Sharif K, Li F, Liu Y. 3P framework: Customizable permission architecture for mobile applications. In Zhang Y, Khreishah A, Yan M, Ma L, editors, Wireless Algorithms, Systems, and Applications - 12th International Conference, WASA 2017, Proceedings. Springer Verlag. 2017. p. 445-456. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-60033-8_39

3P framework: Customizable permission architecture for mobile applications

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this