000000322 001__ 322
000000322 005__ 20180214065353.0
000000322 037__ $$aLERSSE-etc-2018-001
000000322 100__ $$aPrimal Wijesekera
000000322 245__ $$aDynamically Regulating Mobile Application Permissions
000000322 260__ $$c2018-02-08
000000322 300__ $$a8
000000322 520__ $$aCurrent smartphone operating systems employ permission systems to regulate how apps access sensitive resources. These systems are not well-aligned with users’ privacy expectations: users often have no idea how often and under what circumstances their personal data is accessed. We conducted a 131-person field study to devise ways to systematically reduce this disconnect between expectations and reality. We found that a significant portion of participants make contextual privacy decisions: when determining whether access to sensitive data is appropriate, they consider what they are doing on their phones at the time, including whether they are actively using the applications requesting their data. We show that current privacy mechanisms do not do a good job of accounting for these contextual factors, but that by applying machine learning to account for context, we can reduce privacy violations by 80, while also minimizing user involvement.
000000322 6531_ $$amobile privacy
000000322 6531_ $$apermission systems
000000322 6531_ $$amachine learning
000000322 6531_ $$asecurity
000000322 700__ $$aArjun Baokar
000000322 700__ $$aLynn Tsai
000000322 700__ $$aJoel Reardon
000000322 700__ $$aSerge Egelman
000000322 700__ $$aDavid Wagner 
000000322 700__ $$aKonstantin Beznosov
000000322 8560_ $$fprimal@ece.ubc.ca
000000322 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/322/files/magazine.pdf
000000322 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/322/files/magazine.pdf?subformat=pdfa$$xpdfa
000000322 909C4 $$pP. Wijesekera et al., "Dynamically Regulating Mobile Application Permissions," in IEEE Security & Privacy, vol. 16, no. 1, pp. 64-71, January/February 2018. doi: 10.1109/MSP.2018.1331031 keywords: {Computer security;Medical devices;Mobile communication;Privacy;Smart phones;IEEE Symposium on Security and Privacy;machine learning;mobile privacy;permission systems;security}, URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8283440&isnumber=8283426
000000322 980__ $$aetc