Biswas, Debmalya; Aad, Imad; Perrucci, Gian Paolo (2 September 2013). Privacy Panel: Usable and Quantifiable Mobile Privacy. In: Availability, Reliability and Security (ARES), 2013 Eighth International Conference on (pp. 218-223). IEEE 10.1109/ARES.2013.29
aad2.pdf - Published Version
Available under License Publisher holds Copyright.
Download (871kB) | Preview
The ever increasing popularity of apps stems from their ability to provide highly customized services to the user. The flip side is that in order to provide such services, apps need access to very sensitive private information about the user. This leads to malicious apps that collect personal user information in the background and exploit it in various ways. Studies have shown that current app vetting processes which are mainly restricted to install time verification mechanisms are incapable of detecting and preventing such attacks. We argue that the missing fundamental aspect here is a comprehensive and usable mobile privacy solution, one that not only protects the user's location information, but also other equally sensitive user data such as the user's contacts and documents. A solution that is usable by the average user who does not understand or care about the low level technical details. To bridge this gap, we propose privacy metrics that quantify low-level app accesses in terms of privacy impact and transforms them to high-level user understandable ratings. We also provide the design and architecture of our Privacy Panel app that represents the computed ratings in a graphical user-friendly format and allows the user to define policies based on them. Finally, experimental results are given to validate the scalability of the proposed solution.
|Item Type:||Conference or Workshop Item (Paper)|
|Division/Institute:||08 Faculty of Science > Institute of Computer Science (INF) > Communication and Distributed Systems (CDS)
08 Faculty of Science > Institute of Computer Science (INF)
|UniBE Contributor:||Aad, Imad Rafic|
|Subjects:||000 Computer science, knowledge & systems
500 Science > 510 Mathematics
|Submitter:||Jonnahtan Eduardo Saltarin de Arco|
|Date Deposited:||02 Apr 2014 13:44|
|Last Modified:||05 Dec 2014 07:07|
|Uncontrolled Keywords:||data privacy, graphical user interfaces, mobile computing, software metrics, app popularity, app vetting processes, customized services, graphical user-friendly format, high-level user understandable ratings, low-level app accesses, malicious apps, mobile privacy, personal user information, privacy impact, privacy metrics, privacy panel app, time verification mechanisms, Accuracy, Data privacy, Mobile communication, Performance evaluation, Privacy, Smart phones|