Dr Panos Andriotis Panagiotis.Andriotis@uwe.ac.uk
Senior Lecturer in Computer Forensics and Security
Studying users’ adaptation to Android's run-time fine-grained access control system
Andriotis, Panagiotis; Stringhini, Gianluca; Sasse, Angela
Authors
Gianluca Stringhini
Angela Sasse
Abstract
© 2018 Elsevier Ltd The advent of the sixth Android version brought a significant security and privacy advancement to its users. The platform's security model has changed dramatically, allowing users to grant or deny access to resources when requested by applications during run-time. This improvement changed the traditional coarse-grained permission system and it was anticipated for a long time by privacy-aware users. In this paper, we present a pilot study that aims to analyze how Android users adapted to the run-time permission model. We gathered anonymous data from 52 participants, who downloaded an application we developed and answered questions related to the run-time permission model. Their answers suggest that most of them positively accepted the new model. We also collected data that describe users’ permission settings for each installed application on their devices. Our analysis shows that individuals make consistent choices regarding the resources they allow to various applications to access. In addition, the results of this pilot study showcase that on a second data collection round (occurred one month after the first phase of our experiments), 50% of the respondents did not change a single permission on their devices and only 2.26% of installed applications (on average) presented altered permission settings.
Citation
Andriotis, P., Stringhini, G., & Sasse, A. (2018). Studying users’ adaptation to Android's run-time fine-grained access control system. Journal of Information Security and Applications, 40, 31-43. https://doi.org/10.1016/j.jisa.2018.02.004
Journal Article Type | Article |
---|---|
Acceptance Date | Feb 11, 2018 |
Online Publication Date | Mar 13, 2018 |
Publication Date | Jun 1, 2018 |
Deposit Date | Feb 13, 2018 |
Publicly Available Date | Mar 13, 2019 |
Journal | Journal of Information Security and Applications |
Electronic ISSN | 2214-2126 |
Publisher | Elsevier |
Peer Reviewed | Peer Reviewed |
Volume | 40 |
Pages | 31-43 |
DOI | https://doi.org/10.1016/j.jisa.2018.02.004 |
Keywords | privacy, Android, usability, acceptance, controls, permissions |
Public URL | https://uwe-repository.worktribe.com/output/873033 |
Publisher URL | https://doi.org/10.1016/j.jisa.2018.02.004 |
Files
JISApreprint.pdf
(7.9 Mb)
PDF
You might also like
Bu-Dash: A universal and dynamic graphical password scheme
(2022)
Conference Proceeding
Feature vulnerability and robustness assessment against adversarial machine learning attacks
(2021)
Conference Proceeding
To allow, or deny? That is the question
(2020)
Conference Proceeding
Dataset: To Allow, or Deny? That is the Question
(2019)
Dataset
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search