HappyPermi

Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems Pub Date : 2019-05-02 DOI:10.1145/3290607.3312914

Mehrdad Bahrini, Nina Wenig, M. Meissner, Karsten Sohr, Rainer Malaka

{"title":"HappyPermi","authors":"Mehrdad Bahrini, Nina Wenig, M. Meissner, Karsten Sohr, Rainer Malaka","doi":"10.1145/3290607.3312914","DOIUrl":null,"url":null,"abstract":"Malicious Android applications can obtain user's private data and silently send it to a server. Android permissions are currently not sufficient enough to ensure the security of users' sensitive information. For a sufficient permission model it is important to account the target of the outgoing data flow. On the other hand, permission dialogues often contain relevant information, but most of the users generally do not understand the implications or the visualization fails to guide the user attention to it. It is important to empower users by providing applications that show them who can access their private data and who might send this data to the outside. In order to raise user awareness considering Android permissions, we developed HappyPermi, an application that visualizes which user information is accessible by the granted permissions. Our evaluation (n=20) shows that most users are not aware of the sensitive data that their installed applications have access to. Our results suggest how different users feel about accessing their sensitive data when they are aware of its outgoing destinations.","PeriodicalId":389485,"journal":{"name":"Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3290607.3312914","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Malicious Android applications can obtain user's private data and silently send it to a server. Android permissions are currently not sufficient enough to ensure the security of users' sensitive information. For a sufficient permission model it is important to account the target of the outgoing data flow. On the other hand, permission dialogues often contain relevant information, but most of the users generally do not understand the implications or the visualization fails to guide the user attention to it. It is important to empower users by providing applications that show them who can access their private data and who might send this data to the outside. In order to raise user awareness considering Android permissions, we developed HappyPermi, an application that visualizes which user information is accessible by the granted permissions. Our evaluation (n=20) shows that most users are not aware of the sensitive data that their installed applications have access to. Our results suggest how different users feel about accessing their sensitive data when they are aware of its outgoing destinations.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems

自引率

0.00%

发文量