عنوان انگلیسی مقاله:
Signalling over-privileged mobile applications using passive security indicators
ترجمه فارسی عنوان مقاله:
سیگنالینگ برنامه های خاص تلفن همراه با استفاده از شاخص های امنیتی منفعل
Sciencedirect - Elsevier - Journal of Information Security and Applications, 34 (2016) 27-33. doi:10.1016/j.jisa.2016.11.006
Luigi Lo Iacono, Peter Leo Gorski, Josephine Grosse, Nils Gruschka
Article history:Available online 16 December 2016Keywords:Over-privilege Mobile applications Application store Usable security PrivacyAndroidAs mobile devices have evolved from simple phones to rich computing systems, the data stored on these multi-taskers have consequently become more sensitive and private. Due to this, modern mobile oper- ating systems include sophisticated permission systems for restricting the access to this device for the mobile applications. However, many applications acquire more permissions than required. These over- privileged applications can affect data security and user privacy. All application permissions are indicated to the user, but these notiﬁcations have been shown to be ignored or not understood. Thus, other mech- anisms need to be improved.This paper presents design approaches to communicate the degree of over-privilege in mobile applica- tions. It uses an additional rating system in application stores to inform users before making the decision of installing a speciﬁc application. The approaches have been evaluated in a usability study based on distinct prototype Android application stores. The ﬁndings show that passive security indicators can be applied to inﬂuence the decision-making process of users before downloading and installing an applica- tion.© 2016 Elsevier Ltd. All rights reserved.1.
Keywords: Over-privilege | Mobile applications | Application store | Usable security | Privacy Android