Title :
PrimAndroid: Privacy Policy Modelling and Analysis for Android Applications
Author :
Benats, Guillaume ; Bandara, Arosha ; Yu, Yijun ; Colin, J. ; Nuseibeh, Bashar
Author_Institution :
Dept. of Comput., Open Univ., Milton Keynes, UK
Abstract :
The rapid growth of mobile applications has imposed new threats to privacy: users often find it challenging to ensure that their privacy policies are consistent with the requirements of a diverse range of of mobile applications that access personal information under different contexts. This problem exacerbates when applications depend on each other and therefore share permissions to access resources in ways that are opaque to an end-user. To meet the needs of representing privacy requirements and of resolving dependencies issues in privacy policies, we pro-pose an extension to the P-RBAC model for reasoning about plausible scenarios that can exploit such weaknesses of mobile systems. This work has been evaluated using the case studies on several Android mobile applications.
Keywords :
authorisation; data privacy; mobile computing; Android mobile application; P-RBAC model; PrimAndroid; privacy policy modelling; privacy resource-based access control; Androids; Global Positioning System; Humanoid robots; Mobile communication; Privacy; Security; Smart phones; Android security; Mobile applications; Policy conflicts; Privacy policy; Role-based access control;
Conference_Titel :
Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on
Conference_Location :
Pisa
Print_ISBN :
978-1-4244-9879-6
Electronic_ISBN :
978-0-7695-4330-7
DOI :
10.1109/POLICY.2011.25
