Abstract | ||
---|---|---|
Many smartphone operating systems implement strong sandboxing for 3rd party application software. As part of this sandboxing, they feature a permission system, which conveys to users what sensitive resources an application will access and allows users to grant or deny permission to access those resources. In this paper we survey the permission systems of several popular smartphone operating systems and taxonomize them by the amount of control they give users, the amount of information they convey to users and the level of interactivity they require from users. We discuss the problem of permission overdeclaration and devise a set of goals that security researchers should aim for, as well as propose directions through which we hope the research community can attain those goals. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1145/2046614.2046626 | SPSM@CCS |
Keywords | Field | DocType |
research community,smartphone operating system,permission overdeclaration,permission system,short paper,popular smartphone operating system,sensitive resource,party application software,smartphone permission model,strong sandboxing,security researcher,operating system | Sandbox (computer security),Permission,Interactivity,World Wide Web,Internet privacy,Computer security,Computer science,Application software | Conference |
Citations | PageRank | References |
24 | 2.63 | 7 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kathy Wain Yee Au | 1 | 302 | 11.50 |
Yi Fan Zhou | 2 | 302 | 11.84 |
Zhen Huang | 3 | 320 | 14.53 |
Phillipa Gill | 4 | 1504 | 114.56 |
D. Lie | 5 | 953 | 55.14 |