nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

Hobson’s Choice: Security and Privacy Permissions in Android and iOS Devices

verfasst von : John Haggerty, Thomas Hughes-Roberts, Robert Hegarty

Erschienen in: Human Aspects of Information Security, Privacy, and Trust

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The use of smartphones and tablet devices has grown rapidly over recent years and the widespread availability of software, often from unknown developers, has led to security and privacy concerns. In order to prevent security compromises, these devices use access control as a means by which a user is able to specify an application’s ability to interact with services and data. However, the use of access control as a security countermeasure in this environment is severely limited. For example, once permissions are granted to software, they may share data, such as location or unique identifiers with third persons without informing the user, whether or not the application is itself running. This paper presents the results of a comparative study conducted with computing students at two UK universities that identifies the issues surrounding software access control permissions in Android and iOS operating systems. Through this study, we are able to quantify the impact of security access permissions on mobile device security and privacy, even amongst specialist users.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Personalized Voting: The Intersection of Cloud and Mobility

Nächstes Kapitel Information Presentation: Considering On-line User Confidence for Effective Engagement

Apvrille, A., Nigam, R.: Obfuscation in Android malware, and how to fight back. Virus Bull. pp. 1–10 (2014)

Batyuk, L., Herpich, M., Camtepe, S.A., Raddatz, K., Schmidt, A.D., Albayrak, S.: Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within android applications. In: Proceedings of the 6th International Conference on Malicious and Unwanted Software, 18–19 Oct 2011, Fajardo, Puerto Rico, pp. 66–72 (2011)

Delac, G., Silic, M., Krolo, J.: Emerging security threats for mobile platforms. In: Proceedings of MIPRO 2011, 23–27 May 2011, Opatija, Croatia, pp. 1468–1473 (2011)

Erturk, E.: A Case study in open source software security and privacy: android adware. In: Proceedings of the World Congress on Internet Security, 10–12 June 2012, Ontario, Canada, pp. 189–191 (2012)

Fazeen, M., Dantu, R.: Another free app: does it have the right intentions? In: Proceedings of the 12th Annual Conference on Privacy, Security and Trust, 23–24 July 2014, Toronto, Canada, pp. 283–289 (2014)

Frank, M., Dong, B., Porter Felt, A., Song, D.: Mining permission request patterns from android and facebook applications. In: Proceedings of the 12th International Conference on Data Mining, 10–13 Dec 2012, Brussels, Belgium, pp. 870–875 (2012)

Ghosh, D., Joshi, A., Finin, T., Jagtap, P.: Privacy control in smart phones using semantically rich reasoning and context modeling. In: Proceedings of the Symposium on Security and Privacy Workshops, 24–25 May 2012, San Francisco, CA, USA, pp. 82–85 (2012)

Google: Using OAuth 2.0 for server to server applications. https://developers.google.com/accounts/docs/OAuth2ServiceAccount (Accessed on Feb 10, 2015)

IDC (International Data Corporation): Smartphone OS Market Share, Q3 2014. (2015) http://www.idc.com/prodserv/smartphone-os-market-share.jsp (Accessed on Feb 10, 2015)

Madden, D.: BBC internet blog - BBC iPlayer android app update. (2012) http://www.bbc.co.uk/blogs/legacy/bbcinternet/2012/02/bbc_iplayer_android_update.html (Accessed Feb 10, 2015)

Mylonas, A., Dritsas, S., Tsoumas, B., Gritzalis, D.: Smartphone security evaluation the malware attack case. In: Proceedings of the International Conference on Security and Cryptography, 18–21 July 2011, Seville, Spain, pp. 25–36 (2011)

Felt, P.A., Egelman, S., Finifter, M., Akhawe, D., Wagner, D.: How to Ask for Permission. In: Proceedings of HotSec ‘12, 7 Aug 2012, Bellevue, WA, USA (2012)

Felt, AP., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, 17–21 Oct 2011, Chicago, IL, USA, pp. 3–14 (2011)

Luo, Y., Gu, D., Li, J.: Toward active and efficient privacy protection for android. In: Proceedings of the International Conference on Information Science and Technology, 23–25 March, 2013, Yangzhou, Jiangsu, China, pp. 925–929 (2013)

Titel: Hobson’s Choice: Security and Privacy Permissions in Android and iOS Devices
verfasst von: John Haggerty
Thomas Hughes-Roberts
Robert Hegarty
Verlag: Springer International Publishing
Buch: Human Aspects of Information Security, Privacy, and Trust
Print ISBN: 978-3-319-20375-1

Electronic ISBN: 978-3-319-20376-8

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-319-20376-8_45

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"