SmarPer Project: Context-Aware and Automatic Runtime-Permissions for Mobile Devices
Permission systems are the main defense that mobile platforms offer to users to protect personal data from prying apps. However, such systems present several limitations caused by the tension between usability and control capabilities. As a result, users often are forced to share private information with apps.
We present Smart Permissions (SmarPer), an advanced-permission mechanism for Android, with support for finer-grained permissions, context-awareness and multiple decision-levels. In addition, to help users manage permissions more efficiently and reduce permission fatigue, SmarPer provides (semi-) automatic decisions. Moreover, the prototype that we developed in this project allow us to collect data and evaluate SmarPer's capabilities in real scenarios. In doing so, we will provide users with smarter controls for protecting their private information, with a lower overhead for users.
- Automatic decisions - Machine Learning
By using machine learning and context awareness, SmarPer learns the unique sharing preferences of each user and makes decisions on the user's behalf, hence reducing user's effort.
- Data obfuscation
SmarPer reduces the sensitive information revealed to apps while still obtaining some utility.
3 granularity levels for access to private data:
As part of this project, we are conducting a research study to learn about how users share their private data with apps.
- Research paper
Katarzyna Olejnik, Italo Dacosta, Joana Soares Machado, Kévin Huguenin, Mohammad Emtiyaz Khan, Jean-Pierre Hubaux. SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices. In Proceedings of the 38th IEEE Symposium on Security and Privacy (S&P), San Jose, CA, United States, May 2017.