SmarPer Project: Context-Aware and Automatic Runtime-Permissions for Mobile Devices

SmarPer logo

Permission systems are the main defense that mobile platforms offer to users to protect personal data from prying apps. However, such systems present several limitations caused by the tension between usability and control capabilities. As a result, users often are forced to share private information with apps.

We present Smart Permissions (SmarPer), an advanced-permission mechanism for Android, with support for finer-grained permissions, context-awareness and multiple decision-levels. In addition, to help users manage permissions more efficiently and reduce permission fatigue, SmarPer provides (semi-) automatic decisions. Moreover, the prototype that we developed in this project allow us to collect data and evaluate SmarPer's capabilities in real scenarios. In doing so, we will provide users with smarter controls for protecting their private information, with a lower overhead for users.

By using machine learning and context awareness, SmarPer learns the unique sharing preferences of each user and makes decisions on the user's behalf, hence reducing user's effort.

SmarPer architecture

SmarPer reduces the sensitive information revealed to apps while still obtaining some utility.

SmarPer data obfuscation 3 granularity levels for access to private data:

As part of this project, we are conducting a research study to learn about how users share their private data with apps.

Learn more about the SmarPer data collection tool developed for this project.

Katarzyna Olejnik, Italo Dacosta, Joana Soares Machado, Kévin Huguenin, Mohammad Emtiyaz Khan, Jean-Pierre Hubaux. SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices. In Proceedings of the 38th IEEE Symposium on Security and Privacy (S&P), San Jose, CA, United States, May 2017.

SmarPer Research Paper ❯