Reengineering the user: privacy concerns about personal data on smartphones

IF 1.6 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Information and Computer Security Pub Date : 2015-10-12 DOI:10.1108/ICS-10-2014-0071
Matina Tsavli, P. Efraimidis, Vasilios Katos, L. Mitrou
{"title":"Reengineering the user: privacy concerns about personal data on smartphones","authors":"Matina Tsavli, P. Efraimidis, Vasilios Katos, L. Mitrou","doi":"10.1108/ICS-10-2014-0071","DOIUrl":null,"url":null,"abstract":"Purpose – This paper aims to discuss the privacy and security concerns that have risen from the permissions model in the Android operating system, along with two shortcomings that have not been adequately addressed. Design/methodology/approach – The impact of the applications’ evolutionary increment of permission requests from both the user’s and the developer’s point of view is studied, and finally, a series of remedies against the erosion of users’ privacy is proposed. Findings – The results of this work indicate that, even though providing access to personal data of smartphone users is by definition neither problematic nor unlawful, today’s smartphone operating systems do not provide an adequate level of protection for the user’s personal data. However, there are several ideas that can significantly improve the situation and mitigate privacy concerns of users of smart devices. Research limitations/implications – The proposed approach was evaluated through an examination of the Android’s permission mode...","PeriodicalId":45298,"journal":{"name":"Information and Computer Security","volume":"21 1","pages":"80-89"},"PeriodicalIF":1.6000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Computer Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ICS-10-2014-0071","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 28

Abstract

Purpose – This paper aims to discuss the privacy and security concerns that have risen from the permissions model in the Android operating system, along with two shortcomings that have not been adequately addressed. Design/methodology/approach – The impact of the applications’ evolutionary increment of permission requests from both the user’s and the developer’s point of view is studied, and finally, a series of remedies against the erosion of users’ privacy is proposed. Findings – The results of this work indicate that, even though providing access to personal data of smartphone users is by definition neither problematic nor unlawful, today’s smartphone operating systems do not provide an adequate level of protection for the user’s personal data. However, there are several ideas that can significantly improve the situation and mitigate privacy concerns of users of smart devices. Research limitations/implications – The proposed approach was evaluated through an examination of the Android’s permission mode...
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
重塑用户:智能手机上个人数据的隐私问题
目的——本文旨在讨论Android操作系统中权限模型引起的隐私和安全问题,以及两个尚未得到充分解决的缺点。设计/方法论/方法——从用户和开发人员的角度研究了应用程序的许可请求的进化增量的影响,最后,提出了一系列针对用户隐私侵蚀的补救措施。研究结果-这项工作的结果表明,尽管从定义上讲,提供智能手机用户个人数据的访问既没有问题,也不违法,但今天的智能手机操作系统并没有为用户的个人数据提供足够的保护。然而,有几个想法可以显著改善这种情况,减轻智能设备用户的隐私担忧。研究限制/影响-通过对Android的许可模式的检查来评估建议的方法…
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Information and Computer Security
Information and Computer Security COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
7.10%
发文量
23
期刊介绍: Information and Computer Security (ICS) contributes to the advance of knowledge directly related to the theory and practice of the management and security of information and information systems. It publishes research and case study papers relating to new technologies, methodological developments, empirical studies and practical applications. The journal welcomes papers addressing research and case studies in relation to many aspects of information and computer security. Topics of interest include, but are not limited to, the following: Information security management, standards and policies Security governance and compliance Risk assessment and modelling Security awareness, education and culture User perceptions and understanding of security Misuse and abuse of computer systems User-facing security technologies Internet security and privacy The journal is particularly interested in receiving submissions that consider the business and organisational aspects of security, and welcomes papers from both human and technical perspective on the topic. However, please note we do not look to solicit papers relating to the underlying mechanisms and functions of security methods such as cryptography (although relevant applications of the technology may be considered).
期刊最新文献
Informational inequality: the role of resources and attributes in information security awareness Organizational perspectives on converged security operations Applying the Goal, Question, Metric method to derive tailored dynamic cyber risk metrics Determining cybersecurity culture maturity and deriving verifiable improvement measures Exploring the role of assurance context in system security assurance evaluation: a conceptual model
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1