Android apps are generally over-privileged, i.e., they request more permissions than they actually need to execute properly. Prior to version 6 users can install an app only by accepting all its requested permissions, while newer Android versions allow users to dynamically grant/deny groups of permissions. Since some them impact on users' privacy, we argue that users should be granted control at the granularity of the single permission. We propose a novel approach, which does not require any change to the underlying OS, allowing users to selectively remove permissions from apps before installing them, and with a finer granularity. We developed ool, an open-source tool, that implements our methodology, and we present the viability of our approach via an empirical assessment on 81K apps, underlining that, in the worst case, up to 86% of the apps can execute without crashing when none of the requested privacy-related permissions are granted.
Scheda prodotto non validato
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo
Titolo: | RmPerm: A Tool for Android Permissions Removal | |
Autori: | ||
Data di pubblicazione: | 2017 | |
Handle: | http://hdl.handle.net/11567/883494 | |
ISBN: | 978-989-758-259-2 | |
Appare nelle tipologie: | 04.01 - Contributo in atti di convegno |