1 / 8

User-Centric Permission Strategies for Mobile Devices: Enhancing Usability and Security

This research paper by Serge Egelman from UC Berkeley delves into optimizing mobile device permissions by addressing current issues like unnecessary user interactions and decision fatigue. It emphasizes that many users face overwhelming permission requests and lack understanding of their implications. The paper suggests prompting users only when necessary and providing clearer information about permissions earlier in the process. With insights from various studies, it explores effective permission-granting mechanisms and aims to reduce unnecessary interactions, ultimately enhancing user security and experience.

lamond
Télécharger la présentation

User-Centric Permission Strategies for Mobile Devices: Enhancing Usability and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. User-Centric Permissions for Mobile Devices Serge Egelman UC Berkeley

  2. Making security usable Current problems: 1. Unnecessary interactions habituate users 2. Users are asked to make decisions they are unqualified to make Hazard Avoidance

  3. Suggestions for Mobile Permissions Many were habituated—too many requests Only prompt when necessary Many were unaware—too late in the process Provide information earlier Understanding requires knowing all permissions Narrow list of possible permissions A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner. Android Permissions: User Attention, Comprehension, and Behavior. In Proceedings of the 2012 Symposium on Usable Privacy and Security (SOUPS). Best Paper Award!

  4. There can be only one?

  5. Permission-granting mechanisms What are the pros/cons of the various ways of asking for permission? Previous study looked at install-time warnings, what about other mechanisms? (Applicable to more than just on smartphones.)

  6. Flowchart A. P. Felt, S. Egelman, M. Finifter, D. Akhawe, and D. Wagner. How to Ask for Permission. Proceedings of the USENIX Workshop on Hot Topics in Computer Security (HotSec), 2012.

  7. Impact on status quo Of the 83 permissions… Potential to dramatically reduce unnecessary interactions! Caveat: this does not reflect frequency of use.

  8. Future Work Human subjects experiments to… …improve warnings, when they’re needed …create better audit/notification mechanisms …validate the system

More Related