TY - GEN
T1 - Application Transiency
T2 - 15th International Conference on Security and Privacy in Communication Networks, SecureComm 2019
AU - Alvarez, Raquel
AU - Levenson, Jake
AU - Sheatsley, Ryan
AU - McDaniel, Patrick
N1 - Publisher Copyright:
© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019.
PY - 2019
Y1 - 2019
N2 - Smartphone users are offered a plethora of applications providing services, such as games and entertainment. In 2018, 94% of applications on Google Play were advertised as “free”. However, many of these applications obtain undefined amounts of personal information from unaware users. In this paper, we introduce transiency: a privacy-enhancing feature that prevents applications from running unless explicitly opened by the user. Transient applications can only collect sensitive user information while they are being used, and remain disabled otherwise. We show that a transient app would not be able to detect a sensitive user activity, such as a daily commute to work, unless it was used during the activity. We define characteristics of transient applications and find that, of the top 100 free apps on Google Play, 88 could be made transient. By allowing the user to decide when to allow an app to collect their data, we move towards a fair trade of personal information for application services.
AB - Smartphone users are offered a plethora of applications providing services, such as games and entertainment. In 2018, 94% of applications on Google Play were advertised as “free”. However, many of these applications obtain undefined amounts of personal information from unaware users. In this paper, we introduce transiency: a privacy-enhancing feature that prevents applications from running unless explicitly opened by the user. Transient applications can only collect sensitive user information while they are being used, and remain disabled otherwise. We show that a transient app would not be able to detect a sensitive user activity, such as a daily commute to work, unless it was used during the activity. We define characteristics of transient applications and find that, of the top 100 free apps on Google Play, 88 could be made transient. By allowing the user to decide when to allow an app to collect their data, we move towards a fair trade of personal information for application services.
UR - http://www.scopus.com/inward/record.url?scp=85076911420&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85076911420&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-37231-6_3
DO - 10.1007/978-3-030-37231-6_3
M3 - Conference contribution
AN - SCOPUS:85076911420
SN - 9783030372309
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 47
EP - 66
BT - Security and Privacy in Communication Networks - 15th EAI International Conference, SecureComm 2019, Proceedings
A2 - Chen, Songqing
A2 - Choo, Kim-Kwang Raymond
A2 - Fu, Xinwen
A2 - Lou, Wenjing
A2 - Mohaisen, Aziz
PB - Springer
Y2 - 23 October 2019 through 25 October 2019
ER -