Mon 20 - Fri 24 October 2014 Portland, Oregon, United States
Tue 21 Oct 2014 11:30 - 12:00 at Medford - Technical Paper Session

One of the most common security & privacy issues concerning mobile applications is the unnecessary access to sensitive information and resources. In a mobile application platform like Android, where a permission mechanism is used to maintain access control, the app developer dictates what permissions are necessary at install time. For various reasons however, including user confusion and lack of proper documentation, developers may overcompensate for the necessary permissions, thus undermining the access control mechanism and increasing the potential risk from a vulnerability exploit. In this paper we present PermitMe, a tool developed as a plugin for the Eclipse IDE, to interactively guide developers on the set of required permissions when creating Android applications. We conducted a between-groups user study in order to evaluate the effectiveness, efficiency, and usability of the PermitMe tool in enhancing the developer’s experience when deciding on including Android permissions in their mobile applications.

Tue 21 Oct
Times are displayed in time zone: (GMT-07:00) Tijuana, Baja California change

10:30 - 12:00: ETX - Technical Paper Session at Medford
etx201410:30 - 11:00
Marwan Abi-AntounWayne State University, Andrew GiangWayne State University, Sumukhi ChandrashekarWayne State University, Ebrahim KhalajWayne State University
etx201411:00 - 11:30
Mark RowanTowson University, Josh DehlingerTowson University
etx201411:30 - 12:00
Emmanuel Bello-OgunuUniversity of North Carolina Charlotte, Mohammed ShehabUniversity of North Carolina Charlotte