一个权限的难题:Android智能手机上安装应用程序的权限【中文6650字】
收藏
资源目录
压缩包内文档预览:
编号:6099467
类型:共享资源
大小:685.15KB
格式:RAR
上传时间:2017-11-16
上传人:闰***
认证信息
个人认证
冯**(实名认证)
河南
IP属地:河南
13
积分
- 关 键 词:
-
一个
权限
难题
困难
android
智能手机
安装
应用程序
中文
- 资源描述:
-
一个权限的难题:Android智能手机上安装应用程序的权限【中文6650字】,一个,权限,难题,困难,android,智能手机,安装,应用程序,中文
- 内容简介:
-
一个权限的难题:Android智能手机上安装应用程序的权限外 文 出 处:IEEE International Conference on Computer and Information Technology【中文6650字】一个权限的难题:Android智能手机上安装应用程序的权限作者:Patrick Gage Kelley2011 年 12 月每当用户在自己的Android手机上安装一个应用程序的时候,都会跳出一个提示安装的消息框,提示用户是否接受安装。弹出消息提示框的目的是为了帮助Android用户做出两个选择:第一,判断Android用户是否信任或者同意安装该软件到自己的Android手机上;第二,如果Android用户同意并安装该软件到自己的Android手机上,那么在使用的过程中出现的问题话,Android手机用户同意并发送消息给目标主机,以便开发人员更好的修补漏洞。我们在两个城市之间进行了一系列半结构化面试,目的是为了调查人们在安装Android应用程序之前弹出权限消息提示框是否被人们所理解。经过我们的调查发现,大部分Android手机用户在安装应用程序的时候弹出的消息对话框,并没有太大的注意,而是选择跳过并直接安装应用程序。令人担忧的是,我们发现Android手机用户并没有意识到应用程序的安全性问题,在很多情况下,安装的应用程序往往有时候可能携带病毒软件。总之,Android用户并没有真正意识到在安装应用程序的时候弹出消息提示框的重要性和安全性。 关键词:隐私,安全,安卓,应用软件,智能手机,权限,信息设计1 引言自2008年10月谷歌推出第一款Android智能手机的时候,在第三季度智能手机销量排行榜中,Android手机强占了一半以上的市场销售份额。随着Android智能手机销量的不断增多,使得越来越多的用户从Android Market市场上下载应用程序到自己的Android手机上。截至2011年5月,据谷歌报道,总共有20万的应用程序从Android市场上被用户下载下来,并且总共被安装了4.5亿次。Android市场并没有预先筛选应用程序,而是提供给用户选择安装应用程序的自由。通过对Android应用程序总部的调查报告显示,虽然在Android市场上存在三十一万的Android应用程序,但是其中有百分之三十三的Android应用程序是低质量的。总而言之,根据2011年的网络数据报告可得,从McAfee、Kaspersky Lab、Symantec的数据可知自2011年的七月开始,我们发现恶意软件的增长速度是以百分之4.7倍的速度在增长。所有想要在Android市场上拍卖自己的应用程序软件,就必须花费25的手续费来开通自己的个人账号,通过上传自己的应用程序软件,并从中获取利润。当然,Android市场是不会去检查你的应用程序到底包含哪些基本信息。然而,这对Android用户是非常不利的。对此谷歌来完成这项保护Android手机用户的任务。通过调查我们提供给Android用户两种安装选择。1.你是否愿意安装此软件到你的手机上?2.你是否信任开发商去访问你的个人信息?通过我们的走访调查可知,大部分的Android手机用户都希望应用程序提供详细的权限安装问题,并表示这是对于手机安全性的一个必不可少的环节。Android用户还提出应该由用户自己选择什么时候弹出权限消息提示框,这样做的目的是为了减少给客户到来不必要的麻烦。2 相关工作虽然Android手机仅仅只是在2008年发布后的不久诞生的,但是有一个重要的工作需要我们去完成的,那就是学习Android手机的权限安全性问题。提出这个重要的理论依是根据对Android手机运行的安全性或者提高系统的安全性能出发的。Eyck的相关的工作主要是研究Android系统的安全性和面向用户权限之间的差异化,重点分析在Android用户关闭手机的时候,通过权限请求消息与手机之间建立通信功能。Vida的主要工作是研究如何让Android应用程序接受请求权限,通过研究后来发现,权限存在一个“权限危机”的现象。由于Android提供的API文档接口与用户实际接受的应用程序请求消息无法建立连接,所以这就是开发人员现在面临的一个主要难题。 Felt主要工作是揭秘Android权限的工作原理,试图进一步解释权限的开发商为什么要怎么开发。然而,无论是最终用户探讨这些应用程序权限的理解。在我们的工作调查中发现虽然Android手机用户明明知道安装一个应用程序可能存在风险或者病毒,但是还是有很多Android用户试图为自己找借口忽略这些安装权限消息提示框,常常抱怨为什么安装一个应用程序软件要怎么多麻烦的权限消息提示框。另一些人看待Android应用程序权限问题的态度是:试图去简化应用程序权限的安装过程或者跟其他智能手机对比安装权限的过程。通过Android用户的反馈信息我们可以得出一个结论:Android应用程序权限安装的过程中提供了全面的安装信息给Android手机用户,然而Android用户对这些提供的信息往往是不怎么在意或者忽略。3 Android权限和显示Android用户通过从Android市场上下载第三方应用软件并安装在自己的手机上,当Android应用程序在安装的过程中根据Android用户的选择性自己选择是否弹出权限消息提示框来帮助Android用户更好的安装Android应用程序软件。来自Android市场的第三方应用程序没有必要显示所有权限信息,然而以上的应用程序包(APK)安装时,都会出现弹出一个权限的消息对话框。图-1 上图显示安装应用程序的工作流程和查看应用程序软件的权限。屏幕1显示了在Android市场上发布亚马逊应用程序软件。当用户想要安装该软件的时候,点击红色圆圈按钮“免费”来进入屏幕2的操作界面,或者也可以点击红色圆圈的“显示所示”来查看应用程序权限,如图屏幕3和屏幕4图1显示了安装应用程序的工作流程。屏幕1显示了亚马逊的Kindle应用程序。如果用户点击红色圆圈按钮“免费”进入显示屏幕2,这使得他们接受应用程序的权限并获得安装应用程序的权限,也可以通过点击红色圆圈按钮来“显示所有信息”并查看相关的权限,如图屏幕3和4。用户可以通过点击更多按钮,来查看更多完整的权限要求。如图屏幕2的红色圆圈按钮。切换至屏幕3时,用户可以点击红色圆圈按钮的“显示所有”来查看整个应用程序的完整信息。在这一个过程中如果用户想要取消应用程序的安装,可以通过点击Android手机上的返回按钮或者Android手机上的主页按钮来取消当前应用程序的安装。详细的应用程序权限或者组请参照Android SDK的官方网站,也可以通过查看Android文档来获取应用程序权限的详细信息。4 方法论我们通过在当地招募Android用户参与我们的采访调查。每名Android用户都必须填写一份Android问卷调查报告,才能参见下一轮的面试。随后工作人员安排每一位Android用户进入特定的实验室,填写Android用户调查同意书,主要是为了配合工作人员更好的调查Android用户的情况,在调查的过程中采取录音的方式。采访结束后每一位Android用户都可以共享出自己Android手机上的应用软件,通过USB与工作人员笔记本电脑的连接,来更好的统计Android应用程序的数量。Android用户通过在同意书上签字并表示自己同意录音,以便工作人员更好的统计Android应用程序的数量。每位参与完整个过程的Android用户都将获得二十元美金来作为回报,并有机会获得星巴克、巴尼斯的高贵礼品卡一张。5 人口统计和对问卷调查答复总共有七十七名Android用户参与了此次调查,其中有二十名Android用户接受面谈。本文的其余部分都将只是讨论这20名Android用户。其中有六名是来自西雅图,十三名师来自匹兹堡,有十名Android用户是男性,有十名Android用户是女性。这二十名Android用户的年龄在十九到四十八岁之间,据统计他们的平均年龄在二十九岁。据调查有十四名Android用户使用Android智能手机不到一年就更换其他智能手机,有五名Android用户使用Android手机保持在两年之内,只有一位Android用户使用Android手机在两年以上。6 结果与讨论以上各环节详细的说明了我们的调查结果表明:Android用户会考虑Android手机的性能。针对以上百分之六十的Android用户的调查结果显示,Android用户没有真正理解Android应用程序安装的概念。当一个Android应用程序在安装的过程中弹出一个消息提示框是为了确保应用程序的安全性。下一步,我们将通过媒体来解释Android用户在安装应用程序的过程中弹出权限消息对话框的错误观念。6.1 对于弹出权限消息提示框的理解 有一半以上的Android用户提到在安装应用程序软件之前都会弹出权限消息提示框,以提醒用户同意以上权限安装。当我看到这句话的时候,使我想起了一则报纸的故事。(脸谱网、潘多拉、亚马逊在处理权限问题的处理方式,如图1的屏幕3所示)。表-1 显示了二十个Android手机用户的调查情况。第二列到第四列分别显示Android手机用户的年龄、性别、工作职位。第五列到第八列分别显示Android手机用户的电话号码、手机类型、Android手机版本号、使用时间。第九列和第十列分别显示了Android手机应用程序的下载量、Android手机用户使用率的统计PhonePhoneOSTime Using# Apps# Apps# Gender Age OccupationprovidermodelversionAndroiddownloadedreally used1Female24EducationVerizonLG AllyI am not sure1-6 months1-10A few 1-52Male48OtherVerizonHTC IncredibleFroyo1-6 months11-25A few 1-53Male44AgricultureT-MobileMotorola CliqCupcake1-2 years101+A ton 20+4Male19Food ServiceT-MobileGalaxy SEclair1-6 months11-25A bunch 6-205Female45LegalSprintHTC EVO 4GHoneycomb1-6 months1-10A bunch 6-206Female26RetailSprintSamsung ReplenishI am not sure1-6 months1-10A bunch 6-207Female34EngineeringT-MobileLG OptimusEclair7 months-1 year11-25A few 1-58Male23ComputersVerizonMotorola Droid XGingerbread7 months-1 year26-100A ton 20+9Female25OtherVerizonMotorola Droid XI am not sureLess than 1 month1-10A few 1-510 Male32EngineeringT-MobileHTC G2Eclair7 months-1 year11-25A bunch 6-2011 Female21EntertainmentSprintSomething SamsungI am not sure1-6 months1-10A few 1-512 Female22OtherT-MobileHTC MyTouch 4GI am not sure7 months-1 year11-25A few 1-513 Female21Dont workSprintHTC Evo ShiftGingerbread1-2 years1-10A few 1-514 Male20Real EstateVerizonMotorola Droid XGingerbread1-2 years101+A bunch 6-2015 Male36Media /PublishingVerizonMotorola Droid 2Froyo7 months-1 year1-10A few 1-516 Male22EngineeringSprintHTC EVO 4GGingerbread1-6 months26-100A bunch 6-2017 Male22Dont workVerizonMotorola Droid 2I am not sure1-2 years26-100A bunch 6-2018 Female23OtherT-MobileHTC G2GingerbreadMore than 2 years26-100A bunch 6-2019 Male46EngineeringAT&TGoogle Nexus OneGingerbread1-2 years26-100A bunch 6-2020 Female21EngineeringAT&TGalaxy S IIGingerbreadLess than 1 month1-10A few 1-5Android用户表示在安装应用程序软件的时候,弹出权限消息提示框的这种做法实际上是保护了Android手机的安全性。通过调查一位Android用户,我们发现Android用户赞同这种做法并表示这是对我们用户手机安全性的一个必不可少的步骤。但是Android手机弹出权限消息提示框也同样存在一些问题。从Android市场上下载下来的应用程序软件,在安装的过程中,只有提示Android用户是否接受?但是并没有显示Android应用程序的安装性问题和及时通知用户。不幸的是,大部分的Android手机用户并不太理解Android应用程序软件权限的安全性。对此我们整理出一份关于应用程序十大权限的列表,列表的主要内容是明白权限的重要性,看了本次列表的内容,Android用户表示非常的惊讶,并表示以后一定认真查看应用程序权限内容。我们通过对六到七组的Android手机用户的调查总结出一份Android用户普遍关心的问题和今后改进的建议。-互联网交流:通过互联网的访问方式我们通过互联网方式对一千一百个应用程序软件做了初步的统计,统计结果表明有百分之八十五的Android用户请求权限提示。同时Android用户也意识到应用程序软件在安装的过程中接受弹出权限消息提示框。但是,对于如何访问应用程序权限问题和为什么要怎么做的原因,大部分的Android用户不是很清楚。l “我怎么样才能查看联系人列表”-P2l “借鉴脸谱网,我怎么样才能与我的联系人实现同步”-P7l “显示我的手机号码”-P8l “是否涉及到我的个人信息,例如我的姓名、家庭住址、手机号码、Email地址”-P11l “显示好友的手机号码。好友可以进入你的手机列表并与你取得联系,或者也可以通过网络电话的方式来实现得到对方好友的电话号码”-P18客户账号:获得客户账号Android用户表示应用程序权限存在认证不正确、存在漏洞,使得Android用户对此表示很担心。Android用户在安装应用软件的时候,认为自己的手机被认证了或者被监视。如果同意权限,那么可能还会有更多的风险存在。l “控制用户账户,我基本上没有这种想法。”-P2l “我并不知道当我点击接受权限的时候,到底是给应用程序分配多少权限。”-P13l “我不是很确定应用程序到底拥有哪些权限。”-P12l “我不知怎么绑定我的手机账号。”-P13l “我不是很确定到底给用户开发了多少权限。”-P18如上调查结果显示,Android用户或多或少都会对权限问题产生困惑。大部分的Android用户对应用程序权限的了解并不是很清楚,通过采访我们发现,当我们提到用户对应用程序权限的了解到底知道多少的时候,绝大多数的Android用户都表示不明白或者直接选择放弃。没有一个Android用户能够真正的解释出应用程序权限的问题。Android用户大多数都不知道自己为什么要点击接受权限的原因。只知道很快的点击它并执行下一步安装的操作。至于为什么会显示权限提示框、列出详细的权限信息都表示不清楚。只有一位Android用户表示:“我觉得有必要显示出应用程序的权限提示框,而且我也要查看清楚到底赋予应用程序哪些权限并取得连接,这样我才能放心的使用应用程序软件。”Vidas 和Felt通过调查发现开发人员没有真正理解弹出权限框的重要性以及在合适的时间段弹出应用程序权限。6.2 应用程序选择 有一半以上的Android用户表示自己在安装Android应用程序软件的时候,都会弹出权限消息提示框,当一个Android用户反馈给我们这些信息的时候,我们立马想到了以前调查中存在的一个案例。权限消息提示框的作用是更好的帮助用户完成应用程序软件的安装,然而许多权限消息提示框的内容往往是口头宣传、专业术语话,这就造成许多Android用户无法理解权限消息提示框的内容到底是什么。从这个案例中我们可以学习到一些经验教训。一个Android用户讲述了一个亲身经历的故事给我们听,一味的听从别人的意见,自己却不假思索,这往往是一个错误的观点。例如,有时候你会听到有人对Android应用程序的评价是如此的垃圾或者它是否是可以运行的。通过广告宣传的形式,大部分Android用户都会安装Android应用程序。一个Android用户描述了他看到Android应用程序的经历。我通过看杂志和广告牌知道Android应用程序的安装。例如,时代周刊上列出了用户可以下载的Android应用程序软件。大部分的Android用户都不愿意自己掏钱去购买Android应用程序软件,然而也有一些Android用户表示在需要的时候我们也是会购买的。通过调查一个Android用户说,在我第一次使用Android应用程序软件的时候,我会尝试着去寻找免费的软件,如果我实在是找不到免费的软件,我想我可能会考虑购买Android应用程序。6.3 对恶意软件的关注我们通过借助新闻、媒体报道、因特网等手段来获取Android手机用户遇到问题的时候是如何解决的。Android用户希望谷歌增加市场的开放性以及对比iOS与Android的不用,找出更好的软件给Android用户,可以通过登广告的形式来让更对的Android用户了解应用程序软件。对此我们专门针对Android用户进行了一次面对面的专访。通过调查我们了解到,Android手机用户并不关心恶意软件的存在,主要原因是由于大部分的Android手机用户上都安装有反病毒软件。通过以上调查,我们发现两个主要问题。一是大部分Android手机用户缺乏对反病毒软件技术的信任。例如,当我们采访一位Android手机用户是否愿意跟银行业务进行绑定,然而大部分的Android都表示不愿意,主要原因是他们对Android手机反病毒软件的不信任。二是大多数Android手机用户对恶意软件的一种误解甚至是无法理解。通过调查Android手机用户,我们了解到许多Android手机用户都希望Android市场提前给用户筛选出没有恶意软件的应用程序,让Android手机用户放心下载应用程序。Android手机用户相信Android市场已经为他们做好了安全性能的问题,例如版权、专利、商标等问题的因素。总之,Android手机用户还是没有充分的意思到恶意软件对Android手机的危害。Android用户认为恶意软件的防止应该是有谷歌公司来完成的,并且能够提供给Android手机用户一个更安全的Android手机操作系统。7 结论Android用户还是不怎么了解应用程序的权限。特别的,当Android用户在安装应用程序的时候,突然弹出一个权限消息对话框给用户,而且权限消息对话框的内容往往是含糊不清的、使用专业术语的话语,给用户带来了许多不必要的麻烦。从这个经验教训中我们可以得到,对于一个开发者要全面了解用户所需求的功能时,这往往是不可能的。所以,当安装一个应用程序的时候,由Android用户自己选择是否弹出权限消息提示框来进行提示性安装,这种需求往往是客户所想要的。大部分的Android用户都是通过在Android市场下载应用程序到自己的手机上,然而也有许多Android用户往往不知道哪些应用程序里面包含病毒或者是一款恶意软件。Android用户很难去发现这些携带有病毒的应用程序软件,但是大部分的Android用户都相信Android应用程序市场会杜绝这种事情的发生或者根本就是不存在的。总的来说,这就需要Android应用程序市场拥有一个严格的应用程序管理制度来提供给Android用户一个满意、放心的应用程序。8 致谢作者首先要感谢来自美国英特网公司同行的大力支持。作者也同样感谢微软研究院、华盛顿大学、卡耐基梅隆大学的赞助。还要感谢陪我一路坐下来的Seungyeop Han, Peter Hornyack, Jialiu Lin, Stuart Schechter, and Tim Vidas等人。特别感谢美国国家科学基金会、国际玩具工业协会、军事研究办事处、谷歌、卡内基梅隆大学的资金补助,资金补助码分别为CNS-1012763、DGE-0903659、CNS-0905562、DGE 0903659、DAAD19-02-1-0389、W911NF-09-1-0273(由于涉及个人隐私问题,所以不方便透露,希望大家谅解)。参考文献1. Au, K.W.Y., Zhou, Y.F., Huang, Z., Gill, P., and Lie, D. 2011. Short paper: a look at smartphone permission models. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (SPSM 11).2. Barra, H. 2011. Android: momentum, mobile and more at Google I/O. The OfficialGoogleBlog./2011/05/android-momentum-mobile-and-more-at.html3. Barrera, B., Kayacik, H.G., van Oorschot, P.C., and Somayaji, A. 2010. Amethod-ology for empirical analysis of permission-based security models and its application to android. In Proceedings of the 17th ACM conference on Computer and communications security (CCS 10).4. Enck, W., Gilbert, P., Chun, B., Cox, L.P., Jung, J., McDaniel, P., and Sheth, A. 2010. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX conference on Operating systems design and implementation (OSDI10).5. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D. 2011. Android Permissions Demystified. In Proceedings of the 18th ACM conference on Computer and communications security (CCS11).6. Gartner. 2011. Gartner Says Sales of Mobile Devices Grew 5.6 Percent in Third Quarter of 2011; Smartphone Sales Increased 42 Percent. http:/www.gartner. com/it/page.jsp?id=18485147. Hornyack, P., Han, S., Jung, J., Schechter, S., and Wetherall, D. 2011. These arent the droids youre looking for: retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM conference on Computer and com- munications security (CCS11).8. Juniper Networks. 2011. Mobile Malware Development Continues To Rise, Android Leads The Way. /?p=24929. Kelley, P.G., Bresee, J., Cranor, L.F., Reeder, R. 2009. A ”nutrition label” for privacy. The 5th Symposium on Usable Privacy and Security (SOUPS09).10. Kleimann Communication Group, Inc. 2006. Evolution of a Prototype Financial PrivacyNotice.Available:/privacy/privacyinitiatives/ftcfinalreport060228.pdf11. McAfee Labs. 2011. McAfee Threats Report: Third Quarter 2011. Available: /us/resources/reports/rp-quarterly-threat-q3-2011.pdf.12.Namestnikov, Y. 2011. IT Threat Evolution:Q3 2011. Available: /en/analysis/204792201/IT_Threat_Evolution_Q3_2011.13. Rosenberg, J. 2011. The meaning of open. The Official Google Blog. /2009/12/meaning-of-open.html14. Smetters, D.K., and Good, N. 2009. How users use access control. In Proceedings of the 5th Symposiumon Usable Privacy and Security (SOUPS09).15. Vidas, T., Christin, N., and Cranor, L.F. 2011. Curbing Android Permission Creep. W2SP 2011.16. Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack. P., Jung, J., Schechter, S., and Wang, X. 2011. Privacy Revelations for Web and Mobile Apps. HotOS11.9A Conundrum of Permissions: Installing Applications on and Android Smart-phoneA Conundrum of Permissions: Installing Applications on an Android Smart-phoneBy Patrick Gage KelleyDecember 2011Each time a user installs an application on their Android phone they are presented with a full screen of information describing what access they will be granting that application. This information is intended to help them make two choices: whether or not they trust that the application will not damage the security of their device and whether or not they are willing to share their information with the application, developer, and partners in question. We performed a series of semi-structured interviews in two cities to determine whether people read and understand these permissions screens, and to better understand how people perceive the implications of these decisions. We find that the permissions displays are generally viewed and read, but not understood by Android users. Alarmingly, we find that people are unaware of the security risks associated with mobile apps and believe that app market places test and reject applications. In sum, users are not currently well prepared to make informed privacy and security decisions around installing applications. Keywords: privacy, security, android, applications, smart-phone, permission, information design1 IntroductionSince the launch of the first Android phone in October 2008 the rise of the plat-form has been meteoric. Android phones accounted for over half of all smart-phone sales as of Q3 2011. With each smart-phone sold, more users are down-loading applications from the Android Market. As of May 20116, Google reported that over 200,000 applications were available in the Android Market and that those applications had been installed 4.5 billion times in total 2.Applications are not pre-screened; instead users are given the opportunity to decide which software to install on their phone. Android app rating and recommendation site App-Brain reports that there are now 310,000 applications in the Android market and that 33 percent of those are rated at low quality.Additionally, according to a 2011 Juniper Networks report, and follow up press release, they found “a 472% increase in Android malware samples since July 2011to November 2011”8. Similar studies from McAfee 11, Kaspersky Lab 12, and Symantec are all reporting continued exploits. Juniper attributes this rise to the ease of posting Android applications to the market, as they state: “all you need is a developer account that is relatively easy to anonymize, $25 and you can post your applications. With no upfront review process, no one is checking to see that your application does what it says.” While some believe this openness is harmful to users, Google has promoted it. In one of Googles many tributes to openness, Senior Vice President of Product Management, Jonathan Rosenberg wrote, “At Google we believe that open systems win. They lead to more innovation, value, and freedom of choice for con- summers, and a vibrant, profitable, and competitive ecosystem for businesses” 13. As such, there has been no certification process for Android developers or pre- review of applications before they enter the Android Market, though applications reported as malicious have been later removed.The market requires users to make two choices when reviewing potential applications for their device.1. Do I believe this application will compromise the security and function of my phone if I install it?2. Do I trust this developer and their partners with access to my personal information?This leaves users left to leverage word-of-mouth, market reviews and ratings, and the Android permissions display to assist users in making decisions that protect their mobile privacy and security. We conducted a series of 20 semi-structured interviews to better understand how users navigate the Android Market, install and use third-party applications, and comprehend the decisions they make at install time.In the remainder of this paper we will detail related work on users understanding of privacy and access control concepts as well as the current state of Android security/permissions, our interview methodology, the demographics and expertise of our participants, and finally a collection of participant responses that qualitatively detail their ability to make decisions in the Android ecosystem.2 Related WorkWhile Android has only existed publicly since 2008, a significant amount of work has been conducted on studying the Android permissions/security model. Much of this work focuses on creating theoretical formalizations of how Android security works or presents improvements to the system security, and is largely out of scope. Eyck work with Taint Droid has bridged the gap between system security and user-facing permissions, focusing on analyzing which applications are requesting information through permissions and then sending that data off phone4.Follow up work by Hornyack et al. detailed a method for intercepting these leaked transmissions and replacing them with non-sensitive information 7. This functionality would allow users post-installation privacy-control. In their investigation they detailed the current permission requests of the top 1100 applications in the Android Market as of November 2010. However, our work, which tests users understandings of the most common of these permissions, finds users have great difficulty understanding the meaning of these terms. Thus, giving users the ability to limit on a case-by-case basis would likely be ineffective without assistance.Work by Vida Has also studied how applications request permissions, finding prevalent “permissions creep,” due to “existing developer APIs which make it difficult for developers to align their permission requests with application functionality” 15.Felt in their Android Permissions Demystified work, attempt to further explain permissions to developers5. However, neither of these papers explores end-users understanding of permissions. In our own work we find users attempt to rationalize why applications request specific permissions, trying to understand the developers decisions, even if their understanding of these requests is flawed.Others who have looked at Android permissions have attempted to cluster applications that require similar permissions to simplify the current scheme 3 or have attempted a comparison of modern smart-phone permission systems 1. Their work finds that Android permissions provide the most information to users, however our interviews show that much of the information provided is not understood.Research in privacy policies, financial privacy notices, and access control have all similarly shown that privacy-related concepts and terms are often not well understood by users expected to make privacy decisions9,10,14. Our earlier work specifically investigated how the information display of privacy policies could influence understanding, focusing on standardized formats, terms, and definitions. While the Android ecosystem uses a standard format and terms, clear definitions are not readily available to users.3 Android Permissions and DisplayAndroid app permissions are displayed to users at the time they decide to install any third-party app through the Android Market on the web or on the phone. Apps downloaded from third-party app stores do not necessarily show full permissions on their websites, however upon installing the application package (APK) the user is presented with a permissions screen variant.Permissions are shown within the Android Market as detailed in the following diagram, Figure 1. A user browses applications using the view shown in Screen 1. Here there is a truncated description, information about ratings, reviews, screenshots, etc. If a user decides to install they click the button labeled with the price of the application, here FREE. This brings them to Screen 2,Fig 1 The figure above shows the workflow for installing applications and viewing application permissions. Screen 1 shows the Amazon Kindle application as displayed in the Android Market. If a user were to click ”FREE,” circled in red, they are shown Screen 2, which allows them to Accept permissions and install the application, or to click the ”Show” button which leads the user to Screens 3 and 4.Where they are given a short list of permissions. If users double tap the FREE button on Screen 1, they skip Screen 2 and essentially approve the permissions without reading. Though Screen 2 serves the sole purpose of an interstitial permissions display between the market and a purchase decision, the complete list of permissions is not displayed.To explore the full permission request they would click the more expander, bringing them to Screen 3. Here they would see a more complete list of per- missions with some permission shown in red and a Show all button, which displays the entire list if toggled.At no point in this process is there an explicit way for users to cancel. The only way for users to not install the application after viewing the permissions is to use the physical back or home buttons on their phone.The default permissions and groups in the Android SDK are detailed at Androids developer site. The human readable terms are not included in the Android documentation.4 MethodologyTo reach a deeper and more nuanced understanding of how people navigate the current Android ecosystem, we conducted semi-structured interviews in summer 2011 with 20 participants from Pittsburgh and Seattle. The interviews were exploratory in nature, seeking broad understanding of participants interactions with their smart phones as well as diving deeply into issues surrounding the display of permissions, the safety of the Android Market, and possible harms of information sharing.We recruited participants through flayers around each city and local Craigs-list postings. Each candidate filled out a short pre-survey online before the interview, which allowed us to confirm they did use an Android-enabled Smart-phone. Those participants who opted into the subsequent interview arrived at our labs and completed our consent form allowing us to make an audio recording of their interview. Following the interview participants were given the opportunity to opt-in to share their application information with us, collected through a script running on a local laptop, which we connected their phone to via USB while they watched.Participants quotes throughout the remainder of the paper are taken from transcriptions made from the audio recordings of the interviews. Participants were paid $20 for successful completion of the interview, in the form of their choices of Target, Starbucks, or Barnes & Noble gift cards.5 Demographics and Survey ResponsesOur online survey was completed by 77 participants, 20 of whom completed the lab interview. Participants P1-P6 is from Seattle, P7-P20 from Pittsburgh.10 participants is female, and 10 are male. The ages of our participants range from 19 to 48, with an average of 29. Six of our participants were in tech-related fields, the other fourteen were not. Fourteen of our participants have been using Android for less than a year, five participants reported up to two years of use, and only one reported having used Android for more than two years.6 Results and DiscussionThe following sections detail our findings and participants thoughts on various parts of the Android ecosystem. We begin with the responses to six of the ten permissions we asked participants to explain. These responses highlight the broad range of often inaccurate knowledge around the human-readable terms Android provides to users at application install. Next, we discuss general concerns, response to Android in the media, and awareness of malicious applications.6.1 Permissions Display UnderstandingHalf of our participants mentioned the existence of the permissions display before being promoted. When a participant did mention the display, we immediately showed a paper example of one (using the Face book, Pandora, or Amazon Kindle permissions, Screen 3 of Figure 1). Many reported reading, or at leastParticipant overviewPhonePhoneOSTime Using# Apps# Apps# Gender Age OccupationprovidermodelversionAndroiddownloadedreally used1Female24EducationVerizonLG AllyI am not sure1-6 months1-10A few 1-52Male48OtherVerizonHTC IncredibleFroyo1-6 months11-25A few 1-53Male44AgricultureT-MobileMotorola CliqCupcake1-2 years101+A ton 20+4Male19Food ServiceT-MobileGalaxy SEclair1-6 months11-25A bunch 6-205Female45LegalSprintHTC EVO 4GHoneycomb1-6 months1-10A bunch 6-206Female26RetailSprintSamsung ReplenishI am not sure1-6 months1-10A bunch 6-207Female34EngineeringT-MobileLG OptimusEclair7 months-1 year11-25A few 1-58Male23ComputersVerizonMotorola Droid XGingerbread7 months-1 year26-100A ton 20+9Female25OtherVerizonMotorola Droid XI am not sureLess than 1 month1-10A few 1-510 Male32EngineeringT-MobileHTC G2Eclair7 months-1 year11-25A bunch 6-2011 Female21EntertainmentSprintSomething SamsungI am not sure1-6 months1-10A few 1-512 Female22OtherT-MobileHTC MyTouch 4GI am not sure7 months-1 year11-25A few 1-513 Female21Dont workSprintHTC Evo ShiftGingerbread1-2 years1-10A few 1-514 Male20Real EstateVerizonMotorola Droid XGingerbread1-2 years101+A bunch 6-2015 Male36Media / PublishingVerizonMotorola Droid 2Froyo7 months-1 year1-10A few 1-516 Male22EngineeringSprintHTC EVO 4GGingerbread1-6 months26-100A bunch 6-2017 Male22Dont workVerizonMotorola Droid 2I am not sure1-2 years26-100A bunch 6-2018 Female23OtherT-MobileHTC G2GingerbreadMore than 2 years26-100A bunch 6-2019 Male46EngineeringAT&TGoogle Nexus OneGingerbread1-2 years26-100A bunch 6-2020 Female21EngineeringAT&TGalaxy S IIGingerbreadLess than 1 month1-10A few 1-5Table 1. Overview of out 20 survey participants. Columns 2-4, list their age, gender, and industry. Columns 5-8 list their phone provider, phone model, Android OS version, and the amount of time they have primarily used Android devices. Columns 9 and 10 show the number of apps they have downloaded and the number they report frequently using. All information is self-reported. Participants were able to identify these screens, recognized them immediately, and occasionally felt very strongly about them. When asked if he read these screens frequently, one such participant said, “Yeah, all the time. It is just so easy for those apps to do whatever they want; its a way to protect yourself I guess. Call me paranoid.” Some participants stated that they were not sure how trustworthy the permissions display was. One said of it, “Is it a requirement to be on there the market that the software tells you what it is accessing .Are they required to notify me or not, I dont know.” Unfortunately, most participants do not believe they understand the terms used and have not gone out of their way to learn what they mean. We showed a list of ten permissions with the permission group label, in the fashion they would be shown in the permissions display, to each user and asked them to explain to us their understanding of each term. Participants reacted to this task with consternation.Here we present a selection of common, surprising, and strained responses that we received on six of the ten terms we tested. Network communication: full Internet accessOf the 1100 applications reported on in Hornyacks work 7, full Internet access is by far the most requested permission, requested by 941 of the 1100 applications, or 85.5% of those surveyed. Our participants were aware of what the Internet is and understood why applications needed it. However how applications have access to it, why they would need to specify it, and how applications would function without it were often unclear. “I would think that would mean my contacts list.” P2 “Like Face book, and if it was syncing with contacts.” P7 “My telephone number.” P8 “My personal information can reach them, my name, address, phone number, email address.” P11 “Your telephone number. They go into your phone, your contacts, and then on Skype they get the number, and he is your friend in your phone. I guess that is what this is.” P18 Your accounts: act as an account authenticatorThis permission was rarely correctly identified (P3, while being unsure, has the right idea), and often described as scary. P12 explicitly said it “freaked” her out. The accounts that participant thought could be “authenticated” or, controlled, were frequently not associated with the application itself, with many participants believing applications that asked for this permission would have much wider ranging abilities. “Controlling the account? I dont know. I have zero idea.” P2 “That I dont like, I dont know what it means, my impression is that instead of me being able to authorize something, that application is saying it can.” P3 “That freaks me out. What does that mean exactly, because I am not quite sure?” P12 “I dont know is that associated with my T-mobile account?” P13 “I dont know, I guess it is in charge of whatever accounts you open up.” P18As seen above, for each of the permissions we received answers that we would grade as a misunderstanding. For some of the more obscure permissions, participants simply admitted they didnt know, or gave up. None of our participants correctly understood all of the permissions, and most participants simply repeated the words given in the human readable description, a sign they may not have had complete understanding of the concepts.Participants asked questions throughout about why applications needed the access they requested. Participants frequently asked the interviewer for examples of applications that requested the permissions we listed, as well as why they were needed. The relationship between the applications and the permissions they requested seemed, without assistance, unknowable.One participant, when asked if she thought others understood these permissions said, “No. I mean for me to have to think as much, and I have been using these things, and have been sort of a tech-geek for years. Yeah, thats concerning.” With Vidas and Felt finding that developers are misunderstanding permissions, and often applying them without need, and self-proclaimed “tech-geeks” finding the terms difficult, common users are left near helpless. The system and terms as they currently stand have not been created or explained for the average user.6.2 Application SelectionHalf of our participants mentioned the existence of the permissions display before being promoted. When a participant did mention the display, we immediately showed a paper example of one.While permission information is one vector to assist users in selecting which applications to install, many of our participants reported heavy reliance on star ratings, full text reviews, and word of mouth. These other sources of information were better understood and more trusted.While reading through the reviews was seen as time-consuming, word of mouth was a trusted way to find high quality applications. One participant recounted his frustrations with simply searching the store and why he trusted others opinions: “I feel it is very much a trial and error exercise. And that, I dont know whether that app is a piece of crap or whether it works. So when I know somebody that tells me that this app is good, that really means a lot to me.”Participants also reported hearing about apps, largely of services and products they already used, through advertisements. One participant described his experience with seeing Android app ads, “I have seen magazines and billboards. For instance Time Magazine, they have written you can also download the application.”While most of our participants said they do not purchase apps at all, others said in certain cases they would. P6 said, “I try to look for the free ones first, and if I cant find any free ones I will go ahead and buy it.”6.3 Concern over Malicious ApplicationsWe asked participants if they had heard anything about Android phones or Android applications in the news, media, or on the Internet. Participants told us about Androids increasing market share, comparisons between iOS and Android, and about a few well advertised apps.When asked a follow up, to specifically inquire on their awareness of malicious applications in the Android Market, our participants were largely unaware of any such activity. While some said they had meant to, or were intending to install anti-virus applications on their phones, most were unconcerned about the threat of malware.We attribute this lack of concern to two strands we picked up throughout the interviews. The first is an expected coping mechanism that many participants admitted to, a lack of trust in new technology. For example, participants reported an unwillingness to do banking from their phone. One participant said “I dont do banking online through my phone because that doesnt seem particularly safe to me. I prefer an actual desktop for that because I am paranoid.”The second part of this lack of concern towards malicious apps shows a deeper misunderstanding of the Android ecosystem. All of our participants, without exception, believed (or hoped) that Android, the entity, was pre-screening applications before entrance into the market. Participants elaborately described the reviews that they thought were taking place, screening not just for viruses or malware, but running usability tests (on users!), blocking applications that were too repetitive, or even screening out applications not enough people would want. They believed Android was checking for copyright or patent violations, and overall expected Android to be protecting their brand.Additionally, people were unaware of who was actually running Android. They saw it as a vague entity that they could not attribute to any specific parent company. Some knew and some guessed it was Google, others realized they had never stopped to think about that before and were simply unable to attribute the OS to any other company.7 ConclusionUsers do not understand Android permissions.Specifically, the human-readable terms displayed before installing an application are at best vague, and at worst confusing, misleading, jargon-filled, and poorly grouped? This lack of understanding makes it difficult for people, from developers to nontechnical users, to make informed decisions when installing new software on their phones. Largely, the permissions are ignored, with participants instead trusting word of mouth, ratings, and Android market reviews.Users also are largely uninformed about the existence of mal-ware or malicious applications that could be in the Android market. They have difficulty describing the possible harm that could be caused by applications
- 温馨提示:
1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
2: 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
3.本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
人人文库网所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
川公网安备: 51019002004831号