The rapid growth of mobile applications has imposed new threats to privacy: users often find it challenging to ensure that their privacy policies are consistent with the requirements of a diverse range of of mobile applications that access personal information under different contexts. This problem exacerbates when applications depend on each other and therefore share permissions to access resources in ways that are opaque to an end-user. To meet the needs of representing privacy requirements and of resolving dependencies issues in privacy policies, we propose an extension to the P-RBAC model for reasoning about plausible scenarios that can exploit such weaknesses of mobile systems. This work has been evaluated using the case studies on several Android mobile applications
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.