A new approach for managing Android permissions: learning users’ preferences

Today, permissions management solutions on mobile devices employ Identity Based Access Control (IBAC) models. If this approach was suitable when people had only a few games (like Snake or Tetris) installed on their mobile phones, the current situation is different. A survey from Google in 2013 showed that, on average, french users have installed 32 applications on their Android smartphones. As a result, these users must manage hundreds of permissions to protect their privacy. Scalability of IBAC is a well-known issue and many more advanced access control models have introduced abstractions to cope with this problem. However, such models are more complex to handle by non-technical users. Thus, we present a permission management system for Android devices that (1) learns users’ privacy preferences with a novel learning algorithm, (2) proposes them abstract authorization rules, and (3) provides advanced features to manage these high-level rules. Our learning algorithm is compared to two other well-known approaches to show its efficiency. Finally, we prove this whole approach is more efficient than current permission management system by comparing it to Privacy Guard Manager.