Android smartphone apps
: privacy concerns of unregulated permissions on social and psychological contracts

  • Kathryn Carstens

Student thesis: Doctoral Thesis

Abstract

This research describes how security was being implemented in the smartphone marketplace, specifically on Android smartphones.
The initial work concentrated on security and antivirus app permissions and the APIs that were called. The gap between permissions and functionality was examined.
The first stage involved the antivirus apps that were available in 2011. All 22 free and commercial apps were compared and investigated to determine if there was any relationship between the functions and permissions requested between the two variants. A process tool was developed to extract and analyse the apps.
Stage two, in 2015, consisted of an update of the earlier 2011 investigation and was performed to determine the maturity of antivirus apps over the 4 years. All 67 apps in 2015 were compared to the apps from 2011 and the changes between the apps were evaluated. There were some tools available that could assist in this investigation and the extraction and an automated analysis method was developed called Permission Extraction and Method Process (P.E.M.P.). This reduced the extraction and evaluation processing times from 10 hours for 20 apps to less than 30 minutes. Subsequent development has reduced the time further.
In Stage 3, the research moved from analysis of security apps to analyzing 60 free Children’s apps. As the market place had evolved to supplying apps with adware or in-app purchases rather than offering paid apps, 20 of the top free game apps for each age group; 0-5 years, 6-9 years and over 9 years. The research concentrated initially on the evaluation of privacy and security of children with the apps installed and if there were differences between the permissions requested in the different age groups.
Stage 4 of the research developed and created a model of the impact of social and psychological contracts through the installation and use of the apps. In addition, this thesis makes contribution of a model for the comparison of an app to evaluate the user’s expectation of privacy and if the app is fulfilling the social contract between the user, developer and marketplace owner.
Date of AwardJun 2018
Original languageEnglish
Awarding Institution
  • University of Portsmouth
SupervisorCarl Adams (Supervisor)

Cite this

'