Home // International Journal On Advances in Security, volume 7, numbers 3 and 4, 2014 // View article

Respecting user privacy in mobiles: privacy by design permission system for mobile applications

Authors:
Karina Sokolova
Marc Lemercier
Jean-Baptiste Boisseau

Keywords: permission, permission system, mobile, privacy by design, privacy, transparency, control, Android, iOS, application, development, software design, pattern, mobility, design, modelling, trust

Abstract:
The Privacy by Design concept proposes to integrate the respect of user privacy into systems managing user data from the early design stage. This concept has increased in popularity and the European Union (EU) is enforcing it with a Data Protection Directive. Mobile applications have emerged onto the market and the current law and future directive is applicable to all mobile applications designed for EU users. By now it has been shown that mobile applications do not suit the Privacy by Design concept and lack transparency, consent and security. Current permission systems are judged as unclear for users. In this paper, we introduce a novel permission model suitable for mobile application that respects Privacy by Design. We show that such adapted permission system can improve not only the transparency and consent but also the security of mobile applications. Finally, we propose an example of the use of our system in mobile application.

Pages: 110 to 120

Copyright: Copyright (c) to authors, 2014. Used with permission.

Publication date: December 30, 2014

Published in: journal

ISSN: 1942-2636