Access the full text.
Sign up today, get DeepDyve free for 14 days.
Y. Gurevich, Efim Hudis, Jeannette Wing (2015)
Inverse Privacy (revised)
S. Barnes (2006)
A privacy paradox: Social networking in the United StatesFirst Monday, 11
F. Schaub, Rebecca Balebako, Adam Durity, L. Cranor (2015)
A Design Space for Effective Privacy Notices
Yangqing Jia, Evan Shelhamer, Jeff Donahue, Sergey Karayev, Jonathan Long, Ross Girshick, S. Guadarrama, Trevor Darrell (2014)
Caffe: Convolutional Architecture for Fast Feature EmbeddingProceedings of the 22nd ACM international conference on Multimedia
M. Ankerst, M. Breunig, H. Kriegel, J. Sander (1999)
OPTICS: ordering points to identify the clustering structure
A. Felt, Erika Chin, Steve Hanna, D. Song, D. Wagner (2011)
Android permissions demystified
Huber (2013)
Large - scale evaluation of social networking apps in Proceedings of the First ACM Conference on Online Social Networks ser New York ppUSA, 16
Wang (2013)
Privacy nudges for social media : An exploratory facebook study in Proceedings of the Nd International Conference on ser WWW Companion Republic of Switzerland Web Conferences Steering Committee ppWorld Wide Web International World Wide, 24
“Google compute engine down by 10%, 240 million drive users,”
Krizhevsky (2012)
Imagenet classification with deep convolutional neural networks in Advances in neural information processing systems, 20
D. Bates, M. Machler, B. Bolker, S. Walker (2014)
Fitting Linear Mixed-Effects Models Using lme4Journal of Statistical Software, 67
T. Hothorn, F. Bretz, P. Westfall (2008)
Simultaneous Inference in General Parametric ModelsBiometrical Journal, 50
Tsoumakas (2010)
Mining multi label data in and Handbook USData Mining Knowledge Discovery, 23
Kelley (2013)
Privacy as part of the app decision - making process in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems ser CHI New York ppUSA, 18
Klontz (2013)
Open source biometric recognition in Theory Applications and Systems Sixth International Conference on SeptBiometrics IEEE, 19
Bates
Fitting linear mixed - effects models using lme of vol no ppJournal Statistical Software
B. Anderson, C. Kirwan, Jeffrey Jenkins, David Eargle, Seth Howard, Anthony Vance (2015)
How Polymorphic Warnings Reduce Habituation in the Brain: Insights from an fMRI StudyProceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems
Barnes (2006)
privacy paradox Social networking in the united states First vol no
Pandita (2013)
Towards automating risk assessment of mobile applications in Proceedings of the Conference on Security ser SEC CA ppUSA Association, 21
A. Felt, K. Greenwood, D. Wagner (2011)
The Effectiveness of Application Permissions
Markus Huber, M. Mulazzani, S. Schrittwieser, E. Weippl (2013)
Appinspect: large-scale evaluation of social networking apps
M. Harbach, M. Hettig, Susanne Weber, Matthew Smith (2014)
Using personal examples to improve risk communication for security & privacy decisionsProceedings of the SIGCHI Conference on Human Factors in Computing Systems
Yang Wang, P. Leon, Kevin Scott, Xiaoxuan Chen, A. Acquisti, L. Cranor (2013)
Privacy nudges for social media: an exploratory Facebook studyProceedings of the 22nd International Conference on World Wide Web
P. Bishop, D. Gu, A. Clapp (2000)
Climate under impermeable protective clothingInternational Journal of Industrial Ergonomics, 25
Chia (2012)
Is this app safe large scale study on application permissions and risk signals in Proceedings of the st International Conference on World Wide ser WWW New York ppWeb USA, 21
Jia (2014)
architecture for fast feature embedding arXiv preprint arXiv, 17
Doug Downey, M. Broadhead, Oren Etzioni (2007)
Locating Complex Named Entities in Web Text
– Via Google Drive API, we extract, for each topic t i , a list U ( t i ) of collaborators (based on files it appeared in)
Then we select from these topics a subset S t that only includes the ones which appeared in shared files
Hamza Harkous, Rameez Rahman, K. Aberer (2014)
C3P: Context-Aware Crowdsourced Cloud Privacy
Immediate Insights Group ( IM group)
M. Wogalter, B. Racicot, M. Kalsher, S. Simpson (1994)
Personalization of warning signs: The role of perceived relevance on behavioral complianceInternational Journal of Industrial Ergonomics, 14
Joshua Klontz, Brendan Klare, Scott Klum, Anil Jain, M. Burge (2013)
Open source biometric recognition2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS)
Y. Gurevich, Jeannette Wing (2015)
Inverse privacyCommunications of the ACM, 59
W. Enck, Peter Gilbert, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, P. Mcdaniel, Anmol Sheth (2010)
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
Grigorios Tsoumakas, I. Katakis, I. Vlahavas (2010)
Mining Multi-label Data
Anderson
How polymorphic warnings reduce habituation in the Insights from an fmri study in Proceedings of the rd Annual ACM Conference on Human Factors in Computing Systems ser CHI New ppbrain USA, 15
Ankerst (1999)
Optics Ordering points to identify the clustering structure in Proceedings of the International Conference on Management of Data ser New York ppUSA
Chunhui Zhu, Fang Wen, Jian Sun (2011)
A rank-order distance based clustering algorithm for face taggingCVPR 2011
Felt (2011)
The effectiveness of application permissions in Proceedings of the Conference on Web Application Development ser CA ppUSA Association, 11
Harbach (2014)
Using personal examples to improve risk communication for security & privacy decisions in Proceedings of the ACM Conference on Human Factors in Computing Systems ser CHI New York ppAnnual USA, 13
Schaub
design space for effective privacy notices in Proceedings of the Eleventh Symposium on Usable Privacy andSecurity, 22
Hothorn (2008)
Simultaneous inference in general parametric models vol no ppBiometrical Journal, 15
Patrick Kelley, L. Cranor, N. Sadeh (2013)
Privacy as part of the app decision-making processProceedings of the SIGCHI Conference on Human Factors in Computing Systems
Rahul Pandita, Xusheng Xiao, Wei Yang, W. Enck, Tao Xie (2013)
WHYPER: Towards Automating Risk Assessment of Mobile Applications
Zhu (2011)
rank - order distance based clustering algorithm for face tagging in Proceedings of the Conference on Computer Vision and ser ppIEEE Pattern Recognition USA IEEE Computer Society, 26
Pern Chia, Yusuke Yamamoto, N. Asokan (2012)
Is this app safe?: a large scale study on application permissions and risk signalsProceedings of the 21st international conference on World Wide Web
A. Krizhevsky, Ilya Sutskever, Geoffrey Hinton (2012)
ImageNet classification with deep convolutional neural networksCommunications of the ACM, 60
Health apps run into privacy snags http://www.ft.com/ cms/s/0/b709cf4a-12dd-11e3-a05e-00144feabdc0.html, accessed
Abstract Third party apps that work on top of personal cloud services, such as Google Drive and Drop-box, require access to the user’s data in order to provide some functionality. Through detailed analysis of a hundred popular Google Drive apps from Google’s Chrome store, we discover that the existing permission model is quite often misused: around two-thirds of analyzed apps are over-privileged, i.e., they access more data than is needed for them to function. In this work, we analyze three different permission models that aim to discourage users from installing over-privileged apps. In experiments with 210 real users, we discover that the most successful permission model is our novel ensemble method that we call Far-reaching Insights. Far-reaching Insights inform the users about the data-driven insights that apps can make about them (e.g., their topics of interest, collaboration and activity patterns etc.) Thus, they seek to bridge the gap between what third parties can actually know about users and users’ perception of their privacy leakage. The efficacy of Far-reaching Insights in bridging this gap is demonstrated by our results, as Far-reaching Insights prove to be, on average, twice as effective as the current model in discouraging users from installing over-privileged apps. In an effort to promote general privacy awareness, we deployed PrivySeal, a publicly available privacy-focused app store that uses Far-reaching Insights. Based on the knowledge extracted from data of the store’s users (over 115 gigabytes of Google Drive data from 1440 users with 662 installed apps), we also delineate the ecosystem for 3rd party cloud apps from the standpoint of developers and cloud providers. Finally, we present several general recommendations that can guide other future works in the area of privacy for the cloud. To the best of our knowledge, ours is the first work that tackles the privacy risk posed by 3rd party apps on cloud platforms in such depth.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Oct 1, 2016
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.