Unlock instant, AI-driven research and patent intelligence for your innovation.

A Quantification Method of User Privacy Risk Based on Mobile Device Permissions

A user privacy and mobile device technology, applied in the field of user privacy risk assessment, can solve the problems of not considering privacy risks, researching more security risks, not targeting privacy risks, etc., achieving the effect of easy implementation and simple calculation process

Active Publication Date: 2021-07-16
RENMIN UNIVERSITY OF CHINA
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these risk management frameworks have two deficiencies in the quantitative assessment of user privacy risks: one is that it is often used to assess the possibility and magnitude of risks that system or platform resource information may encounter in IT information systems or platforms; the other is that risks are not limited to Or do not focus on privacy risks, but more research on security risks
Each of the above methods evaluates the privacy risk of the App itself, without considering the privacy risks faced by the users who use the App.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Quantification Method of User Privacy Risk Based on Mobile Device Permissions
  • A Quantification Method of User Privacy Risk Based on Mobile Device Permissions
  • A Quantification Method of User Privacy Risk Based on Mobile Device Permissions

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0029] Such as figure 1 Shown is the user personal data collection process in the mobile application scenario. It can be seen from the figure that the personal data of users using mobile devices flows through the App to the data collectors (including App developers or operators, service third parties and other third parties) ). Quantitative assessment of privacy risk refers to comprehensively assessing the user's privacy risk level based on the possibility of data leakage and the degree of data privacy hazard by identifying the source of the user's leaked data.

[0030] Such as figure 2 Shown is the authority-based mobile user privacy risk quantification model proposed by the present invention. In the present invention, the privacy risk quantification mainly focuses on three basic factors: one is the leaked data source; the other is the possibilit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a user privacy risk quantification method based on mobile device authority, which is characterized in that it comprises the following steps: 1) Obtaining the latest version content of each App by grabbing the information of each application website through the webpage, and obtaining the request authority and developer information of each App ; 2) Organize the various permissions requested by each App, and select privacy-related permissions; 3) Based on the EBIOS idea, calculate the sensitivity of each privacy-related permission and its combination; 4) Based on the App set used by the user, determine The user's authority list data and the number of data collectors corresponding to each authority; 5) Based on the user's authority list data, the number of data collectors corresponding to the authority, and the sensitivity of the authority, a user privacy risk quantification model is established, and the user privacy The risk quantification model calculates the user's privacy risk value. The present invention can be widely used in the field of quantitative evaluation of user privacy risks.

Description

technical field [0001] The present invention relates to a user privacy risk assessment method, in particular to a user privacy risk quantitative assessment method based on mobile device permissions. Background technique [0002] The traditional risk management framework proposes a series of assessment steps to assess the risks of computer systems or platforms, such as PIAs, ISO27005, EBIOS, CRAMM, etc. However, these risk management frameworks have two deficiencies in the quantitative assessment of user privacy risks: one is that it is often used to assess the possibility and magnitude of risks that system or platform resource information may encounter in IT information systems or platforms; the other is that risks are not limited to Or do not focus on privacy risks, but do more research on security risks. [0003] Privacy risk assessment is a specific quantitative study of risk assessment, which refers to identifying the source of data leakage, based on the possibility of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/62G06Q10/06
CPCG06F21/6245G06F2221/2141G06Q10/0635
Inventor 孟小峰朱敏杰
Owner RENMIN UNIVERSITY OF CHINA