This publication describes methods that an application software market (application market) uses to determine a relevancy-permission score on an application software’s (application) permission requests to access resources, features, user data (e.g., calendar, photos, biometric data), and hardware (e.g., microphones, cameras, global navigation satellite system (GNSS), accelerometers). Depending on the request, an operating system (OS) or the application market may prompt a user to approve the requests. The user, however, may be unsure whether they need to accept or deny a particular permission request made by an application. The user may be unclear whether the access is needed by the application most of the time, some of the time, not needed at all, or whether the request is abusive. To aid the user make informed decisions, the application market uses fuzzing techniques, scripted journeys, data analytics, and machine-learned models to evaluate the permissions requested by the application. After such evaluation, the application market generates a relevancy-permission score for each permission requested by an application, which can be easily-understood by the user of the application before they grant or deny such permission requests.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Carbune, Victor and Feuz, Sandro, "Determining the Relevancy of Permissions Requested by an Application Software", Technical Disclosure Commons, (June 25, 2019)