Next Article in Journal / Special Issue
Evaluating Awareness and Perception of Botnet Activity within Consumer Internet-of-Things (IoT) Networks
Previous Article in Journal
Hybrid Design Tools—Image Quality Assessment of a Digitally Augmented Blackboard Integrated System
Open AccessArticle

What Is This Sensor and Does This App Need Access to It?

School of Computing, Newcastle University, Newcastle upon Tyne NE4 5TG, UK
*
Authors to whom correspondence should be addressed.
This paper was presented at the International Workshop on Socio-Technical Aspects in Security and Trust (STAST), Orlando, FL, USA, 5 December 2017.
Informatics 2019, 6(1), 7; https://doi.org/10.3390/informatics6010007
Received: 30 November 2018 / Revised: 9 January 2019 / Accepted: 18 January 2019 / Published: 24 January 2019
(This article belongs to the Special Issue Human Factors in Security and Privacy in IoT (HFSP-IoT))
Mobile sensors have already proven to be helpful in different aspects of people’s everyday lives such as fitness, gaming, navigation, etc. However, illegitimate access to these sensors results in a malicious program running with an exploit path. While the users are benefiting from richer and more personalized apps, the growing number of sensors introduces new security and privacy risks to end users and makes the task of sensor management more complex. In this paper, first, we discuss the issues around the security and privacy of mobile sensors. We investigate the available sensors on mainstream mobile devices and study the permission policies that Android, iOS and mobile web browsers offer for them. Second, we reflect the results of two workshops that we organized on mobile sensor security. In these workshops, the participants were introduced to mobile sensors by working with sensor-enabled apps. We evaluated the risk levels perceived by the participants for these sensors after they understood the functionalities of these sensors. The results showed that knowing sensors by working with sensor-enabled apps would not immediately improve the users’ security inference of the actual risks of these sensors. However, other factors such as the prior general knowledge about these sensors and their risks had a strong impact on the users’ perception. We also taught the participants about the ways that they could audit their apps and their permissions. Our findings showed that when mobile users were provided with reasonable choices and intuitive teaching, they could easily self-direct themselves to improve their security and privacy. Finally, we provide recommendations for educators, app developers, and mobile users to contribute toward awareness and education on this topic. View Full-Text
Keywords: mobile sensors; IoT sensors; sensor security; security education; app permission; mobile security awareness; user privacy; user security; sensor attacks mobile sensors; IoT sensors; sensor security; security education; app permission; mobile security awareness; user privacy; user security; sensor attacks
Show Figures

Figure 1

MDPI and ACS Style

Mehrnezhad, M.; Toreini, E. What Is This Sensor and Does This App Need Access to It? Informatics 2019, 6, 7.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop