Next Article in Journal / Special Issue
Evaluating Awareness and Perception of Botnet Activity within Consumer Internet-of-Things (IoT) Networks
Previous Article in Journal
Hybrid Design Tools—Image Quality Assessment of a Digitally Augmented Blackboard Integrated System
Article Menu

Export Article

Open AccessArticle
Informatics 2019, 6(1), 7; https://doi.org/10.3390/informatics6010007

What Is This Sensor and Does This App Need Access to It?

School of Computing, Newcastle University, Newcastle upon Tyne NE4 5TG, UK
*
Authors to whom correspondence should be addressed.
This paper was presented at the International Workshop on Socio-Technical Aspects in Security and Trust (STAST), Orlando, FL, USA, 5 December 2017.
Received: 30 November 2018 / Revised: 9 January 2019 / Accepted: 18 January 2019 / Published: 24 January 2019
(This article belongs to the Special Issue Human Factors in Security and Privacy in IoT (HFSP-IoT))
Full-Text   |   PDF [1244 KB, uploaded 5 March 2019]   |  

Abstract

Mobile sensors have already proven to be helpful in different aspects of people’s everyday lives such as fitness, gaming, navigation, etc. However, illegitimate access to these sensors results in a malicious program running with an exploit path. While the users are benefiting from richer and more personalized apps, the growing number of sensors introduces new security and privacy risks to end users and makes the task of sensor management more complex. In this paper, first, we discuss the issues around the security and privacy of mobile sensors. We investigate the available sensors on mainstream mobile devices and study the permission policies that Android, iOS and mobile web browsers offer for them. Second, we reflect the results of two workshops that we organized on mobile sensor security. In these workshops, the participants were introduced to mobile sensors by working with sensor-enabled apps. We evaluated the risk levels perceived by the participants for these sensors after they understood the functionalities of these sensors. The results showed that knowing sensors by working with sensor-enabled apps would not immediately improve the users’ security inference of the actual risks of these sensors. However, other factors such as the prior general knowledge about these sensors and their risks had a strong impact on the users’ perception. We also taught the participants about the ways that they could audit their apps and their permissions. Our findings showed that when mobile users were provided with reasonable choices and intuitive teaching, they could easily self-direct themselves to improve their security and privacy. Finally, we provide recommendations for educators, app developers, and mobile users to contribute toward awareness and education on this topic. View Full-Text
Keywords: mobile sensors; IoT sensors; sensor security; security education; app permission; mobile security awareness; user privacy; user security; sensor attacks mobile sensors; IoT sensors; sensor security; security education; app permission; mobile security awareness; user privacy; user security; sensor attacks
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Mehrnezhad, M.; Toreini, E. What Is This Sensor and Does This App Need Access to It? Informatics 2019, 6, 7.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Informatics EISSN 2227-9709 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top