ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Secure software installation in a mobile environment
Full text PdfPdf (198 KB)
Source
ACM International Conference Proceeding Series; Vol. 229 archive
Proceedings of the 3rd symposium on Usable privacy and security table of contents
Pittsburgh, Pennsylvania
POSTER SESSION: Posters table of contents
Pages: 155 - 156  
Year of Publication: 2007
ISBN:978-1-59593-801-5
Authors
Andreas P. Heiner  Nokia Research Center, Helsinki, Finland
N. Asokan  Nokia Research Center, Helsinki, Finland
Sponsor
: CyLab
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 7,   Downloads (12 Months): 55,   Citation Count: 0
Additional Information:

abstract   references   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1280680.1280705
What is a DOI?

ABSTRACT

Software security in mobile devices today is done by granting privileges to software, usually based on code signing. The cost of obtaining signatures and meeting strict quality requirements deters hobbyist developers from participating and contributing to application development. If a certain piece of software does not come with an acceptable signature, the mobile device may give the user the option of deciding whether that software should be granted the requested privileges. Naturally, designing the user interaction for this step without hampering usability and security is tricky. When users are simply prompted whether they want to grant certain privileges to some software, they often do not have enough information to understand the implications of this action.

We propose that using community feedback can be an effective way of helping the user to decide whether to grant privileges to software. Community feedback includes opinions and ratings on both security and functionality attributes of software. We argue that users will use community feedback to decide whether they want to use a piece of software and that the decisions to download, install, and grant necessary privileges are implied by the decision to use.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Ivan Flechais , Jens Riegelsberger , M. Angela Sasse, Divide and conquer: the role of trust and assurance in the design of secure socio-technical systems, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California  [doi>10.1145/1146269.1146280]
 
2
Stoll, J. and Park, F. Exploring Explicit Security Actions. In Proceedings of the SIGCHI conference on Human factors in computing systems(CHI '2007) (San Jose, California, USA, April 28-May 3, 2007)
 
3
Yee, Ka-Ping. Guidelines and Strategies for Secure Interaction Design In Security and Usability: Designing Secure Systems that People Can Use. Cranor, L. F. and Garfinkel, S (eds.) O'Reilly & Associates 2005 247--274
 
4
SymbianSigned.com: test criteria (https://www.symbiansigned.com/app/page/overview/testcriteria)
 
5
Wikipedia: certification (http://en.wikipedia.org/wiki/Product_certification
Collaborative Colleagues:
Andreas P. Heiner: colleagues
N. Asokan: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player