摘要
针对终端设备中各类应用程序,在用户"不知情"的情况下,过度索权及过度访问数据,造成授权和服务不等价的现象,综合考虑用户隐私偏好、权限的合理性和对数据的访问频率对应用程序的隐私风险进行量化,并通过应用程序功能与运行时间的集成进行可用性评估.最后,设计了隐私风险和可用性的收益函数,采用多起点局部搜索算法计算最优权限授权方案.实验结果表明权限授权推荐方法可以使用户做出知情的隐私决策,并获取最大收益.
Many kinds of applications in terminal equipment have the problem of over-claim rightsand over-access data“without the users’knowledge”,resulting in unequal authorization and service.To solve this problem,the privacy risks of the APP is quantified by comprehensively considering the user’s privacy preferences,the rationality of permission and the frequency of access on data.Meanwhile,the usability assessment is performed by using the integration of application function and running time.Finally,the benefit function of privacy risks and usability is designed and a multiple-start local search algorithm is used to capture the optimal permission authorization scheme.The experimental results show thatthe authorization recommendation method in this paper can enable users to make informed privacy decisions and obtain the maximum earnings.
作者
张娇美
叶阿勇
金俊林
张桢萍
ZHANG Jiaomei;YE Ayong;JIN Junlin;ZHANG Zhenping(College of Computer and Cyber Security,Fujian Normal University,Fuzhou 350117,China;Fujian Provincial Key Laboratory of Network Security and Cryptology,Fuzhou 350117,China)
出处
《福建师范大学学报(自然科学版)》
CAS
2021年第6期22-27,45,共7页
Journal of Fujian Normal University:Natural Science Edition
基金
国家自然科学基金资助项目(61972096、61771140、61872088、61872090)
福建省教育厅科技项目(JAT170115)。
