CS 7936 — Computer Security & Privacy Seminar, Spring 2019


Wednesdays, 12:00–1:00 PM, MEB 3485/3490 (NE / Flux Conference Room)

Navigation Links: Schedule | Overview | Credit | Tips on Reading Papers | How to Access Papers

Past offerings: Fall 2018 | Spring 2018 | Fall 2017 | Summer 2017 (Unofficial) | Fall 2016 | Spring 2016 | Fall 2015 | Spring 2015

Date Presenter Topic
1/9
1/16
Exploring decision making with Android’s runtime permission dialogs using in-context surveys (Bonne et al)
More info A great deal of research on the management of user data on smartphones via permission systems has revealed significant levels of user discomfort, lack of understanding, and lack of attention. The majority of these studies were conducted on Android devices before runtime permission dialogs were widely deployed. In this paper we explore how users make decisions with runtime dialogs on smartphones with Android 6.0 or higher. We employ an experience sampling methodology in order to ask users the reasons influencing their decisions immediately after they decide. We conducted a longitudinal survey with 157 participants over a 6 week period.

We explore the grant and denial rates of permissions, overall and on a per permission type basis. Overall, our participants accepted 84% of the permission requests. We observe differences in the denial rates across permissions types; these vary from 23% (for microphone) to 10% (calendar). We find that one of the main reasons for granting or denying a permission request depends on users' expectation on whether or not an app should need a permission. A common reason for denying permissions is because users know they can change them later. Among the permissions granted, our participants said they were comfortable with 90% of those decisions — indicating that for 10% of grant decisions users may be consenting reluctantly. Interestingly, we found that women deny permissions twice as often as men.
1/23

More info
1/30

More info
2/6

More info
2/13

More info
2/20

More info
2/27

More info
3/6

More info
3/13
SPRING BREAK
More info
3/20

More info
3/27

More info
4/3

More info
4/10

More info
4/17

More info

Overview

This offering of CS 7936 will focus on reading and discussing recent papers in security and privacy research from conferences such as:

Class announcements are sent out on security-privacy@cs.utah.edu. You can subscribe at http://mailman.cs.utah.edu/mailman/listinfo/security-privacy.

Credit

Students may enroll for one (1) credit. Although the University lists the course as “variable credit,” the two- and three-credit options are not currently available.

Students enrolled in the seminar are expected to read the papers prior to the seminar. Additionally, students are expected to sign up to lead the discussion on one or more seminar meeting. Leading the disucssion means:

  1. Choosing the paper and sending it to tdenning@cs.utah.edu by 6PM Friday before the seminar meeting;
  2. Preparing a 7-10 minute summary of the paper and its pertinent points;
  3. Familiarizing yourself enough with the paper to be able to answer questions that may come up;
  4. Preparing potential discussion points if the discussion needs prompting.

Tips on Reading Papers

Some tips that might help on reading, understanding, and analyzing papers:

How to Access Papers

Some papers are free to access, while others are behind paywalls. The university has a paid subscription to most of the libraries where those papers can be found. There are several ways to access those papers: