Skip to main content

Seminar:  Mobile App Security and Privacy: An Overview of Recent Research Results and their Implications

Date:November 4, 2013 
Talk Title:Mobile App Security and Privacy: An Overview of Recent Research Results and their Implications
Speaker:Norman Sadeh
Time & Location:12:00pm - 1:00pm
CIC Building, Pittsburgh


Over 100 billion mobile apps will be downloaded in 2013, generating around 26 billion dollars in revenue. As the Android and iOS ecosystems continue to compete for both developers and end-users, they are also finding that making large numbers of APIs accessible by developers can give rise to challenging security and privacy issues. Most recently, this trend has resulted in an explosion in the number of mobile app privacy settings (or “permissions”) both iOS and Android users are expected to configure, exposing a fundamental tension between privacy and usability. In this presentation, we will discuss recent results that suggest the number of privacy decisions users have to make could be drastically reduced using a small number of privacy preference profiles.

The explosion in the number of permission settings made available to mobile app users is also an indication that app stores such as iTunes and Google Play are competing for user trust and want to be known for offering quality apps to their users. But when you have hundreds of thousands of apps in your store, with many of these apps getting regular updates, keeping up and checking every app can be challenging. In the second part of this talk, I will discuss how statistical linguistic analysis of mobile app reviews might enable app stores to supplement their existing review processes.

Part of the research presented in this talk was conducted jointly with Jialiu Lin, Bin Liu, Bin Fu, Lei Li, Christos Faloutsos and Jason Hong.

Speaker Bio

Norman Sadeh is a Professor in the School of Computer Science at Carnegie Mellon University. He is director of Carnegie Mellon’s e-Supply Chain Management Laboratory, director of its Mobile Commerce Laboratory, and co-Director of the School’s PhD Program in Computation, Organizations and Society. He also co-directs the newly created MBA track in Technology Leadership launched jointly by the Tepper School of Business and the School of Computer Science.. As part of his activities, he teaches, conducts research and provides consulting services in the areas of Supply Chain Management, Planning and Scheduling, Agent Technologies, Automated Negotiation, Workflow Management, the Semantic Web, Mobile and Pervasive Computing and Information Privacy and Security. He is also interested in the broader business, social and policy implications associated with the emerging Information Society.

Dr. Sadeh has been on the faculty at CMU since 1991. He built his initial reputation in the area of planning, scheduling and constraint satisfaction, developing techniques and tools that have been used by a number of companies and government organizations. He is also well-known for his seminal research in supply chain management and mixed initiative workflow management, which has influenced technical and commercial developments at several large companies.

Over the past few years, Norman has conducted pioneering research in web commerce, security and privacy. Other recent accomplishments include the design and launch of the international Supply Chain Trading Agent Competition (TAC-SCM), an international competition that has attracted over 150 entries from 60 teams coming from 21 different countries.