The Effectiveness of Install-Time Permission Systems for Third-Party Applications

In many modern development platforms, application permissions control third-party access to sensitive parts of the API (e.g., the camera or microphone). We study install-time permissions, which the user grants to applications during installation; different applications can receive different installtime permissions. Install-time permissions offer several advantages over traditional user-based permissions, which assign the user’s full privileges to all applications. However, these benefits rely on the assumption that applications generally require less than full privileges. We explore whether that assumption is realistic, which provides insight into the value of install-time permission. We perform case studies on two systems with install-time permissions for third-party applications, the Google Chrome extension platform and the Android OS. We collect the permission requirements of a large set of Google Chrome extensions and Android applications. From this data, we evaluate whether install-time permissions are effective at protecting users. Our results indicate that install-time application permissions have a strong positive impact on system security, but a number of changes could further improve their utility.