Runtime Permission Issues in Android Apps: Taxonomy, Practices, and Ways Forward


Abstract in English

Android introduces a new permission model that allows apps to request permissions at runtime rather than at the installation time since 6.0 (Marshmallow, API level 23). While this runtime permission model provides users with greater flexibility in controlling an apps access to sensitive data and system features, it brings new challenges to app development. First, as users may grant or revoke permissions at any time while they are using an app, developers need to ensure that the app properly checks and requests required permissions before invoking any permission-protected APIs. Second, Androids permission mechanism keeps evolving and getting customized by device manufacturers. Developers are expected to comprehensively test their apps on different Andro

Download