Methods and systems for rating privacy risk of applications for smart phones and other mobile platforms
First Claim
1. A method, comprising:
- receiving, by a computing system, a copy of a mobile platform application designed for execution on a mobile platform, the copy including a stated purpose for the mobile platform application, the mobile platform having one or more files including personal information stored thereon;
determining, by the computing system, (i) an intended purpose of the mobile platform application, wherein determining the intended purpose of the mobile platform application includes determining what the mobile platform application does when executing on the mobile platform and evaluating the results against what the mobile platform application should be doing in order to fulfill the stated purpose, (ii) one or more files stored on or included in the mobile platform or functionalities afforded by the mobile platform that are accessed by the mobile platform application during its operation on the mobile platform, (iii) whether said accesses include accesses to the personal information and, if so, whether said accesses are consistent with the intended purpose and the stated purpose of the mobile platform application, and (iv) an overall score for the mobile platform application based upon said determinations, wherein determining whether said accesses are consistent with the intended purpose and the stated purpose of the mobile platform application involves determining one or more discrepancies between the intended purpose of the mobile platform application and the stated purpose of the mobile platform application;
determining a user configurable weighted rating for each of the discrepancies according to its impact on a user'"'"'s privacy and based on the user'"'"'s preferences;
calculating a weighted average based upon the weighted rating assigned to each of the discrepancies; and
calibrating the weighted average to determine the overall score; and
presenting the overall score to a potential user of the mobile platform application.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for evaluating and rating privacy risks posed by applications intended for deployment on mobile platforms. Validating the “intent” of a mobile platform application vis-à-vis its impact on user privacy, as viewed from an end-user'"'"'s perspective allows those end-users to make better-informed decisions concerning the downloading, installation and/or operation of mobile platform applications. In making such assessments user preferences can be taken into account. Privacy scores are provided through sales channels for the applications, thereby affording potential users the opportunity to assess whether they wish to incur the associated privacy risk, before purchasing a subject application.
-
Citations
8 Claims
-
1. A method, comprising:
-
receiving, by a computing system, a copy of a mobile platform application designed for execution on a mobile platform, the copy including a stated purpose for the mobile platform application, the mobile platform having one or more files including personal information stored thereon; determining, by the computing system, (i) an intended purpose of the mobile platform application, wherein determining the intended purpose of the mobile platform application includes determining what the mobile platform application does when executing on the mobile platform and evaluating the results against what the mobile platform application should be doing in order to fulfill the stated purpose, (ii) one or more files stored on or included in the mobile platform or functionalities afforded by the mobile platform that are accessed by the mobile platform application during its operation on the mobile platform, (iii) whether said accesses include accesses to the personal information and, if so, whether said accesses are consistent with the intended purpose and the stated purpose of the mobile platform application, and (iv) an overall score for the mobile platform application based upon said determinations, wherein determining whether said accesses are consistent with the intended purpose and the stated purpose of the mobile platform application involves determining one or more discrepancies between the intended purpose of the mobile platform application and the stated purpose of the mobile platform application; determining a user configurable weighted rating for each of the discrepancies according to its impact on a user'"'"'s privacy and based on the user'"'"'s preferences; calculating a weighted average based upon the weighted rating assigned to each of the discrepancies; and calibrating the weighted average to determine the overall score; and presenting the overall score to a potential user of the mobile platform application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification