Technician - The News Site of NC State University

Technician
Technician - The News Site of NC State University

Technician
Technician - The News Site of NC State University

Technician
Categories:

Professor of Computer Science protecting students’ personal info

Fritz Barnewolt, Staff Writer
April 24, 2011

 

With the advent of smart phones comes also a new set of dangers.  With so much personal information stored on users’ phones, there is an ever-present risk of data stealing by malicious applications.

In an effort to protect Android users, Dr. Xuxian Jiang, an assistant computer science professor, has developed an application used to combat threats on Android users’ personal information.

The application is called Taming Information-Stealing Smartphone Applications or TISSA for short.  The program allows a phone’s user to set parameters for what an application can and cannot access on their phone.

Many applications on the Android Market require access to system information such as: user’s location, contact lists, search history and even social information from sites such as Facebook.  With this kind of access, an app could easily get ahold personal information and either sell it or use it to put the phone’s user in a situation where all of their data has been compromised. 

TISSA uses a system in which applications are granted one of four access levels to the phone’s data.  Each application is set up so that the data it receives is: Trusted, Bogus, Anonymized or Empty.

Trusted means that the application is fully cleared to get access to any and all information it requires from the phone.  The Trusted setting should only be used for apps such as Facebook that the user knows for a fact is not malicious and will not steal information. 

If an app is granted Bogus information it is provided with random fake user information that is not relevant to the actual phone owner.  This setting would be used for apps that you believe may be harmful but still would like on your phone for whatever reason or a recently downloaded app that you are unsure of its safety.

The Anonymized setting works by providing applications with data similar to the user’s actual data when in fact it is not their own.  This would be beneficial for apps that use the phone’s location.  It would pick a random location in a ten-mile radius from the phone and use that as the phones “location” in the app. 

 For applications that are not trusted at all, users would grant Empty information.  Simply put, this setting makes it appear as though the requested information does not even exist when in fact it actually does.

With these four settings, Android users are able to fully control the access that is granted to each and every app on their device.  With proper use, the application will allow users to store nearly any information on their device without worry.

Security for smartphones is paramount in today’s society especially with the arrival of devices that can be attached to a smartphone and then read credit cards.  If a phone is storing a list of clients and all of their card numbers, high security is a must.

The application’s job is not a large one according to Jiang, “The software modification is relatively minor and could be incorporated through an over-the-air update.”

Sophomore in Political Science, Aaron Sellers, is concerned about security on his Motorola Droid.

Sellers states, “[The fact that apps can have nearly unlimited access to data] worries me somewhat, especially because there is basically no way of knowing who has my information and what they are using it for.”

When asked if he would make use of an app that limits applications’ access, such as TISSA, Sellers absolutely believed he would use one, “I would absolutely use apps that restrict data access.  Individual privacy is important to me… so software companies should take steps to limit the amount of personal info that’s floating around.”

Not all students believe their personal data is at risk.  Freshman in Sport Management, Cedric Khin, feels no need to protect his phones data.

“It doesn’t matter if [my data] is restricted, if someone wants your personal information, they’re going to get it,” Claims Khin.

The application will be presented in June in Pittsburgh, Pennsylvania at the Fourth International Conference on Trust and Trustworthy computing. 

Print this Story
More to Discover
More in News
An event organizer looks onto demonstrators piling in to hear guest speakers after the Raleigh May Day march at Bicentennial Plaza on Thursday, May 1st., 2025.
Raleigh May Day Protests
Graduating undergraduate students file into their seats before the University Commencement ceremony in Carter-Finley Stadium on Saturday, May 3, 2025. NC State conferred 7,234 degrees at the ceremony, including 5,079 bachelor’s, 1,783 master’s, 306 doctoral, and 66 associate degrees.
University Commencement Ceremony, 2025
Generic Technician Logo
International students’ SEVIS records restored after visa revocations
Bailey Lawson, a second-year studying graphic and experience design, models “The Return Home” by Mia Danford-Klein during the Art2Wear: Revive! show at the Gregg Museum of Art and Design on Thursday, April 24, 2025. “The Return Home” is a tribute to the cycle of life, death, and rebirth, and explores the balance between life’s fragility and strength using elements of nature.
Art2Wear: Revive!
A sign points students towards the Flower Moms tent at Wolf Plaza on Thursday, Nov. 14, 2024. The Free Moms engage with students every Thursday, chatting with them and giving out a variety of free goods.
Free Moms told to cancel weekly event during finals, prompting student backlash
A sign on the doors marks the continued closure of Poe Hall on Wednesday, Jan. 24, 2024. Poe Hall was closed in November 2023 due to the presence of environmental contaminants (PCBs).
Federal cuts halt Poe Hall Health Evaluation
Menu
Activate Search
Home
Professor of Computer Science protecting students’ personal info