Primal Wijesekera

Learn More
We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. We performed a 36-person field study to explore the notion of “contextual integrity,” i.e., how often applications access protected resources when users are not expecting it. Based(More)
Current smartphone operating systems regulate application permissions by prompting users on an ask-on-first-use basis. Prior research has shown that this method is ineffective because it fails to account for context: the circumstances under which an application first requests access to data may be vastly different than the circumstances under which it(More)
Passwords are still the most used authentication mechanism for wide spectrum of use cases. Memorability and security of human-chosen passwords are two of the most researched areas in authentication. Mnemonics has been widely accepted as a good middle ground between memorability and security. However, it has been shown lately that mnemonics can be vulnerable(More)
Smartphones store sensitive and confidential data, e.g., business related documents or emails. If a smartphone is stolen, such data are at risk of disclosure. To mitigate this risk, modern smartphones allow users to enable data encryption, which uses a locking password to protect the data encryption key. Unfortunately, users either do not lock their devices(More)
Current mobile platforms provide privacy management interfaces to regulate how applications access sensitive data. Prior research has shown how these interfaces are insufficient from a usability standpoint: they do not allow users to make contextual decisions (i.e., different decisions for a given application based on what the user was actually doing with(More)
In recent years, a market of games and learning apps for children has flourished in the mobile world. Many of these often “free” mobile apps have access to a variety of sensitive personal information about the user, which app developers can monetize via advertising or other means. In the United States, the Children’s Online Privacy Protection Act (COPPA)(More)
  • 1