Don't Bite Off More than You Can Chew: Investigating Excessive Permission Requests in Trigger-Action Integrations
Pages 3106 - 3116
Abstract
Web-based trigger-action platforms (TAP) allow users to integrate Internet of Things (IoT) systems and online services into trigger-action integrations (TAIs), facilitating rich automation tasks known as applets. Despite their benefits, these integrations~(typically involving the TAP, trigger, and action service providers) pose significant security and privacy challenges, such as mis-triggering and data leakage. This work investigates cross-entity permission management within TAIs to address the underlying causes of these security and privacy issues, emphasizing permission-functionality consistency to ensure fairness in permission requests. We introduce PFCon, a system that leverages GPT-based language models for analyzing required and requested permissions, revealing excessive permission requests in a large-scale study of IFTTT TAP. Our findings highlight the need for service providers to enforce permission-functionality consistency, raising awareness of the importance of security and privacy in TAI.
Supplemental Material
MP4 File
Video presentation
- Download
- 1420.53 MB
MP4 File
Supplemental video
- Download
- 10.09 MB
References
[1]
2022. General Data Protection Regulation . https://gdpr-info.eu/. Online; Accessed: 2022-08-01.
[2]
2022. IFTTT homepage. https://ifttt.com/. Online; Accessed: 2022-08-01.
[3]
2022. OAuth 2.0 Rich Authorization Requests . https://datatracker.ietf.org/doc/ html/draft-ietf-oauth-rar-12. Online; Accessed: 2022-08-01.
[4]
2022. OAuth protocol. https://oauth.net/. Online; Accessed: 2022-08-01.
[5]
2022. Zapier homepage. https://zapier.com/. Online; Accessed: 2022-08-01.
[6]
2023. AppSensus Homepage. https://www.appcensus.io/search. Online; Accessed: 2023-01--15.
[7]
2023. De Swert K. Calculating inter-coder reliability in media content analysis using Krippendorff's Alpha. http://www.polcomm.org/wp-content/uploads/ ICR01022012.pdf. Online; Accessed: 2023-04--27.
[8]
2023. IFTTT Statistics and Facts. https://expandedramblings.com/index.php/iftttstatistics- and-facts/. Online; Accessed: 2023-02--10.
[9]
MohammadMAhmadpanah, Daniel Hedin, and Andrei Sabelfeld. 2023. LazyTAP: On-Demand Data Minimization for Trigger-Action Applications. In 2023 IEEE Symposium on Security and Privacy (SP). IEEE, 3079--3097.
[10]
Benjamin Andow, Samin Yaseer Mahmud,WenyuWang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie. 2019. PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 585--602. https://www.usenix.org/conference/usenixsecurity19/presentation/andow
[11]
Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman. 2020. Actions speak louder than words:{Entity-Sensitive} privacy policy and data flowanalysis with {PoliCheck}. In 29th USENIX Security Symposium (USENIX Security 20). 985--1002.
[12]
David G Balash, Xiaoyuan Wu, Miles Grant, Irwin Reyes, and Adam J Aviv. 2022. Security and Privacy Perceptions of {Third-Party} Application Access for Google Accounts. In 31st USENIX Security Symposium (USENIX Security 22). 3397--3414.
[13]
Iulia Bastys, Musard Balliu, and Andrei Sabelfeld. 2018. If this then what? Controlling flows in IoT apps. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 1102--1119.
[14]
Lei Bu, Qiuping Zhang, Suwan Li, Jinglin Dai, Guangdong Bai, Kai Chen, and Xuandong Li. 2023. Security Checking of Trigger-Action-Programming Smart Home Integrations. In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. 639--651.
[15]
Sébastien Bubeck, Varun Chandrasekaran, Ronen Eldan, Johannes Gehrke, Eric Horvitz, Ece Kamar, Peter Lee, Yin Tat Lee, Yuanzhi Li, Scott Lundberg, et al. 2023. Sparks of artificial general intelligence: Early experiments with gpt-4. arXiv preprint arXiv:2303.12712 (2023).
[16]
Z Berkay Celik, Leonardo Babun, Amit Kumar Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, and A Selcuk Uluagac. 2018. Sensitive information tracking in commodity {IoT}. In 27th USENIX Security Symposium (USENIX Security 18). 1687--1704.
[17]
Z Berkay Celik, Patrick McDaniel, and Gang Tan. 2018. Soteria: Automated {IoT} Safety and Security Analysis. In 2018 USENIX Annual Technical Conference (USENIX ATC 18). 147--158.
[18]
Yunang Chen, Mohannad Alhanahnah, Andrei Sabelfeld, Rahul Chatterjee, and Earlence Fernandes. 2022. Practical Data Access Minimization in Trigger-Action Platforms. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 2929--2945. https://www.usenix.org/conference/ usenixsecurity22/presentation/chen-yunang-practical
[19]
Yunang Chen, Amrita Roy Chowdhury, Ruizhe Wang, Andrei Sabelfeld, Rahul Chatterjee, and Earlence Fernandes. 2021. Data privacy in trigger-action systems. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 501--518.
[20]
Camille Cobb, Milijana Surbatovich, Anna Kawakami, Mahmood Sharif, Lujo Bauer, Anupam Das, and Limin Jia. 2020. How Risky Are Real Users' IFTTT Applets?. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). USENIX Association, 505--529. https://www.usenix.org/conference/soups2020/ presentation/cobb
[21]
Zheran Fang,Weili Han, and Yingjiu Li. 2014. Permission based Android security: Issues and countermeasures. computers & security 43 (2014), 205--218.
[22]
Adrienne Porter Felt, Serge Egelman, and David Wagner. 2012. I've got 99 problems, but vibration ain't one: a survey of smartphone users' concerns. In Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices. 33--44.
[23]
Earlence Fernandes, Amir Rahmati, Jaeyeon Jung, and Atul Prakash. 2018. Decentralized action integrity for trigger-action IoT platforms. In Proceedings 2018 Network and Distributed System Security Symposium.
[24]
Vijay K Garg. 2015. Introduction to lattice theory with computer science applications. John Wiley & Sons.
[25]
Hamza Harkous, Sai Teja Peddinti, Rishabh Khandelwal, Animesh Srivastava, and Nina Taft. 2022. Hark: A Deep Learning System for Navigating Privacy Feedback at Scale. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 2469--2486.
[26]
Mitra Bokaei Hosseini, Travis D Breaux, Rocky Slavin, Jianwei Niu, and Xiaoyin Wang. 2021. Analyzing privacy policies through syntax-driven semantic analysis of information types. Information and Software Technology 138 (2021), 106608.
[27]
Mitra Bokaei Hosseini, John Heaps, Rocky Slavin, Jianwei Niu, and Travis Breaux. 2021. Ambiguity and Generality in Natural Language Privacy Policies. In 2021 IEEE 29th International Requirements Engineering Conference (RE). IEEE, 70--81.
[28]
Kai-Hsiang Hsu, Yu-Hsi Chiang, and Hsu-Chun Hsiao. 2019. Safechain: Securing trigger-action programming from attack chains. IEEE Transactions on Information Forensics and Security 14, 10 (2019), 2607--2622.
[29]
Yunhan Jack Jia, Qi Alfred Chen, ShiqiWang, Amir Rahmati, Earlence Fernandes, Zhuoqing Morley Mao, Atul Prakash, and SJ Unviersity. 2017. ContexloT: Towards providing contextual integrity to appified IoT platforms. In NDSS, Vol. 2. San Diego, 2--2.
[30]
Klaus Krippendorff. 2018. Content analysis: An introduction to its methodology. Sage publications.
[31]
Jiachang Liu, Dinghan Shen, Yizhe Zhang, Bill Dolan, Lawrence Carin, and Weizhu Chen. 2022. What Makes Good In-Context Examples for GPT-3?. In Proceedings of Deep Learning Inside Out: The 3rdWorkshop on Knowledge Extraction and Integration for Deep Learning Architectures, DeeLIO@ACL 2022, Dublin, Ireland and Online, May 27, 2022, Eneko Agirre, Marianna Apidianaki, and Ivan Vulic (Eds.). Association for Computational Linguistics, 100--114. https://doi.org/10. 18653/v1/2022.deelio-1.10
[32]
Kulani Mahadewa, Yanjun Zhang, Guangdong Bai, Lei Bu, Zhiqiang Zuo, Dileepa Fernando, Zhenkai Liang, and Jin Song Dong. 2021. Identifying privacy weaknesses from multi-party trigger-action integration platforms. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis. 2--15.
[33]
Kulani Tharaka Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong, and Zhenkai Liang. 2018. HOMESCAN: Scrutinizing Implementations of Smart Home Integrations. In 2018 23rd International Conference on Engineering of Complex Computer Systems (ICECCS). 21--30. https://doi.org/10.1109/ICECCS2018. 2018.00011
[34]
Mark Huasong Meng, Qing Zhang, Guangshuai Xia, Yuwei Zheng, Yanjun Zhang, Guangdong Bai, Zhi Liu, Sin G Teo, and Jin Song Dong. 2023. Post-GDPR threat hunting on android phones: dissecting OS-level safeguards of user-unresettable identifiers. In The Network and Distributed System Security Symposium (NDSS).
[35]
Jerome H Saltzer and Michael D Schroeder. 1975. The protection of information in computer systems. Proc. IEEE 63, 9 (1975), 1278--1308.
[36]
R.S. Sandhu. 1993. Lattice-based access control models. Computer 26, 11 (1993), 9--19. https://doi.org/10.1109/2.241422
[37]
Faysal Hossain Shezan, Kaiming Cheng, Zhen Zhang, Yinzhi Cao, and Yuan Tian. 2020. TKPERM: cross-platform permission knowledge transfer to detect overprivileged third-party applications. In Network and Distributed Systems Security (NDSS) Symposium.
[38]
Milijana Surbatovich, Jassim Aljuraidan, Lujo Bauer, Anupam Das, and Limin Jia. 2017. Some recipes can do more than spoil your appetite: Analyzing the security and privacy risks of IFTTT recipes. In Proceedings of the 26th International Conference on World Wide Web. 1501--1510.
[39]
Qi Wang, Pubali Datta, Wei Yang, Si Liu, Adam Bates, and Carl A Gunter. 2019. Charting the attack surface of trigger-action IoT platforms. In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security. 1439-- 1453.
[40]
Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl Gunter. 2018. Fear and logging in the internet of things. In Network and Distributed Systems Symposium.
[41]
Xiaoyin Wang, Xue Qin, Mitra Bokaei Hosseini, Rocky Slavin, Travis D Breaux, and Jianwei Niu. 2018. Guileak: Tracing privacy policy claims on user input data for android applications. In Proceedings of the 40th International Conference on Software Engineering. 37--47.
[42]
Jason Wei, Xuezhi Wang, Dale Schuurmans, Maarten Bosma, Ed H. Chi, Quoc Le, and Denny Zhou. 2022. Chain of Thought Prompting Elicits Reasoning in Large Language Models. CoRR abs/2201.11903 (2022). arXiv:2201.11903 https: //arxiv.org/abs/2201.11903
[43]
Fuman Xie, Yanjun Zhang, Chuan Yan, Suwan Li, Lei Bu, Kai Chen, Zi Huang, and Guangdong Bai. 2022. Scrutinizing privacy policy compliance of virtual personal assistant apps. In 37th IEEE/ACM International Conference on Automated Software Engineering. 1--13.
[44]
Lefan Zhang, Weijia He, Jesse Martinez, Noah Brackenbury, Shan Lu, and Blase Ur. 2019. AutoTap: synthesizing and repairing trigger-action programs using LTL properties. In 2019 IEEE/ACM 41st international conference on software engineering (ICSE). IEEE, 281--291.
[45]
Lefan Zhang, Weijia He, Olivia Morkved, Valerie Zhao, Michael L Littman, Shan Lu, and Blase Ur. 2020. Trace2tap: Synthesizing trigger-action programs from traces of behavior. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 4, 3 (2020), 1--26.
[46]
Shiyu Zhang, Juan Zhai, Lei Bu, Mingsong Chen, LinzhangWang, and Xuandong Li. 2020. Automated generation of ltl specifications for smart home iot using natural language. In 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 622--625.
Index Terms
- Don't Bite Off More than You Can Chew: Investigating Excessive Permission Requests in Trigger-Action Integrations
Recommendations
Identifying privacy weaknesses from multi-party trigger-action integration platforms
ISSTA 2021: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and AnalysisWith many trigger-action platforms that integrate Internet of Things (IoT) systems and online services, rich functionalities transparently connecting digital and physical worlds become easily accessible for the end users. On the other hand, such ...
Constraints for Permission-Based Delegations
CITWORKSHOPS '08: Proceedings of the 2008 IEEE 8th International Conference on Computer and Information Technology WorkshopsPermission-Based Delegation Model (PBDM) is a flexible model for delegation of authority in RBAC. It supports permission level delegation through temporary delegation roles. Multi-step delegation is also supported. However, constraints for PBDM have not ...
An Investigation of Comic-Based Permission Requests
Secure IT SystemsAbstractResearch suggests that permission requests do not adequately inform users about the implications of granting or denying such requests. It is important that informed consent is given should users grant the request. This paper reports on the results ...
Comments
Information & Contributors
Information
Published In
May 2024
4826 pages
ISBN:9798400701719
DOI:10.1145/3589334
- General Chairs:
- Tat-Seng Chua,
- Chong-Wah Ngo,
- Proceedings Chair:
- Roy Ka-Wei Lee,
- Program Chairs:
- Ravi Kumar,
- Hady W. Lauw
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 13 May 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
WWW '24
Sponsor:
Acceptance Rates
Overall Acceptance Rate 1,899 of 8,196 submissions, 23%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 73Total Downloads
- Downloads (Last 12 months)73
- Downloads (Last 6 weeks)11
Reflects downloads up to 30 Aug 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in