移动应用权限设计对其市场表现的影响  

作　　者：陈璐[1] 刘鑫慧 康乐乐[2] CHEN Lu;LIU Xinhui;KANG Lele(Antai College of Economics&Management,Shanghai Jiaotong University,Shanghai 200030,China;Laboratory of Data Intelligence and Interdisciplinary Innovation&School of Information Management,Nanjing University,Nanjing 210093,China)

机构地区：[1]上海交通大学安泰经济与管理学院,上海200030 [2]南京大学数据智能与交叉创新实验室、信息管理学院,江苏南京210093

出　　处：《管理工程学报》2024年第3期29-45,共17页Journal of Industrial Engineering and Engineering Management

基　　金：国家自然科学基金项目(72072087、71802017);国家哲学社会科学基金重大项目(20&ZD154)。

摘　　要：移动应用权限的调用涉及用户个人信息,会影响用户对于隐私风险的判断,进而影响用户下载决策。本文基于隐私关注理论和隐私计算理论,提出移动应用设计中调用权限的合理度和敏感度会影响其市场绩效,而这一效应被移动应用的功能丰富性所调节。权限合理度以同类别应用的平均权限水平为依据,敏感度以调用危险权限的程度为度量标准。低于正常合理水平的移动应用可能存在功能缺陷,而高于正常敏感水平的应用则可能引发用户的隐私担忧,合理性和敏感度交互作用,最终影响用户的下载决策和应用市场绩效。为识别移动应用的权限合理性及敏感性,本研究利用移动应用权限说明文本构建了权限向量,再以类别平均水平和危险权限调用程度为分类依据将应用权限划分为四类,确定了移动应用的正常权限过度系数、正常权限不足系数、危险权限过度系数、危险权限不足系数。通过采集小米应用市场中移动应用的权限说明、市场表现等相关数据,构建了包含33772条记录的面板数据进行了实证检验。实证研究的结果显示:危险权限申请略低于类别平均水平能正向促进应用绩效,相反,权限申请量超出“最优权限”则会降低应用排名,尤其是危险权限。对于功能较为丰富的应用而言,权限属性对用户隐私风险感知的影响程度更高。本研究一方面拓展了移动应用隐私保护的相关理论,另一方面对于开发者开展移动应用权限设计有着重要的参考意义。With the development of smart technology,mobile applications have become more universal and important in our daily life.Meanwhile,online privacy protection has attracted rich attention in both academia and practice.Mobile software functions require the authorization of user information.The misuse of private data poses a great threat to users’privacy safety.It is a difficult task for developers to mitigate users′concerns and sensitivity to various private data and improve their application performance based on access to the application permission.Based on the“minimum authority principle,”this paper explores the impact of permission sensitivity and rationality on software performance.The sample data includes 33,772 records of 5,304 software applications in the Xiaomi app store from January 2018 to December 2019.Firstly,according to whether sensitive information of users is involved,permissions are divided into dangerous and normal groups.Based on the permission lists,“0-1”vectors of various permissions are generated.Secondly,four different permission factors are calculated by the spatial distance algorithm to quantify rationality and sensitivity.Finally,this paper empirically explores the impact of permission factors on application ranking based on the panel data fixed effect regression model,which takes application ranking as the decision result of privacy response behavior.Based on the privacy concern theory,this paper links permission invocation with application performance,proving the negative impact of improper permission mechanisms on application performance.The first section introduces the generation method for the four permission factors.The sensitivity indicator refers to whether the permission requires access to users’private information or illegally shares or sends personal information to others.According to the classification system of the Android Developer Platform,we can quickly get the dummy variables for permission sensitivity.The reasonability indicator refers to whether the type and

关 键 词：最优化权限 移动应用 隐私安全 固定效应 rologit模型 

分 类 号：F208[经济管理—国民经济]