移动应用权限设计对其市场表现的影响OA北大核心CHSSCDCSSCICSTPCD

With the development of smart technology,mobile applications have become more universal and important in our daily life.Meanwhile,online privacy protection has attracted rich attention in both academia and practice.Mobile software functions require the authorization of user information.The misuse of private data poses a great threat to users'privacy safety.It is a difficult task for developers to mitigate users' concerns and sensitivity to various private data and improve their application performance based on access to the application permission. Based on the"minimum authority principle,"this paper explores the impact of permission sensitivity and rationality on software performance.The sample data includes 33,772 records of 5,304 software applications in the Xiaomi app store from January 2018 to December 2019.Firstly,according to whether sensitive information of users is involved,permissions are divided into dangerous and normal groups.Based on the permission lists,"0-1"vectors of various permissions are generated.Secondly,four different permission factors are calculated by the spatial distance algorithm to quantify rationality and sensitivity.Finally,this paper empirically explores the impact of permission factors on application ranking based on the panel data fixed effect regression model,which takes application ranking as the decision result of privacy response behavior.Based on the privacy concern theory,this paper links permission invocation with application performance,proving the negative impact of improper permission mechanisms on application performance. The first section introduces the generation method for the four permission factors.The sensitivity indicator refers to whether the permission requires access to users'private information or illegally shares or sends personal information to others.According to the classification system of the Android Developer Platform,we can quickly get the dummy variables for permission sensitivity.The reasonability indicator refers to whether the type and number of permissions requested by applications match their functional complexity and category average level.The average permission vector for every category is defined as an estimation of"the least privilege"that best matches the application function.Then,we use the distance from the"least privilege vector"to denote the irrationality degree.We can obtain four different permission factors by intersecting these two indicators.Mobile applications with too few normal permissions may have functional defects,while those with too many dangerous permissions may cause users' privacy concerns.The rationality and sensitivity of permissions jointly affect users' download decisions and application performance. The second part illustrates the influence mechanism of the four permission factors on application ranking.Dangerous and normal permissions have different impacts on mobile application rankings.Considering the particularity of ranking data,this study uses a rologit regression model combined with lag processing and fixed effect to eliminate the impact of other confounding variables.The results show that permission abuse will lower the ranking of applications in this category.The higher the abuse degree,the lower the ranking.With the same degree of rationality,highly sensitive permissions will increase users' concerns about privacy and security risks.The impact of insufficient permission application cannot be generalized.Insufficient dangerous permission has a positive impact on ranking;however,insufficient normal permission has no significant impact on app ranking. In the third part,the additional model discusses the regulatory effect of apps'functional descriptions on the influence mechanism.Software with rich functions usually needs to request more permissions.Users enjoy a high sense of self-anonymity in applications with simplified functions,which will reduce their privacy risk concerns.The consequences of security vulnerabilities will be more severe for complex software.Small changes in permissions may drastically affect the user's privacy risk estimation and the app ranking.In this case,labelling dangerous permissions lower than the average level and normal permissions higher than the average level both have a significant impact on the application ranking. In general,application permission data is closely related to its market performance.While designing software,developers should fully consider the user's privacy perception level and reduce the use of dangerous permission as much as possible.Without affecting the core functions of the application,a reasonable balance between normal permissions and dangerous permissions can effectively improve the application ranking and marketing performance.Analyzing the performance impact factors and permission evolution process is of great significance to improve app scores and word of mouth.