Service providers and device manufacturers (e.g., wireless, cellular, etc.) are continually challenged to deliver value and convenience to consumers by, for example, providing compelling network services. One area of interest has been the development of increasingly complex and user-friendly applications for mobile devices (e.g., mobile phones, smartphones, phablets, and/or tablets). Such applications often rely on the fact that many of today's mobile devices are capable of collecting personal real-time information about their users (e.g., location, activity, etc.) with the help of sensors embedded in the devices (e.g., a global positioning system (GPS) receiver). Unfortunately, cases of misuse of such private information have been steadily rising. Media coverage about such attacks has helped to increase awareness among users about the privacy risks associated with mobile devices. As a result, privacy consciousness among users is increasing, and users are increasingly interested in knowing more about the data requirements of applications before installing them on their devices. However, many mobile application developers are ill-prepared to address this challenge (e.g., many developers come from a desktop programming background. Accordingly, services providers and device manufacturers face significant challenges in providing a service that transforms application access and data storage details associated with a mobile device to privacy policies.
Some Example Embodiments
Therefore, there is a need for an approach for transforming application access and data storage details associated with a mobile device to application specific privacy policies.
According to one embodiment, a method comprises processing and/or facilitating a processing of an application code to identify one or more application programming interfaces invoked by the application code. The method also comprises causing, at least in part, a profiling of one or more invocation characteristics of the one or more application programming interfaces. The method further comprises causing, at least in part, a mapping of the one or more invocation characteristics against one or more policy templates to cause, at least in part, a generation of at least one policy for the application code.
According to another embodiment, an apparatus comprises at least one processor, and at least one memory including computer program code for one or more computer programs, the at least one memory and the computer program code configured to, with the at least one processor, cause, at least in part, the apparatus to process and/or facilitate a processing of an application code to identify one or more application programming interfaces invoked by the application code. The apparatus also causes, at least in part, a profiling of one or more invocation characteristics of the one or more application programming interfaces. The apparatus is further causes, at least in part, a mapping of the one or more invocation characteristics against one or more policy templates to cause, at least in part, a generation of at least one policy for the application code.
According to another embodiment, a computer-readable storage medium carries one or more sequences of one or more instructions which, when executed by one or more processors, cause, at least in part, an apparatus to process and/or facilitate a processing of an application code to identify one or more application programming interfaces invoked by the application code. The apparatus also causes, at least in part, a profiling of one or more invocation characteristics of the one or more application programming interfaces. The apparatus is further causes, at least in part, a mapping of the one or more invocation characteristics against one or more policy templates to cause, at least in part, a generation of at least one policy for the application code.
According to another embodiment, an apparatus comprises means for processing and/or facilitating a processing of an application code to identify one or more application programming interfaces invoked by the application code. The apparatus also comprises means for causing, at least in part, a profiling of one or more invocation characteristics of the one or more application programming interfaces. The apparatus further comprises means for causing, at least in part, a mapping of the one or more invocation characteristics against one or more policy templates to cause, at least in part, a generation of at least one policy for the application code.
In addition, for various example embodiments of the invention, the following is applicable: a method comprising facilitating a processing of and/or processing (1) data and/or (2) information and/or (3) at least one signal, the (1) data and/or (2) information and/or (3) at least one signal based, at least in part, on (or derived at least in part from) any one or any combination of methods (or processes) disclosed in this application as relevant to any embodiment of the invention.
For various example embodiments of the invention, the following is also applicable: a method comprising facilitating access to at least one interface configured to allow access to at least one service, the at least one service configured to perform any one or any combination of network or service provider methods (or processes) disclosed in this application.
For various example embodiments of the invention, the following is also applicable: a method comprising facilitating creating and/or facilitating modifying (1) at least one device user interface element and/or (2) at least one device user interface functionality, the (1) at least one device user interface element and/or (2) at least one device user interface functionality based, at least in part, on data and/or information resulting from one or any combination of methods or processes disclosed in this application as relevant to any embodiment of the invention, and/or at least one signal resulting from one or any combination of methods (or processes) disclosed in this application as relevant to any embodiment of the invention.
For various example embodiments of the invention, the following is also applicable: a method comprising creating and/or modifying (1) at least one device user interface element and/or (2) at least one device user interface functionality, the (1) at least one device user interface element and/or (2) at least one device user interface functionality based at least in part on data and/or information resulting from one or any combination of methods (or processes) disclosed in this application as relevant to any embodiment of the invention, and/or at least one signal resulting from one or any combination of methods (or processes) disclosed in this application as relevant to any embodiment of the invention.
In various example embodiments, the methods (or processes) can be accomplished on the service provider side or on the mobile device side or in any shared way between service provider and mobile device with actions being performed on both sides.
For various example embodiments, the following is applicable: An apparatus comprising means for performing a method of any of the claims.
Still other aspects, features, and advantages of the invention are readily apparent from the following detailed description, simply by illustrating a number of particular embodiments and implementations, including the best mode contemplated for carrying out the invention. The invention is also capable of other and different embodiments, and its several details can be modified in various obvious respects, all without departing from the spirit and scope of the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature, and not as restrictive.