Abstract|The rapid growth of mobile applications has
imposed new threats to privacy: users often nd it chal-
lenging to ensure that their privacy policies are consistent
with the requirements of a diverse range of of mobile ap-
plications that access personal information under dierent
contexts. This problem exacerbates when applications de-
pend on each other and therefore share permissions to ac-
cess resources in ways that are opaque to an end-user. To
meet the needs of representing privacy requirements and
of resolving dependencies issues in privacy policies, we pro-
pose an extension to the P-RBAC model for reasoning about
plausible scenarios that can exploit such weaknesses of mo-
bile systems. This work has been evaluated using the case
studies on several Android mobile applications.