Академический Документы
Профессиональный Документы
Культура Документы
What is Android?
Smart Phone Operating System Based on the Linux kernel Expanded to support cellular based communication
GSM, CMDA
More Android
Open Source
Mostly Apache v2 license
Linux kernel is GPLv2
Applications
More on Apps
Use explicitly defined permissions Communicate through Intents Intents are Inter-Process Communications Applications register which Intents they wish to handle
Signatures
among applications
Permissions I
>100 defined by the system Declared at install time in Manifest.xml Disclosed by PackageInstaller, protected by root ownership
Permissions II
Permission III
Permissions checked at runtime SecurityException thrown if permission denied
Intents
Core of Android IPC Can cross security boundaries Generally defined as a goal action and some data
10
Intent II
Used to:
Start an Activity
Broadcast events or changes Start, stop, or communicate with
background Services Access data held by ContentProviders Call backs to handle events
11
Intent Filters
Used to determine recipient of Intent Can be overridden Provide no security
12
Activities
The user interface consists of a series of Activity components. Each Activity is a screen. User actions tell an Activity to start another Activity, possibly with the expectation of a result.
13
Activity II
The
target Activity is not necessarily in the same application. Directly or via Intent action strings. Processing stops when another Activity is on top.
Must be able to handle malformed intents Dont start Intents that contain sensitive data
14
Activity III
15
Activity IV
16
Activity V
Protecting Activities
17
Broadcasts
Act as recievers for multiple components Provide secure IPC Done by specifying permissions on BroadcastReceiver regarding sender Otherwise, behave like activities in terms of IPC
18
Broadcast II
Still need to validate input just in case Sticky Broadcasts
19
Services
Run in background Play music, alarm clock, etc Secured using permissions Callers may need to verify that Service is the correct one
20
Services II
Verification:
Check Services permissions
res = getPackageManager().checkPermission(permToCheck, name.getPackageName());
21
ContentProviders
Generally SQL backend Used to share content between apps Access controlled through permission tags
22
ContentProviders II
23
Intent Reflection
Intents may be sent when app is called App sends Intent as app and not as caller: reflection
24
File System
Internally standard Linux file systems yaffs2, ext* Support stand Unix permissions Vulnerabilities if permissions not set correctly
space
25
File System II
26
Binder
Kernel module that provides secure IPC on top of the standard Linux shared memory architecture Includes interface to Parceable
27
Binder II
28