Download Android Overview

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
Document related concepts
no text concepts found
Transcript 
Android Overview
•Android (Google) is a widely anticipated open
source operating system for mobile devices,
•Supporting
Bluetooth (wireless for short distance)
Wi-Fi (wireless for 150 feet indoors, 300 ft outdoors)
3G(200 kbits/sec) and 4G (100 Mbit -1Gbit/sec)
•Android software stack
–Android Linux operating system
–Middleware(Dalvik Runtime Optimized Java virtual
machineVM, Java API) and Library(Phone, contact,
GPS map, SQLite, OpenGL.)
Android Architecture
Linux kernel Layer
• Android relies on Linux kernel
• Supplies management of security, memory
process, network, and drivers
• Acts as an abstraction layer between the
hardware and the rest of the Android software
stack
Library Layer
• System C libraries and function Libraries, supporting
multimedia, web browser, SQLite... Native Services to
hardware
• Android runtime
Dalvik Virtual Machine
– Executes files in the Dalvik Executable (.dex) format
Java core Libraries
– Provides most of the functionality of the Java
programming language.
Java core libraries rely on the Dalvik VM and the
underlying Linux kernel
Every Android application runs in its own process, with
its own instance of the Dalvik virtual machine
Application Framework Layer
• Simplify the reuse of components
– Applications can publish their capabilities and any
other application may then make use of those
capabilities
• Applications is a set of services
– Views system, content providers, resources
managers such as
• Activity Manager, manages the lifecycle of applications
and provides a common navigation backstack
• Notification Manager, enables all applications to display
custom alerts in the status bar
• Resource Manager, providing access to non-code
resources such as localized strings, graphics, and layout
files
• Views, used to build an application, including lists, grids,
text boxes, buttons, and even an embeddable web
browser
Applications Layer
• A set of core applications shipped with Android platform
– an email client, SMS program, calendar, maps,
browser, contacts, and others
• All written in Java
• User applications are also here
Features of Android
•
•
•
•
•
•
•
•
•
Popularity (High market share)
AWAT
Enabled SMS
Enabled GPS
Cameras & microphones
Open source apps
Development with Java
Linux based
Short learning curve with IDE Java Eclipse IDE for
Android app development
• Easy deployment to mobile device
• Easy to distribute apps via Android Market
Share app, Sell app,
Download & reuse open source apps
Cont.
• Hot job market
– Market for mobile software surges from $4.1
billion in 2009 to $17.5 billion by 2012
– 2010 Dice.com survey: 60% for Android
– Dice.com: mobile app developers made
$85,000 in 2010 and salaries expected to
rise2
Limitations
•
•
•
•
•
screen size
battery life time
processor capacity
Slow network access and Web browser
Input: soft keyboard, phone keypad, touch
screen, or stylus
• Security
Android App software components
– Activity
– Service
– Broadcast Receiver
– Intent
– Content Provider
Android App Development Tutorial:
http://www.slideserve.com/lyndon/android-development-tutorial
Activity
• Activities provide a user interface for one
specific task, Basic component of most
applications
• Most applications have several activities
that start each other as needed
• Each is implemented as a subclass of the
base Activity class
Service
• Services execute background processing, no
visual interface
Ex: Downloads, Playing Music, TCP/UDP Server
• You can bind to an existing service, control its
operation, and run in background
• Play music, alarm clock, etc.
• Secured if using permissions
• Callers may need to verify that service is the
correct one
Content provider
•
•
•
•
Content providers are data storage facilities
which supports data exchange between
applications
Make data available to other applications
Transfer data between applications in Android
Other applications use a ContentResolver
object to access the data provided via a
ContentProvider
ContentProviders
•
•
•
•
Generally SQL backend
Used to share content between apps
Access controlled through permission tags
Apps can be dynamically authorized access
control
– Possible security hole
• Must protect against SQL injection
– verify input using parameterization
Broadcast receivers
• Broadcast receivers act as mailboxes for
messages from other applications. It receives
and reacts to broadcast announcements
• If an app registered the receiver in adv., the
event will notify and call back the registered
software
• Ex: Low battery, power connected, shutdown,
timezone changed, etc.
Broadcast receivers
• Act as receivers for multiple components
• Provide secure IPC
• Done by specifying permissions on
BroadcastReceiver regarding sender
• Otherwise, behave like activities in terms of IPC
– Can’t define permission
• Don’t send sensitive data
Component life cycle
• Activities
– Can terminate itself via finish();
– Can terminate other activities it started via
finishActivity();
• Services
– Can terminate via stopSelf(); or
Context.stopService();
• Content Providers
– Are only active when responding to ContentResolvers
• Broadcast Receivers
– Are only active when responding to broadcasts
Intent
– Intent is a goal action component which takes care of
the process of inter-components communication (ICC)
– Intent is simply a message object containing a
destination component address and data
– Protection
– Each application executes as its own user identity,
such that OS provides system-level isolation;
– Android middleware contains a reference monitor that
mediates the inter-component communication (ICC).
Intent(cont.)
Intent action:
– Start an Activity
– Broadcast events or changes
– Start, stop, resume. or communicate with
background Services
– Access data held by ContentProviders
– Call back to handle events
– Carry data with Extras (key, value)
Android component activation
• An intent is an object which can have a message content
and start Activities, services and broadcast receivers
- ContentProvider is started by ContentResolvers
– An activity is started by Context.startActivity(Intent
intent) or Activity.startActivityForResult(Intent intent,
int RequestCode)
– A service is started by Context.startService(Intent
service)
– An application can initiate a broadcast by using an
Intent in any of Context.sendBroadcast(Intent intent),
Context.sendOrderedBroadcast(), and
Context.sendStickyBroadcast()
Intent Filters
• Used to determine recipient of Intent
• Specify the main entrance for activities
• A user interface consists of a series of
Activities
• Each Activity is a “screen”.
• Intent may leave a security flaw (hole)
– Solution: Intents explicitly define
receiver
System level protection
for Android app
• Each app runs as a unique user identity such
that Android can limit the potential damage of
programming flaws.
• Each app runs in own VM sandbox using unique
UID
• Each app requests a simple permission label
assignment model to restrict access to
resources and other applications if necessary
• Ex. of permission: Internet, camera, GPS
• Permission specifies an access policy to protect
its resources.
Android Permissions
• All permission of Android’s policy are set at install time
and can’t change until the application is reinstalled.
• Android’s permission only restricts access to
components and doesn’t currently provide information
flow guarantees.
• A permission is listed in app’s manifest definition XML
file.
• If a public component doesn’t explicitly declare any
access permission, Android permits any application to
access it.
• Component A’s ability to access components B and C is
determined by comparing the access permission labels
on B and C to the collection of permission labels
assigned to application A.
Android App Signature
• All Android applications must be signed, but are usually
self-signed
• Why self signing?
– Market ties identity to developer account
– No CA in Google, Google does not have central
control over the app’s signature certificates
– No applications are trusted. No "magic key"
• What does signing determine?
– Author-update
– In signature schemes, the private key is used to sign
a app or message; anyone can check the signature
using the public key.
Permissions Levels
• User can assign permissions to applications at
- normal
– dangerous
– signature
– signatureOrSystem
• http://developer.android.com/guide/developin
g/building/index.html#detailed-build
Reference
1.http://www.businessweek.com/technology/content/oct2010/tc201
01020_639668.htm
2. http://it-jobs.fins.com/Articles/SB129606993144879991/MobileApp-Developers-Wanted-at-Ad-Agencies
3.http://www.gartner.com/it/page.jsp?id=1466313
4.http://developer.android.com/guide/developing/index.html
5.Android Overview,
http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd
=7&ved=0CEcQFjAG&url=http%3A%2F%2Fai.arizona.edu%2Fmis5
10%2Fslides%2FAndroid%2520Overview.ppt&ei=4HBXUNPvMuPe
0QGm3oCYCg&usg=AFQjCNE2Li9vyh34rECKYDuOjKjI5pjyzw&sig
2=E-wfIL1bPNJacCi6ZaAWCA
6. Mobile Application Security on Android, Originally presented by
Jesse Burns at Black Hat 2009
Related documents
CS499 * Mobile Application Development
CS499 * Mobile Application Development
Introduction
Introduction
Developing Android Applications
Developing Android Applications
Android Architecture
Android Architecture
android - Cloud 479
android - Cloud 479
ppt
ppt
Android Middleware
Android Middleware
Y5274.
Y5274.
Intro to Android (Powerpoint)
Intro to Android (Powerpoint)
What is Android?
What is Android?
Application Code
Application Code
Operating System Support for Mobile Devices
Operating System Support for Mobile Devices