Download Slides - William Enck

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
Document related concepts
no text concepts found
Transcript 
Intro to Developing
Android Applications
William Enck
October 2014
NC State -- Department of Computer Science
Page 1
Android Phones
• An Android contains a number of
“applications”
‣ Android comes installed with a number of
basic systems tools, e.g., dialer, address
book, etc.
‣ Developers use the Android API to
construct applications.
• All apps are written in Java and executed
within a custom Java virtual machine.
‣ Each application package is contained in a
jar file (.apk)
• Applications are installed by the user
‣ No “app store” required, just build and go.
‣ Open access to data and voice services
NC State -- Department of Computer Science
Page 2
Architecture
• The Android smartphone operating system is built upon Linux
and includes many libraries and a core set of applications.
• The middleware makes it interesting
‣ Not focused on UNIX processes
‣ Uses the Binder component framework
• Originally part of BeOS, then enhanced
by Palm, now used in Android
‣ Applications consist of many
components of different types
‣ Applications interact via components
Phone
Application
Reference
Monitor
Contacts
Application
Maps
Application
Android Middleware
Policy
Binder
Component
Framework
Linux
• We focus on security with respect to the component API
NC State -- Department of Computer Science
Page 3
Component Model
• While each application runs as its own UNIX uid,
sharing can occur through application-level interactions
‣ Interactions based on components
‣ Different component types
• Activity
• Service
• Content Provider
• Broadcast Receiver
start/stop/bind
start
Activity
call
Activity
Activity
return
Starting an Activity for a Result
Service
callback
Communicating with a Service
‣ Target component in the
same or different application
‣ but first ...
Read/Write
Query
System
Content
Provider
Activity
return
Querying a Content Provider
NC State -- Department of Computer Science
Activity
Send
Intent
Broadcast
Receiver
Service
Receiving an Intent Broadcast
Page 4
Intents
• Intents are objects used as inter-component signaling
‣ Starting the user interface for an application
‣ Sending a message between components
‣ Starting a background service
• Two types
‣ Explicit: names the target component class
‣ Implicit: specifies an “action string” (e.g., ACTION_VIEW)
NC State -- Department of Computer Science
Page 5
Activity Component
• The user interface consists of a series of
Activity components.
• Each Activity is a “screen”.
• User actions tell an Activity to start
another Activity, possibly with the
expectation of a result.
• The target Activity is not necessarily in
the same application.
• Directly or via Intent “action strings”.
• Processing stops when another Activity is
“on top”.
NC State -- Department of Computer Science
Page 6
Service Component
• Background processing occurs in Service components.
‣ Downloading a file, playing music, tracking location, polling, etc.
‣ Local vs. Remote Services (process-level distinction)
• Also provides a “service” interface between applications
‣ Arbitrary interfaces for data transfer
• Android Interface Definition Language (AIDL)
‣ Register callback methods
‣ Core functionality often implemented
as Service components
• e.g., Location API, Alarm service
• Multiple interfaces
‣ Control: start, stop
‣ Method invocation: bind
NC State -- Department of Computer Science
Page 7
Content Provider Component
• Content Provider components provide a standardized interface
for sharing data, i.e., content (between applications).
• Models content in a relational DB
‣ Users of Content Providers can perform
queries equivalent to SELECT, UPDATE,
INSERT, DELETE
‣ Works well when content is tabular
‣ Also works as means of addressing “files”
• URI addressing scheme
‣
content://<authority>/<table>/[<id>]
‣
content://contacts/people/10
NC State -- Department of Computer Science
Page 8
Broadcast Receiver Component
• Broadcast Receiver components act as specialized event Intent
handlers (also think of as a message mailbox).
• Broadcast Receiver components “subscribe”
to specific action strings (possibly multiple)
‣ action strings are defined by the system or developer
‣ component is automatically called by the system
• Recall that Android provides automatic
Activity resolution using “action strings”.
‣ The action string was assigned to an Intent object
‣ Sender can specify component recipient (no action string)
NC State -- Department of Computer Science
Page 9
The Android Manifest
• Manifest files are the technique for describing the contents
of an application package (i.e., resource file)
• Each Android application has a special AndroidManifest.xml
file (included in the .apk package)
‣ describes the contained components
• components cannot execute unless they are listed
‣ specifies rules for “auto-resolution”
‣ specifies access rules
‣ describes runtime dependencies
‣ optional runtime libraries
‣ required system permissions
NC State -- Department of Computer Science
Page 10
Manifest Specification
NC State -- Department of Computer Science
Page 11
Example Applications
• FriendTracker Application
‣
FriendTracker Service to poll for friend locations
•
‣
Broadcasts an Intent when near a friend
FriendProvider Content Provider to store location of friends
•
Cross references friends with system Contacts Provider
‣
FriendTrackerControl Activity to start and stop the Service
‣
BootReceiver Broadcast Receiver to start the service on boot
• FriendViewer Application
‣
FriendViewer Activity to display list of friend locations
‣
FriendMap Activity to show friends on a map (on right)
‣
FriendReceiver Broadcast Receiver to display when near
• Available from http://siis.cse.psu.edu/android_sec_tutorial.html
NC State -- Department of Computer Science
Page 12
Component Interaction
System Server
Contacts Application
System Service
ViewContact
Broadcast
Intent
start
FriendTracker Application
BootReceiver
start
start/stop
FriendViewer Application
Broadcast
Intent
FriendTracker
FriendReceiver
read,write
start
read
FriendTracker
Control
NC State -- Department of Computer Science
FriendProvider
read
FriendMap
FriendViewer
Page 13
Hands-on Exercise
http://developer.android.com/training
NC State -- Department of Computer Science
Page 14
Additional Recommended Modules
• Getting Started
‣ Saving Data
‣ Interacting with Other Apps
• Building Apps with Content Sharing
‣ Sharing Simple Data
‣ Sharing Files
• Building Apps with Connectivity & the Cloud
‣ Performing Network Operations
NC State -- Department of Computer Science
Page 15
Also Recommended
http://developer.android.com/samples
NC State -- Department of Computer Science
Page 16
Thank You!
William Enck
Assistant Professor
Department of Computer Science
North Carolina State University
http://www.enck.org
[email protected]
NC State -- Department of Computer Science
Page 17
Related documents
This Course Outline
This Course Outline
(Very) Basic Android Programming
(Very) Basic Android Programming
CS499 * Mobile Application Development
CS499 * Mobile Application Development
android - Cloud 479
android - Cloud 479
Android Architecture
Android Architecture
View - Fadama III AF Project
View - Fadama III AF Project
Android Middleware
Android Middleware
Pros
Pros
Introducing a second activity into an Android app
Introducing a second activity into an Android app
ppt
ppt
intents - Andrew.cmu.edu
intents - Andrew.cmu.edu
Android - Andrew.cmu.edu
Android - Andrew.cmu.edu
Presentation - Embedded System Lab.
Presentation - Embedded System Lab.
Android Overview
Android Overview
Introduction to the Web and .NET
Introduction to the Web and .NET
Author Guidelines for ICECS2003
Author Guidelines for ICECS2003
An SELinux-based Intent manager for Android
An SELinux-based Intent manager for Android
Android Repackaging Attack Lab - Computer and Information Science
Android Repackaging Attack Lab - Computer and Information Science
Android Development - AndroidManenfist.xml document By Shinping R. Wang
Android Development - AndroidManenfist.xml document By Shinping R. Wang
Attacking mTAN-Applications like e-Banking and mobile
Attacking mTAN-Applications like e-Banking and mobile
Understanding Android`s Security Framework
Understanding Android`s Security Framework
Android Services
Android Services