ANDROID SYSTEM

Development
SDK provides free tools for building and debugging applications, supporting developers on Linu
x, Windows, and OS X SDK provides an emulator that emulates ARM‐based device and also
alternate virtual hardware configurations
Debugging support is built into Android and working with a device or with the emulator is mostl
y interchangeable
Code developed using the SDK generally runs in the Dalvik VM
Platform Security Architecture
Android seeks to be the most secure and usable operating system for mobile platforms by re‐
purposing traditional operating system security controls to:
Protect user data
Protect system resources (including the network)
Provide application isolation
To achieve these objectives, Android provides these key security features:
Robust security at the OS level through the Linux kernel
Mandatory application sandbox for all applications
Secure interprocess (IPC) communication
Application signing
Application‐defined and user‐granted permissions
Security Model
Android is based on the Linux security model with some abstractions unique to it and leverages
Linux user accounts to silo applications
Android permissions are rights given to applications to allow them to take pictures, use the GPS,
make phone calls, and so on
When installed, applications are given a unique user identifier (UID); the UID is used to protect a
n application’s data
The need for permissions minimizes the impact of malicious software, unless a user grants power
ful rights to dubious software
Android’s runtime system tracks which permissions each application has; these permissions are g
ranted either when the OS was installed or upon installation of the application by the user
Permissions
Android uses manifest permissions to track what the user allows applications to do, such as sendi
ng SMS, using the camera, etc.
Prior to installation of any application, the user is shown the different permissions the application
is requesting. Once installed, an application’s permissions cannot be changed.

Securable IPC Mechanisms

Activities are interactive screens used to communicate with users.
Intents are used to specify an Activity.
Broadcasts provide a way to send messages between applications.
When sending a broadcast, an applica5on puts the message to be sent into an Intent.
Services are background processes that toil away quietly in the background.
ContentProviders provide a way to efficiently share rela5onal data between processes securely. T
hey are based on SQL.
Binder provides a highly efficient communica5on mechanism. It is commonly used to bridge Jav
a and native code running in separate processes.
Application Signing
Every application that is run on the Android plakorm must be signed by the developer. Applicati
ons that attempt to install without being signed will rejected by either Google Play or the packag
e installer on the Android device.
The signed application certificate defines which user id is associated with which application. Ap
plication signing ensures that one application cannot access any other applica5on except through
well‐defined IPC.
Applications can be signed by a thirdparty or selfsigned. Android provides code signing using self
‐signed certificates that developers can generate without external assistance or permission.