Muhammad Rizwan Asghar March 14, 2019 ANDROID APP MODEL CONT Lecture 6a COMPSCI 702 Security for Smart-Devices
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
March 14, 2019
ANDROID APP MODEL CONT
Lecture 6a
COMPSCI 702
Security for Smart-Devices
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
WHERE IS PACKAGE MANAGER?
Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver
Shared Memory Driver Binder (IPC) Driver
Power ManagementUSB Driver Keypad Driver WiFi Driver
Audio Drivers
Appl icat ionsHome Dialer
Contacts
SMS/MMS
Email Calendar Media Player Albums
Appl icat ion Framework
IM Browser Camera
Clock
Calculator
…Voice Dial
Alarm
Android RuntimeCore Libraries
Dalvik Virtual Machine
View SystemContent Providers
Resource Manager …
Libc
Notification Manager
Location Manager
FreeType
SGL SSL
SQLite
WebKitOpenGL|ES
And r o id RuntimeCore Libraries
DalvikVirtual Machine
Libraries
FreeType
Surface Manager
OpenGL|ES
Media Framework
Activity Manager
Package Manager
Window Manager
Telephony Manager
Source: Android Anatomy and Physiology, Patrick Brady
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
ACTIVITY
A main building block of Android GUI
applications
Activity is like a website– Multiple activities ~ multiple web pages
– Main activity ~ homepage
– Moving from one activity to another ~ navigation
E.g., in Contacts app, choosing to compose a message to
a contact by launching the Messaging app
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
ACTIVITY LIFECYCLE
System calls component
as its state changes due
to user actions
If another activity is
started, the on-going
activity is paused
App process may be killed
A stopped activity may be
destroyed
Source: android.com
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
ACTIVITY MANAGER
Activity Manager is responsible for creating, destroying, and
managing activities
When the user starts an application for the first time, the Activity
Manager will create its activity and put it onto the screen
Later, when the user switches screens, the Activity Manager will
move that previous activity to a holding place
This way, if the user wants to go back to an older activity, it can be
started more quickly
Older activities that the user has not used in a while will be
destroyed in order to free more space for the currently active one
This mechanism is designed to help improve the speed
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
ACTIVITY MANAGER
Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver
Shared Memory Driver Binder (IPC) Driver
Power ManagementUSB Driver Keypad Driver WiFi Driver
Audio Drivers
Appl icat ionsHome Dialer
Contacts
SMS/MMS
Email Calendar Media Player Albums
Appl icat ion Framework
IM Browser Camera
Clock
Calculator
…Voice Dial
Alarm
Android RuntimeCore Libraries
Dalvik Virtual Machine
View SystemContent Providers
Resource Manager …
Libc
Notification Manager
Location Manager
FreeType
SGL SSL
SQLite
WebKitOpenGL|ES
And r o id RuntimeCore Libraries
DalvikVirtual Machine
Libraries
FreeType
Surface Manager
OpenGL|ES
Media Framework
Activity Manager
Package Manager
Window Manager
Telephony Manager
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
SERVICE
A background process that has no user interface
Typically used to perform some long-running operation
Examples
– Downloading files or fetching emails from a server
– Playing music
Can be local to the app or remote (provided by other apps)
Services can define a remote interface using the Android Interface
Definition Language (AIDL)
AIDL compiler creates skeleton for implementation of the service
(stub)
Services are started and stopped on demand
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
SERVICE TYPES
App components start services
An unbounded service is stopped by
itself or a client
A bounded service acts as a server:
The app component (the client), logs
in (binds) to the server, consumes the
service, and then logs out (unbinds)
Usage
– Use an unbounded service to do
work if the app components do not
require interaction with the service
again
– Use a bounded service if the app
components require interaction
with the service Source: android.com
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
CONTENT PROVIDERS
Content providers are interfaces for sharing
data between apps
Relatively simple interfaces, with the standard
select(), insert(), update(), and delete()
Content providers must be declared in the
manifest file using the <provider> tag
Content providers are accessed by the URI– content://<authority>/<resource>
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
CONTENT PROVIDER: EXAMPLES
Contacts provider is a content provider that
exposes all user contact data to various
applications
Settings provider exposes system settings to
various applications, including the built-in
Settings application
Media store is responsible for storing and
sharing various media, such as photos and
music, across various applications
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
CONTENT PROVIDERS AND CONTACT
Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver
Shared Memory Driver Binder (IPC) Driver
Power ManagementUSB Driver Keypad Driver WiFi Driver
Audio Drivers
Appl icat ionsHome Dialer
Contacts
SMS/MMS
Email Calendar Media Player Albums
Appl icat ion Framework
IM Browser Camera
Clock
Calculator
…Voice Dial
Alarm
Android RuntimeCore Libraries
Dalvik Virtual Machine
View SystemContent Providers
Resource Manager …
Libc
Notification Manager
Location Manager
FreeType
SGL SSL
SQLite
WebKitOpenGL|ES
And r o id RuntimeCore Libraries
DalvikVirtual Machine
Libraries
FreeType
Surface Manager
OpenGL|ES
Media Framework
Activity Manager
Package Manager
Window Manager
Telephony Manager
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
CONTACTS PROVIDER
The Contacts app uses contacts provider, a totally
separate application, to retrieve data about users’
contacts
The Contacts app itself does not have any contacts
data
Contacts
ProviderContacts
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
BROADCAST RECEIVER
A broadcast receiver is a component that responds to
system-wide events
A mailbox for broadcast intent messages
– Define intent filters to indicate what kinds of messages to receive
– An intent includes an action string and a category
Events can originate from the system
– E.g., low battery
– SMS arrival or
– Change in network connectivity
Events can also originate from a user application
– E.g., announcing that background data update has completed
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
BROADCAST RECEIVER
Broadcast receivers are Android’s implementation of a
system-wide publish/subscribe mechanism
– Publishers are user apps or the system
– Typically, subscribers are user apps
A subscribing application can subscribe by indicating
intent filters in the application manifest or registering
dynamically
The receiver will receive a triggered event if she has
subscribed for it
Generally, all events are broadcasted to a number of
receivers who subscribe for the event
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
BROADCAST RECEIVER:
REGISTRATION
A broadcast receiver has to register with the
Activity Manager and the Package Manager
Registration can be done through – The manifest file
– Programmatically
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
REGISTRATION USING MANIFEST
<receiver android:name='‘MsgListener'' >
<intent-filter>
<action
android:name='‘compsci702.intent.action.BROADCAST'' />
</intent-filter>
</receiver>
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
REGISTRATION USING MANIFEST
<receiver android:name='‘MsgListener'' >
<intent-filter>
<action
android:name='‘compsci702.intent.action.BROADCAST'' />
</intent-filter>
</receiver>
Class responsible for processing the intent
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
REGISTRATION USING MANIFEST
<receiver android:name='‘MsgListener'' >
<intent-filter>
<action
android:name='‘compsci702.intent.action.BROADCAST'' />
</intent-filter>
</receiver>
Filter specifying intents to be received
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
REGISTRATION THROUGH PROGRAM
IntentFilter filter = new IntentFilter();
filter.addAction(``compsci702.intent.action
.BROADCAST’’);
receiver = new BroadcastReceiver();
//@Override public void onReceive(Context
context, Intent intent)
{
System.out.println(``message received'');
}
};
registerReceiver(receiver, filter);
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
REGISTRATION THROUGH PROGRAM
IntentFilter filter = new IntentFilter();
filter.addAction(``compsci702.intent.action
.BROADCAST’’);
receiver = new BroadcastReceiver();
//@Override public void onReceive(Context
context, Intent intent)
{
System.out.println(``message received'');
}
};
registerReceiver(receiver, filter);
Filter specifying intents to be received
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
REGISTRATION THROUGH PROGRAM
IntentFilter filter = new IntentFilter();
filter.addAction(``compsci702.intent.action
.BROADCAST’’);
receiver = new BroadcastReceiver();
//@Override public void onReceive(Context
context, Intent intent)
{
System.out.println(``message received'');
}
};
registerReceiver(receiver, filter);
Action performed when the intent is received
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
22
REGISTRATION THROUGH PROGRAM
IntentFilter filter = new IntentFilter();
filter.addAction(``compsci702.intent.action
.BROADCAST’’);
receiver = new BroadcastReceiver();
public void onReceive(Context context,
Intent intent)
{
System.out.println(``message received'');
}
};
registerReceiver(receiver, filter);
Registering broadcast receiver and the filter
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
23
RESOURCES
Chapter 1 of
Android Security Internals: An In-Depth Guide to
Android's Security Architecture
Elenkov, Nikolay
First Edition
No Starch Press 2014
ISBN:1593275811 9781593275815
Enck, William, Machigar Ongtang, and Patrick
McDaniel
Understanding Android Security
IEEE Security & Privacy 1 (2009): 50-57
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
24
ACKNOWLEDGEMENT
Some slides on registration of broadcast receiver are
based on the lecture delivered by Giovanni Russello,
thanks to him!
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
25
Questions?
Thanks for your attention!