Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser...

25
Muhammad Rizwan Asghar March 14, 2019 ANDROID APP MODEL CONT Lecture 6a COMPSCI 702 Security for Smart-Devices

Transcript of Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser...

Page 1: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Slide title

In CAPITALS

50 pt

Slide subtitle

32 pt

Muhammad Rizwan Asghar

March 14, 2019

ANDROID APP MODEL CONT

Lecture 6a

COMPSCI 702

Security for Smart-Devices

Page 2: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

2

WHERE IS PACKAGE MANAGER?

Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver

Shared Memory Driver Binder (IPC) Driver

Power ManagementUSB Driver Keypad Driver WiFi Driver

Audio Drivers

Appl icat ionsHome Dialer

Contacts

SMS/MMS

Email Calendar Media Player Albums

Appl icat ion Framework

IM Browser Camera

Clock

Calculator

…Voice Dial

Alarm

Android RuntimeCore Libraries

Dalvik Virtual Machine

View SystemContent Providers

Resource Manager …

Libc

Notification Manager

Location Manager

FreeType

SGL SSL

SQLite

WebKitOpenGL|ES

And r o id RuntimeCore Libraries

DalvikVirtual Machine

Libraries

FreeType

Surface Manager

OpenGL|ES

Media Framework

Activity Manager

Package Manager

Window Manager

Telephony Manager

Source: Android Anatomy and Physiology, Patrick Brady

Page 3: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

3

ACTIVITY

A main building block of Android GUI

applications

Activity is like a website– Multiple activities ~ multiple web pages

– Main activity ~ homepage

– Moving from one activity to another ~ navigation

E.g., in Contacts app, choosing to compose a message to

a contact by launching the Messaging app

Page 4: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

4

ACTIVITY LIFECYCLE

System calls component

as its state changes due

to user actions

If another activity is

started, the on-going

activity is paused

App process may be killed

A stopped activity may be

destroyed

Source: android.com

Page 5: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

5

ACTIVITY MANAGER

Activity Manager is responsible for creating, destroying, and

managing activities

When the user starts an application for the first time, the Activity

Manager will create its activity and put it onto the screen

Later, when the user switches screens, the Activity Manager will

move that previous activity to a holding place

This way, if the user wants to go back to an older activity, it can be

started more quickly

Older activities that the user has not used in a while will be

destroyed in order to free more space for the currently active one

This mechanism is designed to help improve the speed

Page 6: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

6

ACTIVITY MANAGER

Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver

Shared Memory Driver Binder (IPC) Driver

Power ManagementUSB Driver Keypad Driver WiFi Driver

Audio Drivers

Appl icat ionsHome Dialer

Contacts

SMS/MMS

Email Calendar Media Player Albums

Appl icat ion Framework

IM Browser Camera

Clock

Calculator

…Voice Dial

Alarm

Android RuntimeCore Libraries

Dalvik Virtual Machine

View SystemContent Providers

Resource Manager …

Libc

Notification Manager

Location Manager

FreeType

SGL SSL

SQLite

WebKitOpenGL|ES

And r o id RuntimeCore Libraries

DalvikVirtual Machine

Libraries

FreeType

Surface Manager

OpenGL|ES

Media Framework

Activity Manager

Package Manager

Window Manager

Telephony Manager

Page 7: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

7

SERVICE

A background process that has no user interface

Typically used to perform some long-running operation

Examples

– Downloading files or fetching emails from a server

– Playing music

Can be local to the app or remote (provided by other apps)

Services can define a remote interface using the Android Interface

Definition Language (AIDL)

AIDL compiler creates skeleton for implementation of the service

(stub)

Services are started and stopped on demand

Page 8: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

8

SERVICE TYPES

App components start services

An unbounded service is stopped by

itself or a client

A bounded service acts as a server:

The app component (the client), logs

in (binds) to the server, consumes the

service, and then logs out (unbinds)

Usage

– Use an unbounded service to do

work if the app components do not

require interaction with the service

again

– Use a bounded service if the app

components require interaction

with the service Source: android.com

Page 9: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

9

CONTENT PROVIDERS

Content providers are interfaces for sharing

data between apps

Relatively simple interfaces, with the standard

select(), insert(), update(), and delete()

Content providers must be declared in the

manifest file using the <provider> tag

Content providers are accessed by the URI– content://<authority>/<resource>

Page 10: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

10

CONTENT PROVIDER: EXAMPLES

Contacts provider is a content provider that

exposes all user contact data to various

applications

Settings provider exposes system settings to

various applications, including the built-in

Settings application

Media store is responsible for storing and

sharing various media, such as photos and

music, across various applications

Page 11: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

11

CONTENT PROVIDERS AND CONTACT

Linux Kerne lDisplay Driver Camera Driver Bluetooth Driver

Shared Memory Driver Binder (IPC) Driver

Power ManagementUSB Driver Keypad Driver WiFi Driver

Audio Drivers

Appl icat ionsHome Dialer

Contacts

SMS/MMS

Email Calendar Media Player Albums

Appl icat ion Framework

IM Browser Camera

Clock

Calculator

…Voice Dial

Alarm

Android RuntimeCore Libraries

Dalvik Virtual Machine

View SystemContent Providers

Resource Manager …

Libc

Notification Manager

Location Manager

FreeType

SGL SSL

SQLite

WebKitOpenGL|ES

And r o id RuntimeCore Libraries

DalvikVirtual Machine

Libraries

FreeType

Surface Manager

OpenGL|ES

Media Framework

Activity Manager

Package Manager

Window Manager

Telephony Manager

Page 12: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

12

CONTACTS PROVIDER

The Contacts app uses contacts provider, a totally

separate application, to retrieve data about users’

contacts

The Contacts app itself does not have any contacts

data

Contacts

ProviderContacts

Page 13: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

13

BROADCAST RECEIVER

A broadcast receiver is a component that responds to

system-wide events

A mailbox for broadcast intent messages

– Define intent filters to indicate what kinds of messages to receive

– An intent includes an action string and a category

Events can originate from the system

– E.g., low battery

– SMS arrival or

– Change in network connectivity

Events can also originate from a user application

– E.g., announcing that background data update has completed

Page 14: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

14

BROADCAST RECEIVER

Broadcast receivers are Android’s implementation of a

system-wide publish/subscribe mechanism

– Publishers are user apps or the system

– Typically, subscribers are user apps

A subscribing application can subscribe by indicating

intent filters in the application manifest or registering

dynamically

The receiver will receive a triggered event if she has

subscribed for it

Generally, all events are broadcasted to a number of

receivers who subscribe for the event

Page 15: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

15

BROADCAST RECEIVER:

REGISTRATION

A broadcast receiver has to register with the

Activity Manager and the Package Manager

Registration can be done through – The manifest file

– Programmatically

Page 16: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

16

REGISTRATION USING MANIFEST

<receiver android:name='‘MsgListener'' >

<intent-filter>

<action

android:name='‘compsci702.intent.action.BROADCAST'' />

</intent-filter>

</receiver>

Page 17: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

17

REGISTRATION USING MANIFEST

<receiver android:name='‘MsgListener'' >

<intent-filter>

<action

android:name='‘compsci702.intent.action.BROADCAST'' />

</intent-filter>

</receiver>

Class responsible for processing the intent

Page 18: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

18

REGISTRATION USING MANIFEST

<receiver android:name='‘MsgListener'' >

<intent-filter>

<action

android:name='‘compsci702.intent.action.BROADCAST'' />

</intent-filter>

</receiver>

Filter specifying intents to be received

Page 19: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

19

REGISTRATION THROUGH PROGRAM

IntentFilter filter = new IntentFilter();

filter.addAction(``compsci702.intent.action

.BROADCAST’’);

receiver = new BroadcastReceiver();

//@Override public void onReceive(Context

context, Intent intent)

{

System.out.println(``message received'');

}

};

registerReceiver(receiver, filter);

Page 20: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

20

REGISTRATION THROUGH PROGRAM

IntentFilter filter = new IntentFilter();

filter.addAction(``compsci702.intent.action

.BROADCAST’’);

receiver = new BroadcastReceiver();

//@Override public void onReceive(Context

context, Intent intent)

{

System.out.println(``message received'');

}

};

registerReceiver(receiver, filter);

Filter specifying intents to be received

Page 21: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

21

REGISTRATION THROUGH PROGRAM

IntentFilter filter = new IntentFilter();

filter.addAction(``compsci702.intent.action

.BROADCAST’’);

receiver = new BroadcastReceiver();

//@Override public void onReceive(Context

context, Intent intent)

{

System.out.println(``message received'');

}

};

registerReceiver(receiver, filter);

Action performed when the intent is received

Page 22: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

22

REGISTRATION THROUGH PROGRAM

IntentFilter filter = new IntentFilter();

filter.addAction(``compsci702.intent.action

.BROADCAST’’);

receiver = new BroadcastReceiver();

public void onReceive(Context context,

Intent intent)

{

System.out.println(``message received'');

}

};

registerReceiver(receiver, filter);

Registering broadcast receiver and the filter

Page 23: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

23

RESOURCES

Chapter 1 of

Android Security Internals: An In-Depth Guide to

Android's Security Architecture

Elenkov, Nikolay

First Edition

No Starch Press 2014

ISBN:1593275811 9781593275815

Enck, William, Machigar Ongtang, and Patrick

McDaniel

Understanding Android Security

IEEE Security & Privacy 1 (2009): 50-57

Page 24: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

24

ACKNOWLEDGEMENT

Some slides on registration of broadcast receiver are

based on the lecture delivered by Giovanni Russello,

thanks to him!

Page 25: Android App Model Cont. - Computer Science · 2019-03-14 · Application Framework IM Browser Camera Clock Calculator Voice Dial … Alarm Android Runtime Core Libraries Dalvik Virtual

Top right

corner for

field

customer or

partner logotypes.

See Best practice

for example.

Slide title

40 pt

Slide subtitle

24 pt

Text

24 pt

5

20 pt

25

Questions?

Thanks for your attention!