Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.

Published byBryana Ivens Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL."— Presentation transcript:

1 Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL

2  Introduction  History  Android OS  Android development structure  Android ADT interface  Example Application  Security Enforcement  Security refinement

3  Next generation of open operating system.  Not only complaint with desktops and mainframe.  Now computing is integrating with mobile open operating system.  Increasing data service in cell phones  More secure and invulnerable OS is indispensible.

4  Android In was founded in Palo Alto California United state by Andy Rubin, Rich Miner and Chris White – October 2003  Google acquired Android Inc – August 2006  The Open Handset Alliance, a consortium of several companies was formed – 5 November 2007  First Android Device, the HTC Dream(G1), featuring Android 1.0

5  Open operating system designed for mobiles, tablets and other systems.  Application middle layer, java software development tool kit (SDK) and system applications.  Extension to Google Service  Integration - Gmail, Calendar, Contacts and Web Application

6  Android officially doesn’t support application on top of java middleware layer running in a embedded Linux kernel.  Controlled application interaction with its API  Permission label assignment model to restrict to access resources and other application.

7  It doesn’t have main function  It doesn’t have single entry point for the execution of the whole application.  Application in android is segmented into many different components.  Like - Main activity, manifest file, XML file

8

9  Functionality of an application ramified into two different applications.

10  There are primarily four components 1. Activity - It is the application user interface, in this each screen for an activity is designed. 2.Service – it is a background processing for using different service(like camera, Bluetooth, internet service etc) 3.Content Provider – It stores data and retrieve using relational database interface. 4.Broadcast receiver- Act as a mailbox for other applications.

11 Primary mechanism for component interaction is Intent (Message box container). To start the Main activity 1. Start Activity (Intent) 2. start Service (Intent) 3. send Broadcast (Intent)

12  To execute the main application android framework invoke these 3 methods  Inter component communication(ICC) is called Action i.e. particular intend to action string.  Each ICC actions depends upon the target component.  Friend Viewer– starts – FriendMap activity (Screen)

13

14  Protection : 1. System Level 2. ICC level  ICC core security framework  Each application – Unique user Identity  Restrict damage from programming flaws  Which in turn restrict exploitation to other applications.

15  Permission labels are assigned to each application.  Restrict from using all resource.

16

17  <manifest xmlns:android= "http://schemas.android.com/apk/res/android"  package= "com.example.android.apis">   <!-- We will request access to the camera, saying we require a camera  of some sort but not one with autofocus capability. --> 

18 1. Public Vs Private Components :  Restrict access of an application component from another application (like stored password for security) by defining it as private component. 1. II. Implicitly Open Components :  If the access permission at the application development time is not clear Android permits any application to access it.  III. Broadcast Intent Permission :  If the broadcast intent is not protected it leads to privacy risk.  Developer control how information is disseminated by specify a permission label to restrict access to the intent object.

19  Content Provider Permission:  Android allow developer to assigning read and write permission on contents, so that every content can be update only by its application and available to read for other application.  Protected APIs:  To some system resources Android provide direct API access and to protect these APIs, addition permission label is use. Application has to delayer a corresponding permission label in its manifest file.

20  Permission Protection Levels:  framework developer can use the specific functionality (for ex. Google app can use telephony or API directly)  Pending intent :  Intent object is define to perform an action, instead of performing action developer passes the intent to special method which create Pending Intent. The Pending Intent object is simply a reference pointer that can pass to another application via ICC. It included in framework to work with third party application.

21  Processes of allowing user to have privilege control or root access.  Modify system files: themes, core apps, boot images, linux binaries, etc.  Run applications that require  system level access.  Balance the risk with freedom

22  Complex Update Process Continuous Internet Connection  Operating System Fragmentation  Android: Good for Consumers, Bad for Developers  Security Issues  Advertisements

23  Official Android website: www.android.com / developer.android.comwww.android.com  J.P. Anderson, Computer Security Technology Planning Study, tech. report ESD-TR-73-51, Mitre, Oct. 1972.  M.A. Harrison, W.L. Ruzzo, and J.D. Ullman, “Protection in Operating Systems,” Comm. ACM,  http://securityevaluators.com/content/case- studies/android/ http://securityevaluators.com/content/case- studies/android/  Wikipedia, Google

24  http://securityevaluators.com/content/case- studies/android/ http://securityevaluators.com/content/case- studies/android/

Download ppt "Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL."

Similar presentations

Android Application Development A Tutorial Driven Course.

Android Application Development A Tutorial Driven Course.
Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.
WHAT IS ANDROID? A Software platform and operating system for mobile. Based on the Linux kernel. Android was found way back in 2003. It was developed.

WHAT IS ANDROID? A Software platform and operating system for mobile. Based on the Linux kernel. Android was found way back in It was developed.
Introduction to Android Mohammad A. Gowayyed CS334-Spring 2014.

Introduction to Android Mohammad A. Gowayyed CS334-Spring 2014.
Programming Mobile Applications with Android

Programming Mobile Applications with Android
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Filip Debelić What is it? Android is a mobile operating system (OS) based on the Linux kernel and currently developed by Google Android,

Filip Debelić What is it? Android is a mobile operating system (OS) based on the Linux kernel and currently developed by Google Android,
DEPARTMENT OF COMPUTER ENGINEERING

DEPARTMENT OF COMPUTER ENGINEERING
Mobile Application Development

Mobile Application Development
Android is a mobile operating system developed by Google and is based upon the Linux kernel and GNU software. It was initially developed by Android.

Android is a mobile operating system developed by Google and is based upon the Linux kernel and GNU software. It was initially developed by Android.
Security of Mobile Applications Vitaly Shmatikov CS 6431.

Security of Mobile Applications Vitaly Shmatikov CS 6431.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.

Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
Asst.Prof.Dr.Ahmet Ünveren 2014-2015 SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren 2014-2015 SPRING Computer Engineering Department.

Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.

Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.

Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Similar presentations

Ads by Google