Home > Google Android > Couple notes around ANDROID security …

Couple notes around ANDROID security …

Adroid security is more defined by underlying Linux kernel. Any application packager (*.apk)  is launched with unique Linux user ID and it’s isolated according to other running ones. Simply application lives its own live inside the mobile device.  Resources are sandboxes which belong to the application and they are not accessible from out side ( other applications ).  To do share such sandboxes with other application, running on the devices, Android provides Services, Content Providers  or broadcast Intents  which help you to cross this boarder based on security permissions.

The main idea of Android security is having no permission at the start of development cycle. An application’s process is a secure sandbox. It can’t disrupt other applications, except by explicitly declaring the permissions it needs for additional capabilities not provided by the basic sandbox. (AndroidManifest.xml). You should be familiar with following tag...

<uses-permission android:name=”android.permission.INTERNET” />

When package obtain its unique ID, that means this package is signed for you device,  It may logicaly cause an error when you try to employ other application with similar package structure, class names and certificate. (‘com.example’ is good example  ) – Android does th check it during installation procedure. When something is wrong you get  a permission failure is the result in a SecurityException being thrown back to the application.  But not granted to receive it everywhere.

The list of android permissions that could be defined in the ManifestFile.xml.

When you sending Broadcast Intent, both a receiver and a broadcaster require a permissions. When this happens, both permission checks must pass for the Intent to be delivered to the associated target.  Intent has to be registered to the BroadcastReceiver with appropriate permissions. It simple imagine as discussion between two guys with permission they are allowed to do so … In Android case everything has to be granted.

Categories: Google Android
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: