This document discusses Android security essentials. It covers the Android OS architecture including permissions and security models. It describes how applications interact through intents, binders and permissions. It also discusses security best practices like restricting permissions, signing applications and monitoring for malware. The goal is to provide an overview of key Android security concepts and mechanisms.

1. Android Security Essentials
Pragati Ogal Rai
Mobile Technology Evangelist
X.commerce (an eBay Inc. Company)

2. 




3. 




4. Android OS Architecture
http://developer.android.com/guide/basics/what-is-android.html

5. 



6. include/linux/android_aid.h

7. 





8. 




9. 
android.permission.VIBRATE
com.android.alarm.permission.SET_ALARM

android.permission.SEND_SMS
android.permission.CALL_PHONE

android.permission.FORCE_STOP_PACKAGES
android.permission.INJECT_EVENTS

android.permission.ACCESS_USB
android.permission.SET_TIME

10. <permission
android:name="com.pragati.permission.ACCESS_DETAILS"
android:label="@string/permlab_accessDetails"
android:description="@string/permdesc_accessDetails"
android:permissionGroup="android.permission-
group.COST_MONEY"
android:protectionLevel=“signature" />

11. 





12. 


 transact() Binder.onTransact()



13. 




startActivity(Intent), startBroadcast(Intent)

14. 
<receiver android:name=“BootCompletedReceiver”>
<intent-filter>
<action android:name=“android.intent.action.BOOT_COMPLETED”/>
</intent-filter>
</receiver>




android.intent.category.BROWSEABLE

15. 



PendingIntent.getActivity(Context, int, Intent, int)

16. 






17. 

–
–

–
–

18. 




19. 




20. 
–
–
–
–



21. 









22. 






23. Thank you!
pragati@x.com
@pragatiogal
http://www.slideshare.net/pragatiogal