SlideShare a Scribd company logo

Android(1)

Download as ODP, PDF
Nikola Milosevic
Nikola Milosevic
EducationTechnology
1 of 19
Permissions and data stores Android
Agenda Unix process creation Android process creation Android permission model Permission security model SQLite
Unix processes F S UID PID PPID C PRI NIADDR SZ WCHAN TTY TIME CMD 4 S 0 1 0 0 68 0 - 373 select ? 0:02 init [2]
Unix processes Linux is unix like operating system Unix starts each process as a user With user’s permissions For each user permissions defined are defined Each resource on a Linux system has three sets of permissions: owner, group, and world Root user has all the permissions over the system It is not recommanded to run programs as root Security reasons
Android processes Android same as linux runs processes with user’s priviledges Android for security reason uses sandboxes Each app is run in a sandbox
Android processes Sandbox is created by creating new linux users Every application is run under different user Every user has it’s own permissions set
Android processes Only apps signed with same digital signature can be run with same user ID Also rooted devices runs apps with as root user android:sharedUserId="com.example.test.sharedUID"
Digital signature Android apps are digitally signed Cryptographic construct First, a digital certificate identifies each developer The other part to this process is your private key
Permissions Request permission in manifest file  <uses-permission android:name="android.permission.INTERNET" /> Permission denied exception
Declaring a Permission <permission android:name="com.example.testapps.test1.perm.READ_INCOMING_EMAIL" android:label= "Read incoming email" android:description="Allows the app to access the email retrieved from your email server using the test1 app.Any app you grant this permission to will be able to read all email processed by the test1 app." android:protectionLevel="dangerous" android:permissionGroup="android.permission-group.PERSONAL_INFO" />
Declaring a permission int canProcess = checkCallingOrSelfPermission( ("com.example.testapps.test1.perm. READ_INCOMING_EMAIL"); if (canProcess != PERMISSION_GRANTED) throw new SecurityException(); Protection Levels: Normal Dangerous Signature SignatureOrSystem
Android Filesystem Isolation Android does a good job of isolating apps from one another Only apps that are created by the same developer and signed with the same digital certificates can weaken this isolation The standard way thatAndroid lays out the file system on a device is to create an appspecific directory under the path /data/data/app_package_name This directory is configured such that the associated app’s UID is the owner and only the owner permissions are set Within this directory is /files,where all files created by the app are installed and created
Android filesystem isolation Because file isolation is based on UIDs, apps that are configured to run with the same UIDs can access each other’s files A user who accesses the Linux kernel using the root UID will be able to bypass any permissions on any file, allowing access to any data stored by any app. Any data written to external storage, such as SD cards, lacks Linux permission based access control. As the developer, you can specify different permissions on files.
Android filesystem isolation To change permissions over created file you can supply openFileOutput() with flags: MODE_PRIVATE This is the default, granting full control to the app’s UID and nothing else. MODE_WORLD_WRITABLE Allows all apps on the device to write to this file. MODE_WORLD_READABLE Allows all apps on the device to read this file.  OutputStreamWriter out = new OutputStreamWriter(openFileOutput("scores", MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE));
Android Preferences and Database Isolation Data can be stored in: Files DB SharedPreference SharedPreferences is a basic framework that allows your app to store name/value pairs (primitive data types only) for easy access Android also includes a SQLite implementation that allows apps to create and manage databases
Android Preferences and Database Isolation SharedPreferences are accessed using SharedPreferences objects within a running app and as XML files on the filesystem. They are written to the filesystem under a /data/data/app_package_name /shared_prefs SharedPreferences are created using the getSharedPreferences() method, which takes the same flags as openFileOutput() does
Shared preferences example To obtain and create: SharedPreferences prefs = this.getSharedPreferences( "com.example.app", Context.MODE_PRIVATE); To read: String dateTimeKey = "com.example.app.datetime"; long l = prefs.getLong(dateTimeKey, new Date().getTime()); To edit and save Date dt = getSomeDate(); prefs.edit().putLong(dateTimeKey, dt.getTime()).commit();
SQLite For relational databases, SQLite is available within the Android system. openOrCreateDatabase() method Databases are created in the /data/data/app_package_name /databases directory SQLiteDatabase myContactDB = openOrCreateDatabase("Contacts", MODE_PRIVATE, null);
Principle of least privilege Not requesting more permissions than needed Only permissions for both files and application that are essential Better system stability. Better system security. Ease of deployment.

Recommended

Windows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy ComputingWindows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy Computingsamavedam_vijay
 
Installation
InstallationInstallation
InstallationVenkataBolagani
 
Windows 8
Windows 8Windows 8
Windows 8akki_hearts
 
Usage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerUsage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerWilliam Lee
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Nagarro
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Android Development - Session 1
Android Development - Session 1Android Development - Session 1
Android Development - Session 1Mohammad Shaker
 

Recommended

Windows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy ComputingWindows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy Computingsamavedam_vijay
 
Installation
InstallationInstallation
InstallationVenkataBolagani
 
Windows 8
Windows 8Windows 8
Windows 8akki_hearts
 
Usage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerUsage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerWilliam Lee
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Nagarro
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Android Development - Session 1
Android Development - Session 1Android Development - Session 1
Android Development - Session 1Mohammad Shaker
 
Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Ibnu Sina Wardy
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android training day 4
Android training day 4Android training day 4
Android training day 4Vivek Bhusal
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009sullis
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introductionmsimkin
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAbhinav Mishra
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - uploadBin Yang
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change彥彬 洪
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask TutorialPerfect APK
 
Json Tutorial
Json TutorialJson Tutorial
Json TutorialNapendra Singh
 
Android new permission model
Android new permission modelAndroid new permission model
Android new permission modelTakuji Nishibayashi
 
Basic Android Push Notification
Basic Android Push NotificationBasic Android Push Notification
Basic Android Push NotificationChaiyasit Tayabovorn
 
JSON overview and demo
JSON overview and demoJSON overview and demo
JSON overview and demoFlatiron School
 
App Permissions
App PermissionsApp Permissions
App PermissionsShinobu Okano
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parserDongjun Lee
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011pundiramit
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – exampleRajat Ghai
 
Android Overview
Android OverviewAndroid Overview
Android OverviewRaju Kadam
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello AndroidBipin Jethwani
 

More Related Content

Viewers also liked

Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Ibnu Sina Wardy
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android training day 4
Android training day 4Android training day 4
Android training day 4Vivek Bhusal
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009sullis
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introductionmsimkin
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAbhinav Mishra
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - uploadBin Yang
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change彥彬 洪
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask TutorialPerfect APK
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parserDongjun Lee
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011pundiramit
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – exampleRajat Ghai
 

Viewers also liked (20)

Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1
 
Android permission system
Android permission systemAndroid permission system
Android permission system
 
Android training day 4
Android training day 4Android training day 4
Android training day 4
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introduction
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shop
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App Permissions
 
Android permission system
Android permission systemAndroid permission system
Android permission system
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - upload
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask Tutorial
 
Json Tutorial
Json TutorialJson Tutorial
Json Tutorial
 
Android new permission model
Android new permission modelAndroid new permission model
Android new permission model
 
Basic Android Push Notification
Basic Android Push NotificationBasic Android Push Notification
Basic Android Push Notification
 
JSON overview and demo
JSON overview and demoJSON overview and demo
JSON overview and demo
 
App Permissions
App PermissionsApp Permissions
App Permissions
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parser
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011
 
Android webservices
Android webservicesAndroid webservices
Android webservices
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – example
 

Similar to Android(1)

Android Overview
Android OverviewAndroid Overview
Android OverviewRaju Kadam
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello AndroidBipin Jethwani
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentalsSteve Smith
 
Introduction to everything around Android
Introduction to everything around AndroidIntroduction to everything around Android
Introduction to everything around AndroidBipin Jethwani
 
Google android white paper
Google android white paperGoogle android white paper
Google android white paperSravan Reddy
 
Android development-tutorial
Android development-tutorialAndroid development-tutorial
Android development-tutorialnirajsimulanis
 
Hello android world
Hello android worldHello android world
Hello android worldeleksdev
 
Getting started with android
Getting started with androidGetting started with android
Getting started with androidVandana Verma
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 
Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentestingMinali Arora
 
Android security
Android securityAndroid security
Android securityKrazy Koder
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10blusmurfydot1
 
01 what is android
01 what is android01 what is android
01 what is androidC.o. Nieto
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 

Similar to Android(1) (20)

Android Overview
Android OverviewAndroid Overview
Android Overview
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello Android
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentals
 
Introduction to everything around Android
Introduction to everything around AndroidIntroduction to everything around Android
Introduction to everything around Android
 
Android Basic- CMC
Android Basic- CMCAndroid Basic- CMC
Android Basic- CMC
 
Google android white paper
Google android white paperGoogle android white paper
Google android white paper
 
Android development-tutorial
Android development-tutorialAndroid development-tutorial
Android development-tutorial
 
Hello android world
Hello android worldHello android world
Hello android world
 
Getting started with android
Getting started with androidGetting started with android
Getting started with android
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
 
Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentesting
 
O p
O pO p
O p
 
Android Security
Android SecurityAndroid Security
Android Security
 
Android security
Android securityAndroid security
Android security
 
Mobile security
Mobile securityMobile security
Mobile security
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
 
Cc4201519521
Cc4201519521Cc4201519521
Cc4201519521
 
Android security
Android securityAndroid security
Android security
 
01 what is android
01 what is android01 what is android
01 what is android
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
 

More from Nikola Milosevic

Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Nikola Milosevic
 
Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Nikola Milosevic
 
AI an the future of society
AI an the future of societyAI an the future of society
AI an the future of societyNikola Milosevic
 
Machine learning prediction of stock markets
Machine learning prediction of stock marketsMachine learning prediction of stock markets
Machine learning prediction of stock marketsNikola Milosevic
 
Equity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningEquity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningNikola Milosevic
 
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...Nikola Milosevic
 
Extracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureExtracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureNikola Milosevic
 
Supporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningSupporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningNikola Milosevic
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidNikola Milosevic
 
Table mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureTable mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureNikola Milosevic
 
Sentiment analysis for Serbian language
Sentiment analysis for Serbian languageSentiment analysis for Serbian language
Sentiment analysis for Serbian languageNikola Milosevic
 
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Nikola Milosevic
 
Mašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuMašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuNikola Milosevic
 
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Nikola Milosevic
 

More from Nikola Milosevic (20)

Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...
 
Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)
 
Veštačka inteligencija
Veštačka inteligencijaVeštačka inteligencija
Veštačka inteligencija
 
AI an the future of society
AI an the future of societyAI an the future of society
AI an the future of society
 
Machine learning prediction of stock markets
Machine learning prediction of stock marketsMachine learning prediction of stock markets
Machine learning prediction of stock markets
 
Equity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningEquity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learning
 
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
 
Extracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureExtracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literature
 
Supporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningSupporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table mining
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Serbia2
Serbia2Serbia2
Serbia2
 
Table mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureTable mining and data curation from biomedical literature
Table mining and data curation from biomedical literature
 
Malware
MalwareMalware
Malware
 
Sentiment analysis for Serbian language
Sentiment analysis for Serbian languageSentiment analysis for Serbian language
Sentiment analysis for Serbian language
 
Http and security
Http and securityHttp and security
Http and security
 
Android business models
Android business modelsAndroid business models
Android business models
 
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
 
Mašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuMašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jeziku
 
Malware
MalwareMalware
Malware
 
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
 

Recently uploaded

call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxsqpmdrvczh
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationAadityaSharma884161
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........LeaCamillePacle
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 

Recently uploaded (20)

call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 

Android(1)

  • 1. Permissions and data stores Android
  • 2. Agenda Unix process creation Android process creation Android permission model Permission security model SQLite
  • 3. Unix processes F S UID PID PPID C PRI NIADDR SZ WCHAN TTY TIME CMD 4 S 0 1 0 0 68 0 - 373 select ? 0:02 init [2]
  • 4. Unix processes Linux is unix like operating system Unix starts each process as a user With user’s permissions For each user permissions defined are defined Each resource on a Linux system has three sets of permissions: owner, group, and world Root user has all the permissions over the system It is not recommanded to run programs as root Security reasons
  • 5. Android processes Android same as linux runs processes with user’s priviledges Android for security reason uses sandboxes Each app is run in a sandbox
  • 6. Android processes Sandbox is created by creating new linux users Every application is run under different user Every user has it’s own permissions set
  • 7. Android processes Only apps signed with same digital signature can be run with same user ID Also rooted devices runs apps with as root user android:sharedUserId="com.example.test.sharedUID"
  • 8. Digital signature Android apps are digitally signed Cryptographic construct First, a digital certificate identifies each developer The other part to this process is your private key
  • 9. Permissions Request permission in manifest file  <uses-permission android:name="android.permission.INTERNET" /> Permission denied exception
  • 10. Declaring a Permission <permission android:name="com.example.testapps.test1.perm.READ_INCOMING_EMAIL" android:label= "Read incoming email" android:description="Allows the app to access the email retrieved from your email server using the test1 app.Any app you grant this permission to will be able to read all email processed by the test1 app." android:protectionLevel="dangerous" android:permissionGroup="android.permission-group.PERSONAL_INFO" />
  • 11. Declaring a permission int canProcess = checkCallingOrSelfPermission( ("com.example.testapps.test1.perm. READ_INCOMING_EMAIL"); if (canProcess != PERMISSION_GRANTED) throw new SecurityException(); Protection Levels: Normal Dangerous Signature SignatureOrSystem
  • 12. Android Filesystem Isolation Android does a good job of isolating apps from one another Only apps that are created by the same developer and signed with the same digital certificates can weaken this isolation The standard way thatAndroid lays out the file system on a device is to create an appspecific directory under the path /data/data/app_package_name This directory is configured such that the associated app’s UID is the owner and only the owner permissions are set Within this directory is /files,where all files created by the app are installed and created
  • 13. Android filesystem isolation Because file isolation is based on UIDs, apps that are configured to run with the same UIDs can access each other’s files A user who accesses the Linux kernel using the root UID will be able to bypass any permissions on any file, allowing access to any data stored by any app. Any data written to external storage, such as SD cards, lacks Linux permission based access control. As the developer, you can specify different permissions on files.
  • 14. Android filesystem isolation To change permissions over created file you can supply openFileOutput() with flags: MODE_PRIVATE This is the default, granting full control to the app’s UID and nothing else. MODE_WORLD_WRITABLE Allows all apps on the device to write to this file. MODE_WORLD_READABLE Allows all apps on the device to read this file.  OutputStreamWriter out = new OutputStreamWriter(openFileOutput("scores", MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE));
  • 15. Android Preferences and Database Isolation Data can be stored in: Files DB SharedPreference SharedPreferences is a basic framework that allows your app to store name/value pairs (primitive data types only) for easy access Android also includes a SQLite implementation that allows apps to create and manage databases
  • 16. Android Preferences and Database Isolation SharedPreferences are accessed using SharedPreferences objects within a running app and as XML files on the filesystem. They are written to the filesystem under a /data/data/app_package_name /shared_prefs SharedPreferences are created using the getSharedPreferences() method, which takes the same flags as openFileOutput() does
  • 17. Shared preferences example To obtain and create: SharedPreferences prefs = this.getSharedPreferences( "com.example.app", Context.MODE_PRIVATE); To read: String dateTimeKey = "com.example.app.datetime"; long l = prefs.getLong(dateTimeKey, new Date().getTime()); To edit and save Date dt = getSomeDate(); prefs.edit().putLong(dateTimeKey, dt.getTime()).commit();
  • 18. SQLite For relational databases, SQLite is available within the Android system. openOrCreateDatabase() method Databases are created in the /data/data/app_package_name /databases directory SQLiteDatabase myContactDB = openOrCreateDatabase("Contacts", MODE_PRIVATE, null);
  • 19. Principle of least privilege Not requesting more permissions than needed Only permissions for both files and application that are essential Better system stability. Better system security. Ease of deployment.