SlideShare a Scribd company logo

Android(1)

Download as ODP, PDF
Nikola Milosevic
Nikola Milosevic
EducationTechnology
1 of 19
Permissions and data stores Android
Agenda Unix process creation Android process creation Android permission model Permission security model SQLite
Unix processes F S UID PID PPID C PRI NIADDR SZ WCHAN TTY TIME CMD 4 S 0 1 0 0 68 0 - 373 select ? 0:02 init [2]
Unix processes Linux is unix like operating system Unix starts each process as a user With user’s permissions For each user permissions defined are defined Each resource on a Linux system has three sets of permissions: owner, group, and world Root user has all the permissions over the system It is not recommanded to run programs as root Security reasons
Android processes Android same as linux runs processes with user’s priviledges Android for security reason uses sandboxes Each app is run in a sandbox
Android processes Sandbox is created by creating new linux users Every application is run under different user Every user has it’s own permissions set
Android processes Only apps signed with same digital signature can be run with same user ID Also rooted devices runs apps with as root user android:sharedUserId="com.example.test.sharedUID"
Digital signature Android apps are digitally signed Cryptographic construct First, a digital certificate identifies each developer The other part to this process is your private key
Permissions Request permission in manifest file  <uses-permission android:name="android.permission.INTERNET" /> Permission denied exception
Declaring a Permission <permission android:name="com.example.testapps.test1.perm.READ_INCOMING_EMAIL" android:label= "Read incoming email" android:description="Allows the app to access the email retrieved from your email server using the test1 app.Any app you grant this permission to will be able to read all email processed by the test1 app." android:protectionLevel="dangerous" android:permissionGroup="android.permission-group.PERSONAL_INFO" />
Declaring a permission int canProcess = checkCallingOrSelfPermission( ("com.example.testapps.test1.perm. READ_INCOMING_EMAIL"); if (canProcess != PERMISSION_GRANTED) throw new SecurityException(); Protection Levels: Normal Dangerous Signature SignatureOrSystem
Android Filesystem Isolation Android does a good job of isolating apps from one another Only apps that are created by the same developer and signed with the same digital certificates can weaken this isolation The standard way thatAndroid lays out the file system on a device is to create an appspecific directory under the path /data/data/app_package_name This directory is configured such that the associated app’s UID is the owner and only the owner permissions are set Within this directory is /files,where all files created by the app are installed and created
Android filesystem isolation Because file isolation is based on UIDs, apps that are configured to run with the same UIDs can access each other’s files A user who accesses the Linux kernel using the root UID will be able to bypass any permissions on any file, allowing access to any data stored by any app. Any data written to external storage, such as SD cards, lacks Linux permission based access control. As the developer, you can specify different permissions on files.
Android filesystem isolation To change permissions over created file you can supply openFileOutput() with flags: MODE_PRIVATE This is the default, granting full control to the app’s UID and nothing else. MODE_WORLD_WRITABLE Allows all apps on the device to write to this file. MODE_WORLD_READABLE Allows all apps on the device to read this file.  OutputStreamWriter out = new OutputStreamWriter(openFileOutput("scores", MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE));
Android Preferences and Database Isolation Data can be stored in: Files DB SharedPreference SharedPreferences is a basic framework that allows your app to store name/value pairs (primitive data types only) for easy access Android also includes a SQLite implementation that allows apps to create and manage databases
Android Preferences and Database Isolation SharedPreferences are accessed using SharedPreferences objects within a running app and as XML files on the filesystem. They are written to the filesystem under a /data/data/app_package_name /shared_prefs SharedPreferences are created using the getSharedPreferences() method, which takes the same flags as openFileOutput() does
Shared preferences example To obtain and create: SharedPreferences prefs = this.getSharedPreferences( "com.example.app", Context.MODE_PRIVATE); To read: String dateTimeKey = "com.example.app.datetime"; long l = prefs.getLong(dateTimeKey, new Date().getTime()); To edit and save Date dt = getSomeDate(); prefs.edit().putLong(dateTimeKey, dt.getTime()).commit();
SQLite For relational databases, SQLite is available within the Android system. openOrCreateDatabase() method Databases are created in the /data/data/app_package_name /databases directory SQLiteDatabase myContactDB = openOrCreateDatabase("Contacts", MODE_PRIVATE, null);
Principle of least privilege Not requesting more permissions than needed Only permissions for both files and application that are essential Better system stability. Better system security. Ease of deployment.

Recommended

Windows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy ComputingWindows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy Computingsamavedam_vijay
 
Installation
InstallationInstallation
InstallationVenkataBolagani
 
Windows 8
Windows 8Windows 8
Windows 8akki_hearts
 
Usage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerUsage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerWilliam Lee
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Nagarro
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Android Development - Session 1
Android Development - Session 1Android Development - Session 1
Android Development - Session 1Mohammad Shaker
 

Recommended

Windows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy ComputingWindows Vista and Trust Worthy Computing
Windows Vista and Trust Worthy Computingsamavedam_vijay
 
Installation
InstallationInstallation
InstallationVenkataBolagani
 
Windows 8
Windows 8Windows 8
Windows 8akki_hearts
 
Usage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerUsage Note of Microsoft Dependency Walker
Usage Note of Microsoft Dependency WalkerWilliam Lee
 
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...
Fighting Spyware With Mandatory Access Control In Microsoft Windows Vista (Di...FilGov
 
Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Are Your Mobile Apps Secure? (Part I)
Are Your Mobile Apps Secure? (Part I)Nagarro
 
Design for security in operating system
Design for security in operating systemDesign for security in operating system
Design for security in operating systemBhagyashree Barde
 
Android Development - Session 1
Android Development - Session 1Android Development - Session 1
Android Development - Session 1Mohammad Shaker
 
Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Ibnu Sina Wardy
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android training day 4
Android training day 4Android training day 4
Android training day 4Vivek Bhusal
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009sullis
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introductionmsimkin
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAbhinav Mishra
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - uploadBin Yang
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change彥彬 洪
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask TutorialPerfect APK
 
Json Tutorial
Json TutorialJson Tutorial
Json TutorialNapendra Singh
 
Android new permission model
Android new permission modelAndroid new permission model
Android new permission modelTakuji Nishibayashi
 
Basic Android Push Notification
Basic Android Push NotificationBasic Android Push Notification
Basic Android Push NotificationChaiyasit Tayabovorn
 
JSON overview and demo
JSON overview and demoJSON overview and demo
JSON overview and demoFlatiron School
 
App Permissions
App PermissionsApp Permissions
App PermissionsShinobu Okano
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parserDongjun Lee
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011pundiramit
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – exampleRajat Ghai
 
Android Overview
Android OverviewAndroid Overview
Android OverviewRaju Kadam
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello AndroidBipin Jethwani
 

More Related Content

Viewers also liked

Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Ibnu Sina Wardy
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android training day 4
Android training day 4Android training day 4
Android training day 4Vivek Bhusal
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009sullis
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introductionmsimkin
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAbhinav Mishra
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Android permission system
Android permission systemAndroid permission system
Android permission systemShivang Goel
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - uploadBin Yang
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change彥彬 洪
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask TutorialPerfect APK
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parserDongjun Lee
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011pundiramit
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – exampleRajat Ghai
 

Viewers also liked (20)

Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1Tips dan Third Party Library untuk Android - Part 1
Tips dan Third Party Library untuk Android - Part 1
 
Android permission system
Android permission systemAndroid permission system
Android permission system
 
Android training day 4
Android training day 4Android training day 4
Android training day 4
 
Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009Web Services and Android - OSSPAC 2009
Web Services and Android - OSSPAC 2009
 
Sandbox Introduction
Sandbox IntroductionSandbox Introduction
Sandbox Introduction
 
Anatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shopAnatomizing online payment systems: hack to shop
Anatomizing online payment systems: hack to shop
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App Permissions
 
Android permission system
Android permission systemAndroid permission system
Android permission system
 
Android secuirty permission - upload
Android secuirty permission - uploadAndroid secuirty permission - upload
Android secuirty permission - upload
 
Android 6.0 permission change
Android 6.0 permission changeAndroid 6.0 permission change
Android 6.0 permission change
 
Android AsyncTask Tutorial
Android AsyncTask TutorialAndroid AsyncTask Tutorial
Android AsyncTask Tutorial
 
Json Tutorial
Json TutorialJson Tutorial
Json Tutorial
 
Android new permission model
Android new permission modelAndroid new permission model
Android new permission model
 
Basic Android Push Notification
Basic Android Push NotificationBasic Android Push Notification
Basic Android Push Notification
 
JSON overview and demo
JSON overview and demoJSON overview and demo
JSON overview and demo
 
App Permissions
App PermissionsApp Permissions
App Permissions
 
Simple JSON parser
Simple JSON parserSimple JSON parser
Simple JSON parser
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011
 
Android webservices
Android webservicesAndroid webservices
Android webservices
 
Android json parser tutorial – example
Android json parser tutorial – exampleAndroid json parser tutorial – example
Android json parser tutorial – example
 

Similar to Android(1)

Android Overview
Android OverviewAndroid Overview
Android OverviewRaju Kadam
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello AndroidBipin Jethwani
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentalsSteve Smith
 
Introduction to everything around Android
Introduction to everything around AndroidIntroduction to everything around Android
Introduction to everything around AndroidBipin Jethwani
 
Google android white paper
Google android white paperGoogle android white paper
Google android white paperSravan Reddy
 
Android development-tutorial
Android development-tutorialAndroid development-tutorial
Android development-tutorialnirajsimulanis
 
Hello android world
Hello android worldHello android world
Hello android worldeleksdev
 
Getting started with android
Getting started with androidGetting started with android
Getting started with androidVandana Verma
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 
Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentestingMinali Arora
 
Android security
Android securityAndroid security
Android securityKrazy Koder
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10blusmurfydot1
 
01 what is android
01 what is android01 what is android
01 what is androidC.o. Nieto
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 

Similar to Android(1) (20)

Android Overview
Android OverviewAndroid Overview
Android Overview
 
Android Part-1 - Hello Android
Android Part-1 - Hello AndroidAndroid Part-1 - Hello Android
Android Part-1 - Hello Android
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentals
 
Introduction to everything around Android
Introduction to everything around AndroidIntroduction to everything around Android
Introduction to everything around Android
 
Android Basic- CMC
Android Basic- CMCAndroid Basic- CMC
Android Basic- CMC
 
Google android white paper
Google android white paperGoogle android white paper
Google android white paper
 
Android development-tutorial
Android development-tutorialAndroid development-tutorial
Android development-tutorial
 
Hello android world
Hello android worldHello android world
Hello android world
 
Getting started with android
Getting started with androidGetting started with android
Getting started with android
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
 
Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentesting
 
O p
O pO p
O p
 
Android Security
Android SecurityAndroid Security
Android Security
 
Android security
Android securityAndroid security
Android security
 
Mobile security
Mobile securityMobile security
Mobile security
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
 
Cc4201519521
Cc4201519521Cc4201519521
Cc4201519521
 
Android security
Android securityAndroid security
Android security
 
01 what is android
01 what is android01 what is android
01 what is android
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
 

More from Nikola Milosevic

Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Nikola Milosevic
 
Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Nikola Milosevic
 
AI an the future of society
AI an the future of societyAI an the future of society
AI an the future of societyNikola Milosevic
 
Machine learning prediction of stock markets
Machine learning prediction of stock marketsMachine learning prediction of stock markets
Machine learning prediction of stock marketsNikola Milosevic
 
Equity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningEquity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningNikola Milosevic
 
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...Nikola Milosevic
 
Extracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureExtracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureNikola Milosevic
 
Supporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningSupporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningNikola Milosevic
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidNikola Milosevic
 
Table mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureTable mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureNikola Milosevic
 
Sentiment analysis for Serbian language
Sentiment analysis for Serbian languageSentiment analysis for Serbian language
Sentiment analysis for Serbian languageNikola Milosevic
 
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Nikola Milosevic
 
Mašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuMašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuNikola Milosevic
 
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Nikola Milosevic
 

More from Nikola Milosevic (20)

Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...Classifying intangible social innovation concepts using machine learning and ...
Classifying intangible social innovation concepts using machine learning and ...
 
Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)Machine learning (ML) and natural language processing (NLP)
Machine learning (ML) and natural language processing (NLP)
 
Veštačka inteligencija
Veštačka inteligencijaVeštačka inteligencija
Veštačka inteligencija
 
AI an the future of society
AI an the future of societyAI an the future of society
AI an the future of society
 
Machine learning prediction of stock markets
Machine learning prediction of stock marketsMachine learning prediction of stock markets
Machine learning prediction of stock markets
 
Equity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learningEquity forecast: Predicting long term stock market prices using machine learning
Equity forecast: Predicting long term stock market prices using machine learning
 
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...BelBi2016 presentation: Hybrid methodology for information extraction from ta...
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
 
Extracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literatureExtracting patient data from tables in clinical literature
Extracting patient data from tables in clinical literature
 
Supporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table miningSupporting clinical trial data curation and integration with table mining
Supporting clinical trial data curation and integration with table mining
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Serbia2
Serbia2Serbia2
Serbia2
 
Table mining and data curation from biomedical literature
Table mining and data curation from biomedical literatureTable mining and data curation from biomedical literature
Table mining and data curation from biomedical literature
 
Malware
MalwareMalware
Malware
 
Sentiment analysis for Serbian language
Sentiment analysis for Serbian languageSentiment analysis for Serbian language
Sentiment analysis for Serbian language
 
Http and security
Http and securityHttp and security
Http and security
 
Android business models
Android business modelsAndroid business models
Android business models
 
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture Sigurnosne prijetnje i mjere zaštite IT infrastrukture
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
 
Mašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jezikuMašinska analiza sentimenta rečenica na srpskom jeziku
Mašinska analiza sentimenta rečenica na srpskom jeziku
 
Malware
MalwareMalware
Malware
 
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
Software Freedom day Serbia - Owasp - informaciona bezbednost u Srbiji open s...
 

Recently uploaded

18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 

Android(1)

  • 1. Permissions and data stores Android
  • 2. Agenda Unix process creation Android process creation Android permission model Permission security model SQLite
  • 3. Unix processes F S UID PID PPID C PRI NIADDR SZ WCHAN TTY TIME CMD 4 S 0 1 0 0 68 0 - 373 select ? 0:02 init [2]
  • 4. Unix processes Linux is unix like operating system Unix starts each process as a user With user’s permissions For each user permissions defined are defined Each resource on a Linux system has three sets of permissions: owner, group, and world Root user has all the permissions over the system It is not recommanded to run programs as root Security reasons
  • 5. Android processes Android same as linux runs processes with user’s priviledges Android for security reason uses sandboxes Each app is run in a sandbox
  • 6. Android processes Sandbox is created by creating new linux users Every application is run under different user Every user has it’s own permissions set
  • 7. Android processes Only apps signed with same digital signature can be run with same user ID Also rooted devices runs apps with as root user android:sharedUserId="com.example.test.sharedUID"
  • 8. Digital signature Android apps are digitally signed Cryptographic construct First, a digital certificate identifies each developer The other part to this process is your private key
  • 9. Permissions Request permission in manifest file  <uses-permission android:name="android.permission.INTERNET" /> Permission denied exception
  • 10. Declaring a Permission <permission android:name="com.example.testapps.test1.perm.READ_INCOMING_EMAIL" android:label= "Read incoming email" android:description="Allows the app to access the email retrieved from your email server using the test1 app.Any app you grant this permission to will be able to read all email processed by the test1 app." android:protectionLevel="dangerous" android:permissionGroup="android.permission-group.PERSONAL_INFO" />
  • 11. Declaring a permission int canProcess = checkCallingOrSelfPermission( ("com.example.testapps.test1.perm. READ_INCOMING_EMAIL"); if (canProcess != PERMISSION_GRANTED) throw new SecurityException(); Protection Levels: Normal Dangerous Signature SignatureOrSystem
  • 12. Android Filesystem Isolation Android does a good job of isolating apps from one another Only apps that are created by the same developer and signed with the same digital certificates can weaken this isolation The standard way thatAndroid lays out the file system on a device is to create an appspecific directory under the path /data/data/app_package_name This directory is configured such that the associated app’s UID is the owner and only the owner permissions are set Within this directory is /files,where all files created by the app are installed and created
  • 13. Android filesystem isolation Because file isolation is based on UIDs, apps that are configured to run with the same UIDs can access each other’s files A user who accesses the Linux kernel using the root UID will be able to bypass any permissions on any file, allowing access to any data stored by any app. Any data written to external storage, such as SD cards, lacks Linux permission based access control. As the developer, you can specify different permissions on files.
  • 14. Android filesystem isolation To change permissions over created file you can supply openFileOutput() with flags: MODE_PRIVATE This is the default, granting full control to the app’s UID and nothing else. MODE_WORLD_WRITABLE Allows all apps on the device to write to this file. MODE_WORLD_READABLE Allows all apps on the device to read this file.  OutputStreamWriter out = new OutputStreamWriter(openFileOutput("scores", MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE));
  • 15. Android Preferences and Database Isolation Data can be stored in: Files DB SharedPreference SharedPreferences is a basic framework that allows your app to store name/value pairs (primitive data types only) for easy access Android also includes a SQLite implementation that allows apps to create and manage databases
  • 16. Android Preferences and Database Isolation SharedPreferences are accessed using SharedPreferences objects within a running app and as XML files on the filesystem. They are written to the filesystem under a /data/data/app_package_name /shared_prefs SharedPreferences are created using the getSharedPreferences() method, which takes the same flags as openFileOutput() does
  • 17. Shared preferences example To obtain and create: SharedPreferences prefs = this.getSharedPreferences( "com.example.app", Context.MODE_PRIVATE); To read: String dateTimeKey = "com.example.app.datetime"; long l = prefs.getLong(dateTimeKey, new Date().getTime()); To edit and save Date dt = getSomeDate(); prefs.edit().putLong(dateTimeKey, dt.getTime()).commit();
  • 18. SQLite For relational databases, SQLite is available within the Android system. openOrCreateDatabase() method Databases are created in the /data/data/app_package_name /databases directory SQLiteDatabase myContactDB = openOrCreateDatabase("Contacts", MODE_PRIVATE, null);
  • 19. Principle of least privilege Not requesting more permissions than needed Only permissions for both files and application that are essential Better system stability. Better system security. Ease of deployment.