毕毕用程序代毕。毕毕程中内称个部毕件通信毕一毕作。毕毕地毕~ Intent毕象定毕的“Intent”以毕行“action”。Android的一最强大的特点是个允毕的多毕intent毕址机制。毕毕人毕可以解一目毕毕件使用其毕用的决个个称况空毕~他毕也可以指定一毕含的名。在后一毕情下~系毕定了一决个action的最佳毕件~通毕考毕安的毕用程序和用毕的毕毕装 。毕毕含的名个称个字被毕毕作字符串因毕他特殊的毕型的毕求毕作。例如一view毕作字符串~在一个intent中和据数个将会域指向一毕像文件~系毕直接指首毕毕像毕毕器、毕毕者也能使用毕作字符串毕行大量播毕广送和接收。在接收端的接收者~毕毕者使用一intent 毕毕器定制特来殊的毕作字符串。Android系包括附加目毕的毕毕毕~但可毕决的据操作数字符串毕型是最常毕的。
毕2毕示了毕件之毕的FriendTracker和FriendViewer毕用程序和毕件的交互作用在毕用程序中定毕毕基毕的Android毕布的一部分。在每一毕情下~毕起一毕件其他的况个与
沟称个通。毕了毕毕起毕~我毕毕毕毕件毕通信;ICC,。在毕多方面~ICC是毕似于毕程毕通信;IPC,在基于Unix的系毕中。毕于毕毕人毕~ICC的功能相同无毕目毕是在相同或不同的毕用界定在下文的安全毕毕中毕明。与将
可用的ICC的毕作取决个于目毕的毕成部分。每毕件毕型支持自己的毕型例如~当FriendViewer毕始FriendMap的FriendMap活毕出毕在屏幕上。服毕毕件支持毕~停启并止~毕合行毕~所以FriendTrackerControl活毕~例如~可以毕和停启止FriendTracker服毕在后台行。运Action的毕定毕件之毕建立毕接~使毕毕行的服毕定毕的启RPC。在我毕的例子~FriendTracker毕合到系毕中的服毕器位置的管理。
Understand android security
the next generation of open operating systems won’t be on desktops or mainframes but on the small mobile devices we carry every day. The openness of these new environments will lead to new applications and markets and will enable greater integration with existing online services.
However, as the importance of the data and services our cell phones support increases, so too do the opportunities for vulnerability. It’s essential that this next generation of platforms provide a comprehensive and usable security infrastructure.Developed by the Open Handset Alliance (visibly led by Google), Android is a widely anticipated open source operating system for mobile devices that provides a base operating system, an application middleware layer, a Java software development kit (SDK), and a collection of system applications. Although the Android SDK has been available since late 2007, the frst publicly available Android-ready “G1” phone debuted in late October 2008. Since then, Android’s
growth has been phenomenal: TMobile’s G1 manufacturer HTC estimates shipment volumes of more than 1 million phones by the end of 2008, and industry insiders expect public adoption to increase steeply in 2009. Many other cell phone providers have either promised or plan to support it in the near future.
A large community of developers has organized around Android, and many new products and applications are now available for it. One of Android’s chief selling points is that it lets developers seamlessly .
extend online services to phones. The most visible example of this feature is—unsurprisingly—the tight integration of Google’s Gmail, Calendar, and Contacts Web applications with system utilities. Android users simply supply a username and password, and their phones automatically synchronize with Google services. Other vendors are rapidly adapting their existing instant messaging, social networks, and gaming services to Android, and many enterprises are looking for ways to integrate their own internal operations (such as inventory management, purchasing, receiving, and so forth) into it as well.Traditional desktop and server operating systems have struggled to securely integrate such personal and business applications and services on a single platform; although doing so on a mobile platform such as Android remains nontrivial, many researchers hope it provides a clean slate devoid of the complications that legacy software can cause. Android doesn’t ofcially support applications eloped for other platforms: applications execute on top of a Java middleware layer running on an embedded Linux kernel, so developers wishing to port their application to Android must use its custom user interface environment. Additionally, Android restricts application interaction to its special APIs by running each application as its own user identity. Although this controlled interaction has several benefcial security features, our experiences developing Android applications have revealed that designing secure forward. Android uses a simple permission label assignment model to restrict access to resources and other applications, but for reasons of
necessity and convenience, its designers have added several potentially confusing refnements as the system has evolved.This article attempts to unmask the complexity of Android security and note some possible
development pitfalls that occur when defning an application’s security. We conclude by attempting to draw some lessons and identify
opportunities for future enhancements that should aid in clarity and correctness.Android Applications The Android application framework forces a structure on developers. It doesn’t have a main() function or single entry point for execution—instead, developers must design applications in terms of components. Example Application.
We developed a pair of applications to help describe how Android applications operate. Interested readers can download the source code from our web sitepttp://siis.cse.psu.edu/android_sec_tutorial.html).
Let’s consider a location-sensitive social networking application for mobile phones in which users can discover their friends’locations. We split the functionality into two applications: one for tracking friends and one for viewing them. As Figure 1 shows, the FriendTracker application consists of components specifc to tracking friend locations (for example, via a Web service), storing geographic coordinates, and sharing those coordinates with other applications. The user then uses the FriendViewer application to retrieve the stored geographic
coordinates and view friends on a map.Both applications contain multiple components for performing their respective tasks; the components themselves are classifed by their component types. An Android developer
chooses from predefned component types depending on the component’s purpose (such as interfacing with a user or storing data).Component TypesAndroid defnes four component types:Activity? components defne an application’s user interface. Typically, an application developer defnes one activity per “screen.” Activities start each other, possibly passing and returning values. Only one activity on the system has keyboard and ocessing focus at a time; all others are
suspended.Service components perform background processing. When an activity needs to perform some operation that must continue after the user interface disappears (such as download a fle or play music), it commonly starts a service specifcally designed for that action. The developer can also use services as application-specifc daemons, possibly starting on boot. Services often define an interface for Remote Procedure Call (RPC) that other system components can use to send commands and retrieve data, as well as register callbacks. Content provider
? components store and share data using a relational database interface. Each content provider has an associated “authority” describing the content it contains. Other components use the authority name as a handle to perform SQL queries (such as SELECT, INSERT, or DELETE) to read and write content. Although content providers typically store values in database records, data retrieval is implementation-specifc—for example, fles are also shared through content provider
计算机 毕业设计-android英文文献翻译 安卓
