Android Intro and ICC Model I

Introduction and ICC
Inter-component communication
Google Android
First Android handset released in 2008
Open source
Strict Sandboxing
Java Dalvik VM
Java Apps
Lightweight code signing
Permission Framework
App Market (more 100K apps)
The Smartphomania
Source Gartner
It’s free!
• Vendors can get Android for free from Google
• You can get it as well
• You’ll need
• Unzip it and Double click on eclipse.exe
Fragmentation Problem
• Vendors customise the OS in their devices
• Usually a lot of rubbish apps
• The worst: Samsung apps also leak privileges
• However seldom does a vendor push any updates
• Some devices can be 2 or 3 versions behind
Heading for Trouble
• The lack of support can lead to vulnerabilities
• Often vendors just ignore vulnerabilities on their software
• Apple does a much better job:
• One single piece of hardware
• One single software image
• Apple also locks you in…
What is under the hood?
Android is actually middleware
It sits between a Linux kernel and a set of API’s
Android apps are mainly written in Java
Only android apps can run on android
Through the Android API apps can access all the device
• It provides apps a rich set of information
Android View
• Android is a set of programs for mobile devices that includes
operating system, middleware and core applications
• Core platform
• Phone, Browser, Email…
• Third-party
• Applications that are produced by third-party developers
• Yours
Application Framework
• Core platform services
• Activity, Package, Window and Content Providers
• Hardware services
• Telephony, Location, Bluetooth, WiFi, USB, and Sensor Services
Android Native Libraries
• Window
• 2D and 3D graphics
• Media codecs
• Font rendering
• Datastorage core
• Web browser core
• Bionic libc
Android Runtime
Core Libraries
• Data structures, Utilities,
File access, Network
access, and Graphics
Dalvik VM
• Provides application
• Supports multiple
• CPU and memory
optimized to run on
mobile devices
Linux Kernel
Linux features
• Hardware abstraction
• Memory management
• Process management
• Security module
• Networking
Android enhancements
• Power management
• Binder IPC
• Logger
Android App Model
Each application runs within an instance of a Dalvik VM (DVM)
Each DVM is mapped in the Linux Kernel with a unique user id
Android supports Inter-process communication (IPC)
A reference monitor mediates IPC calls
Application Components
• Activities
• An activity represents a single screen with a user interface.
• An email app might have one activity that shows a list of new
emails, another activity to compose an email, and another
activity for reading emails.
• Although the activities work together to form a cohesive user
experience in the email app, each one is independent of the others.
• Different apps can start any one of these activities (if the email app
allows it).
• A camera app can start the activity in the email app that composes new
mail, in order for the user to share a picture.
Application Components
• Services
• A service is a component that runs in the background to perform
long-running operations or to perform work for remote
• A service does not provide a user interface.
• A service might play music in the background while the user is in a
different app, or it might fetch data over the network without
blocking user interaction with an activity.
• Another component, such as an activity, can start the service and let
it run or bind to it in order to interact with it.
Application Components
• Content providers
• A content provider manages a shared set of app data.
• You can store the data in the file system, an SQLite database, on
the web, or any other persistent storage location your app can
• Through the content provider, other apps can query or even
modify the data (if the content provider allows it).
• The Android system provides a content provider that manages the
user's contact information. As such, any app with the proper
permissions can query part of the content provider to read and write
information about a particular person.
• Content providers are also useful for reading and writing data
that is private to your app and not shared.
• The Note Pad sample app uses a content provider to save notes.
Application Components
• Broadcast receivers
• A broadcast receiver is a component that responds to systemwide broadcast announcements.
• Many broadcasts originate from the system
• A broadcast announcing that the screen has turned off, the battery is
low, or a picture was captured.
• Apps can also initiate broadcasts
• To let other apps know that some data has been downloaded to the
device and is available for them to use.
• A broadcast receiver is just a "gateway" to other components and
is intended to do a very minimal amount of work.
• It might initiate a service to perform some work based on the event.
Additional Components
• Views
• Views are objects that know how to draw themselves to the screen
• Each activity is made up of a set of views grouped together within a
• Intents
• These are objects used to send messages across the whole Android
• They are used to broadcast messages, start an Activity, or start a
• The system interprets the intent and determines the target that will
perform any actions as appropriate
• Notifications
• Used in an application to alert users to certain events without having
a visible activity
• When a service finishes downloading a file from the Internet, it can alert
the user by a notification that can make sound, show dialog messages,
vibrate, etc.
Note: An application is a set of components
Application Components
Mapping Apps to Users
• Two forms of security enforcement
• Each application executes with its own user identity as a Linux
• Android middleware has a reference monitor that mediates the
establishment of inter-component communication (ICC)
• Allows for an activity to start and use any other activities
within/without the one that started it (if permission is allowed)
Inter-Component Communications
• Each Component exposes a specific API for communications
• Services expose Start, Stop, Bind as actions that other
applications can invoke through Intents
The Binder
It is responsible for all ICC in Android
It is implemented as a driver in the Linux kernel
It is a customised version of the Open Binder (Palm Inc)
It provides a simple remote procedure call (RPC) mechanism
Apps use Java methods to invoke ICC
Android then translates this in C++ invocations and system
calls to the Binder driver
• open and ioctl to /dev/binder
• Intents are abstract actions in ICC
• asynchronous messaging system
• message passing between components
• Two variants:
• Explicit Intents: specify the target component of the ICC
• Implicit Intents: provide information like action, URI and type.
• Resolved at runtime by the Package Manager
Activity Manager (AM)
• The AM is a special service that apps use for ICC
• It provides more than 100 methods
• Most common are: startActivity, sendBroadcast, startService,
and bindService
• Apps can export services by “publishing” them with the AM
Activity Manager
bindService Example
• The app send an explicit intent with the name of the service
• The service will die after the app client unbinds the service
• BIND_SERVICE_TRANSACTION through the Binder using ioctl
system call
Communication with the Binder
• The main functionality of the Binder is accessed via an ioctl
system call
• BINDER_WRITE_READ is the main command for ICC
• The last argument of the ioctl is a BINDER_READ_WRITE
• WRITE_BUFFER: sub-commands to the binder and arguments
• READ_BUFFER: contains replies from the sub-commands
ioctl on /dev/binder BINDER_WRITE_READ
target name =
Inter-component communication
• Similar considerations hold for other ICC types
• These include:
• Broadcast Receivers
• Content Providers
• Service Manager
• We will see more of these in detail next lecture
• Read: William Enck, Machigar Ongtang, and Patrick McDaniel.
Understanding Android Security, IEEE Security and Privacy
Magazine, 7(1):50--57, January/February, 2009.
• Figures in slides 20-22

similar documents