Android Application Security


Application Security Tips 

       The android architecture is a successor of Linux architecture, it uses the same security model. The android architecture has got several levels of permissions to which we can secure our application. To start with every application will have a unique id called user id (UID), created when installing an application. The applications run only on that UID. All permissions, data access, intent messages were sent using UID.  We can configure the permissions to accept or reject the actions done by the application using the UID. The UID is unique and never gets repeated even when you install the same application in any other device.
  The application also has a share user id which helps share the data of the application with other applications developed by the same developer. Each developer has got a digital signature and it bundled when you pack an application. The share user id uses the digital signature and verifies it and shares its data that application.
Configuring share user ID in   Androidmanifest.xml



            <manifest xmlns:android="http://schemas.android.com/apk/res/android"
       package="com.sencha.portfolio"
       android:versionCode="1"
       android:versionName="1.0"
       android:shareUserId='com.sencha.portfolio.sharedUID"  >     
            </manifest>

 Adding the various permissions that your App can use can be determined in the following permissions tab.

Each activity or a process that an application runs can be made private to that process. By default that application will start that process with reference to the UID of an application. If two applications run a same process, to save time and memory we can share it using the share user ID concept.

each activity of your app can be secured in the same GUI 

<activity
 .
 .
 android:name="ActivityNumber95"
 android:process=”com.sencha.portfolio.ShareProcessIDnumber”
       
      </activity>          


Android File system:

    The application runs with its own UID and uses the same for the data storage as well. This design prevents the other applications to access this applications data. It creates the path of storage with the package name and the directory is assigned to the concern UID. This makes the data inaccessible to other applications. The assigned UID act as owner and has got all permission to read or write.
       The application creates the files in the directory assigned and android allows specifying the permissions for the same. This can be done using the function call openFileOutput().
There are three levels of granting access to the files

1)MODE_PRIVATE
2)MODE_WORLD_WRITABLE
3)MODE_WORLD_READABLE.

To make your application more secure we need to use only private mode so that it can be accessed only by the concern application. 

Posted by at
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

Contributors

Social Connect


View Sadagopan K V's profile on LinkedIn