1、关于安卓的外文翻译Understand android security The next generation of open operating systems wont be on desktops or mainframes but on the small mobile devices we carry every day. The openness of these new environments will lead to new applications and markets and will enable greater integration with existing
2、online services. However, as the importance of the data and services our cell phones support increases, so too do the opportunities for vulnerability. Its essential that this next generation of platforms provide a comprehensive and usable security infrastructure.Developed by the Open Handset Allianc
3、e (visibly led by Google), Android is a widely anticipated open source operating system for mobile devices that provides a base operating system, an application middleware layer, a Java software development kit (SDK), and a collection of system applications. Although the Android SDK has been availab
4、le since late 2007, the frst publicly available Android-ready “G1” phone debuted in late October 2008. Since then, Androids growth has been phenomenal: TMobiles G1 manufacturer HTC estimates shipment volumes of more than 1 million phones by the end of 2008, and industry insiders expect public adopti
5、on to increase steeply in 2009. Many other cell phone providers have either promised or plan to support it in the near future.A large community of developers has organized around Android, and many new products and applications are now available for it. One of Androids chief selling points is that it
6、 lets developers seamlessly extend online services to phones. The most visible example of this feature isunsurprisinglythe tight integration of Googles Gmail, Calendar, and Contacts Web applications with system utilities. Android users simply supply a username and password, and their phones automati
7、cally synchronize with Google services. Other vendors are rapidly adapting their existing instant messaging, social networks, and gaming services to Android, and many enterprises are looking for ways to integrate their own internal operations (such as inventory management, purchasing, receiving, and
8、 so forth) into it as well.Traditional desktop and server operating systems have struggled to securely integrate such personal and business applications and services on a single platform; although doing so on a mobile platform such as Android remains nontrivial, many researchers hope it provides a c
9、lean slate devoid of the complications that legacy software can cause. Android doesnt ofcially support applications eloped for other platforms: applications execute on top of a Java middleware layer running on an embedded Linux kernel, so developers wishing to port their application to Android must
10、use its custom user interface environment. Additionally, Android restricts application interaction to its special APIs by running each application as its own user identity. Although this controlled interaction has several beneficial security features, our experiences developing Android applications
11、have revealed that designing secure forward. Android uses a simple permission label assignment model to restrict access to resources and other applications, but for reasons of necessity and convenience, its designers have added several potentially confusing refinements as the system has evolved.This
12、 article attempts to unmask the complexity of Android security and note some possible development pitfalls that occur when defining an applications security. We conclude by attempting to draw some lessons and identify opportunities for future enhancements that should aid in clarity and correctness.A
13、ndroid Applications The Android application framework forces a structure on developers. It does not have a main() function or single entry point for executioninstead, developers must design applications in terms of components. Example Application.We developed a pair of applications to help describe
14、how Android applications operate. Interested readers can download the source code from our web sitepttp:/siis.cse.psu.edu/android_sec_tutorial.html).Lets consider a location-sensitive social networking application for mobile phones in which users can discover their friendslocations. We split the fun
15、ctionality into two applications: one for tracking friends and one for viewing them. As Figure 1 shows, the FriendTracker application consists of components specifc to tracking friend locations (for example, via a Web service), storing geographic coordinates, and sharing those coordinates with other
16、 applications. The user then uses the FriendViewer application to retrieve the stored geographic coordinates and view friends on a map.Both applications contain multiple components for performing their respective tasks; the components themselves are classifed by their component types. An Android dev
17、eloper chooses from predefned component types depending on the components purpose (such as interfacing with a user or storing data).Component TypesAndroid defnes four component types:Activity components defne an applications user interface. Typically, an application developer defnes one activity per
18、 “screen.” Activities start each other, possibly passing and returning values. Only one activity on the system has keyboard and ocessing focus at a time; all others are suspended.Service components perform background processing. When an activity needs to perform some operation that must continue aft
19、er the user interface disappears (such as download a fle or play music), it commonly starts a service specifcally designed for that action. The developer can also use services as application-specifc daemons, possibly starting on boot. Services often define an interface for Remote Procedure Call (RPC
20、) that other system components can use to send commands and retrieve data, as well as register callbacks. Content provider components store and share data using a relational database interface. Each content provider has an associated “authority” describing the content it contains. Other components u
21、se the authority name as a handle to perform SQL queries (such as SELECT, INSERT, or DELETE) to read and write content. Although content providers typically store values in database records, data retrieval is implementation-specifcfor example, fles are also shared through content provider interfaces
22、.Broadcast receiver components act as mailboxes for messages from other applications. Commonly, application code broadcasts messages to an implicit destination. Broadcast receivers thus sub-scribe to such destinations to receive the messages sent to it. Application code can also address a broadcast
23、receiver explicitly by including the namespace assigned to its containing application. Figure 1 shows the FriendTrack-er and FriendViewer applications containing the diferent component types. The developer specifes components using a manifest fle (also used to defne policy as described later). There
24、 are no restrictions on the number of components an application defnes for each type, but as a convention, one component has the same name as the application. Frequently, this is an activity, as in the FriendViewer application. This activity usually indicates the primary activity that the system app
25、lication launcher uses to start the user interface; however, the specifc activity cho-sen on launch is marked by meta information in the manifest. In the FriendTracker application, for example, the FriendTrackerControl activity is marked as the main user interface entry point. In this case, we reser
26、ved the name “FriendTracker” for the service component performing the core application logic.The FriendTracker application contains each of the four component types. The FriendTracker service polls an external service to discover friends locations. In our example code, we generate locaFriendTracker
27、application BootReceiver Broadcast receiver ActivityFriendTracker FriendProvider Content provider Service FriendTracker control FriendViewer application FriendReceiver Broadcast receiver Activity FriendTracker Activity FriendViewer Figure 1. Example Android application. The FriendTracker and FriendV
28、iewer applications consist of multiple components of different types, each of which provides a different set of functionalities. Activities provide a user interface, services execute background processing, content providers are data storage facilities, and broadcast receivers act as mailboxes for me
29、ssages from other applications.tions randomly, but extending the component to interface with a Web service is straightforward. The FriendProvider content provider maintains the most recent geographic coordinates for friends, the FriendTrackerControl activity defnes a user interface for starting and
30、stopping the tracking functionality, and the BootReceiver broadcast receiver obtains a notifcation from the system once it boots (the application uses this to utomatically start the FriendTracker service).The FriendViewer application bis primarily concerned with showing information about friends loc
31、ations. The FriendViewer activity lists all friends and their geographic coordinates, and the FriendMap activity displays them on a map. The FriendReceiver broadcast receiver waits for messages that indicate the physical phone is near a particular friend and displays a message to the user upon such
32、an event. Although we could have placed these components within the FriendTracker application, we created a separate application to demonstrate cross-application communication. dditionally, by separating the tracking and user interface logic, we can create alternative user interfaces with different
33、displays and featuresthat is, many applications can reuse the logic performed in FriendTracker.Component Interaction The primary mechanism for component interaction is an intent, which is simply a message object containing a destination component address and data. The Android API defnes methods that accept intents, and uses that information to start activitie
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1