Android Operating System: Architecture, Security Challenges and Solutions



Download 0,84 Mb.
Pdf ko'rish
bet19/22
Sana31.03.2022
Hajmi0,84 Mb.
#520728
1   ...   14   15   16   17   18   19   20   21   22
Bog'liq
AndroidOperatingSystem

Using Interprocess Communication 
Some apps attempt to implement IPC using traditional Linux techniques such as network sockets and 
shared files. We strongly encourage you to instead use Android system functionality for IPC such 
as Intent, Binder orMessenger with a Service, and BroadcastReceiver. The Android IPC mechanisms 
allow you to verify the identity of the application connecting to user’s IPC and set security policy for 
each IPC mechanism. 
Many of the security elements are shared across IPC mechanisms. If user’s IPC mechanism is not 
intended for use by other applications, set the android:exported attribute to "false" in the component's 
manifest element, such as for the  element. This is useful for applications that consist of 
multiple processes within the same UID, or if you decide late in development that you do not actually 
want to expose functionality as IPC but you don’t want to rewrite the code. 
If user’s IPC is intended to be accessible to other applications, you can apply a security policy by using 
the
 element. If IPC is between user’s own separate apps that are signed with the same key, 
it is preferable to use "signature" level permission in the android:protectionLevel. 
Using intents 
 
Intents are the preferred mechanism for asynchronous IPC in Android. Depending on user’s application 
requirements, you might use sendBroadcast(), sendOrderedBroadcast(), or an explicit intent to a specific 
application component. 
Note that ordered broadcasts can be “consumed” by a recipient, so they may not be delivered to all 
applications. If you are sending an intent that must be delivered to a specific receiver, then you must use 
an explicit intent that declares the receiver by name intent. 
Senders of an intent can verify that the recipient has a permission specifying a non-Null permission with 
the method call. Only applications with that permission will receive the intent. If data within a broadcast 
intent may be sensitive, you should consider applying a permission to make sure that malicious 

23 
applications cannot register to receive those messages without appropriate permissions. In those 
circumstances, you may also consider invoking the receiver directly, rather than raising a broadcast. 

Download 0,84 Mb.

Do'stlaringiz bilan baham:
1   ...   14   15   16   17   18   19   20   21   22



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish