Chapter 2. Security in Android Applications
You understand the security concepts in software and now you want to discover how those threats and vulnerabilities are applied to a mobile environment. You want to be aware of the special security features in the Android operating system. You are already familiar with Android, but you need to know the components that are critical for its security.
This chapter will show you the challenges that exist in the mobile environment. You will learn about the Android security architecture and about what application sandboxing means. This chapter will show you the main features in Android that will allow you protect your location: permissions and interprocess communication.
We will be covering the following topics in this chapter:
Vulnerabilities in the mobile environment
Android security overview
Permissions
Interapplication communication
Android is an operating system (OS) created for intelligent mobile devices with a touchscreen, such as smartphones or tablets. Knowing the features of a device is important to identify the vulnerabilities that can potentially compromise the integrity, confidentiality, or availability of your application (app).
A smartphone is a connected device and so malicious software can infect it in several ways. The smartphone can communicate with different devices by a wireless or wired connection. For example, it can connect to a computer by a cable or it can connect to another mobile device by a wireless Bluetooth network. These communications allow the user to transfer data, files, or software, which is a possible path to infect the smartphone with malware.
A smartphone is also a connected device in the sense that it can connect to the Internet by cellular networks like 3G or access points via Wi-Fi. Internet is therefore another path of potential threats to the security of...
An overview of Android security
Android provides a secure architecture to protect the system and its applications. Android architecture is structured like a software stack in which each component of a layer accepts that the layer following it is secure. The following figure shows a simplified version of the Android security architecture:
Android OS is a multiuser, Linux-based platform in which each app has a different user. Each app has its own user ID (UID) in the Linux kernel that is unique. The UID is assigned by the system and is unknown to the app. Because of the unique UID, Android apps run in separate processes with different permissions. This mechanism is known as application sandboxing. The Android Application Sandbox
isolates each application's data and code execution to improve its security and prevent malware. This means that under normal circumstances, you cannot have access to other application's data and other applications do not have access to your application's data. As...
With application sandboxing, apps cannot access parts of the system without permission, but even with it, Android allows data sharing with other apps or access to some system services. An app needs to request permission to access device data or to access system services. Permissions are a security feature of Android system, but misused permissions make your application vulnerable.
The permission needs of an app are declared in its manifest file. This manifest file is bundled into the app's Android application package (APK), which includes its compiled code along with other resources. The permissions requested in the manifest file (manifest permissions) will be shown to the user when installing the app. The user should review these permissions and accept them to complete the installation process. If the user agrees to them, the protected resources are available to the app.
Note
Do not request permissions that your app does not need. Reducing the number of permissions makes your app...
Interapplication communication
Apps in Android cannot access each other's data directly because of application sandboxing, but Android's system provides some other mechanisms for the applications to communicate with each other. Intents and content providers are mechanisms that we can use on the Java API layer. Intents and content providers should be used carefully to prevent attacks from malware applications. This is the reason why it is important to understand their characteristics.
Intents are an asynchronous interprocess communication mechanism. Intent is a message that includes the receiver and optional arguments to pass the data. The receiver of Intent can be declared explicitly so that the Intent is sent to a particular component, or it can be declared implicitly so that the Intent is sent to any component that can handle it. Intents are used for intra-application communication (in the same application), or for interapplication communication (in different applications). The following...
In this chapter, you learned about the vulnerabilities associated with mobile devices—both external and internal. You now understand the Android architecture and the features provided by the system to keep it safe. You now know which components of the Java API layer are vulnerable to attacks, so you can learn how to mitigate them in the next chapters of this book.
In the next chapter, we will start using Android Studio IDE. As the first step to create secure Android applications, you will learn how to monitor Android applications in the debugging environment in order to detect incorrect behaviors.