Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    ANDROID APPLICATION DEVELOPMENT

    Uploaded by

    taskmaster37742

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content

    You might also like

    ANDROID APPLICATION DEVELOPMENT

    Uploaded by

    taskmaster37742
    3 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    Download as pdf
    3 views7 pages

    ANDROID APPLICATION DEVELOPMENT

    Uploaded by

    taskmaster37742

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    Download as pdf
    of 7
    Proceedings ofthe Third International Conference on LSMAC (Lo in Sova, Mobile, Anaytiss and Clow) (-SMAC 2019) ‘Xplore Par NumbeeCPIGOSV-ART, 1 BNITHL-7281-4365-1 ANDROID APPLICATION DEVELOPMENT: A BRIEF OVERVIE W OF ANDROID PLATFORMS AND EVOLUTION OF SECURITY Anirban Sarkar! Dept. of Electrical Engineering and Computer Science Texas A&M University — Ayush Goyal! Dept. of Electrical Engineering and Computer Science Texas A&M University — SYSTEMS David Hicks! Dept. of Electrical Engineering and Computer Science Texas A&M University — Kingsville Kingsville Kingsville Kingsville, Texas, USA Kingsville, Texas, USA Kingsville, Texas, USA anirban,sarkar@students.tamuk.edu ayush.goyal@tamuk.edu david hicks@tamuk.edu Debadrita Sarkar” Dept. of Computer Engineering New England College Henniker, New Hampshire dbdrsarkaré40@gmail.com sence Dept. of Informati Kolkata, Abstract—With the advent of new mobile technolo ‘mobile application industry is advancing rapidly. Con several operating systems like symbian OS, 10S, blackber ete, Android OS is recognized as the most widely used, popular and user-friendly mobile platform. This open-source linux kernel-based operating system offers ‘customization properties making it ant _ mobile ‘operating system. Android applications are programmed in java, language. Google android SDK delivers a special software stack, ‘that provides developers an easy platform to develop androtd applications. Moreover, developers can make use of existing java IDEs which provides flexibility to the developers. Java libraries are predominant in the process of ‘third-party application development. Cross-platform approaches make sure ‘that developers do not have to develop platform-dependent applications. With the help of these approaches, an application, ‘ean be deployed to several platforms without the need for ‘changes in coding. However, android is more prone to security, ‘vulnerabilities which the majority of the users do not take into account. Any android developer can upload their application on ‘the android market which can eause a security threat to any android device. These applications do not have to go through rigorous security checks. In this paper, a layered approach for android application development along with various cross platform approaches is briet introduction to new andro framework as well as set discussed. Moreover, platforms Keywords — Android architecture, Cross-platform approaches, Android security I, INTRODUCTION Android is an open-source operating system that runs ‘on the linux kernel, Android applications are developed using the java language. Google has its own SDK which enables Saikat Hazra® ion Technology FIEM Indi saikathazra75@gmail.com these java codes to control devices like mobile phones, tablets, ete. Android mobile application development provides a flexible platform for developers where they can use both java IDEs and android java libraries. Nowadays Android operating system is an important platform that provides a dynamic way of developing innovative third-party applications. The android operating system gained popularity among developers for its customizable nature, It is very efficient to build an application in one platform and deploy it in several platforms simultaneously without having a concer, about changes to be made. Cross-platform proposes several approaches to achieve this objective in efficient and creative ways. Safety is the main concem of android operating devices. It does not allow extemal applications to change or ‘modiy installed files, It allows customization of permissions which specifies applications to use the hardware and software resources of the device. Android users have the authority 0 accept or deny permissions of an installed application However, android allows IPC _—_(Inter-Process Communication) which makes the device vulnerable 1 security threats resulting in piracy. One of the main features of this operating system is that the architecture is quite the ‘same as personal computers, Therefore, security issues can be fixed in similar ways. However, both technologies can be the vietim of DoS attacks using resources like bluetooth or Wi-Fi. Although android applications are highly customizable, it also increases the risk of unintentional use of resources or unintentional installations. Therefore, users need. to be aware of such malicious activities which can reduce the risks of a security breach IL, ANDROID ARCHITECTURE Proceedings ofthe Third Intemational Conference on LSMAC (lo in Sosa, Mobile, Analytics and Clow) (-SMAC 2019) ‘Xplore Par NunbeeCPIGOSV-ART, 1 BNITHI-7281-1365-1 A. Application Layer In this layer, the android application components get ‘executed, End-users can make use of applications that are ‘compiled and executed using the Dalvik Virtual Machine Developed applications use APT libraries to make use of core resources available in the device. In this layer, default, applications like contacts, messaging are available [1] B. App Framework Layer This layer is designed to allow developers getting ‘access to the core application services. These services ean be named as Active and windows manager, resource and package manager, et, In this layer, developers can customize their applications in order to customize the system structure of their applications so that they can make use of various services provided by the API libraries [1] C. Android Runtime Layer and Linux Kernel Android runtime layer is primarily focused on the running state of the processes, In this layer, every program, has its own specific Dalvik VM environment. Android kernel, is similar to the kernel of a desktop running linux. It is an ‘open environment providing access to the kernel system. Android Kernel is mainly associated with management utilities which include process, power, and memory, Moreover, it is also concemed with network management and security systems [1] I. DEVELOPING ANDROID APP, FRAMEWORK APPLICATION Android applications are developed using java language using SDKs that provide robust and efficient application programming interfaces (APD), Android applications can use native features of the device after the user grants permission. Inter-process communications and sharing resources are more secure in android than other platforms. Android provides an open environment for application development while taking advantage of every ccore functionality [3][1]. The set of services provided by the android development platform includes the following functionalities (1][2} ‘+ A.set of customizable and extensible Views, which include buttons, textboxes, browser, lists, ete. Content providers are used to enabling inter-process communications. These providers are responsible for applications retrieving and sharing data with other applications. The resource manager is responsible for enabling the application to access resources like strings, layout files, ete. Application notifications handled by a customizable notification manager. From permission requests to user notifications, everything is handled by the notification manager. The activity manager manages and analyzes every lifecycle phase of an application. IV. LAYERED APPROACH FOR EVELOPMENT APPLICATION Fig 1: Layered Architecture ‘The android application development process consists of several layers. The lowest layer in the hierarchy is the HTTP layer which sends and receives HTTP requests to the server. API layer parses server response and formulates a query. These queries then passed onto the HTTP layer Subsequently, the API layer parses the response string to the genetic data layer while extracting the important fields from the string. Implementation of necessary functions is included in generic data layer, These important functionalities ean be termed as caching, validations programs and data, management systems, In platform dependent data layer necessary data is collected from generic dala layer to use This layer is named platform dependent because collected data ig stored in several classes like adapter or listview depending on the platform in which they are going to be used. Ul layer is responsible for the interaction with the end- user via views, layouts, buttons, ete, This layer consists of ‘two components named user interface and user process. The first module, user interface components is responsible for the interaction of the user with developed applications. User process components are responsible for synchronization and organization of interactions [3][1] Proceedings ofthe Third Intemational Conference on LSMAC (lo in Soil, Mobile, Anatiss and Clow) (-SMAC 2019) Xplote Par Number CPIOSV-ART, 1 BNITHI-7281-1365-1 A. Application Model In this model, every application consists of several ‘components. Every component can be used even by other applications. These components can be categorized as activity, service, receiver and provider components, Activity, ‘comportents are used for user interfaces. These components, are responsible for every window of the application, Service components are usefal for communicating with other applications. These components can remain active in 1 background while the user switches to another window and resume when it is necessary. Receiver components are responsible for communication with other applications. ‘These communications are done via messages, These -maessages are received and processed asynchronously by the receiver components. Provider components are responsible for storing data which are necessary for the application in databases, These data can be exploited by several applications at’ =the = same time —_‘[I]L2] For example, a chat application for android is considered, This application stores its data in firebase. This, application has several components. There arc activities in Which a user's profile picture can be viewed, There are services like uploading a profile picture of the user. Receiver ‘components are useful when priority functionalities like incoming calls or messages artive, the application gets paused and resumed again after these functionalities, terminate, Finally, provider components ean be seen working, when credentials and media files are uploaded to the database, for this application which is a fircbase real-time database, B. Component Classes and Methods The android application development framework consists of several component classes. This framework is flexible towards application development where application dependencies can be collaborative among each other's providing necessary simple or complex functionalities depending on the situations. An application has several soreens or activities, each activity is responsible for a different set of tasks. These components are called activity ‘components. User interface is handled by these components Next is service components which are responsible for managing and organizing background processes, Content Providers are responsible for sharing important data between applications in the form of a relational database. Android is, ‘embedded with SQLite providing support for the relational database. Finally, the broadcast receiver components which works as a communication bridge between system and applications [4]. V. CROSS-PLATFORM APPROACHES In the process of application development, developers tend to develop an application that works on a specific platform. That application then works on that single platform alone. For example, android applications are developed using java language, while iOS applications are developed using objective-C or swift programming language. ‘Windows phones support applications that are developed using visual C# or C+, The main goal of cross-platform approaches is to develop applications in one environment while deploying them on many platforms. These approaches are beneficial in cost and time-saving. Developers can use only one programming language to develop the application and use a cross-platform framework to translate this code to ‘many platforms [5] A, Requirements for Cross-Platform Approaches Cross-Platform approaches are efficient in producing applications for various platforms. There are several requirements to maintain the high performances of these applications. Cross-platform must support the scalability and maintainability of the applications. If modifications need to be done, cross-platform needs to allow. the developer to do these modifications in cross-platform levels only and deploying them on several platforms. These applications need to have features to use all the resources of the device. Having no intermediate layer to access the resources and features is preferable in the cross-platform, application development process, Maximum allocation and optimization of resources is the prime concern for cross- platform applications. The efficient consumption of resources need to be considered by the developers, but cross-platform needs to offer automatic optimization and management as well, Security has always been a concer for the developers since there are many ways to penetrate the security system of ‘a device as well as losing the device in public. In both cases, there are higher risks of losing confidential data. Developers need (o pay attention to the risks of a security breach in the form of storing encrypted data in the device, Therefore, cross-platforms must consider security policies. Cross platforms need to have the capacity of environment integration, which includes auto-completion, debugger, etc. (5) B. Categories of Cross-Platform Approaches 1) Web Approach ‘This approach is based on mobile web browsers and uses HTML, JavaScript, and CSS for implementation. In this, approach, implementation of an application is done as a website and the browser is used as a runtime environment Necessary optimization techniques like device screen size need fo take into account for the development purpose, Web mobile applications have similar interfaces and do not need updates. However, these applications have limited access to native features of devices such as GPS, messaging servic ete. Moreover, these applications are slower as they need time to render the webpages from the network, Web applications are not available on application stores such as playStore or iOS market which is a major drawback of this approach [5][6] Proceedings ofthe Third Intemational Conference on LSMAC (lo in Sova, Mobile, Analytics and Clow) (-SMAC 2019) Xplore Par NumbeeCFPIOSV-ART, 1 eS UG 1os wInDows: ansaom — | BNSTHI-7281-1365-1 BRI COMMON OPTIMIZED WEB SITE COMMON FRONT-END(COMMON U}) BACK-END| Fig 2: Web Approach 2) Hybrid Approach This approach is an amalgam of the advantages of ‘web approaches and features of the devices. Within this approach native functionalities can be accessed by using an abstract bridge of JavaScript. HTML contents are embedded in WebView or UIWebView web containers of the device using the cellphone browser. Web applications are not available in the application store, whereas hy‘ applications ‘can be distributed in the various app store, An abstract layer is responsible to make sure that the applications can use t native functionalities (5][6} O ~ (cperarions a JAVASCRIPT ae TE ssgeore __ foes =) ‘COMMON BACK END Fig 3: Hybrid Approach 3) Model-Driven Approach Model-Driven architecture is the basis of this approach. This approach is driven by the modeling activities where low-level issues need not be dealt with. These issues are like saving data to the database of sending a notification to the user ete, MDA consists of three fundamental models, PIM of Platform Independent Model, PSM or Platform Specific Model and PIM to PSM model ‘The PIM model does not depend on the platform in which it has been implemented. Whereas the PSM model is dependent on the details of a specific platform that uses the system. MDA can be used to implement the interface for several platforms for once and thereafter it can be used 0 implement PSM. Implementation of the user interface can be done without any help from intermediate runtime administration, Every platform needs to organize the native code in order to maintain the application model. The only concern ia this approach is that any application that needs 10 bbe modeled must be categorized within this approach. For every platform native code should be generated manually using SDKs and platform-dependent language. However, the issue arises with the integration of manually written code as it is @ challenging task to implement. MD2 is a prototype designed for a model-driven application development approach. MD2 is completely based on DSL textual format which can generate specific runnable applications, However, this prototype has its own drawbacks which require complete 16} Proceedings ofthe Third Intemational Conference on LSMAC (lo in Sova, Mobile, Anaytiss and Clow) (-SMAC 2019) IBEE Xplore Pat Nunber.CFPISOSV-ART, ISBN:97¥-1-1281-1365-L independent Model (PIM) eae iSasterts esastcnso t Fig 4: Model-Driven Approach VI. ANDROID SECURITY FRAMEWORK A. Android App Sandbox ‘The kemel provides functionalities by acting as @ bridge between hardware and software in a system. It is a very important part of @ system as monitoring OS and hardware operations concurrently is a critical task. Sandboxes are set up in the kemel space so that they can ‘access the core functionalities of an OS, Generally, applications cannot interact with one another without user intervention and they don’t have full access to OS, functionalities. Therefore, malicious applications that want to ‘get access to those functionalities, prevented by sandboxes that are developed using UNIX. Sandboxes are responsible for monitoring system calls and system acknowledgments This is done using a process called system call hijacking by redirecting system calls. System calls are made by the application in the user space asking permission to use core functionalities of the operating system. Sandboxes are ‘capable of isolating app-resources form other applications in ‘order to prevent malicious activites [7] [8] B. Static and Dynamic Analysis Static and dynamic analysis is the most common practice for virus detection. In the case of static analysis, the application does not get executed. In this analyzing process, binaries get filtered using patterns of malicious programs, which are known as signatures, Although pattern matching is the main analysis program, the static analysis also involves,

    You might also like