Android Application Security

Android Application Security

Marwan Omar (Saint Leo University, USA), Derek Mohammed (Saint Leo University, USA), Van Nguyen (Saint Leo University, USA), Maurice Dawson (Illinois Institute of Technology, USA) and Mubarak Banisakher (Saint Leo University, USA)
DOI: 10.4018/978-1-5225-8976-1.ch002

Abstract

Android is a free, open source platform that allows any developer to submit apps to the Android Market with no restrictions. This enables hackers to pass their malicious apps to the Android Market as legitimate apps. The central issue lies at the heart of the Android permission mechanism, which is not capable of blocking malicious apps from accessing sensitive phone resources (e.g., contact info and browsing history); it either allows or disallows apps from accessing the resources requested by the app at the installation time. This chapter investigated the scope of this issue and concluded that hackers use malicious apps as attack vectors to compromise Android smartphones and steal confidential data and that no security solutions exist to combat malicious apps. The researcher suggested designing a real time monitoring application to detect and deter malicious apps from compromising users' sensitive data; such application is necessary for Android users to protect their privacy and prevent financial loss.
Chapter Preview
Top

Android Architecture

Android is designed as a stack of three main components or layers: the applications layer, the libraries layer, and the Linux kernel layer. The following diagram shows those three main components of Android’s operating system:

Figure 1.

Android component stac; the three main layers of Android’s operating system Android Developers (2016)

978-1-5225-8976-1.ch002.f01

Application Layer

This is the top layer of the platform that acts as the interface between users and the Android platform and provides core applications written in Java programming language; such applications include email browser, SMS, phone, contacts, calendar, and Google maps. This layer includes the application framework, which is a software framework used to provide a rich set of services and extensions, such as Activity Manager (which manages the lifecycle of applications) and Content Provider, which allows for data sharing and access between and within applications (Android Developers, 2010). The most important feature of this layer is that it allows users to run applications simultaneously, such as listening to music while surfing the web; this in turn, contributes to users’ productivity, interaction, and satisfaction (Speckmann, 2008).

Complete Chapter List

Search this Book:
Reset