Android Architecture

Android architecture contains different components to support various device needs. The software is built upon an open-source Linux Kernel, comprising a collection of C/C++ libraries exposed through application framework services. Among all the components, the Linux Kernel provides the main functionality of operating system functions to smartphones, while the Dalvik Virtual Machine (DVM) provides a platform for running an Android application.

Main Components

1. Applications

   • Applications represent the top layer of the Android architecture.
   • Includes pre-installed applications like Home, Contacts, Camera, Gallery, etc., and third-party applications downloaded from the Play Store.
   • It runs within the Android runtime with the help of the classes and services provided by the application framework.

2. Application Framework

   • Application Framework provides several important classes used to create an Android application.
   • Provides a generic abstraction for hardware access and manages the user interface with application resources.
   • Includes services like activity manager, notification manager, view system, package manager, etc.

3. Application Runtime

   • Android Runtime environment is one of the most important parts of Android.
   • Contains components like core libraries and the Dalvik virtual machine (DVM).
   • Provides the base for the application framework and powers applications with the help of the core libraries.
   • DVM is optimized for Android to ensure that a device can run multiple instances efficiently.

4. Platform Libraries

   • Includes various C/C++ core libraries and Java-based libraries for various functionalities.
   • Media library supports playing and recording audio and video formats.
   • Surface manager manages access to the display subsystem.
   • SGL and OpenGL are used for 2D and 3D computer graphics.
   • SQLite provides database support and FreeType provides font support.
   • Web-Kit provides functionality to display web content and simplify page loading.
   • SSL (Secure Sockets Layer) is security technology to establish an encrypted link between a web server and a web browser.

5. Linux Kernel

   • Linux Kernel is the heart of the Android architecture.
   • Manages all available drivers required during runtime, such as display, camera, Bluetooth, audio, memory drivers, etc.
   • Provides an abstraction layer between device hardware and other components of the Android architecture.
   • Responsible for:
     • Security: The Linux kernel handles the security between the application and the system.
     • Memory Management: It efficiently handles memory management, providing freedom to develop apps.
     • Process Management: It manages processes well and allocates resources to processes when needed.
     • Network Stack: It effectively handles network communication.
     • Driver Model: It ensures proper functioning of device drivers and compatibility with hardware manufacturers.

A moible apk contains:

1. AndroidManifest.xml: This file contains information about the application, including its package name, version number, required permissions, and components such as activities, services, and broadcast receivers.
2. Classes.dex: This file contains the compiled Java bytecode for the application’s classes, which are executed by the Android Runtime (ART).
3. Resources.arsc: This file contains compiled resources such as strings, images, and layouts that are used by the application.
4. lib/: This folder contains compiled native code libraries for specific device architectures, such as ARM or x86.
5. META-INF/: This folder contains the manifest file, the certificate of the APK signature, and a list of all the files in the APK, along with their checksums.
6. assets/: This folder contains additional application data files, such as sound and video files, that are not compiled into the APK.
7. res/: This folder contains the application resources, such as layouts, strings, and images, in their original format before being compiled into the Resources.arsc file.
8. Android System Files: This folder contains system-level files such as the Android runtime, framework libraries, and system components that the application may use.

Android Components and Security

Activity

• Represents a single screen with a user interface in an Android application.
• Entry point for user interaction.
• Potential security issues: insecure data storage, input validation, authentication flaws.

Broadcast Receiver

• Listens for system-wide broadcast messages or intents.
• Responds to system events.
• Potential security issues: insecure broadcast handling, privilege escalation.

Intent

• Messaging object used to communicate between components.
• Starts Activities, Services, delivers broadcasts, or passes data between components.
• Potential security issues: intent spoofing, intent injection, insecure data passing.

Explicit Intents

• Used to start a specific component within the same application.
• Requires specifying the target component's class or package name.
• Example: Starting a new Activity within the app.

Implicit Intents

• Used to trigger actions based on an action string.
• Does not specify the target component's name but defines an action to be performed.
• Android system resolves the intent based on available components capable of handling the action.
• Example: Opening a web page or sending an email.

Service

• Background component that performs long-running operations.
• Runs tasks asynchronously without a user interface.
• Potential security issues: insufficient authentication, denial of service (DoS), data leakage.

Content Provider

• Manages shared application data accessible by other applications or components.
• Provides a standardized interface for accessing and manipulating data.
• Potential security issues: insecure data exposure, insufficient access controls.

Manifest File (AndroidManifest.xml)

• Configuration file containing essential information about the application.
• Declares components, permissions, and hardware requirements.
• Potential security issues: excessive permissions, missing security controls.

WebView

• Embeds web content within an application.
• Can execute JavaScript, load remote URLs, and interact with the DOM.
• Potential security issues: JavaScript injection, XSS attacks, insecure communication.

Activity Manager

• Manages the lifecycle of application activities.
• Controls the creation, starting, pausing, and stopping of activities.
• Handles activity stacking and navigation within the application.