关于安卓的外文翻译.docx
- 文档编号:5432531
- 上传时间:2022-12-16
- 格式:DOCX
- 页数:31
- 大小:364.13KB
关于安卓的外文翻译.docx
《关于安卓的外文翻译.docx》由会员分享,可在线阅读,更多相关《关于安卓的外文翻译.docx(31页珍藏版)》请在冰豆网上搜索。
关于安卓的外文翻译
Understandandroidsecurity
Thenextgenerationofopenoperatingsystemswon’tbeondesktopsormainframesbutonthesmallmobiledeviceswecarryeveryday.Theopennessofthesenewenvironmentswillleadtonewapplicationsandmarketsandwillenablegreaterintegrationwithexistingonlineservices.
However,astheimportanceofthedataandservicesourcellphonessupportincreases,sotoodotheopportunitiesforvulnerability.It’sessentialthatthisnextgenerationofplatformsprovideacomprehensiveandusablesecurityinfrastructure.DevelopedbytheOpenHandsetAlliance(visiblyledbyGoogle),Androidisawidelyanticipatedopensourceoperatingsystemformobiledevicesthatprovidesabaseoperatingsystem,anapplicationmiddlewarelayer,aJavasoftwaredevelopmentkit(SDK),andacollectionofsystemapplications.AlthoughtheAndroidSDKhasbeenavailablesincelate2007,thefrstpubliclyavailableAndroid-ready“G1”phonedebutedinlateOctober2008.Sincethen,Android’sgrowthhasbeenphenomenal:
TMobile’sG1manufacturerHTCestimatesshipmentvolumesofmorethan1millionphonesbytheendof2008,andindustryinsidersexpectpublicadoptiontoincreasesteeplyin2009.Manyothercellphoneprovidershaveeitherpromisedorplantosupportitinthenearfuture.
AlargecommunityofdevelopershasorganizedaroundAndroid,andmanynewproductsandapplicationsarenowavailableforit.OneofAndroid’schiefsellingpointsisthatitletsdevelopersseamlesslyextendonlineservicestophones.Themostvisibleexampleofthisfeatureis—unsurprisingly—thetightintegrationofGoogle’sGmail,Calendar,andContactsWebapplicationswithsystemutilities.Androiduserssimplysupplyausernameandpassword,andtheirphonesautomaticallysynchronizewithGoogleservices.Othervendorsarerapidlyadaptingtheirexistinginstantmessaging,socialnetworks,andgamingservicestoAndroid,andmanyenterprisesarelookingforwaystointegratetheirowninternaloperations(suchasinventorymanagement,purchasing,receiving,andsoforth)intoitaswell.Traditionaldesktopandserveroperatingsystemshavestruggledtosecurelyintegratesuchpersonalandbusinessapplicationsandservicesonasingleplatform;althoughdoingsoonamobileplatformsuchasAndroidremainsnontrivial,manyresearchershopeitprovidesacleanslatedevoidofthecomplicationsthatlegacysoftwarecancause.Androiddoesn’tofciallysupportapplicationselopedforotherplatforms:
applicationsexecuteontopofaJavamiddlewarelayerrunningonanembeddedLinuxkernel,sodeveloperswishingtoporttheirapplicationtoAndroidmustuseitscustomuserinterfaceenvironment.Additionally,AndroidrestrictsapplicationinteractiontoitsspecialAPIsbyrunningeachapplicationasitsownuseridentity.Althoughthiscontrolledinteractionhasseveralbeneficialsecurityfeatures,ourexperiencesdevelopingAndroidapplicationshaverevealedthatdesigningsecureforward.Androidusesasimplepermissionlabelassignmentmodeltorestrictaccesstoresourcesandotherapplications,butforreasonsofnecessityandconvenience,itsdesignershaveaddedseveralpotentiallyconfusingrefinementsasthesystemhasevolved.ThisarticleattemptstounmaskthecomplexityofAndroidsecurityandnotesomepossibledevelopmentpitfallsthatoccurwhendefininganapplication’ssecurity.Weconcludebyattemptingtodrawsomelessonsandidentifyopportunitiesforfutureenhancementsthatshouldaidinclarityandcorrectness.AndroidApplicationsTheAndroidapplicationframeworkforcesastructureondevelopers.Itdoesnothaveamain()functionorsingleentrypointforexecution—instead,developersmustdesignapplicationsintermsofcomponents.ExampleApplication.
WedevelopedapairofapplicationstohelpdescribehowAndroidapplicationsoperate.Interestedreaderscandownloadthesourcecodefromourwebsitepttp:
//siis.cse.psu.edu/android_sec_tutorial.html).
Let’sconsideralocation-sensitivesocialnetworkingapplicationformobilephonesinwhichuserscandiscovertheirfriends’locations.Wesplitthefunctionalityintotwoapplications:
onefortrackingfriendsandoneforviewingthem.AsFigure1shows,theFriendTrackerapplicationconsistsofcomponentsspecifctotrackingfriendlocations(forexample,viaaWebservice),storinggeographiccoordinates,andsharingthosecoordinateswithotherapplications.TheuserthenusestheFriendViewerapplicationtoretrievethestoredgeographiccoordinatesandviewfriendsonamap.Bothapplicationscontainmultiplecomponentsforperformingtheirrespectivetasks;thecomponentsthemselvesareclassifedbytheircomponenttypes.AnAndroiddeveloperchoosesfrompredefnedcomponenttypesdependingonthecomponent’spurpose(suchasinterfacingwithauserorstoringdata).ComponentTypesAndroiddefnesfourcomponenttypes:
Activity•componentsdefneanapplication’suserinterface.Typically,anapplicationdeveloperdefnesoneactivityper“screen.”Activitiesstarteachother,possiblypassingandreturningvalues.Onlyoneactivityonthesystemhaskeyboardandocessingfocusatatime;allothersaresuspended.Servicecomponentsperformbackgroundprocessing.Whenanactivityneedstoperformsomeoperationthatmustcontinueaftertheuserinterfacedisappears(suchasdownloadafleorplaymusic),itcommonlystartsaservicespecifcallydesignedforthataction.Thedevelopercanalsouseservicesasapplication-specifcdaemons,possiblystartingonboot.ServicesoftendefineaninterfaceforRemoteProcedureCall(RPC)thatothersystemcomponentscanusetosendcommandsandretrievedata,aswellasregistercallbacks.Contentprovidercomponentsstoreandsharedatausingarelationaldatabaseinterface.Eachcontentproviderhasanassociated“authority”describingthecontentitcontains.OthercomponentsusetheauthoritynameasahandletoperformSQLqueries(suchasSELECT,INSERT,orDELETE)toreadandwritecontent.Althoughcontentproviderstypicallystorevaluesindatabaserecords,dataretrievalisimplementation-specifc—forexample,flesarealsosharedthroughcontentproviderinterfaces.Broadcastreceivercomponentsactasmailboxesformessagesfromotherapplications.Commonly,applicationcodebroadcastsmessagestoanimplicitdestination.Broadcastreceiversthussub-scribetosuchdestinationstoreceivethemessagessenttoit.Applicationcodecanalsoaddressabroadcastreceiverexplicitlybyincludingthenamespaceassignedtoitscontainingapplication.
Figure1showstheFriendTrack-erandFriendViewerapplicationscontainingthediferentcomponenttypes.Thedeveloperspecifescomponentsusingamanifestfle(alsousedtodefnepolicyasdescribedlater).Therearenorestrictionsonthenumberofcomponentsanapplicationdefnesforeachtype,butasaconvention,onecomponenthasthesamenameastheapplication.Frequently,thisisanactivity,asintheFriendViewerapplication.Thisactivityusuallyindicatestheprimaryactivitythatthesystemapplicationlauncherusestostarttheuserinterface;however,thespecifcactivitycho-senonlaunchismarkedbymetainformationinthemanifest.IntheFriendTrackerapplication,forexample,theFriendTrackerControlactivityismarkedasthemainuserinterfaceentrypoint.
Inthiscase,wereservedthename“FriendTracker”fortheservicecomponentperformingthecoreapplicationlogic.TheFriendTrackerapplicationcontainseachofthefourcomponenttypes.TheFriendTrackerservicepollsanexternalservicetodiscoverfriends’locations.Inourexamplecode,wegeneratelocaFriendTrackerapplicationBootReceiverBroadcastreceiverActivityFriendTrackerFriendProviderContentproviderServiceFriendTrackercontrolFriendViewerapplicationFriendReceiverBroadcastreceiverActivityFriendTrackerActivityFriendViewerFigure1.ExampleAndroidapplication.TheFriendTrackerandFriendViewerapplicationsconsistofmultiplecomponentsofdifferenttypes,eachofwhichprovidesadifferentsetoffunctionalities.Activitiesprovideauserinterface,servicesexecutebackgroundprocessing,contentprovidersaredatastoragefacilities,andbroadcastreceiversactasmailboxesformessagesfromotherapplications.tionsrandomly,butextendingthecomponenttointerfacewithaWebserviceisstraightforward.TheFriendProvidercontentprovidermaintainsthemostrecentgeographiccoordinatesforfriends,theFriendTrackerControlactivitydefnesauserinterfaceforstartingandstoppingthetrackingfunctionality,andtheBootReceiverbroadcastreceiverobtainsanotifcationfromthesystemonceitboots(theapplicationusesthistoutomaticallystarttheFriendTrackerservice).TheFriendViewerapplicationbisprimarilyconcernedwithshowinginformationaboutfriends’locations.TheFriendVieweractivitylistsallfriendsandtheirgeographiccoordinates,andtheFriendMapactivitydisplaysthemonamap.TheFriendReceiverbroadcastreceiverwaitsformessagesthatindicatethephysicalphoneisnearaparticularfriendanddisplaysamessagetotheuseruponsuchanevent.AlthoughwecouldhaveplacedthesecomponentswithintheFriendTrackerapplication,wecreatedaseparateapplicationtodemonstratecross-applicationcommunication.dditionally,byseparatingthetrackinganduserinterfacelogic,wecancreatealternativeuserinterfaceswithdifferentdisplaysandfeatures—thatis,manyapplicationscanreusethelogicperformedinFriendTracker.ComponentInteractionTheprimarymechanismforcomponentinteractionisanintent,whichissimplyamessageobjectcontainingadestinationcomponentaddressanddata.
TheAndroidAPIdefnesmethodsthatacceptintents,andusesthatinformationtostartactivitie
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 关于 外文 翻译