1、附录二外文文献(原文) The basic of description of android system The mainstream of the next generation of open operating systems will not be on the desktop, but will appear in the phone that we carry every day. Open environment will lead these new applications may be integrated into these online services that
2、 already exist, of course, as with growing data services on mobile phones support the security flaws on the phone is also becoming increasingly clear. The nature of the next-generation operating system, whether to provide a complete integrated security platform. By the Open Mobile Alliance (open Han
3、dset Alliance led by Google) developed the android system is a widely optimistic about an open source phone system, the system provides a basic operating system, a middle ware application layer, a java development tools and a system Application collector (collection of system applications). The andr
4、oid the SDK since 2007 on the release of the first android phone in October 2008 before the birth. Google opened since then on his own time, Taiwans HTC, the manufacturer of the T-Mobile G1 estimate G1 shipments have more than one million at the end of 2008. According to industry insiders expect the
5、 G1 mobile phone sales in 2009 continue. Many other mobile phone suppliers in the near future plans to support this system. Around an android and a huge developer community has been established, while a lot of new products and applications on the android. Androids main selling point is that it enabl
6、es developers to seamlessly expand online services to mobile phones. This is the most obvious example is Googles tightly integrated with Gmail, Calendar and Contacts Web applications through the system. Users only need to provide an android user name and password, the phone automatically sync with G
7、oogle services. The other vendors are quickly adapt their existing instant messaging, social networking and gaming services. Android and many companies find new ways to integrate their existing business to the android. Traditional desktop and server operating system has been working for the integrat
8、ion of security features. These individuals and business applications on a single platform is very good, however a business phone platform like android is not very useful. It gives the hope of many researchers. Android is not parked in the body for other platform application support: the implementat
9、ion of the application depends on a top-level JAVA middle ware, the middle ware running on the embedded Linux kernel. Therefore, developers should deploy their applications to the Android must use a custom user interface environment. In addition, the android system applications limit the application
10、 to call each other API collaboration, and the other to authenticate the user application. Although these applications have certain safety features, some of our experienced developers to create Android applications who revealed that the design of security applications is not always straight forward.
11、 Android uses a simple permission label distribution mode to restrict access to resources, but the reasons for the necessity and convenience of other applications, the designers have increased the confusion on this system. This paper attempts to explain the complexity of the Android security, and pa
12、y attention to some of the possible development defects and application security. We try to draw some lessons learned, and hope that the safety of the future. Android application framework for developers is a mandatory framework. It does not have a main () function function or a single entry point f
13、or the implementation of the contrary, the developer must in the design of application components. We developed applications to help the API of the android sdk The Android system defines four kinds of component type. Activity component that defines the application user interface. Usually, the applic
14、ation developer defines each activity screen. Activity can start, it may pass and return values. Can be handled at a time only a keyboard system Activity, all other Activity will be suspended at this time. Service components perform background processing. The need for some operations when an activit
15、y, after the disappearance of the user interface (such as downloading a file or playing music), it usually take such action specially designed services. Developers can also use a special daemon at system startup, the service is usually defined a remote procedure call (RPC), and other system componen
16、ts can be used to send the interface command and retrieve data, as well as to register a callback function. ContentProvider component storage and share data with relational database interfaces. Each Content supplier has an associated rights to describe its contents contains. Other components when us
17、ed as a handle to execute SQL queries (eg SELECT, INSERT, or DELETE content. Content suppliers are typically stored the values on the database records, data retrieval is a special case, the file is also shared by the content provider interface. The components of the broadcast receiver as to send a m
18、essage from the mailbox to the application. Typically, the broadcast message, the application code implicit destination. Therefore, the radio receiver subscribe to these destinations receive messages sent to it. The application code can also be solved explicitly broadcast receivers, including the na
19、me space allocation. The main mechanism of the interaction of the components of the Component Interaction, is an intent, which is a simple message object, which contains a destination address and data components. The Android API defines his approach into intent, and use that information to initiate
20、an activity such as start an activity (startActivity (An intent) start services (the startService (An intent) and radio (sendBroadcast (An intent). Android framework to inform the calls to these methods began to perform in the target application code. This process, the internal components of communi
21、cation is called an action. Simply put, the Intent object defined in the Intent to implement the action . One of the most powerful features of the Android is allowed a variety of intent addressing mechanism. The developer can solve the space of a target component using its applications, they can als
22、o specify an implicit name. In the latter case, the system determines the best components of an action by considering the installed applications and user choice. Implicit name is called the action string because of his special type of the requested action. Such as a view action string, in an intent
23、data field points to an image file, the system will directly referring to the preferred image viewer. Developers can also use the action string a large number of radio to send and receive. Receiver at the receiving end, the developers use an intent filter to customize the special action string. Andr
24、oid Department, including the additional goal of the resolution rules, but an optional string type of data manipulation is the most common. Android applications are written in the Java programming language.The compiled Java code along with any data and resource files required by the application is b
25、undled by the apt tool into an Android package,an archive file marked by an .apk suffix.This file is the vehicle for distributing the application and installing it on mobile devices;its the file users download to their devices.All the code in a single.apk file is considered to be one application. In
26、 many ways,each Android application lives in its own world: ( 1) By default,every application runs in its own Linux process.Android starts the process when any of the applications code needs to be executed,and shuts down the process when its no longer needed and system resources are required by other applications. ( 2) Each process has its own virtual machine(VM),so application code runs
