Android Security Model

1. Linux Kernel Security

Foundation of Android Security: Android is based on the Linux kernel. The Linux kernel is
the core part of the operating system that manages system resources and hardware. It
provides essential security features like process isolation (keeping apps from interfering
with each other) and memory protection.

User Permissions: Every app runs with its own user ID, and the system ensures apps
cannot access each other’s data without permission.

2. App Sandboxing

Isolation of Apps: Each app on Android runs in its own "sandbox," which is like a
protected area in the system. This ensures that an app can only access its own data and
cannot easily affect or access data from other apps or the system.

App Permissions: Apps request permissions to access sensitive resources like the
camera, contacts, location, or storage. The user must approve these permissions.

3. App Signing and Integrity

Digital Signatures: Every app on Android must be signed with a digital certificate. This
proves the authenticity of the app and its source. If an app’s signature is altered, the
system will flag it as potentially malicious.

APK Files: Android apps are packaged in APK (Android Package) files. These APKs are
verified to ensure they have not been tampered with before installation.

4. Permission-Based Security

Granular Permissions: Android uses a permission-based security model. When you

install an app, it requests specific permissions (like access to the internet, camera, or
storage). As a user, you decide whether to grant or deny these permissions.

Run-time Permissions: In newer versions of Android, you grant some permissions only
when the app needs them, not just at installation time. For example, an app might ask
for permission to access the camera only when you open the camera feature within the
app.

5. Data Encryption

Encryption of Data: Android supports full-device encryption, meaning all your data
(photos, messages, apps) is stored in a scrambled form, which can only be decrypted
with your password or PIN.

App Data Encryption: Apps can also use encryption to protect sensitive data, even if it's
stored on the device or on external storage.
6. Google Play Protect

App Scanning: Google Play Protect is a security feature built into Android devices. It
scans apps for malware before they are installed and periodically checks the apps on
your device to ensure they are safe.

Remote Wipe and Lock: If your device is lost or stolen, you can remotely lock it or erase
all your data through your Google account.

7. Security Updates

Regular Patches: Android devices receive regular security updates to fix vulnerabilities
and improve overall security. It’s important for users to install these updates to keep
their devices safe.

8. Biometric Authentication

Fingerprint, Face, and Iris Recognition: Android devices support biometric

authentication, allowing users to unlock their phones using fingerprints, face
recognition, or iris scanning. This adds an extra layer of security.

9. Secure Boot and Verified Boot

Secure Boot: Android devices have a secure boot process, which ensures that only
trusted, signed software can run when the device starts up.

Verified Boot: This ensures that the device’s system hasn’t been tampered with and is
running the official, unmodified version of Android.

10. Android Enterprise Security

Business Features: Android also supports security features for businesses, such as
device management tools, data encryption, and the ability to remotely control devices
in the event of a security threat.

Types of Permissions

Normal Permissions: These don’t involve user-sensitive data and are granted
automatically.

Dangerous Permissions: These involve sensitive data and must be explicitly granted by
the user at runtime.

Custom Permissions: Used when you want to define permissions that can control
access to certain features of your app or other apps.
In Android, permissions are used to restrict access to sensitive resources like the internet,
camera, or user data (contacts, location, etc.). Permissions help ensure that apps don’t access
your private information without your consent. There are two main types of permissions:
Normal Permissions and Dangerous Permissions.

1. Normal Permissions

• What it is: These permissions don’t involve user-sensitive data, and they don't pose a
security risk if granted. Android automatically grants these permissions when the app
is installed.
• Examples:
o INTERNET: Allows an app to access the internet.
o ACCESS_NETWORK_STATE: Allows an app to access information about
networks (Wi-Fi, mobile data).
o VIBRATE: Allows an app to use the device's vibration feature.
o SET_WALLPAPER: Allows the app to set the wallpaper on the device.
o WAKE_LOCK: Allows an app to prevent the device from going to sleep.

Example of Normal Permission in AndroidManifest.xml:

<uses-permission android:name="android.permission.INTERNET"/>

2. Dangerous Permissions

• What it is: These permissions can access sensitive data or perform potentially
harmful actions. For these permissions, the app needs to request approval from the
user at runtime.
• Examples:
o ACCESS_FINE_LOCATION: Allows an app to access precise location
information (e.g., GPS).
o READ_CONTACTS: Allows an app to read the user's contacts.
o CAMERA: Allows an app to access the camera to take pictures or record
videos.
o READ_EXTERNAL_STORAGE: Allows an app to read data from external
storage like a memory card.
o SEND_SMS: Allows an app to send SMS messages.
o CALL_PHONE: Allows an app to initiate phone calls.
o READ_SMS: Allows an app to read SMS messages.
o WRITE_EXTERNAL_STORAGE: Allows an app to write to external
storage.
o ACCESS_COARSE_LOCATION: Allows an app to access approximate
location data.

Example of Dangerous Permission in AndroidManifest.xml:

<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
For dangerous permissions, from Android 6.0 (Marshmallow) onwards, the app must
request permission at runtime. If not granted, the app will not be able to access the resource.

Requesting Permissions at Runtime (Example)

if (ContextCompat.checkSelfPermission(this,
Manifest.permission.ACCESS_FINE_LOCATION)
!= PackageManager.PERMISSION_GRANTED) {
ActivityCompat.requestPermissions(this,
new String[]{Manifest.permission.ACCESS_FINE_LOCATION}, 1);
}

3. Custom Permissions

• What it is: Sometimes, developers might want to create their own permissions to
control access to certain features or data within their apps or across multiple apps.
These are custom permissions.
• Use Case: Custom permissions are useful when one app wants to allow or restrict
other apps from accessing certain features or data within its system, like accessing a
private API or a specific feature.

To create a custom permission, the developer must define it in the AndroidManifest.xml

file of their app.

Defining a Custom Permission

<permission
android:name="com.example.myapp.permission.MY_CUSTOM_PERMISSION"
android:protectionLevel="signature"/>

Here, the protectionLevel defines how the permission is protected:

• Normal: Available for any app to request.

• Signature: Only apps signed with the same key as the defining app can request it.
• SignatureOrSystem: Only apps signed with the same key as the defining app or
system apps can request it.

Using the Custom Permission

To require the custom permission for certain features in your app, you would reference it like
this:

<uses-permission
android:name="com.example.myapp.permission.MY_CUSTOM_PERMISSION"/>

And, in your code, check for this permission as you would for any other:

if (ContextCompat.checkSelfPermission(this,
"com.example.myapp.permission.MY_CUSTOM_PERMISSION") ==
PackageManager.PERMISSION_GRANTED) {
// Perform action
} else {
// Request permission or show error
}

Example Scenario for Custom Permission:

Let’s say you have a file management app, and you want only a specific app (your other app)
to be able to read files from this app's storage. You would define a custom permission and
then enforce it within the file management app.

Importance of Developer Console:

1. App Testing and Debugging:

o The Android Developer Console helps developers test their applications

thoroughly before launching them to the public. It provides essential
debugging tools, error logs, and performance monitoring, allowing
developers to identify and fix issues in the code.

o It assists in optimizing apps for better performance, such as identifying

memory leaks or app crashes.

2. Managing App Versions:

o The console allows developers to upload different versions of their apps

and manage updates. This is critical to ensure that users always have the
most stable and feature-complete version of the app.

o Developers can control which version is publicly available, and older

versions can be archived.

3. Monitoring App Performance:

o The console provides valuable data on app performance, user retention,

and engagement. Developers can access metrics like download
statistics, in-app purchases, and user demographics.

o This information is crucial for developers to understand how users

interact with their app and to improve their app over time.

4. Publish and Distribute Apps:

o One of the most important roles of the Developer Console is to facilitate

the process of publishing apps to the Google Play Store. Developers can
submit APK files, add metadata (description, screenshots, etc.), and set
app pricing and distribution parameters.
 o The console manages the app's launch, rollout, and updates, ensuring
that the app reaches users across various Android devices.

5. App Monetization:

o It allows developers to integrate various monetization methods, such as

in-app purchases, ads, and subscriptions. The console offers tools to
track and optimize these revenue streams.

o It also provides access to analytics on earnings and helps developers

optimize pricing strategies.

6. Beta Testing:

o Developers can use the Google Play Console to create alpha or beta
testing tracks, which allows them to distribute their app to a selected
group of testers before the official release. This is important for catching
bugs and improving the app’s functionality based on real-world feedback.

7. Security and Permissions Management:

o The console helps developers manage permissions, ensuring that apps

comply with Android's security protocols. Developers can also manage
sensitive information like API keys or integrate services such as Google
Cloud or Firebase.

Use of Developer Console for Diploma Engineering in Android:

1. Learning Platform:

o It offers hands-on exposure to the deployment process and allows

developers to publish their apps for public use, which is a significant
learning opportunity.

2. Project Development:

o During the course, developers often need to work on individual or group

projects. The Developer Console is essential for uploading and testing
these projects on real devices and getting feedback from users in real-
time.

3. Career Readiness:

o Familiarity with the Developer Console prepare developers for the

professional Android development environment. Knowledge of deploying,
managing, and optimizing apps is a valuable skill for future jobs in the
tech industry.

4. Creating Portfolio:
 o By utilizing the Developer Console, developers can create a portfolio of
apps that they’ve published, showcasing their ability to handle the entire
app development lifecycle, from coding to deployment.

Steps to publish app on play store

1. Prepare Your App for Release

• Build a Release Version: Ensure your app is ready for production by building a
release version (not a debug version). You need to sign the app with a release key.

• Test the App: Test your app thoroughly to ensure there are no bugs or crashes.
You can use tools like Firebase or Android's built-in logcat to check for errors.

2. Create a Developer Account

• Sign up for a Google Play Developer account: If you don't already have one, go
to Google Play Console and create a Developer account. This requires a one-
time registration fee of $25 USD.

3. Prepare the App’s Assets

• App Icon: Make sure you have a high-quality app icon (512x512 pixels).

• Screenshots: You need to upload at least 2-8 screenshots of your app, showing
its features and UI. Screenshots must be in the correct size for different devices
(smartphones, tablets).

• Feature Graphic: A feature graphic (1024x500 pixels) is required for your app’s
listing page.

• App Description: Write a concise and engaging description of what your app
does.

4. Sign in to Google Play Console

• Go to Google Play Console and sign in with your developer account.

5. Create a New App

• In the Google Play Console, click on the "Create App" button.

• Select your app’s default language, and then provide the title of the app.

• Choose whether your app is free or paid. Remember, you can't change the price
of an app once it's published as "free."

6. Fill in the App Details

 • App Description: Provide a detailed description of your app and its features.

• App Category: Choose the appropriate category (e.g., Game, Productivity,

Education).

• Content Rating: Complete the content rating questionnaire to ensure your app
is rated appropriately for the target audience.

• Contact Details: Enter a valid contact email address, website (optional), and
phone number (optional).

• Privacy Policy: Add a link to your app's privacy policy (mandatory for most apps).

7. Upload the APK or AAB File

• In the "App releases" section, select "Production" and then click on "Create
Release."

• You can upload your APK (Android Package) or AAB (Android App Bundle) file
here.

• If you’re using AAB (recommended), ensure your app meets the latest Google
Play requirements.

8. Set Up Pricing and Distribution

• Choose whether the app will be free or paid.

• Select the countries where you want your app to be available.

• Opt-in for specific devices (smartphones, tablets, etc.) and other Google
services.

9. Submit the App for Review

• After uploading the APK or AAB, click on "Save" and then "Review and Rollout
to Production".

• Google will now review your app. This process can take a few hours to a couple of
days. Google will check for compliance with the Play Store policies, security, and
app functionality.

10. Publish Your App

• Once the review is complete, and your app is approved, it will be available on the
Google Play Store for download.

• You can monitor the performance of your app, view download statistics, and
make updates from the Google Play Console
Geocoding:

• Geocoding is the process of converting addresses (like "1600 Amphitheatre

Parkway, Mountain View, CA") into geographical coordinates (latitude and
longitude).

• For example, if you have an address, geocoding helps you find its exact location
on the map.

Reverse Geocoding:

• Reverse Geocoding is the opposite of geocoding. It takes geographical

coordinates (latitude and longitude) and converts them into a human-readable
address.

• For example, if you have a set of coordinates, reverse geocoding will give you the
address or place name at that location.

Example:

• Geocoding: "Eiffel Tower, Paris" → (48.8584° N, 2.2945° E)

• Reverse Geocoding: (48.8584° N, 2.2945° E) → "Eiffel Tower, Paris, France

Write a program to get current location of the user

AndroidManifest.xml

<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />

<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"
/>

activity_main.xml

<?xml version="1.0" encoding="utf-8"?>

<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"

android:layout_width="match_parent"

android:layout_height="match_parent">

<TextView
 android:id="@+id/locationText"

android:layout_width="wrap_content"

android:layout_height="wrap_content"

android:text="Location will appear here"

android:textSize="18sp"

android:layout_centerInParent="true" />

</RelativeLayout>

<?xml version="1.0" encoding="utf-8"?>

<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"

android:layout_width="match_parent"

android:layout_height="match_parent">

<TextView

android:id="@+id/locationText"

android:layout_width="wrap_content"

android:layout_height="wrap_content"

android:text="Location will appear here"

android:textSize="18sp"

android:layout_centerInParent="true" />

</RelativeLayout>

MainActivity.java

import android.app.Activity; // Import Activity class

import android.content.pm.PackageManager; // Import PackageManager to check

permissions

import android.location.Location; // Import Location class

import android.location.LocationListener; // Import LocationListener to get updates

import android.location.LocationManager; // Import LocationManager for location

services

import android.os.Bundle; // Import Bundle class for activity lifecycle

import android.widget.TextView; // Import TextView for displaying the location

import androidx.core.app.ActivityCompat; // Import ActivityCompat for checking

permissions

public class MainActivity extends Activity {

private TextView locationText; // Declare a TextView to display the location

private LocationManager locationManager; // Declare LocationManager to get

location services

@Override

protected void onCreate(Bundle savedInstanceState) {

super.onCreate(savedInstanceState);

setContentView(R.layout.activity_main); // Set the content view to activity_main.xml

locationText = findViewById(R.id.locationText); // Initialize the TextView

locationManager = (LocationManager) getSystemService(LOCATION_SERVICE); //

Get the LocationManager

// Check if the location permission is granted

if (ActivityCompat.checkSelfPermission(this,
android.Manifest.permission.ACCESS_FINE_LOCATION)

!= PackageManager.PERMISSION_GRANTED &&
ActivityCompat.checkSelfPermission(this,
android.Manifest.permission.ACCESS_COARSE_LOCATION)

!= PackageManager.PERMISSION_GRANTED) {
 // Request permission if not granted

ActivityCompat.requestPermissions(this,

new String[]{android.Manifest.permission.ACCESS_FINE_LOCATION,
android.Manifest.permission.ACCESS_COARSE_LOCATION}, 1);

return;

// Request location updates

// At least 5 seconds have passed since the last update (5000 ms).

//The device has moved at least 10 meters from its previous position.

locationManager.requestLocationUpdates(LocationManager.GPS_PROVIDER, 5000,
10, new LocationListener() {

@Override

public void onLocationChanged(Location location) {

// Called when the location changes

double latitude = location.getLatitude(); // Get latitude

double longitude = location.getLongitude(); // Get longitude

locationText.setText("Latitude: " + latitude + "\nLongitude: " + longitude); //

Display location

@Override

public void onStatusChanged(String provider, int status, Bundle extras) {} //

Handle status changes

@Override

public void onProviderEnabled(String provider) {} // Handle provider enabled

@Override
 public void onProviderDisabled(String provider) {} // Handle provider disabled

});

Write program to send Email

The putExtra method is used to attach additional data (like email addresses, subject,
and text) to the Intent. This allows you to pass data between activities or actions like
email sending.

• Intent.EXTRA_EMAIL: A String array of email addresses to which the email will be

sent.

• Intent.EXTRA_SUBJECT: A String containing the subject of the email.

• Intent.EXTRA_TEXT: A String containing the text content of the email.

AndroidManifest.xml

<uses-permission android:name="android.permission.INTERNET" />

activity_main.xml

<?xml version="1.0" encoding="utf-8"?>

<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"

android:layout_width="match_parent"

android:layout_height="match_parent"

android:orientation="vertical"

android:padding="16dp">

<!-- EditText for recipient's email address -->

<EditText

android:id="@+id/editTextTo"
 android:layout_width="match_parent"

android:layout_height="wrap_content"

android:hint="To"

android:inputType="textEmailAddress" />

<!-- EditText for email subject -->

<EditText

android:id="@+id/editTextSubject"

android:layout_width="match_parent"

android:layout_height="wrap_content"

android:hint="Subject"

android:inputType="text" />

<!-- EditText for email message -->

<EditText

android:id="@+id/editTextMessage"

android:layout_width="match_parent"

android:layout_height="wrap_content"

android:hint="Message"

android:inputType="textMultiLine" />

<!-- Button to send the email -->

<Button

android:id="@+id/buttonSendEmail"

android:layout_width="wrap_content"

android:layout_height="wrap_content"

android:text="Send Email" />

</LinearLayout>
MainActivity.java

package com.example.emailapp;

import android.content.Intent;

import android.os.Bundle;

import android.view.View;

import android.widget.Button;

import android.widget.EditText;

import android.widget.Toast;

import androidx.appcompat.app.AppCompatActivity;

public class MainActivity extends AppCompatActivity {

// Declare the EditText variables for 'to', 'subject', and 'message'

private EditText editTextTo, editTextSubject, editTextMessage;

private Button buttonSendEmail;

@Override

protected void onCreate(Bundle savedInstanceState) {

super.onCreate(savedInstanceState);

setContentView(R.layout.activity_main);

// Initialize the EditText fields and Button by finding them from the layout

editTextTo = findViewById(R.id.editTextTo); // 'To' Email input field

editTextSubject = findViewById(R.id.editTextSubject); // 'Subject' input field

editTextMessage = findViewById(R.id.editTextMessage); // 'Message' input field

 buttonSendEmail = findViewById(R.id.buttonSendEmail); // Button to send the
email

// Set an OnClickListener for the Send Email button

buttonSendEmail.setOnClickListener(new View.OnClickListener() {

@Override

public void onClick(View v) {

// Get the text entered by the user into the EditText fields

String to = editTextTo.getText().toString();

String subject = editTextSubject.getText().toString();

String message = editTextMessage.getText().toString();

// Check if all fields are filled in

if (!to.isEmpty() && !subject.isEmpty() && !message.isEmpty()) {

// Create an intent to send the email using an implicit intent with action
"SEND"

Intent emailIntent = new Intent(Intent.ACTION_SEND);

// Set the type of the email to text

emailIntent.setType("message/rfc822");

// Add the email details to the intent using putExtra method

emailIntent.putExtra(Intent.EXTRA_EMAIL, new String[]{to}); // The recipient

email

emailIntent.putExtra(Intent.EXTRA_SUBJECT, subject); // The email subject

emailIntent.putExtra(Intent.EXTRA_TEXT, message); // The email body

message

// Check if there's an email client available

 try {

startActivity(Intent.createChooser(emailIntent, "Choose an email client"));

} catch (android.content.ActivityNotFoundException ex) {

Toast.makeText(MainActivity.this, "No email client available",

Toast.LENGTH_SHORT).show();

} else {

// If any of the fields are empty, show a toast message

Toast.makeText(MainActivity.this, "Please fill all the fields",

Toast.LENGTH_SHORT).show();

});