X

case study of android

I)
Design
Android is a mobile operating system based on a revised version of Linux
kernel and other open-source software, It designed for smart phones and tablets.
Android is designed by Open Handset Alliance and commercially sponsored by
google. It was revealed in November 2007, with the first commercial Android
Device with HTC Dream Being launched in September 2007
Android was written in Java (User Interference), C (Core),C++ .

II)
Process Management :
Android operating system maintains a hierarchy in which all the processes are
placed in order of their priority. The less priority is the process which can be
killed first when the system wants to free up some resource. Android uses
some set of rules and regulations to decide the priority of the processes based
on the running state of the applications. Below are the process states that a
process may have at any time in android applications. The priority of these
processes decreases from top to down in order in which they are listed.
1)Foreground
It is one that is required for what the user is currently doing .various application
components can cause it containing process to be considered foreground in
different ways .A process is considered to be in the foreground if any of the
following if any of the following conditions hold:
 It is running an activity at the top screen that the user is interacting with
 It has a broadcast receiver that is currently running

There will only ever be a few such processes in the system, and these will only
be killed as a last resort if memory is so low that not even these processes can
continue to run.

2) A visible process is doing work that the user is currently aware of, so killing
it would have a noticeable negative impact on the user experience. A process is
considered visible in the following conditions:

1
  It is running an Activity that is visible to the user on-screen but not in the
foreground This may occur, for example, if the foreground Activity is
displayed as a dialog that allows the previous Activity to be seen behind
it.
 It is hosting a service that the system is using for a particular feature that
the user is aware, such as a live wallpaper, input method service, etc.

The number of these processes running in the system is less bounded than
foreground processes, but still relatively controlled. These processes are
considered extremely important and will not be killed unless doing so is
required to keep all foreground processes running.

3)

A service process is one holding a Service that has been started with the
startService method. Though these processes are not directly visible to the user,
they are generally doing things that the user cares about (such as background
network data upload or download), so the system will always keep such
processes running unless there is not enough memory to retain all foreground
and visible processes.
Services that have been running for a long time (such as 30 minutes or more)
may be demoted in importance to allow their process to drop to the cached list
described next. This helps avoid situations where long running services that use
excessive resources (for example, by leaking memory) prevent the system from
delivering a good user experience.

4)
A cached process is one that is not currently needed, so the system is free to kill
it as desired when resources like memory are needed elsewhere. In a normally
behaving system, these are the only processes involved in resource
management: a well running system will have multiple cached processes always
available (for more efficient switching between applications) and regularly kill
the oldest ones as needed.

III)
Memory management and virtual management:

The Android Runtime (ART) and Dalvik virtual machine

use paging and memory-mapping (mmapping) to manage memory. This means
that any memory an app modifies—whether by allocating new objects or
touching mmapped pages—remains resident in RAM and cannot be paged out.

2
The only way to release memory from an app is to release object references that
the app holds, making the memory available to the garbage collector.

1) Garbage collection

The mechanism for reclaiming unused memory within a managed memory

environment is known as garbage collection. Garbage collection has two goals:
find data objects in a program that cannot be accessed in the future; and reclaim
the resources used by those objects.

2) Share memory

In order to fit everything it needs in RAM, Android tries to share RAM pages
across processes. It can do so in the following ways:

 Each app process is forked from an existing process called Zygote. The
Zygote process starts when the system boots and loads common framework
code and resources 

3) Allocate and reclaim app memory

The Dalvik heap is constrained to a single virtual memory range for each app
process. This defines the logical heap size, which can grow as it needs to but
only up to a limit that the system defines for each app.

The logical size of the heap is not the same as the amount of physical memory
used by the heap. When inspecting your app's heap, Android computes a value
called the Proportional Set Size (PSS), which accounts for both dirty and clean
pages that are shared with other processes—but only in an amount that's
proportional to how many apps share that RAM. This (PSS) total is what the
system considers to be your physical memory footprint. For more information
about PSS, see the Investigating Your RAM Usage guide.

4)

Restrict app memory

To maintain a functional multi-tasking environment, Android sets a hard limit

on the heap size for each app. The exact heap size limit varies between devices
based on how much RAM the device has available overall. If your app has
reached the heap capacity and tries to allocate more memory, it can receive
an OutOfMemoryError.

3
5)

Switch apps

When users switch between apps, Android keeps apps that are not foreground—
that is, not visible to the user or running a foreground service like music
playback— in a cache. For example, when a user first launches an app, a
process is created for it; but when the user leaves the app, that process
does not quit. The system keeps the process cached. If the user later returns to
the app, the system reuses the process, thereby making the app switching faster

IV)File Systems

a file system and is the factory for objects to access files and other objects in the
file system.

The default file system, obtained by invoking

the FileSystems.getDefault method, provides access to the file system that is
accessible to the Java virtual machine. The FileSystems class defines methods
to create file systems that provide access to other types of (custom) file systems.

A file system is the factory for several types of objects:

 The getPath method converts a system dependent path string, returning

a Path object that may be used to locate and access a file.
 The getPathMatcher method is used to create a PathMatcher that performs
match operations on paths.
 The getFileStores method returns an iterator over the underlying file-stores.
 The getUserPrincipalLookupService method returns
the UserPrincipalLookupService to lookup users or groups by name.
 The newWatchService method creates a WatchService that may be used to
watch objects for changes and events.

File systems are safe for use by multiple concurrent threads. The close method
may be invoked at any time to close a file system but whether a file system
is asynchronously closeable is provider specific and therefore unspecified. In
other words, if a thread is accessing an object in a file system, and another
thread invokes the close method then it may require to block until the first
operation is complete. Closing a file system causes all open channels, watch
services, and other closeable objects associated with the file system to be
closed.

4
V)Android Security Features
1) App sandbox

The Android platform takes advantage of the Linux user-based protection to

identify and isolate app resources. To do this, Android assigns a unique user ID
(UID) to each Android app and runs it in its own process. Android uses this
UID to set up a kernel-level App Sandbox.

App signing

App signing allows developers to identify the author of the app and to update
their app without creating complicated interfaces and permissions. Every app
that runs on the Android platform must be signed by the developer.

Authentication

Android uses the concept of user-authentication-gated cryptographic keys that

requires cryptographic key storage and service provider and user authenticators.

On devices with a fingerprint sensor, users can enroll one or more fingerprints
and use those fingerprints to unlock the device and perform other tasks. The
Gatekeeper subsystem performs device pattern/password authentication in a
Trusted Execution Environment (TEE).

Android 9 and higher includes Protected Confirmation, which gives users a way
to formally confirm critical transactions, such as payments.

Biometrics

Android 9 and higher includes a BiometricPrompt API that app developers can
use to integrate biometric authentication into their apps in a device- and
modality-agnostic fashion. Only strong biometrics can integrate
with BiometricPrompt.

Encryption

Once a device is encrypted, all user-created data is automatically encrypted

before committing it to disk and all reads automatically decrypt data before
returning it to the calling process. Encryption ensures that even if an
unauthorized party tries to access the data, they won’t be able to read it.

Keystore

5
Android offers a hardware-backed Keystore that provides key generation,
import and export of asymmetric keys, import of raw symmetric keys,
asymmetric encryption and decryption with appropriate padding modes, and
more.

Security-Enhanced Linux

As part of the Android security model, Android uses Security-Enhanced Linux

(SELinux) to enforce mandatory access control (MAC) over all processes, even
processes running with root/superuser privileges (Linux capabilities).

Trusty Trusted Execution Environment (TEE)

Trusty is a secure Operating System (OS) that provides a Trusted Execution

Environment (TEE) for Android. The Trusty OS runs on the same processor as
the Android OS, but Trusty is isolated from the rest of the system by both
hardware and software.

Verified Boot

Verified Boot strives to ensure all executed code comes from a trusted source
(usually device OEMs), rather than from an attacker or corruption. It establishes
a full chain of trust, starting from a hardware-protected root of trust to the
bootloader, to the boot partition and other verified partitions.

VI)

Android Applications

Android applications are usually developed in the Java language using the
Android Software Development Kit.
Once developed, Android applications can be packaged easily and sold out
either through a store such as Google Play, SlideME, Opera Mobile
Store, Mobango, F-droid and the Amazon Appstore.

1
Beautiful UI

Android OS basic screen provides a beautiful and intuitive user interface.

2
Connectivity

6
GSM/EDGE, IDEN, CDMA, EV-DO, UMTS, Bluetooth, Wi-Fi, LTE, NFC and
WiMAX.

3
Storage

SQLite, a lightweight relational database, is used for data storage purposes.

4
Media support

H.263, H.264, MPEG-4 SP, AMR, AMR-WB, AAC, HE-AAC, AAC 5.1, MP3,
MIDI, Ogg Vorbis, WAV, JPEG, PNG, GIF, and BMP.

5
Messaging

SMS and MMS

6
Web browser

Based on the open-source WebKit layout engine, coupled with Chrome's V8

JavaScript engine supporting HTML5 and CSS3.

7
Multi-touch

Android has native support for multi-touch which was initially made available
in handsets such as the HTC Hero.

8
Multi-tasking

User can jump from one task to another and same time various application can
run simultaneously.

9
Resizable widgets

Widgets are resizable, so users can expand them to show more content or shrink
them to save space.

7
10
Multi-Language

Supports single direction and bi-directional text.

11
GCM

Google Cloud Messaging (GCM) is a service that lets developers send short
message data to their users on Android devices, without needing a proprietary
sync solution.

12
Wi-Fi Direct

A technology that lets apps discover and pair directly, over a high-bandwidth
peer-to-peer connection.

13
Android Beam

A popular NFC-based technology that lets users instantly share, just by touching
two NFC-enabled phones together.