brief discussion on application development
TRANSCRIPT
Application
Development
What is Mobile Computing
Mobile Computing Definition
Computing?
Operation of computers (according to oxfords advance learner’s dictionary)
Mobile
That someone /something can move or be moved easily and quickly from place to place
Mobile computing
Users with portable computers still have network connections while they move
3
What Is Mobile Computing?
(Cont.)
Is using a digital camera “Mobile Computing”, or using an MP3 player or handheld computer (e.g. smart phones)?
A simple definition could be: Mobile Computing is using a computer (of one kind or another) while on the move
Another definition could be: Mobile Computing is when a work process is carried out somewhere where it was not previously possible.
4
What Is Mobile Computing?
(Cont.)
The act of using a computer while
travelling from place to place or
without being connected to electricity
or other computers by wires
An umbrella term used to describe
technologies that enable people to
access network services anyplace,
anytime, and anywhere. 5
Mobile is everywhere:
Mobile is about transacting
1
96% year to year increase in mobile cyber Monday sales between 2012
and 2011 Source: IBM Coremetrics Retail Data – as published in 11/24/12 IBM Press Release
Mobile enables the Internet of Things
91% of mobile users keep their device within arm’s reach 100% of the
time Source: “China Mobile 50k survey”; Morgan Stanley Research; 2011
5 Trends with significant implications for the
enterprise
2
4
3
Mobile is primary
5
90% of users use multiple screens as channels come together to create
integrated experiences
Source: Time, Inc. 2012
Mobile must create a continuous brand experience
Global Machine-to-machine connections will increase from 2 billion in 2011
to 18 billion at the end of 2022 Source: GSMA, Machina
Research
Insights from mobile data provide new opportunities
75% of mobile shoppers take action after receiving a location based
messages Source: JiWire Mobile Audience Insights Report Q42011
2
Mobile
devices are
shared more
often
Mobile
devices are
used in more
locations
Mobile
devices
prioritize the
user
Mobile
devices are
diverse .
Mobile
devices have
multiple
personas
• Personal phones
and tablets shared
with family
• Enterprise tablet
shared with co-
workers
• Social norms of
mobile apps vs. file
systems
• Work tool
• Entertainment
device
• Personal
organization
• Security profile per
persona?
• OS immaturity for
enterprise mgmt
• BYOD dictates
multiple OSs
• Vendor / carrier
control dictates
multiple OS versions
• A single location
could offer public,
private, and cell
connections
• Anywhere, anytime
• Increasing reliance
on enterprise WiFi
• Conflicts with user
experience not
tolerated
• OS architecture puts
the user in control
• Difficult to enforce
policy, app lists
Uniqueness of Mobile…
1 in 20 Mobile devices stolen
in 2010
70% of Mobile device
spam is fraudulent
financial services
77% growth in Google
Android malware from
Jun 2010 to Jan 2011
350% by which WiFi
hotspots are set to increase by
2015, providing more opportunities
for “man-in-the middle” attacks
10 Billion Android app
downloads reached by
the end of 2011 – over 90%
of the top 100 have been hacked
Source: Evans Data Mobile Developer Survey Mobile Development Report 2012 Volume
Source: Business Insider (September 2012)
155% by which mobile
malware increased 2011
Mobile Presents Management and Security Challenges
9 2012 Tech Trends Report (Weighted by GMV – IBM Proprietary) | IBM Market Insights | IBM Confidential October 2012
Security is the leading barrier
to mobile adoption Drivers for Adopting Mobile
Base: Those who deployed/piloted/plan to adopt
mobile, excluding don’t know (n=1117)
Barriers to Adopting Mobile
Base: Those who deployed/piloted/plan to adopt mobile,
excluding don’t know (n=1115)
Mobile Security Challenges Faced By Enterprises
Achieving Data Separation & Providing Data Protection
Personal vs corporate
Data leakage into and out of the enterprise
Partial wipe vs. device wipe vs legally defensible wipe
Data policies
Adapting to the BYOD/ Consumerization of IT Trend
Multiple device platforms and variants
Multiple providers
Managed devices (B2E)
Unmanaged devices (B2B,B2E, B2C)
Endpoint policies
Threat protection
Providing secure access to enterprise applications & data
Identity of user and devices
Authentication, Authorization and Federation
User policies
Secure Connectivity
Developing Secure Applications
Application life-cycle
Static & Dynamic analysis
Call and data flow analysis
Application policies
Designing & Instituting an Adaptive Security Posture
Policy Management: Location, Geo, Roles, Response, Time policies
Security Intelligence
Reporting
I n t e r r e l a
t e d
Concentrate on Android
How Big is Android?
Number of Android devices: 1 billion (9/3/13)
Android’s share of smartphone shipments: 81.3 %
(10/31/13)
Android’s share of Mobile Devices: 51.8 %
(9/16/13)
Android’s share of Tablets sold in 2013: 62%
Number of Android tables sold in 2013: 121
million
Android apps in Play Store: 1 million (7/24/13)
Percent of malware that targeted android devices
in 2013: 99%
http://expandedramblings.com/index.php/android-statistics/#.U6o4sE0g9dg
Smart Phone Sales
Attacks by Mobile OS
http://www.securelist.com/en/analysis/204792318/Kaspersky_Security_Bulletin_
2013_Overall_statistics_for_2013#02
Types of Attacks
http://www.securelist.com/en/analysis/204792318/Kaspersky_Security_Bulletin_2013_Overall
_statistics_for_2013#02
Distribution of exploits in cyber-attacks
by type of attacked application
http://www.securelist.com/en/analysis/204792318/Kaspersky_Security_Bulletin
_2013_Overall_statistics_for_2013#02
Android malware growth in 2013
http://www.linkedin.com/today/post/article/20140411174528-
2487856-google-jumps-in-to-protect-android-from-malware-finally
Getting Started
Android Development
IDE
Eclipse
Android SDK package
Android Development Tools (ADT) Plugin within Eclipse
Bundle
http://developer.android.com/sdk/index.html
Chose correct platform
Unpack the zip file
Save to appropriate location
Open and launch eclipse
Instructions for manual installation provided in manual
Basic Terminology
Project Name
Name of the directory
Will contain the project files
Application Name
Human-readable title for your application
Will appear on the device
Package Name
Java package namespace where your source code will reside
Must have at least one period in the package name
Must be unique when published in the market
Suggest use standard domain-type package name
Workshop.android.maiblesecurity.someName
Like Java case sensitive
Basic Terminology
Activity
Class name
Subclass of the Android Activity Class
Can run and do work – user interface
Almost always used as a basis for an application
Will have an Activity for every screen in the application
Where you capture and present information to the user
Each Activity must have a matching Java class file
Main aim of activity - interact with the user
Basic Terminology
Android Manifest file
Necessary in every Android application
Must have the file name Android Manifest
Provides all the essential information to the device
Name of Java application
List of each Activity
Any permissions needed to access other Android functions
Contains ability to navigate more than one Activity
Navigation takes place using Intents
Must contain an entry for each Activity
Details
Activity
Through Activities Android does true multiprocessing
Internally there is a stack of Activities
Activity stack has Last in last out property
Activity launched – becomes top of stack
Previous activity moved lower in stack
Previous activity won’t come to the top till new one
exits
Activity Memory allocation based on stack position
App on top of stack – intense memory use
App lower on stack – small memory use
Low on memory – app lower on stack shut down
Each activity runs in a separate process
Each process hosts in separate virtual machine
Activity
Saves metadata (state) of each activity
Activities are popped from the stack by pressing the back
button
Previous activity is resumed using data from saved state
Activity can be in one of four states:
Active
Paused
Stopped
Dead
Activity Active
Activity started
Running
In foreground
Paused
Activity is running
Another activity is running on the top or notification is
displayed
User can see the activity
User cannot interact with activity
Fully alive but can be killed in case of low memory
Activity Sequence
Stopped
Running
User can’t see the activity
State and member information kept
Can be killed by the system in low memory situations
Dead
Activity not started
Activity in pause or stop state and terminated by system
Activity Sequence
Activity starts
onCreate(), onState()
Activity not visible
onResume()
Comes to the foreground
Becomes fully running
Another activity launches or a notification appears
Activity passes through onPause()
Activity onPause
System decides to kill your activity due to low memory
Activity starts the cycle again from onCreate()
Previous state saved in BundlesavedInstanceState parameter
User resumes the activity
Continues with onResume()
onStop()
User is about to close the activity
Activity calls onStop()
Activity then calls onDestroy() - destroyed
Activity
onStop()
Another activity runs while the current one was not shut down
the activity calls onStop()
Not killed by system
Will call reStart()
Then call onStart()
Continue cycle
Activity
onCreate()
Invoked in 3 cases
Activity runs for first time – null BundlesavedInsatnceState
parameter
Activity been running and stopped by user or destroyed by system -
BundlesavedInsatnceState parameter holds prior state
Activity is running and you set the device to different resources like
Portrait vs landscape –
Activity will be recreated
Followed by onStart()
Activity
OnStart()
When activity is first launched
Brought back to the foreground
Followed by onResume() or onStop()
OnRestart()
Invoked if activity has been stopped & about to run again
Always followed by onStart()
Activity
OnResume()
Invoked when activity is about to come to the foreground
Activity comes to top of the activity stack
Can refresh the controls activity is using
Always followed by on Pause()
OnPause()
Invoked when another activity launches while the current
activity is launched or the system decides to kill the activity
Have to stop everything you did in onResume()
Followed by onResume() if activity returns back to front or
onStop() if activity is to be invisible.
Activity
onStop()
Invoked when a new activity is about to come over the current
one or the current one is destroyed.
Always followed by onResume() or onDestroy()
onDestroy()
Invoked when the activity is shutting down because activity
called finish()
Also called when system needs memory
Activities
Killable methods
Means that after these methods return, the process
hosting them can kill the activity without executing any
further code (due to lack of memory)
onPause()
onStop()
onDestroy()
Summary of Activities
The entire activity live cycle is between the onCreate()
and onDestroy()
onCreate() – acquire resources
onDestroy() – release resources
Visible life time of activity is between onStart() and
onStop()
Will be visible
Not necessarily able to interact with it
You persist the state of the activity
You can come back to it
Summary of Activities
The foreground lifetime is between onResume() and
onPause()
Activity is fully interactive with the user
Activity can go through the resume and pause states many
times
Can go though these states when device sleeps or new
activity launches
Intent
Activity can contain more than one activity.
Intent is used to navigate between activities
Intent provides a facility for performing late runtime
binding between the code in different applications
Its most significant use is in launching of activities
Glue between activities
Intent
Primary pieces of information in an intent
Action – the general action to be performed
Data – data to operate on
Examples of Intent Action Pairs Action View
Content://contacts/people/1
Display information about the person whose identifier is “1”
Action Dial
Content://contacts/people/1
Display the phone dialer with the person filled in
Action View
Tel:123
Display the phone dialer with the given number filled in
Examples of Intent Action Pairs
Action Dial
Te:123
Display the phone number with the given number filled in
Action Edit
Content://contacts/people/1
Edit information about the person whose identifier is “1”
Action View
Content://contacts/people/
Display a list of people, which the user can browse through
Android Applications -Example
Example of location-sensitive social networking application for
mobile phones in which users can discover their friends’ locations.
Activities provide a user interface
Services execute background processing
Content providers are data storage facilities
Broadcast receivers act as mailboxes for messages from other
applications.
Android Applications -Example
Application(cont.)
FriendTracker (Service) polls an external service to discover
friends’ locations
FriendProvider (Content provider) maintains the most recent
geographic coordinates for friends
FriendTrackerControl (Activity) defines a user interface for starting
and stopping the tracking functionality
BootReceiver (Broadcast receiver) gets a notification from the
system once it boots (the application uses this to automatically
start the FriendTracker service).
Android Applications---
Component Interaction
Intent
Primary mechanism for component interaction
Simply a message object containing a destination
component address and data
Action - the process of inter-components
communication
Android Applications---
Component Interaction (cont.)
Example: Interaction between components in applications and with components
in system applications. Interactions occur primarily at the component level.
Android Applications---
Component Interaction (cont.)
Each component type supports interaction specific to its type. For
example, Service components support start , stop, and bind
actions, so the FriendTrackerControl (Activity) can start and stop
the FriendTracker (Service) that runs in the background.