Introduction to Android-modified 2.0

Introduction to Android

Team Leader: Rohith Raj ChennaTeam Member: Kevan Wiegand

Four Main Components:• Activities• Services• Content Providers• Broadcast Receivers

Activities• Activities-Reusable components used to build an app’s user interface.• A separate activity is often associated with each different screen of an app.• For example, an email app might have one activity that shows a list of new emails, another activity to compose an email, and another activity for reading emails.

Services• Android Services-provides access to information about the environment in which the app is running and allows you to access various Android services.• It does not provide user interface, runs in the background.• Another component can initiate, let it run or bind to it in order to interact with it.

Content Providers• Content Providers-They manage a shared set of app data.• Enables apps to save and retrieve data and to make data accessible across applications• These are built into Android for access to data such as images, audio, video, contact information and more.• We need proper permission to access content provider to modify new information.

Broadcast Providers• Broadcast Provider-Is a component that responds to system-wide broadcast announcements.• Examples include: the screen turning off, alerting that the battery is low, or a picture was captured from the camera.• Apps can also initiate broadcasts.• They create status bar notifications alert users when a broadcast event occurs.

Activity Life Cycle• onCreate()• onRestart()• onStart()• onResume()• onPause()• onStop()• onDestroy()

onCreate() && onRestart()• onCreate() – Called when the activity Is first created. This is where you should do all of your normal static set up: create views, bind data to lists, etc. This method also provides you with a Bundle containing the activity’s previously frozen state, if there was one. Always followed by onStart().• onRestart() – Called after your activity has been stopped, prior to it being started again. Always followed by onStart().

onStart() && onResume()• onStart() – Called when the activity is becoming visible to the user. Followed by onResume() if the activity comes to the foreground, or onStop() if it becomes hidden.• onResume() – Called when the activity will start interacting with the user. At this point your activity is at the top of the activity stack, with user input going to it. Always followed by onPause.

onPause() && onStop()• onPause() – Called when the system is about to start resuming a previous activity. This is typically used to commit unsaved changed to persistent data, stop animations and other things that may be consuming CPU, etc. Implementations of this method must be very quick because the next activity will not be resumed until this method returns. Followed by either onResume() if the activity returns back to the front, or onStop() if it becomes invisible to the user.• onStop() – Called when the activity is no longer visible to the user, because another activity has been resumed and is covering this one.

onDestroy()• onDestroy() – The final call you receive before your activity is destroyed. This can happen either because the activity is finishing(someone called finish() on it, or because the system is temporarily destroying this instance of the activity to save space. You can distinguish between these two scenarios with isFinishing() method.

Android Security

Android Security•Android has security features built into the operating system that significantly reduce the frequency and impact of application security issues. The system is designed so you can typically build your apps with default system and file permissions and avoid difficult decisions about security.

Core Security Features• The Android Application Sandbox, which isolates your app data and code execution from other apps.• An application framework with robust implementations of common security functionality such as cryptography, permissions, and secure IPC.• An encrypted filesystem that can be enabled to protect data on lost or stolen devices• User-granted permissions to restrict access to system features and user data

Storing Data• The most common security concern for an application on Android is whether the data that you save on the device is accessible to other apps. There are three fundamental ways to save data on the device:1.Internal Storage2.External Storage3.Content Providers

Internal Storage• By default, files that you create on internal storage are accessible only to your app. This protection is implemented by Android and is sufficient for most applications.• A key can be placed in a KeyStore and protected with a user password that is not stored on the device. While this does not protect data from a root compromise that can monitor the user inputting the password, it can provide protection for a lost device without file system encryption

External Storage && Content Providers

• Files created on external storage, such as SD Cards, are globally readable and writable. Because external storage can be removed by the user and also modified by any application, Android developers suggest you should not store sensitive information using external storage.• As with data from any untrusted source, you should perform input validation when handling data from external storage.• Content providers offer a structured storage mechanism that can be limited to your own application or exported to allow access by other applications. They encapsulate the data, and provide mechanisms for defining data security.

Using Permissions• Because Android sandboxes applications from each other, applications must explicitly share resources and data. They do this by declaring the permissions they need for additional capabilities not provided by the basic sandbox, including access to device features such as the camera.• Not having access to sensitive permissions reduces the risk of inadvertently misusing those permissions, can improve user adoption, and makes your app less vulnerable for attackers. Generally, if a permission is not required for your app to function, do not request it.

Fragments• You can build the UI of the multi-pane by combining a plurality of fragments into one activity, and you can reuse the fragment in multiple activities.• The fragment, is like a modular section of the activity, has its own life cycle, you will receive your own input events. Fragments and you can add or delete during the execution of the activities (which can be reused in another activity is a kind of "sub-activity").

Life Cycle• The fragment, it is like a modular section of the activity, it has its own life cycle, you will receive your own input events.

• When an activity is paused, also paused all the fragments in it, when the activity is destroyed, also will be destroyed all the fragments.

Fragment Design• The operations such as add or delete can be done only by each fragment. When you perform a transaction of such fragments, you can also add it to the back stack, which is managed by the activity. Each back stack entry of activity will be the record of the transaction of the generated fragment.

Adding the Fragment• When you add the fragment as part of the activities of the layout, the activity of the view hierarchy ViewGroup placed in the fragment will define their own view layout. To insert a fragment in the activity of the layout, a fragment is not necessarily be part of the activity, a worker invisible activity, It can also be used without a fragment own user interface

Application Example• For example, in a new application, you can view a list of articles on the left side using one of the fragments, and you can view the contents of the article to the right using another fragment. Both fragments are displayed side by side on one activity, each fragment has its own life cycle method, it will process each user input events. 

• That is, select the articles one activity, rather than viewing the article in another activity, it can be viewed by selecting the article in one of the activities

What does the code look like?

<fragment android:layout_width="wrap_content" android:layout_height="wrap_content" android:name="com.kevanwiegand.asthmaanalyzer.TopSectionFragment" android:id="@+id/fragment" tools:layout="@layout/top_section_fragment" android:layout_above="@+id/button" android:layout_alignParentLeft="true" android:layout_alignParentStart="true" />

@Overrideprotected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); onClickButtonListener(); onClickButtonListener2();}

Activtity_Main.xml

Main_Activity.java

SQLite• SQLite is an in-process library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine. The code for SQLite is in the public domain and is thus free for use for any purpose, commercial or private. SQLite is the most widely deployed database in the world. • https://www.sqlite.org/about.html

Most Widely Deployed and Used Database Engine

• Every Android device• Every iPhone and iOS device• Every Mac• Every Windows10 machine• Every Firefox, Chrome, and Safari web browser• Every instance of Skype• Every instance of iTunes• Every Dropbox client• Every TurboTax and QuickBooks• PHP and Python• Most television sets and set-top cable boxes

Situations Where SQLite Works Well

• Embedded devices and the internet of things• Application file format• Websites• Data analysis• Cache for enterprise data• Server-side database• File archives• Replacement for ad hoc disk files• Internal or temporary databases• Stand-in for enterprise database during demos or testing• Education and training

Why use it?• Most of the SQLite source code is devoted purely to testing and verification. An automated test suite runs millions and millions of test cases involving hundreds of millions of individual SQL statements and achieves 100% branch test coverage. SQLite responds gracefully to memory allocation failures and disk I/O errors.

• Transactions are ACID even if interrupted by system crashes or power failures. All of this is verified by the automated tests using special test harnesses which simulate system failures. Of course, even with all this testing, there are still bugs. But unlike some similar projects (especially commercial competitors) SQLite is open and honest about all bugs and provides bugs lists and minute-by-minute chronologies of bug reports and code changes.

A.C.I.D.• a set of properties that guarantee that database transactions are processed reliably.

Four Properties:• Atomicity: “All or nothing” transaction.• Consistency: Programming errors don’t result from violation of defined rules• Isolation: ensuring that the concurrent execution of transactions results in a system state that would be obtained if transaction were executed serially. Concurrency Control.• Durability: to prevent losses from crashes or computer power loss. Stores each SQL statement

Thank you.