Understanding the Android Security Model
In this first section, we’re going to cover security during the deployment and execution of the application. With respect to deployment, Android applications have to be signed with a digital certificate in order for you to install them onto a device. With respect to execution, Android runs each application within a separate process, each of which has a unique and permanent user ID (assigned at install time). This places a boundary around the process and prevents one application from having direct access to another’s data. Moreover, Android defines a declarative permission model that protects sensitive features (such as the contact list).
In the next several sections, we are going to discuss these topics. ...
Get Pro Android 4 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.