Lecture 11 - Mobile and Sandboxing

Question 1

Dalvik Virtual Machine (DVM)

Answer 1

Optimized for embedded environments, runs .dex files, relies on Linux kernel

Question 2

Activity Manager

Answer 2

Responsible for starting applications, includes Reference Monitor

Question 3

Package Manager

Answer 3

Installs new applications, manages permissions and apps

Question 4

Application Isolation

Answer 4

VMs and Sandboxing ensure apps are isolated

Question 5

Application Access Control

Answer 5

Permission framework at middleware layer, DAC at Linux kernel level

Question 6

Application Distribution

Answer 6

Apps vetted before upload to official app market

Question 7

Process Level

Answer 7

Each app runs in a dedicated process with unique UID

Question 8

Filesystem Level

Answer 8

Each app has a dedicated data directory for read/write access

Question 9

Permission escalation attack

Answer 9

Non-privileged app accesses components of a more privileged app

Question 10

Android Software Stack

Answer 10

Includes Middleware, Android Runtime, and Application Framework

Question 11

Middleware Layer - Native Libraries

Answer 11

Includes C/C++ system libraries exposed to developers

Question 12

Middleware Layer - Android Runtime

Answer 12

Involves Dalvik Virtual Machine optimized for embedded environments

Question 13

Middleware Layer - Application Framework

Answer 13

Provides API to basic functionalities and services for developers

Question 14

Application Layer

Answer 14

Apps written in Java, executed in their own Dalvik VM instance

Question 15

Sandboxing

Answer 15

confines software within a controlled environment to prevent system resource access and unauthorized actions.