如何在Android中的两个或多个应用程序之间安全地共享数据? [英] How to securely share data between two or more applications in android?

问题描述

我正在为企业环境创建一个应用程序框架，其中涉及在设备内存中两个或多个应用程序之间的 数据共享 .此数据需要存储在设备上，并且 只能由少数几个应用程序访问(可以通过安装它们的证书来识别) .此外，还需要以安全的方式存储它，以便其他第三方应用程序无法访问它.哪个是实现此功能的最佳方法?

I am making an application framework for the enterprise environment which involves data sharing between two or more applications from the device memory. This data needs to be stored on the device and accessible to only a few applications (which can be identified by the certificates used to install them). Also, it needs to be stored in a secure way so as to be not accessible to other third party applications . Which is the best way to implement this functionality ?

我已阅读有关 ContentProviders 和 ContentResolvers 据我所知仅有助于此过程.实际的数据存储更为重要.我还研究了 钥匙串API" ，这似乎与我需要实现的功能最接近.

I have read up about ContentProviders and ContentResolvers which to my understanding only facilitate this process . The actual storage of data is what is more important .I have also looked into the Keychain API of Android which seems to be the closest to what I need to achieve.

是否可以将 ContentProviders 和 ContentResolvers 与Keychain API集成在一起?这是正确的方法吗?如果不是， 达到相同目标的最佳方法是什么 ?另外，我还没有找到好的代码示例来完全理解 Keychain API 的功能. 请帮助！

Is there a way to integrate ContentProviders and ContentResolvers with Keychain APIs ? Is this the correct way to do so ? If not , what is the best way to achieve the same? Also, I haven't been able to find good code samples to completely understand the functioning of the Keychain API. Please Help!

我还查看了密钥库API .这在内部使用Keychain API，并且为了在应用程序之间共享数据，应使用Keychain.尽管我无法找到有关如何使用钥匙串API的相同或详细文档或API指南的代码示例.我正在寻找

Edit :
I've also looked at the Keystore API. This internally uses the Keychain API and for sharing data between applications, Keychain should be used. Though I haven't been able to find code samples for the same or a detailed documentation or API guide on how to use the Keychain API. I am looking for an android equivalent of the iOS Keychain.

还引入了称为托管配置文件的东西 Android 5.这是实现我要做什么的正确方法吗?

Something known as managed profiles has also been introduced in Android 5 . Is this the correct way to acheive what I am trying to do ?

推荐答案

您必须使用相同的sharedUserId声明您的应用程序，例如:

You have to declare your applications with the same sharedUserId, like:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.mydomains.myapp"
    android:sharedUserId="com.mydomains.shared.user.id"
    android:sharedUserLabel="@string/appName">

在这种情况下，存储在两个应用程序的私有存储中的所有数据将彼此可用(假设它们已经使用相同的签名进行了签名)

In this case all data stored in private storage of both apps will be available to each other (supposed they have signed with the same signature)

如阅读手册所示:

sharedUserId:将与之共享的Linux用户ID的名称 其他应用程序.默认情况下，Android为每个应用程序分配其 拥有唯一的用户ID.但是，如果将此属性设置为相同 两个或多个应用程序的值，它们将共享相同的ID， 前提是它们也使用相同的证书签名. 具有相同用户ID的应用程序可以访问彼此的数据，并且 可以按照相同的流程运行.

sharedUserId: The name of a Linux user ID that will be shared with other applications. By default, Android assigns each application its own unique user ID. However, if this attribute is set to the same value for two or more applications, they will all share the same ID — provided that they are also signed by the same certificate. Application with the same user ID can access each other's data and, if desired, run in the same process.

这篇关于如何在Android中的两个或多个应用程序之间安全地共享数据?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！