I added an intent filter to activity in my application so that other applications can access certain data (from the cloud) through my application. However, some users may have privacy issues and may not be too happy with the data used. However, other applications can connect to mine to back up their settings, etc. To the cloud.
Now I need some kind of security mechanism to restrict access to my applications, so that I can ban a malicious application, etc. Although it is not possible to identify a malicious application, I would like to gain some access control by allowing only certain “trusted” packages. However, I cannot find how to do this.
Another option is to add a permission requirement, but this may be missed by more users. Although this would be a user error (and it would be my mistake if I did not add permission), recently applications have taken a lot of flacks to publish user content.
The third option is to ask the user every time there is any access to my application. However, I do not have the package, so I can’t say where the intention came from. In addition, my application automates certain transfers from the cloud, so the user can "set and forget" the intention.
I rely only on intentions to transfer some commands between two different applications. I see that I will have to implement my guarantees myself, but I don’t want to reinvent the wheel if Google already has some streams. If not, I will have to implement my own authentication flow or something like that.
EDIT: I'm noob, so I use the terms too loosely. I tried to make the question better.
. / / . , . , , , , , . . ( , ), . - .