The Android Platform Security Model has not been formally published or described outside of Google. Android is fundamentally based on a multi-party consent model. Apps are not considered to be fully authorized agents for the user. There are some intentional deviations from the security model and we discuss why these exist. Finally, openness is a fundamental value in Android: from how we develop and publish in open source, to the open access users and developers have in finding or publishing apps, and the open communication mechanisms we provide for inter-app interactions.”]
Source: https://security.googleblog.com/2019/04/the-android-platform-security-model.html

