Android Application Security Essentials

Security has been a bit of a hot topic with Android so this guide is a timely way to ensure your apps are safe. Includes everything from Android security architecture to safeguarding mobile payments.

Android Application Security Essentials

Starting
Pragati Ogal Rai

Security has been a bit of a hot topic with Android so this guide is a timely way to ensure your apps are safe. Includes everything from Android security architecture to safeguarding mobile payments.
$26.99
$44.99
RRP $26.99
RRP $44.99
eBook
Print + eBook
$12.99 p/month

Get Access

Get Unlimited Access to every Packt eBook and Video course

Enjoy full and instant access to over 3000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

Code Files
+ Collection

Book Details

ISBN 139781849515603
Paperback218 pages

About This Book

  • Understand Android security from kernel to the application layer
  • Protect components using permissions
  • Safeguard user and corporate data from prying eyes
  • Understand the security implications of mobile payments, NFC, and more

Who This Book Is For

If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

Table of Contents

Chapter 1: The Android Security Model – the Big Picture
Installing with care
Android platform architecture
Application signing
Data storage on the device
Crypto APIs
Device Administration
Summary
Chapter 2: Application Building Blocks
Application components
Intents
Summary
Chapter 3: Permissions
Permission protection levels
Application level permissions
Component level permissions
Extending Android permissions
Summary
Chapter 4: Defining the Application's Policy File
The AndroidManifest.xml file
Application policy use cases
Example checklist
Summary
Chapter 5: Respect Your Users
Principles of data security
Identifying assets, threats, and attacks
End-to-end security
Digital rights management
Summary
Chapter 6: Your Tools – Crypto APIs
Terminology
Security providers
Random number generation
Hashing functions
Public key cryptography
Symmetric key cryptography
Message Authentication Codes
Summary
Chapter 7: Securing Application Data
Data storage decisions
User preferences
File
Cache
Database
Account manager
SSL/TLS
Installing an application on an external storage
Summary
Chapter 8: Android in the Enterprise
The basics
Understanding the Android ecosystem
Device administration capabilities
Next steps
Summary
Chapter 9: Testing for Security
Testing overview
Security testing basics
Sample test case scenarios
Security testing the resources
Summary
Chapter 10: Looking into the Future
Mobile commerce
Proximity technologies
Social networking
Healthcare
Authentication
Advances in hardware
Application architecture
Summary

What You Will Learn

  • Get familiar with Android security architecture
  • Secure Android components using permissions
  • Implement cryptography algorithms and protocols to secure your data
  • Protect user information both at rest and in transit
  • Test apps for security
  • Understand security considerations for upcoming use cases like NFC and mobile payments
  • Guard the corporate data of enterprises apps

In Detail

In today’s techno-savvy world, more and more parts of our lives are going digital, and all this information is accessible anytime and anywhere using mobile devices. It is of the utmost importance that you understand and implement security in your apps that will reduce the likelihood of hazards that will wreck your users' experience.

"Android Application Security Essentials" takes a deep look into Android security from kernel to the application level, with practical hands-on examples, illustrations, and everyday use cases. This book will show you how to overcome the challenge of getting the security of your applications right.

"Android Application Security Essentials" will show you how to secure your Android applications and data. It will equip you with tricks and tips that will come in handy as you develop your applications.
We will start by learning the overall security architecture of the Android stack. Securing components with permissions, defining security in a manifest file, cryptographic algorithms and protocols on the Android stack, secure storage, security focused testing, and protecting enterprise data on your device is then also discussed in detail. You will also learn how to be security-aware when integrating newer technologies like NFC and mobile payments into your Android applications.

At the end of this book, you will understand Android security at the system level all the way to the nitty-gritty details of application security for securing your Android applications.

Authors

Table of Contents

Chapter 1: The Android Security Model – the Big Picture
Installing with care
Android platform architecture
Application signing
Data storage on the device
Crypto APIs
Device Administration
Summary
Chapter 2: Application Building Blocks
Application components
Intents
Summary
Chapter 3: Permissions
Permission protection levels
Application level permissions
Component level permissions
Extending Android permissions
Summary
Chapter 4: Defining the Application's Policy File
The AndroidManifest.xml file
Application policy use cases
Example checklist
Summary
Chapter 5: Respect Your Users
Principles of data security
Identifying assets, threats, and attacks
End-to-end security
Digital rights management
Summary
Chapter 6: Your Tools – Crypto APIs
Terminology
Security providers
Random number generation
Hashing functions
Public key cryptography
Symmetric key cryptography
Message Authentication Codes
Summary
Chapter 7: Securing Application Data
Data storage decisions
User preferences
File
Cache
Database
Account manager
SSL/TLS
Installing an application on an external storage
Summary
Chapter 8: Android in the Enterprise
The basics
Understanding the Android ecosystem
Device administration capabilities
Next steps
Summary
Chapter 9: Testing for Security
Testing overview
Security testing basics
Sample test case scenarios
Security testing the resources
Summary
Chapter 10: Looking into the Future
Mobile commerce
Proximity technologies
Social networking
Healthcare
Authentication
Advances in hardware
Application architecture
Summary

Book Details

ISBN 139781849515603
Paperback218 pages
Read More