Android Application Security Essentials

Book Description

Write secure Android applications using the most up-to-date techniques and concepts

Overview

• Understand Android security from kernel to the application layer
• Protect components using permissions
• Safeguard user and corporate data from prying eyes
• Understand the security implications of mobile payments, NFC, and more

In Detail

In today’s techno-savvy world, more and more parts of our lives are going digital, and all this information is accessible anytime and anywhere using mobile devices. It is of the utmost importance that you understand and implement security in your apps that will reduce the likelihood of hazards that will wreck your users’ experience.

“Android Application Security Essentials” takes a deep look into Android security from kernel to the application level, with practical hands-on examples, illustrations, and everyday use cases. This book will show you how to overcome the challenge of getting the security of your applications right.

“Android Application Security Essentials” will show you how to secure your Android applications and data. It will equip you with tricks and tips that will come in handy as you develop your applications.

We will start by learning the overall security architecture of the Android stack. Securing components with permissions, defining security in a manifest file, cryptographic algorithms and protocols on the Android stack, secure storage, security focused testing, and protecting enterprise data on your device is then also discussed in detail. You will also learn how to be security-aware when integrating newer technologies like NFC and mobile payments into your Android applications.

At the end of this book, you will understand Android security at the system level all the way to the nitty-gritty details of application security for securing your Android applications.

What you will learn from this book

• Get familiar with Android security architecture
• Secure Android components using permissions
• Implement cryptography algorithms and protocols to secure your data
• Protect user information both at rest and in transit
• Test apps for security
• Understand security considerations for upcoming use cases like NFC and mobile payments
• Guard the corporate data of enterprises apps

Approach

“Android Application Security Essentials” is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.

Who this book is written for

If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

Table of Contents

Chapter 1: The Android Security Model – the Big Picture
Chapter 2: Application Building Blocks
Chapter 3: Permissions
Chapter 4: Defining the Application’s Policy File
Chapter 5: Respect Your Users
Chapter 6: Your Tools – Crypto APIs
Chapter 7: Securing Application Data
Chapter 8: Android in the Enterprise
Chapter 9: Testing for Security
Chapter 10: Looking into the Future

中文：

书名：Android Application Security Essentials

使用最新的技术和概念编写安全的Android应用程序

Overview

• 了解Android从内核到应用层的安全
• Protect components using permissions
• Safeguard user and corporate data from prying eyes
• 了解移动支付、NFC等的安全影响

In Detail

在当今这个精通技术的世界里，我们生活中越来越多的部分正在走向数字化，所有这些信息都可以通过移动设备随时随地访问。非常重要的一点是，你要理解并在你的应用程序中实施安全措施，以降低破坏用户体验的危险的可能性。

Android应用程序安全基础&#8221；从内核到应用程序级别深入研究Android安全，并提供实际动手示例、插图和日常使用案例。本书将向您展示如何克服挑战，确保应用程序的安全性。

Android应用程序安全基础将向您展示如何保护您的Android应用程序和数据。它将为您提供在开发应用程序时派上用场的技巧和技巧。

我们将从学习Android堆栈的整体安全架构开始。然后还将详细讨论保护具有权限的组件、在清单文件中定义安全性、Android堆栈上的加密算法和协议、安全存储、侧重于安全的测试以及保护设备上的企业数据。您还将学习如何在将NFC和移动支付等新技术集成到Android应用程序中时具有安全意识。

在本书的最后，您将了解Android系统级别的安全，一直到保护您的Android应用程序的应用程序安全的细节。

你将从这本书中学到什么

• Get familiar with Android security architecture
• Secure Android components using permissions
• 实施加密算法和协议以保护您的数据
• 保护静态和传输中的用户信息
• Test apps for security
• 了解NFC和移动支付等即将到来的使用案例的安全注意事项
• Guard the corporate data of enterprises apps

Approach

Android应用程序安全基本要素包含大量示例、屏幕截图、插图和真实使用案例，可帮助您以正确的方式保护您的应用程序。

这本书是为谁写的

如果你正在寻找关于如何保护应用程序数据的指导和详细说明，那么这本书是为你准备的。希望增强Android安全知识的开发人员、架构师、管理人员和技术专家会发现这本书很有趣。对Android堆栈的开发有一些先验知识是可取的，但不是必需的。

Table of Contents

第1章：Android安全模型-总体情况
Chapter 2: Application Building Blocks
Chapter 3: Permissions
第4章：定义应用程序的策略文件
第5章：尊重用户
Chapter 6: Your Tools – Crypto APIs
Chapter 7: Securing Application Data
Chapter 8: Android in the Enterprise
第9章：安全测试
第十章：展望未来