Android Security Internals: An In-Depth Guide to Android’s Security Architecture

Book Description

“I honestly didn’t believe I’d learn much from the book because I’ve been working on Android security for many years. This belief could not have been more wrong. Android Security Internals has earned a permanent spot on my office bookshelf.”—Jon “jcase” Sawyer, from the Foreword

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.

In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.

You’ll learn:

• How Android permissions are declared, used, and enforced
• How Android manages application packages and employs code signing to verify their authenticity
• How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
• About Android’s credential storage system and APIs, which let applications store cryptographic keys securely
• About the online account management framework and how Google accounts integrate with Android
• About the implementation of verified boot, disk encryption, lockscreen, and other device security features
• How Android’s bootloader and recovery OS are used to perform full system updates, and how to obtain root access

With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.

Table of Contents

Chapter 1: Android’s Security Model
Chapter 2: Permissions
Chapter 3: Package Management
Chapter 4: User Management
Chapter 5: Cryptographic Providers
Chapter 6: Network Security and PKI
Chapter 7: Credential Storage
Chapter 8: Online Account Management
Chapter 9: Enterprise Security
Chapter 10: Device Security
Chapter 11: NFC and Secure Elements
Chapter 12: SELinux
Chapter 13: System Updates and Root Access

中文：

书名：Android Security Internals: An In-Depth Guide to Android’s Security Architecture

老实说，我不相信我会从这本书中学到很多东西，因为我已经研究Android安全很多年了。这种看法大错特错。 Android安全内部结构 has earned a permanent spot on my office bookshelf.”–Jon&8220；Jcase&8221；Sawyer，前言

目前正在使用的Android设备超过10亿台，每一台都是潜在的目标。不幸的是，直到现在，除了最精英的安全专业人士，许多基本的Android安全功能对所有人来说都只是一个黑匣子。

In Android安全内部结构，顶级Android安全专家Nikolay Elenkov带我们深入Android安全系统的引擎盖下。Elenkov自下而上地描述了Android安全体系结构，深入研究了主要安全相关组件和子系统的实现，如绑定器IPC、权限、加密提供程序和设备管理。

You’ll learn:

• 如何声明、使用和实施Android权限
• Android如何管理应用程序包并使用代码签名来验证其真实性
• Android如何实现Java加密体系结构(JCA)和Java安全套接字扩展(JSSE)框架
• 关于Android的凭据存储系统和API，它们使应用程序可以安全地存储密钥
• 关于在线帐户管理框架以及Google帐户如何与Android集成
• 关于实施经过验证的引导、磁盘加密、锁屏和其他设备安全功能
• 如何使用Android的BootLoader和Recovery OS执行完整的系统更新，以及如何获得超级用户访问权限

以其前所未有的深度和细节， Android安全内部结构 对于任何注重安全的Android开发人员来说，它都是必备的。

Table of Contents

Chapter 1: Android’s Security Model
Chapter 2: Permissions
第三章：套餐管理
第4章：用户管理
第5章：加密提供程序
第六章：网络安全与公钥基础设施
Chapter 7: Credential Storage
第8章：在线帐户管理
第9章：企业安全
第10章：设备安全
第11章：NFC和安全元素
Chapter 12: SELinux
第13章：系统更新和超级用户访问