Bulletproof Android: Practical Advice for Building Secure Apps
©2015 |Addison-Wesley Professional | Available
Godfrey Nolan
©2015 |Addison-Wesley Professional | Available
Introducing Pearson+ 1500+ eTexts and study tools, all in one place. Subscriptions starting at $9.99/month.
K-12 educators: This link is for individuals purchasing with credit cards or PayPal only. Contact your Savvas Learning Company Account General Manager for purchase options.
This product is part of the following series. Click on a series title to see the full list of products in the series.
Preface xiii
Acknowledgments xxi
About the Author xxiii
Chapter 1: Android Security Issues 1
Why Android? 1
Guidelines 7
Securing the Device 17
Conclusion 18
Chapter 2: Protecting Your Code 19
Looking into the classes.dex File 19
Obfuscation Best Practices 24
Smali 39
Hiding Business Rules in the NDK 48
Conclusion 49
Chapter 3: Authentication 51
Secure Logins 51
Understanding Best Practices for
User Authentication and Account Validation 54
Application Licensing with LVL 65
OAuth 77
User Behavior 84
Conclusion 86
Chapter 4: Network Communication 87
HTTP(S) Connection 88
Symmetric Keys 92
Asymmetric Keys 94
Ineffective SSL 99
Conclusion 107
Chapter 5: Android Databases 109
Android Database Security Issues 109
SQLite 110
SQLCipher 116
Hiding the Key 120
SQL Injection 127
Conclusion 129
Chapter 6: Web Server Attacks 131
Web Services 131
Cross Platform 135
WebView Attacks 140
Cloud 146
Conclusion 150
Chapter 7: Third-Party Library Integration 151
Transferring the Risk 152
Permissions 152
Installing Third-Party Apps 154
Trust but Verify 160
Conclusion 165
Chapter 8: Device Security 167
Wiping Your Device 168
Fragmentation 168
Device Encryption 172
SEAndroid 174
FIPS 140-2 176
Mobile Device Management 177
Conclusion 178
Chapter 9: The Future 179
More Sophisticated Attacks 179
Internet of Things 186
Audits and Compliance 188
Tools 190
Conclusion 194
Index 195
Pearson offers affordable and accessible purchase options to meet the needs of your students. Connect with us to learn more.
K12 Educators: Contact your Savvas Learning Company Account General Manager for purchase options. Instant Access ISBNs are for individuals purchasing with credit cards or PayPal.
Savvas Learning Company is a trademark of Savvas Learning Company LLC.
Nolan
©2015  | Addison-Wesley Professional  | 240 pp
Godfrey Nolan is the founder and president of the mobile and web development company RIIS LLC based in Troy, Michigan, and Belfast, Northern Ireland. This is his fourth book. He has had a healthy obsession with reverse engineering bytecode since he wrote "Decompile Once, Run Anywhere," which first appeared in Web Techniques magazine way back in September 1997. Godfrey is originally from Dublin, Ireland.
We're sorry! We don't recognize your username or password. Please try again.
The work is protected by local and international copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning.
You have successfully signed out and will be required to sign back in should you need to download more resources.