Synopses & Reviews
"I honestly didn't believe I'd learn much from the book because I've been working on Android security for many years. This belief could not have been more wrong. Android Security Internals has earned a permanent spot on my office bookshelf."—Jon "jcase" Sawyer, from the Foreword
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.
In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.
You'll learn:
- How Android permissions are declared, used, and enforced
- How Android manages application packages and employs code signing to verify their authenticity
- How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
- About Android's credential storage system and APIs, which let applications store cryptographic keys securely
- About the online account management framework and how Google accounts integrate with Android
- About the implementation of verified boot, disk encryption, lockscreen, and other device security features
- How Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root access
With its unprecedented level of depth and detail,
Android Security Internals is a must-have for any security-minded Android developer.
Synopsis
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals--until now.
In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.
You'll learn:
-How Android permissions are declared, used, and enforced
-How Android manages application packages and employs code signing to verify their authenticity
-How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
-About Android's credential storage system and APIs, which let applications store cryptographic keys securely
-About the online account management framework and how Google accounts integrate with Android
-About the implementation of verified boot, disk encryption, lockscreen, and other device security features
-How Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root access
With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.
Synopsis
There are nearly a billion Android devices in use today, and every one is a potential security breach. Love it or hate it, the security of Android-based devices is of major concern to users and developers alike. In Android Security Internals, author Nikolay Elenkov delves into Android components and subsystems to give you a very deep and complete understanding of the security internals of Android devices. Elenkov's coverage of security topics ranges from package and user management to the details of cryptographic providers and credential storage. Android Security Internals is destined to be one book that that all security-minded Android developers will have to have on their bookshelves.
About the Author
Nikolay Elenkov has been working on enterprise security-related projects for the past 10 years. He became interested in Android shortly after the initial public release, and has been developing applications for it since version 1.5. His work has led to the discovery and correction of significant Android security flaws. For two years, he's written about Android security at his highly esteemed blog, nelenkov.blogspot.com
Table of Contents
; About the Author; About the Technical Reviewer; Foreword; Acknowledgments; Introduction; Who This Book Is For; Prerequisites; Android Versions; How Is This Book Organized?; Conventions; Chapter 1: Android's Security Model; 1.1 Android's Architecture; 1.2 Android's Security Model; 1.3 Summary; Chapter 2: Permissions; 2.1 The Nature of Permissions; 2.2 Requesting Permissions; 2.3 Permission Management; 2.4 Permission Protection Levels; 2.5 Permission Assignment; 2.6 Permission Enforcement; 2.7 System Permissions; 2.8 Shared User ID; 2.9 Custom Permissions; 2.10 Public and Private Components; 2.11 Activity and Service Permissions; 2.12 Broadcast Permissions; 2.13 Content Provider Permissions; 2.14 Pending Intents; 2.15 Summary; Chapter 3: Package Management; 3.1 Android Application Package Format; 3.2 Code signing; 3.3 APK Install Process; 3.4 Package Verification; 3.5 Summary; Chapter 4: User Management; 4.1 Multi-User Support Overview; 4.2 Types of Users; 4.3 User Management; 4.4 User Metadata; 4.5 Per-User Application Management; 4.6 External Storage; 4.7 Other Multi-User Features; 4.8 Summary; Chapter 5: Cryptographic Providers; 5.1 JCA Provider Architecture; 5.2 JCA Engine Classes; 5.3 Android JCA Providers; 5.4 Using a Custom Provider; 5.5 Summary; Chapter 6: Network Security and PKI; 6.1 PKI and SSL Overview; 6.2 JSSE Introduction; 6.3 Android JSSE Implementation; 6.4 Summary; Chapter 7: Credential Storage; 7.1 VPN and Wi-Fi EAP Credentials; 7.2 Credential Storage Implementation; 7.3 Public APIs; 7.4 Summary; Chapter 8: Online Account Management; 8.1 Android Account Management Overview; 8.2 Account Management Implementation; 8.3 Google Accounts Support; 8.4 Summary; Chapter 9: Enterprise Security; 9.1 Device Administration; 9.2 VPN Support; 9.3 Wi-Fi EAP; 9.4 Summary; Chapter 10: Device Security; 10.1 Controlling OS Boot-Up and Installation; 10.2 Verified Boot; 10.3 Disk Encryption; 10.4 Screen Security; 10.5 Secure USB Debugging; 10.6 Android Backup; 10.7 Summary; Chapter 11: NFC and Secure Elements; 11.1 NFC Overview; 11.2 Android NFC Support; 11.3 Secure Elements; 11.4 Software Card Emulation; 11.5 Summary; Chapter 12: Selinux; 12.1 SELinux Introduction; 12.2 Android Implementation; 12.3 Android 4.4 SELinux Policy; 12.4 Summary; Chapter 13: System Updates and Root Access; 13.1 Bootloader; 13.2 Recovery; 13.3 Root Access; 13.4 Root Access on Production Builds; 13.5 Summary; ;