Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Android Application Security Essentials

You're reading from   Android Application Security Essentials Security has been a bit of a hot topic with Android so this guide is a timely way to ensure your apps are safe. Includes everything from Android security architecture to safeguarding mobile payments.

Arrow left icon
Product type Paperback
Published in Aug 2013
Publisher Packt
ISBN-13 9781849515603
Length 218 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Pragati Rai Pragati Rai
Author Profile Icon Pragati Rai
Pragati Rai
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. The Android Security Model – the Big Picture FREE CHAPTER 2. Application Building Blocks 3. Permissions 4. Defining the Application's Policy File 5. Respect Your Users 6. Your Tools – Crypto APIs 7. Securing Application Data 8. Android in the Enterprise 9. Testing for Security 10. Looking into the Future Index

Application signing

One of the differentiating factors of Android is the way Android applications are signed. All applications in Android are self-signed. There is no requirement to sign the applications using a certificate authority. This is different from traditional application signing where a signature identifies the author and bases trust upon the signature.

The signature of the application associates the app with the author. If a user installs multiple applications written by the same author and these applications want to share each other's data, they need to be associated with the same signature and should have a SHARED_ID flag set in the manifest file.

The application signature is also used during the application upgrade. An application upgrade requires that both applications have the same signature and that there is no permission escalation. This is another mechanism in Android that ensures the security of applications.

As an application developer, it is important to keep the private key used to sign the application secure. As an application author, your reputation depends on it.

You have been reading a chapter from
Android Application Security Essentials
Published in: Aug 2013
Publisher: Packt
ISBN-13: 9781849515603
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image