What this book covers
Chapter 1, Android Security Model – the Big Picture, focuses on the overall security of the Android stack all the way from platform security to application security. This chapter will form a baseline on which the subsequent chapters will be built upon.
Chapter 2, Application Building Blocks, introduces application components, permissions, manifest files, and application signing from a security perspective. These are all basic components of an Android application and knowledge of these components is important to build our security knowledge.
Chapter 3, Permissions, talks about existing permissions in the Android platform, how to define new permissions, how to secure application components with permissions, and provides an analysis of when to define a new permission.
Chapter 4, Defining the Application's Policy File, drills down into the mechanics of the manifest file, which is the application's policy file. We talk about tips and tricks to tighten up the policy file.
Chapter 5, Respect Your Users, covers best practices on handling users' data properly. This is important as a developer's reputation depends on user reviews and ratings. The developer should also be careful about handling user private information carefully so as not to fall into legal traps.
Chapter 6, Your Tools – Crypto APIs, discusses cryptographic capabilities provided by the Android platform. These include symmetric encryption, asymmetric encryption, hashing, cipher modes, and key management.
Chapter 7, Securing Application Data, is all about secure storage of application data both at rest and in transit. We talk about how private data is sandboxed with the application, how to securely store data on the device, on external memory cards, drives, and databases.
Chapter 8, Android in the Enterprise, talks about device security artifacts that are provided by the Android Platform and what they mean to an application developer. This chapter is of special interest to enterprise application developers.
Chapter 9, Testing for Security, focuses on designing and developing security-focused test cases.
Chapter 10, Looking into the Future, discusses upcoming use cases in the mobile space and how it affects Android, especially from a security perspective.
