San Francisco : , : No Starch Press, , [2015]

©2015

1-4571-8549-0

1-59327-641-9

1 online resource (434 p.)

004.1675

Operating systems (Computers) - Security measures

Smartphones - Security measures

Mobile computing - Security measures

Inglese

Includes index.

Includes bibliographical references and index.

About the Author; Brief Contents; Contents in Detail; Foreword; Acknowledgments; Introduction; Who This Book Is For; Prerequisites; Android Versions; How Is This Book Organized?; Conventions; Chapter 1: Android's Security Model; Android's Architecture; Linux Kernel; Native User Space; Dalvik VM; Java Runtime Libraries; System Services; Inter-Process Communication; Binder; Android Framework Libraries; Applications; Android's Security Model; Application Sandboxing; Permissions; IPC; Code Signing and Platform Keys; Multi-User Support; SELinux; System Updates; Verified Boot; Summary

Chapter 2: Permissions The Nature of Permissions; Requesting Permissions; Permission Management; Permission Protection Levels; Permission Assignment; Permission Enforcement; Kernel-Level Enforcement; Native Daemon-Level Enforcement; Framework-Level Enforcement; System Permissions; Signature Permissions; Development Permissions; Shared User ID; Custom Permissions; Public and Private Components; Activity and Service Permissions; Broadcast Permissions; Content Provider Permissions; Static Provider Permissions; Dynamic Provider Permissions; Pending Intents; Summary; Chapter 3:  Package Management

Android Application Package Format Code Signing; Java Code Signing; Android Code Signing; APK Install Process; Location of Application Packages and Data; Active Components; Installing a Local Package; Updating a Package; Installing Encrypted APKs; Forward Locking; Android 4.1 Forward Locking Implementation; Encrypted Apps and Google Play; Package Verification; Android Support for Package Verification; Google Play Implementation; Summary; Chapter 4: User Management; Multi-User Support Overview; Types of Users; The Primary User (Owner); Secondary Users; Restricted Profiles; Guest User

User Management Command-Line Tools; User States and Related Broadcasts; User Metadata; The User List File; User Metadata Files; User System Directory; Per-User Application Management; Application Data Directories; Application Sharing; External Storage; External Storage Implementations; Multi-User External Storage; External Storage Permissions; Other Multi-User Features; Summary; Chapter 5:  Cryptographic Providers; JCA Provider Architecture; Cryptographic Service Providers; JCA Engine Classes; Obtaining an Engine Class Instance; Algorithm Names; Secure Random; Message Digest; Signature; Cipher

MacKey; SecretKey and PBEKey; PublicKey, PrivateKey, and KeyPair; KeySpec; KeyFactory; SecretKeyFactory; Key Pair Generator; KeyGenerator; KeyAgreement; KeyStore; CertificateFactory and CertPath; CertPathValidator and CertPathBuilder; Android JCA Providers; Harmony's Crypto Provider; Android's Bouncy Castle Provider; AndroidOpenSSL Provider; OpenSSL; Using a Custom Provider; Spongy Castle; Summary; Chapter 6: Network Security and PKI ; PKI and SSL Overview; Public Key Certificates; Direct Trust and Private CAs; Public Key Infrastructure; Certificate Revocation; JSSE Introduction; Secure Sockets

Peer Authentication

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals-until now.In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device