training

 

Securing Android Applications – 1 Day

Course Description

Securing Android Applications explores the Android mobile operating system from the perspective of user, application, and server security; and shows experienced Android developers how to apply best practices to secure their applications

What You Will Learn

  • Understand the security characteristics of mobile computing, and the Android OS in particular.
  • Manage application data in a secure fashion.
  • Apply appropriate safeguards over entry points to applications, including intent filters, bound services, and broadcast receivers.
  • Use cryptography as appropriate, especially in remote communications.
  • Manage user credentials, including passwords and issued tokens.

Prerequisites

Outline

Chapter 1. Mobile OS Security

  • Vulnerabilities of Mobile Systems
  • Security Overview of Android
  • For Comparison: iOS
  • Analysis and Areas of Concern
  • Digital Signature of Applications
  • Rooted Devices
  • Clickjacking
  • Best Practices
  • The OWASP Mobile Top 10

Chapter 2. Application Security

  • Permissions
  • Custom Permissions
  • Security Configuration
  • Storage Models
  • Internal Storage
  • USB, Bluetooth, WiFi, and External Media
  • File System Security
  • Encrypted File Systems
  • Injection Vulnerabilities
  • Inter-Process Communication
  • Guarding IPC Entrances
  • Services and Broadcast Receivers
  • Logging

Chapter 3. Remote Connectivity

  • Remote Connections from Mobile Devices
  • The INTERNET Permission
  • HTTP and HTTPS Communication
  • Keystores and Cryptography
  • Username/Password Login
  • Managing Credentials
  • HMACs
  • Managing Token Pairs

Appendix A. Learning Resources

IDE Support: Eclipse Juno

In addition to the primary lab files, an optional overlay is available that adds support for Eclipse Juno. Students can code, build, deploy, and test all exercises from within the IDE. We make full use of the Android SDK and its Eclipse plugin and device emulators.

System Requirements

Hardware Requirements (Minimum) Core i5, 1.5 GHz, 4 gig RAM, 1 gig disk space.
Hardware Requirements (Recommended) Core i5, 2.5 GHz GHz, 8 gig RAM, 1 gig disk space.
Operating System Tested on Windows 7. Course software should be viable on all systems which support a Java 6 Developer’s Kit.
Network and Security Limited privileges required.
Software Requirements All free downloadable tools.

MindIQ.com

Print Friendly, PDF & Email