Free Downloads
Android Security Internals: An In-Depth Guide To Android's Security Architecture

"I honestly didn't believe I'd learn much from the book because I've been working on Android security for many years. This belief could not have been more wrong. Android Security Internals has earned a permanent spot on my office bookshelf."—Jon "jcase" Sawyer, from the ForewordThere are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.You'll learn:How Android permissions are declared, used, and enforcedHow Android manages application packages and employs code signing to verify their authenticityHow Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworksAbout Android's credential storage system and APIs, which let applications store cryptographic keys securelyAbout the online account management framework and how Google accounts integrate with AndroidAbout the implementation of verified boot, disk encryption, lockscreen, and other device security featuresHow Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root accessWith its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.

Paperback: 432 pages

Publisher: No Starch Press; 1 edition (November 2, 2014)

Language: English

ISBN-10: 1593275811

ISBN-13: 978-1593275815

Product Dimensions: 1 x 7.2 x 9.5 inches

Shipping Weight: 1.8 pounds (View shipping rates and policies)

Average Customer Review: 4.6 out of 5 stars  See all reviews (15 customer reviews)

Best Sellers Rank: #475,270 in Books (See Top 100 in Books) #96 in Books > Computers & Technology > Security & Encryption > Viruses #293 in Books > Computers & Technology > Security & Encryption > Privacy & Online Safety #309 in Books > Computers & Technology > Mobile Phones, Tablets & E-Readers > Handheld & Mobile Devices

After spending the past few weeks quickly reading through this book, I have to say that I'm truly impressed. I've read a number of other texts focusing on Android Security, but none hold a candle to the quality of information contained herein. Recent (the author talks about changes up to the shiny new 5.0), well written, complete, and, above all, highly informative, this is certainly a book for your shelf should you consider yourself any type of Android security aficionado. I'm about to begin my second read-through to reinforce concepts and pick up on things I may have missed during my first. I'll update this with more details when I'm through.My only gripe (and I admit, this is a small one) is that fully grasping everything this book has to offer requires at least a working knowledge of Android application development. While it's nice to see a security book focusing absolutely on security, a quick review of the main terms and usages would have been nice.Also, for those of you that may not know, the book's official website contains the table of contents and the index and is located here: I'm going through the book a second time, I figured it would be useful to take a closer look at each chapter. Hope it helps those of you on the fence about pulling the trigger and buying this book. I'd also like to update what the book contains in general so as to not leave anyone with any false impressions. This is a book regarding, through and through, Android's Security Architecture. You won't be learning about hot-topic Android hacking techniques and you won't learn how to root or jailbreak your device (see Wiley's Android Hacker's Handbook if you're into that stuff).

This is the first security book I have read on Android that was not primarily about hacking the Android platform. This book completely covers all the tools available to the Android software architects and developers.Instead of showing us how to root the device at the beginning of the book and then showing us exploits and vulnerabilities throughout the rest of it, he covers how root access is achieved in different types of Android builds, and different ways get Root Access, but late in the book.The book starts out with an overview of the Android security model, and then each chapter is dedicated to a specific feature of Android's security model. I have listed the chapters below.Chapter 1: Android's Security ModelChapter 2: PermissionsChapter 3: Package ManagementChapter 4: User ManagementChapter 5: Cryptographic ProvidersChapter 6: Network Security and PKIChapter 7: Credential StorageChapter 8: Online Account ManagementChapter 9: Enterprise SecurityChapter 10: Device SecurityChapter 11: NFC and Secure ElementsChapter 12: SELinuxChapter 13: System Updates and Root AccessAlthough the chapter titles give you a pretty good idea of what is in them, I have listed some of the chapters below along with the topics covered that I liked best.Chapter 2: Permissions covers The Nature of Permissions, Requesting Permissions, Permission Management, Permission Protection Levels, Permission Assignment, Permission Enforcement, System Permissions, Shared User ID, Custom Permissions, Public and Private Components, Activity and Service Permissions, Broadcast Permissions, Content Provider Permissions, and Pending Intents.

Android Security Internals: An In-Depth Guide to Android's Security Architecture Android: Android Programming And Android App Development For Beginners (Learn How To Program Android Apps, How To Develop Android Applications Through Java Programming, Android For Dummies) Android: Programming in a Day! The Power Guide for Beginners In Android App Programming (Android, Android Programming, App Development, Android App Development, ... App Programming, Rails, Ruby Programming) Programming #8:C Programming Success in a Day & Android Programming In a Day! (C Programming, C++programming, C++ programming language, Android , Android Programming, Android Games) The Guru's Guide to SQL Server Architecture and Internals Solaris Internals: Solaris 10 and OpenSolaris Kernel Architecture (2nd Edition) Windows Internals, Part 1: System architecture, processes, threads, memory management, and more (7th Edition) Android at Work: 150-Plus Must Have Apps for Android Phones and Tablets: The complete guide to the best free phone and tablet Android apps Android: App Development & Programming Guide: Learn In A Day! (Android, Rails, Ruby Programming, App Development, Android App Development, Ruby Programming) Embedded Programming with Android: Bringing Up an Android System from Scratch (Android Deep Dive) Android Programming BOX SET: ANDROID PROGRAMMING and ANDROID GAME PROGRAMMING - 2 Books in 1 (Second Edition) Android Tips and Tricks: Covers Android 5 and Android 6 devices (2nd Edition) Android Tips and Tricks: Covers Android 5 and Android 6 devices Learning Android programming using Android Studio (Android for beginners Book 1) Android: Programming & App Development For Beginners (Android, Rails, Ruby Programming, App Development, Android App Development) Home Security: Top 10 Home Security Strategies to Protect Your House and Family Against Criminals and Break-ins (home security monitor, home security system diy, secure home network) Android Forensics: Investigation, Analysis and Mobile Security for Google Android Symbian OS Platform Security: Software Development Using the Symbian OS Security Architecture (Symbian Press) Android XBMC Kodi 5 In 1 User Guide (Updated September 2016): Android Tablet, Phone & Google TV User Guide, XBMC Kodi & TV Streaming User Guide DNS Security: In-depth Vulnerability Analysis and Mitigation Solutions