Elementary Secondary Higher Ed Common Reads
0 0
Download high-resolution image

Android Security Internals

An In-Depth Guide to Android's Security Architecture

Author Nikolay Elenkov
Ebook
No Starch | No Starch Press
On sale Oct 14, 2014 | 432 Pages | 9781593276416
Grades 6-12
Add to cart Add to list Exam Copies

See Additional Formats
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.

In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security sys­tem. Elenkov describes Android security archi­tecture from the bottom up, delving into the imple­mentation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.

You’ll learn:
–How Android permissions are declared, used, and enforced
–How Android manages application packages and employs code signing to verify their authenticity
–How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
–About Android’s credential storage system and APIs, which let applications store cryptographic keys securely
–About the online account management framework and how Google accounts integrate with Android
–About the implementation of verified boot, disk encryption, lockscreen, and other device security features
–How Android’s bootloader and recovery OS are used to perform full system updates, and how to obtain root access

With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.
Nikolay Elenkov has been working on enter­prise security–related projects for more than 10 years. He became interested in Android shortly after the initial public release and has been developing Android applications since version 1.5. His work has led to the discovery and correction of significant Android security flaws. He writes about Android security on his highly regarded blog, nelenkov.blogspot.com.
Nikolay Elenkov View titles by Nikolay Elenkov
Foreword by Jon Sawyer
Acknowledgements
Introduction
Chapter 1: Android's Security Model
Chapter 2: Permissions
Chapter 3: Package Management
Chapter 4: User Management
Chapter 5: Cryptographic Providers
Chapter 6: Network Security and PKI
Chapter 7: Credential Storage
Chapter 8: Online Account Management
Chapter 9: Enterprise Security
Chapter 10: Device Security
Chapter 11: NFC and Secure Elements
Chapter 12: SELinux
Chapter 13: System Updates and Root Access
Index
"If you are an Android application developer or breaker, you should definitely read this book."
—Michele Orrù, BeEF core developer and coauthor of The Browser Hacker's Handbook

"A deep look at Android from both the operating system internals and security perspective."
—Andrew Case, Volatility core developer and coauthor of The Art of Memory Forensics

"Not only does this book provide an invaluable and even essential course in security, it will deepen your understanding of the OS generally."
—Steve Mansfield-Devine, editor of Elsevier's Network Security Newsletter

"An excellent coverage of all things Android security."
—IT World 

"Every Android developer should have this book on their bookshelf."
—SYS-CON Media 

"Highly recommended."
—I Programmer

"This book is amazing and one of the most comprehensive Android texts I have read to date."
—Dan Borges, LockBoxx

About

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.

In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security sys­tem. Elenkov describes Android security archi­tecture from the bottom up, delving into the imple­mentation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.

You’ll learn:
–How Android permissions are declared, used, and enforced
–How Android manages application packages and employs code signing to verify their authenticity
–How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
–About Android’s credential storage system and APIs, which let applications store cryptographic keys securely
–About the online account management framework and how Google accounts integrate with Android
–About the implementation of verified boot, disk encryption, lockscreen, and other device security features
–How Android’s bootloader and recovery OS are used to perform full system updates, and how to obtain root access

With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.

Author

Nikolay Elenkov has been working on enter­prise security–related projects for more than 10 years. He became interested in Android shortly after the initial public release and has been developing Android applications since version 1.5. His work has led to the discovery and correction of significant Android security flaws. He writes about Android security on his highly regarded blog, nelenkov.blogspot.com.
Nikolay Elenkov View titles by Nikolay Elenkov

Table of Contents

Foreword by Jon Sawyer
Acknowledgements
Introduction
Chapter 1: Android's Security Model
Chapter 2: Permissions
Chapter 3: Package Management
Chapter 4: User Management
Chapter 5: Cryptographic Providers
Chapter 6: Network Security and PKI
Chapter 7: Credential Storage
Chapter 8: Online Account Management
Chapter 9: Enterprise Security
Chapter 10: Device Security
Chapter 11: NFC and Secure Elements
Chapter 12: SELinux
Chapter 13: System Updates and Root Access
Index

Praise

"If you are an Android application developer or breaker, you should definitely read this book."
—Michele Orrù, BeEF core developer and coauthor of The Browser Hacker's Handbook

"A deep look at Android from both the operating system internals and security perspective."
—Andrew Case, Volatility core developer and coauthor of The Art of Memory Forensics

"Not only does this book provide an invaluable and even essential course in security, it will deepen your understanding of the OS generally."
—Steve Mansfield-Devine, editor of Elsevier's Network Security Newsletter

"An excellent coverage of all things Android security."
—IT World 

"Every Android developer should have this book on their bookshelf."
—SYS-CON Media 

"Highly recommended."
—I Programmer

"This book is amazing and one of the most comprehensive Android texts I have read to date."
—Dan Borges, LockBoxx

Additional formats

Related Articles

General English Language Arts Science Collections Health, Sports, Games, and Crafts Math The Arts High School Middle School Music

Get Inspired! Books for After-School Clubs & Activities

Coordinating after-school clubs and activities in your school community? Explore our collection of books that will help students discover their passion for new (and screen-free!) hobbies. Focusing on topics such as art, board games, crafting, cooking, nature, sports, and more—these books are bound to spark imagination and movement. Browse the middle school and high school

Read more

Get Inspired! Books for After-School Clubs & Activities

General English Language Arts Science Collections Health, Sports, Games, and Crafts Math The Arts High School Middle School Music

Penguin Random House Secondary Education

© 2025 Penguin Random House

Back to Top
0
    • 0
    Wish List (0)