What do you think?
Rate this book
Android Security Internals: An In-Depth Guide to Android's Security Architecture
"I honestly didn't believe I'd learn much from the book because I've been working on Android security for many years. This belief could not have been more wrong. Android Security Internals has earned a permanent spot on my office bookshelf."--Jon "jcase" Sawyer, from the Foreword
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals--until now.
In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.
You'll learn:
How Android permissions are declared, used, and enforced
How Android manages application packages and employs code signing to verify their authenticity
How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
About Android's credential storage system and APIs, which let applications store cryptographic keys securely
About the online account management framework and how Google accounts integrate with Android
About the implementation of verified boot, disk encryption, lockscreen, and other device security features
How Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root access
With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals--until now.
In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.
You'll learn:
How Android permissions are declared, used, and enforced
How Android manages application packages and employs code signing to verify their authenticity
How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
About Android's credential storage system and APIs, which let applications store cryptographic keys securely
About the online account management framework and how Google accounts integrate with Android
About the implementation of verified boot, disk encryption, lockscreen, and other device security features
How Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root access
With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.
432 pages, ebook
First published September 25, 2014
31 people are currently reading
203 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
November 14, 2017
Great book, will act as a reference going forward.
May 1, 2018
As a member of the Android Platform Security team, this book has been one of my top 2 recommended to people new to Android, and top book overall for those interested in Android Security. Though I never finished it (read only about half of the content and skimmed the rest), this book provides the architectural background and details to greatly appreciate a variety of Android's components. Each chapter is a self-contained analysis of a particular component and all of them provide insightful information. Even though this book is now somewhat dated (based on Android 4.4), its writing quality and analysis will prove useful for years to come, and it is leagues beyond any of the other Android Security books I've encountered.
October 20, 2015
Awesome book, is (at the time of writing) very up to date and relevant, it touches a lot (but really a lot) of topics in depth. I'm impressed.
Displaying 1 - 3 of 3 reviews