Droidcedas : Android Safety Internals Is Out

Oleh Didiet86

Thursday, July 26, 2018

Bagikan :

Tweet

Some half dozen months afterward the commencement early on access chapters were announced, my mass has directly officially been released. While the lastly ebook PDF has been available for a few weeks, you lot tin directly teach all ebook formats (PDF, Mobi together with ePub) direct from the publisher, No Starch Press. Print books are besides create together with should start transportation tomorrow (Oct 24th). You tin utilisation the code UNDERTHEHOOD when checking out for a 30% discount inwards the side past times side few days. The mass volition besides live available from O'Reilly, Amazon and other retailers inwards the coming weeks.

This mass would non lead keep been possible without the efforts of Bill Pollock and Alison Law from No Starch, who edited, refined together with produced my raw writings. +Kenny Root  reviewed all chapters together with caught around embarrassing mistakes, all that are left are mine alone. Jorrit “Chainfire” Jongma reviewed my coverage of SuperSU and Jon “jcase” Sawyer contributed the foreword. Once again, a big thank you lot to everyone involved!

About the book

The book's utilisation together with construction lead keep non changed considerably since it was commencement announced. It walks you lot through Android's safety architecture, starting from the bottom up. It starts alongside telephone substitution concepts such equally Binder, permissions together with code signing, together with goes on to clitoris to a greater extent than specific topics such equally cryptographic providers, trouble concern human relationship direction together with device administration. The mass includes excerpts from inwardness native daemons together with platform services, equally good equally around application-level code samples, thence around familiarity alongside Linux together with Android programming is assumed (but non absolutely required). 

Android versions covered

The mass covers Android 4.4, based on the rootage code publicly released through AOSP. Android's primary branch is besides referenced a few times, because primary changes are normally a skillful indicator of the direction time to come releases volition take. Vendor modifications or extensions to Android, equally good equally  device-specific features are non discussed.

The commencement developer preview of Android 5.0 (Lollipop, thence known exactly equally 'Android L') was announced before long afterward the commencement draft of this mass was finished. This commencement preview L release included around novel safety features, such equally improvements to full-disk encryption together with device administration, but non all planned features were available (for example, Smart Lock was missing). The lastly Lollipop developer preview (released lastly week) added those missing features together with finalized the public API. The rootage code for Lollipop is all the same non yet available, together with trying to write an 'internals' mass without it would either effect inwards incomplete or speculative coverage, or would plough into an (rather though) practise inwards opposite engineering. That is why I've chosen non to embrace Android 5.0 inwards the mass at all together with it is exactly focused on Android 4.4 (KitKat).

Lollipop is a major release, together with equally such would involve reworking near of the chapters and, of course, adding a lot of novel content. This could tumble out inwards an updated version of the mass at around point. Not to worry though, around of the to a greater extent than interesting novel safety features volition in all likelihood teach covered correct here, on the blog,  first.

With that out of the way, hither is the extended tabular array of contents. You tin discovery the total tabular array of contents on the book's official page.

Update: Chapter 1 is directly besides freely available on No Starch's site.

Table of contents

 Chapter 1: Android’s Security Model

• Android’s Architecture
• Android’s Security Model

Chapter 2: Permissions

• The Nature of Permissions
• Requesting Permissions
• Permission Management
• Permission Protection Levels
• Permission Assignment
• Permission Enforcement
• System Permissions
• Shared User ID
• Custom Permissions
• Public together with Private Components
• Activity together with Service Permissions
• Broadcast Permissions
• Content Provider Permissions
• Pending Intents

Chapter 3: Package Management

• Android Application Package Format
• Code signing
• APK Install Process
• Package Verification

Chapter 4: User Management

• Multi-User Support Overview
• Types of Users
• User Management
• User Metadata
• Per-User Application Management
• External Storage
• Other Multi-User Features

Chapter 5: Cryptographic Providers

• JCA Provider Architecture
• JCA Engine Classes
• Android JCA Providers
• Using a Custom Provider

Chapter 6: Network Security together with PKI

• PKI together with SSL Overview
• JSSE Introduction
• Android JSSE Implementation

Chapter 7: Credential Storage

• VPN together with Wi-Fi EAP Credentials
• Credential Storage Implementation
• Public APIs

Chapter 8: Online Account Management

• Android Account Management Overview
• Account Management Implementation
• Google Accounts Support

Chapter 9: Enterprise Security

• Device Administration
• VPN Support
• Wi-Fi EAP

Chapter 10: Device Security

• Controlling OS Boot-Up together with Installation
• Verified Boot
• Disk Encryption
• Screen Security
• Secure USB Debugging
• Android Backup

Chapter 11: NFC together with Secure Elements

• NFC Overview
• Android NFC Support
• Secure Elements
• Software Card Emulation

Chapter 12: SElinux

• SELinux Introduction
• Android Implementation
• Android 4.4 SELinux Policy

Chapter 13: System Updates together with Root Access

• Bootloader
• Recovery
• Root Access
• Root Access on Production Builds

Tag : android security