Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
16 Ways to Create
a Secure Android Application
The security functionality provided
by the Android platform is rich, and
strong security mechanisms can be
created using b...
Here is a list of checks that
you can use to assess the
security of your application.
Check that all
code paths into
application
components
expose only the
functionality
that is intended
Minimize the
storage of user
data down to
the essentials
Limit interaction
with untrusted
sources
and scrutinize
any outside
interaction
Verify that
the minimum
possible set
of permissions
have been
requested by
the application
Ensure that no
unintended files
are bundled
inside the APK
Assign
permissions
to all exported
application
components
Ensure that
sensitive inputs
do not store any
typed-in words
into the Android
dictionary
Ensure that all
inputs for user
passwords are
appropriately
masked
Ensure that
content providers
do not have SQL
injection
vulnerabilities
Ensure that file-
backed content
providers do not
provide access to
unintended files
Ensure that
pattern-matching
flaws do not
exist on any
paths protected
by permissions
Set restrictive
file permissions
on files stored
inside the private
data directory
Pay attention
to the sensitivity
of files stored on
the SD card
Ensure that
sensitive files
stored anywhere
on the filesystem
are encrypted
Encrypt all
communications
to the Internet
using well-known
standards
The Mobile
Application
Hacker’s
Handbook
by Dominic Chell,
Tyrone Erasmus,
Shaun Colley, and
Ollie Whitehouse
THESE ARE JU...
Nächste SlideShare
Wird geladen in …5
×

16 Ways to Create a Secure Android Application

851 Aufrufe

Veröffentlicht am

Find out how to create a secure Android application by assessing the security of your application using the checks listed in this Slideshare.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

16 Ways to Create a Secure Android Application

  1. 1. 16 Ways to Create a Secure Android Application
  2. 2. The security functionality provided by the Android platform is rich, and strong security mechanisms can be created using built-in features.
  3. 3. Here is a list of checks that you can use to assess the security of your application.
  4. 4. Check that all code paths into application components expose only the functionality that is intended
  5. 5. Minimize the storage of user data down to the essentials
  6. 6. Limit interaction with untrusted sources and scrutinize any outside interaction
  7. 7. Verify that the minimum possible set of permissions have been requested by the application
  8. 8. Ensure that no unintended files are bundled inside the APK
  9. 9. Assign permissions to all exported application components
  10. 10. Ensure that sensitive inputs do not store any typed-in words into the Android dictionary
  11. 11. Ensure that all inputs for user passwords are appropriately masked
  12. 12. Ensure that content providers do not have SQL injection vulnerabilities
  13. 13. Ensure that file- backed content providers do not provide access to unintended files
  14. 14. Ensure that pattern-matching flaws do not exist on any paths protected by permissions
  15. 15. Set restrictive file permissions on files stored inside the private data directory
  16. 16. Pay attention to the sensitivity of files stored on the SD card
  17. 17. Ensure that sensitive files stored anywhere on the filesystem are encrypted
  18. 18. Encrypt all communications to the Internet using well-known standards
  19. 19. The Mobile Application Hacker’s Handbook by Dominic Chell, Tyrone Erasmus, Shaun Colley, and Ollie Whitehouse THESE ARE JUST SOME OF THE WAYS DEVELOPERS CAN ENSURE THEIR ANDROID APPLICATIONS ARE SECURE. FOR THE FULL LIST, CHECK OUT

×