Android Security Internals

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.<br><br>In <i>Android Security Internals</i>, top Android security expert Nikolay Elenkov takes us under the hood of the Android security sys­tem. Elenkov describes Android security archi­tecture from the bottom up, delving into the imple­mentation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.<br><br>You’ll learn:<br>–How Android permissions are declared, used, and enforced<br>–How Android manages application packages and employs code signing to verify their authenticity<br>–How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks<br>–About Android’s credential storage system and APIs, which let applications store cryptographic keys securely<br>–About the online account management framework and how Google accounts integrate with Android<br>–About the implementation of verified boot, disk encryption, lockscreen, and other device security features<br>–How Android’s bootloader and recovery OS are used to perform full system updates, and how to obtain root access<br><br>With its unprecedented level of depth and detail, <i>Android Security Internals</i> is a must-have for any security-minded Android developer.