Android Security Essentials
About This Course
This is a professional course thoroughly covering the Android security model and concerns from both the developer and end-user point of view.
It is highly recommended that course attendees have a basic knowledge in Java programming language and Linux operation system. For a quick introduction on Java programming language, trainees can attend the “Java Fundamentals for Android programming” courses provided.
At Course Completion, a student will be able to:
• Understand Android software architecture.
• Understand Android’s security model.
• Build Android applications with security best practices in mind.
• Build more secure and more robust application that appeals to clients.
Lesson 1: Introduction and Android Security Architecture
• Android Security Program Overview and Architecture.
• Kernel level security (Linux), and rooting Android.
• Android Application Components.
• The Application Sandbox.
• Managers and Services
• Activity Manager Service.
• Package Manager Service.
• Notification Manager Service.
• Search Manager Service.
• Connectivity, Telephony, and Wi-Fi Manager Services.
• Download and Storage Manager Services.
• Window Manager Service.
Lesson 2: Android Permission Model and third party applications
• Android Application Framework Layer.
• Third party application permissions.
• Using Protected APIs.
• Custom Permissions.
• Android Malware: Prevention, Detection, and Removal.
• Security Enhanced Android (SE Android).
Lesson 3: Component Security and Protecting data storage
• How Android achieves Inter-process communication.
• Restricting access to Android components.
• Vulnerabilities of Stored Data.
• Cryptography and Encryption.
• Signing your application.
Lesson 4: Client-Server communication security.
• Threats Facing Devices Transferring Data.
• Protecting web transferred data.
• Input Validation.
• Prevent Command Injection.