Course Outline - Android ATC · 2020-01-26 · Android ATC Android™ Security Essentials Course...

Click here to load reader

  • date post

    25-Jun-2020
  • Category

    Documents

  • view

    1
  • download

    1

Embed Size (px)

Transcript of Course Outline - Android ATC · 2020-01-26 · Android ATC Android™ Security Essentials Course...

  • Course Outline

  • Android ATC

    Android™ Security EssentialsCourse Code: AND-802 version 8.x

    Hands-on Guide to Android Security Principles

  • Table of Contents Lesson 1: PermissionsIntroduction ......................................................................................... 1-2Android Platform Architecture ........................................................ 1-2Android Security Architecture ......................................................... 1-5

    Application Signing ........................................................................ 1-5Installing Applications ................................................................... 1-6

    Permissions ......................................................................................... 1-7Why Permissions? .......................................................................... 1-7Enforcing Permissions .................................................................. 1-7Levels of Permissions Protection ............................................... 1-8Application - Level Permissions .................................................. 1-12Component - Level Permissions ................................................. 1-16Extending Android Permissions .................................................. 1-23

    Lab 1: Permission ............................................................................... 1-26Creating and Accessing App Permissions ....................................1-27

    .......................1-46

    Lesson 2: Managing the Policy FileIntroduction ......................................................................................... 2-2The Manifest File ................................................................................ 2-2

    Manifest Tag Attributes ................................................................ 2-4Application Tag Attributes ............................................................ 2-5

    Modifying the Application Policy ................................................... 2-8Application Running with the Same Linux ID ........................... 2-9Setting Application Permissions ................................................. 2-10Permissions for External Applications ....................................... 2-10External Storage ............................................................................. 2-11Debugging Mode ............................................................................ 2-12Backup .............................................................................................. 2-13

    Lab 2: ..................................................................................................... 2-14Creating Two Applications with the Same Linux ID ................ 2-15Backing up Data on Cloud Storage ............................................. 2-28

    Android Security Essentials

  • Lesson 3: Users’ Data Privacy and ProtectionIntroduction ......................................................................................... 3-2Data Security Principles ................................................................... 3-2

    ................................................................................. 3-2Integrity ............................................................................................ 3-3Availability ........................................................................................ 3-3

    The Mobile Environment ................................................................... 3-6Data States ........................................................................................... 3-8Vulnerabilities and Attacks Against Stored Data ....................... 3-8

    Vulnerabilities of Stored Data ...................................................... 3-9Threats on Stored Data ................................................................. 3-9

    Protection Principles ......................................................................... 3-9Tips for Android Coding Vulnerabilities ........................................ 3-10Lab 3: ..................................................................................................... 3-11

    .......................3-12Protecting Application Data with Permissions ........................ 3-27

    Lesson 4: Securing StorageIntroduction ........................................................................................ 4-2Data Storage Decisions .................................................................... 4-2

    Privacy ............................................................................................. 4-2Data Storage Period ...................................................................... 4-2

    Storage Mechanisms ........................................................................ 4-3SharedPreferences ........................................................................ 4-3File .................................................................................................... 4-5

    File Operations on an External Storage ....................................... 4-8Cache ................................................................................................... 4-8Database .............................................................................................. 4-10Lab 4: Data Storage Applications .................................................. 4-12

    Using SharedPreferences ................................................................ 4-13File Storage Operations ................................................................... 4-16Storing Data in Cache ...................................................................... 4-37SQLite Database Storage ................................................................. 4-44

    Android Security Essentials AND-802