Android Application Secure Design/Secure Coding Guidebook April 1st, 2014 version
http://www.jssec.org/dl/android_securecoding_en.pdf
Android Application Secure Design/Secure Coding Guidebook
- Beta version -
April 1st, 2014
Japan Smartphone Security Association
Secure Coding Group
Index
1. Introduction ................................................................................................................................ 9
1.1. Building a Secure Smartphone Society ................................................................................... 9
1.2. Timely Feedback on a Regular Basis Through the Beta Version ............................................. 10
1.3. Usage Agreement of the Guidebook .................................................................................... 11
2. Composition of the Guidebook .................................................................................................. 12
2.1. Developer's Context ............................................................................................................ 12
2.2. Sample Code, Rule Book, Advanced Topics .......................................................................... 13
2.3. The Scope of the Guidebook ............................................................................................... 16
2.4. Literature on Android Secure Coding ................................................................................... 17
2.5. Steps to Install Sample Codes into Eclipse ........................................................................... 18
3. Basic Knowledge of Secure Design and Secure Coding ............................................................... 34
3.1. Android Application Security ............................................................................................... 34
3.2. Handling Input Data Carefully and Securely ......................................................................... 47
4. Using Technology in a Safe Way ................................................................................................. 49
4.1. Creating/Using Activities .................................................................................................... 49
4.2. Receiving/Sending Broadcasts ............................................................................................. 93
4.3. Creating/Using Content Providers ..................................................................................... 126
4.4. Creating/Using Services .................................................................................................... 175
4.5. Using SQLite ..................................................................................................................... 219
4.6. Handling Files ................................................................................................................... 237
4.7. Using Browsable Intent ...................................................................................................... 264
4.8. Outputting Log to LogCat .................................................................................................. 268
4.9. Using WebView ................................................................................................................. 280
5. How to use Security Functions ................................................................................................. 291
5.1. Creating Password Input Screens ....................................................................................... 291
5.2. Permission and Protection Level ........................................................................................ 306
5.3. Add In-house Accounts to Account Manager ..................................................................... 334
5.4. Communicating via HTTPS ................................................................................................ 353
6. Difficult Problems ................................................................................................................... 375
6.1. Risk of Information Leakage from Clipboard ...................................................................... 375
1.1 Building a Secure Smartphone Society
3
3星 · 超过75%的资源 需积分: 10 146 浏览量
2015-03-30
23:27:06
上传
评论
收藏 5.62MB PDF 举报 
wangyingliang2017-03-21英文版的,写材料无法直接使用
