Course Overview
This is a two-day (12 hours) professional course, which thoroughly covers the Android security model and concerns of both the developer and end-user point of view. This course is mapped for AND-802 exam.
Who Should Attend?
It’s highly recommended that the attendees of this course know the basics of Android application development knowledge.To acquire good knowledge of Android application development, trainees may attend the “Android Application Development” course provided by Android ATC
Pre-requisite
None
Course Outlines
- Android Platform Architecture
- Android Security Architecture
- Application Signing
- Installing Applications
- Permissions
- Why Permissions?
- Enforcing Permissions
- Levels of Permissions Protection
- Application - Level Permissions
- Component - Level Permissions
- Extending Android Permissions
- Lab 1: Permission
- Creating and Accessing App Permissions
- Configuring Permissions Among Different Apps
- Introduction
- The Manifest File
- Manifest Tag Attributes
- Application Tag Attributes
- Modifying the Application Policy
- Application Running with the Same Linux ID
- Setting Application Permissions
- Permissions for External Applications
- External Storage
- Debugging Mode
- Backup
- Lab 2:
- Creating Two Applications with the Same Linux ID
- Backing up Data on Cloud Storage
- Data Security Principles
- Confidentiality
- Integrity
- Availability
- The Mobile Environment
- Data States
- Vulnerabilities and Attacks Against Stored Data
- Vulnerabilities of Stored Data
- Threats on Stored Data
- Protection Principles
- Tips for Android Coding Vulnerabilities
- Lab 3:
- Ensuring Data Confidentiality – Hacking Applications
- Protecting Application Data with Permissions
- Data Storage Decisions
- Privacy
- Data Storage Period
- Storage Mechanisms
- SharedPreferences
- File
- File Operations on an External Storage
- Cache
- Database
- Lab 4: Data Storage Applications
- Using Shared Preferences
- File Storage Operations
- Storing Data in Cache
- SQLite Database Storage