Android Security Internals: An In-Depth Guide to Android's Security Architecture

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals€"until now.

In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security sys­tem. Elenkov describes Android security archi­tecture from the bottom up, delving into the imple­mentation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.

You€ll learn:
€“How Android permissions are declared, used, and enforced
€“How Android manages application packages and employs code signing to verify their authenticity
€“How Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
€“About Android€s credential storage system and APIs, which let applications store cryptographic keys securely
€“About the online account management framework and how Google accounts integrate with Android
€“About the implementation of verified boot, disk encryption, lockscreen, and other device security features
€“How Android€s bootloader and recovery OS are used to perform full system updates, and how to obtain root access

With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.