一、内容介绍
这本指南是关于安全设计和安全编码诀窍的集合,对于Android应用程序开发人员。我们的目标是拥有尽可能多的Android应用程序开发人员。
This guidebook is a collection of tips concerning the know-how of secure designs and secure coding
for Android application developers. Our intent is to have as many Android application developers as
possible take advantage of this, and for that reason we are making it public.
Introduction .............................................................................................................................. 13@b@1.1. Building a Secure Smartphone Society ................................................................................. 13@b@1.2. Timely Feedback on a Regular Basis Through the Beta Version ............................................. 14@b@1.3. Usage Agreement of the Guidebook .................................................................................... 15@b@1.4. Correction articles of February 1st 2017 edition .................................................................. 16@b@2. Composition of the Guidebook .................................................................................................. 18@b@2.1. Developer's Context ............................................................................................................ 18@b@2.2. Sample Code, Rule Book, Advanced Topics .......................................................................... 19@b@2.3. The Scope of the Guidebook ............................................................................................... 22@b@2.4. Literature on Android Secure Coding ................................................................................... 23@b@2.5. Steps to Install Sample Codes into Android Studio ............................................................... 24@b@3. Basic Knowledge of Secure Design and Secure Coding ............................................................... 38@b@3.1. Android Application Security ............................................................................................... 38@b@3.2. Handling Input Data Carefully and Securely ......................................................................... 51@b@4. Using Technology in a Safe Way ................................................................................................. 53@b@4.1. Creating/Using Activities .................................................................................................... 53@b@4.2. Receiving/Sending Broadcasts ........................................................................................... 100@b@4.3. Creating/Using Content Providers ..................................................................................... 134@b@4.4. Creating/Using Services .................................................................................................... 185@b@4.5. Using SQLite ..................................................................................................................... 230@b@4.6. Handling Files ................................................................................................................... 248@b@4.7. Using Browsable Intent ...................................................................................................... 277@b@4.8. Outputting Log to LogCat .................................................................................................. 280@b@4.9. Using WebView ................................................................................................................. 292@b@4.10. Using Notifications ........................................................................................................ 304@b@5. How to use Security Functions ................................................................................................. 313@b@5.1. Creating Password Input Screens ....................................................................................... 313@b@5.2. Permission and Protection Level ........................................................................................ 328@b@5.3. Add In-house Accounts to Account Manager ..................................................................... 362@b@5.4. Communicating via HTTPS ................................................................................................ 382@b@5.5. Handling privacy data ....................................................................................................... 412@b@5.6. Using Cryptography .......................................................................................................... 446
��