|Book Details :|
Android Security Internals An In-Depth Guide to Android’s Security Architecture by Nikolay Elenkov | PDF Free Download.
Nikolay Elenkov has been working on enterprise security projects for the past 10 years. He has developed security software on various platforms, ranging from smart cards and HSMs to Windows and Linux servers.
He became interested in Android shortly after the initial public release and has been developing applications for it since version 1.5. Nikolay’s interest in Android internals intensified after the release of Android 4.0 (Ice Cream Sandwich)
And for the past three years, he’s been documenting his findings and writing about Android security on his blog, http://nelenkov.blogspot.com/.
I first became aware of the quality of Nikolay’s work in Android security with the release of Android 4.0, Ice Cream Sandwich.
I needed a better explanation of the new Android backup format; I was struggling to exploit a vulnerability I had found because I didn’t have a full grasp of the new feature and format.
His clear, in-depth explanation helped me understand the issue, exploit the vulnerability, and get a patch into production devices quickly. I have since been a frequent visitor to his blog, often referring to it when I need a refresher.
While I was honored to be asked to write this foreword, I honestly didn’t believe I’d learn much from the book because I’ve been working on Android security for many years. This belief could not have been more wrong.
As I read and digested new information regarding subjects I thought I knew thoroughly, my mind whirled with thoughts of what I had missed and what I could have done better. Why wasn’t a reference like this available when I first engrossed myself in Android?
This book exposes the reader to a wide range of security topics, from Android permissions and sandboxing to the Android SELinux implementation, SEAndroid.
It provides excellent explanations of minute details and rarely seen features such as dm-verify. Like me, you’ll walk away from this book with a better understanding of Android security features. Android Security Internals has earned a permanent spot on my office bookshelf.
In a relatively short period of time, Android has become the
world’s most popular mobile platform. Although originally designed for
smartphones, it now powers tablets, TVs, and wearable devices, and will soon
even be found in cars.
Android is being developed at a breathtaking pace, with
an average of two major releases per year. Each new release brings a better UI,
performance improvements, and a host of new user-facing features which are
typically blogged about and dissected in excruciating detail by Android
One aspect of the Android platform that has seen major
improvements over the last few years, but which has received little public
attention is security.
Over the years, Android has become more resistant to
common exploit techniques (such as buffer overflows), its application isolation
(sandboxing) has been reinforced, and its attack surface has been considerably
reduced by aggressively decreasing the number of system processes that run as
In addition to these exploit mitigations, recent versions of Android have
introduced major new security features such as restricted user support, full-disk
encryption, hardware-backed credential storage, and support for centralized
device management and provisioning.
Even more enterprise-oriented features and
security improvements such as managed profile support, improved full-disk
encryption and support for biometric authentication have been announced for
the next Android release (referred to as Android L as I write this).
any new platform feature, discussing cutting-edge security improvements is
exciting, but it’s arguably more important to understand Android’s security
architecture from the bottom up because each new security feature builds upon
and integrates with the platform’s core security model.
model (in which each application runs as a separate Linux user and has a
dedicated data directory) and permission system (which requires each
application to explicitly declare the platform features it requires) is fairly
well understood and documented.
However, the internals of other fundamental
platform features that have an impact on device security, such as package
management and code signing, are largely treated as a black box beyond the
security research community.
One of the reasons for Android’s popularity is the relative ease with which a device can be “flashed” with a custom build of
Android, “rooted” by applying a third-party update package, or otherwise
Android enthusiast forums and blogs feature many practical “How to”
guides that take users through the steps necessary to unlock a device and apply
various customization packages, but they offer very little structured
information about how such system updates operate under the hood and what risks
This book aims to fill these gaps by providing an exploration of
how Android works by describing its security architecture from the bottom up
and delving deep into the implementation of major Android subsystems and
components that relate to device and data security.
The coverage includes broad
topics that affect all applications, such as package and user management,
permissions and device policy, as well as more specific ones such as
cryptographic providers, credential storage, and support for secure elements.
It’s not uncommon for entire Android subsystems to be replaced or rewritten
between releases, but security-related development is conservative by nature,
and while the described behavior might be changed or augmented across releases,
Android’s core security architecture should remain fairly stable in future
This book should be useful to anyone interested in learning more about Android’s security architecture.
Both security researchers looking to evaluate the security level of Android as a whole or of a specific subsystem and platform developers working on customizing and extending Android will find the high-level description of each security feature and the provided implementation details to be a useful starting point for understanding the underlying platform source code.
Application developers can gain a deeper understanding of how the platform works, which will enable them to write more secure applications and take better advantage of the security-related APIs that the platform provides.
While some parts of the book are accessible to a non-technical audience, the bulk of the discussion is closely tied to Android source code or system files, so familiarity with the core concepts of software development in a Unix environment is useful.
Download Android Security Internals An In-Depth Guide to Androids Security Architecture in PDF Format For Free.