Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Mobile Application Security
CITATION
Dwivedi, Himanshu;
Clark, Chris; and
Thiel, David
.
Mobile Application Security
.
US
: McGraw-Hill Osborne Media, 2010.
Add to Favorites
Email to a Friend
Download Citation
Mobile Application Security
Authors:
Himanshu Dwivedi
,
Chris Clark
and
David Thiel
Published:
January 2010
eISBN:
9780071633574 007163357X
|
ISBN:
9780071633567
Open eBook
Book Description
Table of Contents
Contents
Acknowledgments
Introduction
Part I: Mobile Platforms
Chapter 1 Top Mobile Issues and Development Strategies
Top Issues Facing Mobile Devices
Tips for Secure Mobile Application Development
Conclusion
Chapter 2 Android Security
Development and Debugging on Android
Android’s Securable IPC Mechanisms
Android’s Security Model
Android Permissions Review
Creating New Manifest Permissions
Intents
Activities
Broadcasts
Services
ContentProviders
Avoiding SQL Injection
Intent Reflection
Files and Preferences
Mass Storage
Binder Interfaces
Android Security Tools
Conclusion
Chapter 3 The Apple iPhone
History
Development
Security Testing
Application Format
Permissions and User Controls
Local Data Storage: Files, Permissions, and Encryption
Networking
Push Notifications, Copy/Paste, and Other IPC
Conclusion
Chapter 4 Windows Mobile Security
Introduction to the Platform
Kernel Architecture
Development and Security Testing
Permissions and User Controls
Local Data Storage
Networking
Conclusion
Chapter 5 BlackBerry Security
Introduction to Platform
Device and OS Architecture
Development and Security Testing
Permissions and User Controls
Local Data Storage
Networking
Conclusion
Chapter 6 Java Mobile Edition Security
Standards Development
Configurations, Profiles, and JSRs
Development and Security Testing
Permissions and User Controls
Conclusion
Chapter 7 SymbianOS Security
Introduction to the Platform
Development and Security Testing
Code Security
Application Packaging
Permissions and User Controls
Interprocess Communication
Persistent Data Storage
Conclusion
Chapter 8 WebOS Security
Introduction to the Platform
Development and Security Testing
Code Security
Permissions and User Controls
Conclusion
Part II: Mobile Services
Chapter 9 WAP and Mobile HTML Security
WAP and Mobile HTML Basics
Authentication on WAP/Mobile HTML Sites
Encryption
Application Attacks on Mobile HTML Sites
WAP and Mobile Browser Weaknesses
Conclusion
Chapter 10 Bluetooth Security
Overview of the Technology
Bluetooth Technical Architecture
Bluetooth Security Features
Threats to Bluetooth Devices and Networks
Bluetooth Vulnerabilities
Recommendations
Chapter 11 SMS Security
Overview of Short Message Service
Overview of Multimedia Messaging Service
Protocol Attacks
Application Attacks
Walkthroughs
Conclusion
Chapter 12 Mobile Geolocation
Geolocation Methods
Geolocation Implementation
Geolocation Implementation
Risks of Geolocation Services
Geolocation Best Practices
Chapter 13 Enterprise Security on the Mobile OS
Device Security Options
Secure Local Storage
Security Policy Enforcement
Encryption
Application Sandboxing, Signing, and Permissions
Buffer Overflow Protection
Security Feature Summary
Conclusion
Part III: Appendixes
Appendix A: Mobile Malware
A Tour of Important Past Malware
Threat Scenarios
Mitigating Mobile Malware Mayhem
For Developers and Platform Vendors
Appendix B: Mobile Security Penetration Testing Tools
Mobile Platform Attack Tools and Utilities
Browser Extensions
Networking Tools
Web Application Tools
Fuzzing Frameworks
General Utilities
VBinDiff
Index