Sign in  |  Register
Advanced search
Publication Cover

CITATION

Dwivedi, Himanshu; Clark, Chris; and Thiel, David. Mobile Application Security. US: McGraw-Hill Osborne Media, 2010.

Mobile Application Security

Authors: Himanshu Dwivedi, Chris Clark and David Thiel

Published:  January 2010

eISBN: 9780071633574 007163357X | ISBN: 9780071633567
Open eBook
  • Contents
  • Acknowledgments
  • Introduction
  • Part I: Mobile Platforms
  • Chapter 1 Top Mobile Issues and Development Strategies
  • Top Issues Facing Mobile Devices
  • Tips for Secure Mobile Application Development
  • Conclusion
  • Chapter 2 Android Security
  • Development and Debugging on Android
  • Android’s Securable IPC Mechanisms
  • Android’s Security Model
  • Android Permissions Review
  • Creating New Manifest Permissions
  • Intents
  • Activities
  • Broadcasts
  • Services
  • ContentProviders
  • Avoiding SQL Injection
  • Intent Reflection
  • Files and Preferences
  • Mass Storage
  • Binder Interfaces
  • Android Security Tools
  • Conclusion
  • Chapter 3 The Apple iPhone
  • History
  • Development
  • Security Testing
  • Application Format
  • Permissions and User Controls
  • Local Data Storage: Files, Permissions, and Encryption
  • Networking
  • Push Notifications, Copy/Paste, and Other IPC
  • Conclusion
  • Chapter 4 Windows Mobile Security
  • Introduction to the Platform
  • Kernel Architecture
  • Development and Security Testing
  • Permissions and User Controls
  • Local Data Storage
  • Networking
  • Conclusion
  • Chapter 5 BlackBerry Security
  • Introduction to Platform
  • Device and OS Architecture
  • Development and Security Testing
  • Permissions and User Controls
  • Local Data Storage
  • Networking
  • Conclusion
  • Chapter 6 Java Mobile Edition Security
  • Standards Development
  • Configurations, Profiles, and JSRs
  • Development and Security Testing
  • Permissions and User Controls
  • Conclusion
  • Chapter 7 SymbianOS Security
  • Introduction to the Platform
  • Development and Security Testing
  • Code Security
  • Application Packaging
  • Permissions and User Controls
  • Interprocess Communication
  • Persistent Data Storage
  • Conclusion
  • Chapter 8 WebOS Security
  • Introduction to the Platform
  • Development and Security Testing
  • Code Security
  • Permissions and User Controls
  • Conclusion
  • Part II: Mobile Services
  • Chapter 9 WAP and Mobile HTML Security
  • WAP and Mobile HTML Basics
  • Authentication on WAP/Mobile HTML Sites
  • Encryption
  • Application Attacks on Mobile HTML Sites
  • WAP and Mobile Browser Weaknesses
  • Conclusion
  • Chapter 10 Bluetooth Security
  • Overview of the Technology
  • Bluetooth Technical Architecture
  • Bluetooth Security Features
  • Threats to Bluetooth Devices and Networks
  • Bluetooth Vulnerabilities
  • Recommendations
  • Chapter 11 SMS Security
  • Overview of Short Message Service
  • Overview of Multimedia Messaging Service
  • Protocol Attacks
  • Application Attacks
  • Walkthroughs
  • Conclusion
  • Chapter 12 Mobile Geolocation
  • Geolocation Methods
  • Geolocation Implementation
  • Geolocation Implementation
  • Risks of Geolocation Services
  • Geolocation Best Practices
  • Chapter 13 Enterprise Security on the Mobile OS
  • Device Security Options
  • Secure Local Storage
  • Security Policy Enforcement
  • Encryption
  • Application Sandboxing, Signing, and Permissions
  • Buffer Overflow Protection
  • Security Feature Summary
  • Conclusion
  • Part III: Appendixes
  • Appendix A: Mobile Malware
  • A Tour of Important Past Malware
  • Threat Scenarios
  • Mitigating Mobile Malware Mayhem
  • For Developers and Platform Vendors
  • Appendix B: Mobile Security Penetration Testing Tools
  • Mobile Platform Attack Tools and Utilities
  • Browser Extensions
  • Networking Tools
  • Web Application Tools
  • Fuzzing Frameworks
  • General Utilities
  • VBinDiff
  • Index