Android Security Internals : an In-Depth Guide to Android's Security Architecture

Author:Nikolay Elenkov

Summary:This book describes Android security architecture, including the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration. Coverage includes: how Android permissions are declared, used, and enforced; how Android manages application packages and employs code signing to verify their authenticity; how Android implements the Java Cryptography Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks; Android's credential storage system and APIs, which let applications store cryptographic keys securely; the online account management framework and how Google accounts integrate with Android; the implementation of verified boot, disk encryption, lockscreen, and other device security features; and how Android's bootloader and recovery OS are used to perform full system updates, and how to obtain root access. -- Edited summary from book