SkillSoft Explore Course – Lambers, Inc.

Collections Developer Collection Security Solutions Foundations of Android Security

Given the relatively open nature of the Android development environment, developers ought to have a clear understanding of the OS structure, as well as how to securely protect application code. In this course, you will be introduced to the Android environment and overall architecture, and will also be presented with a basic understanding of key Android OS security features. You will also learn how to protect Android application code and will learn about best practices to employ when developing secure Android applications.

Asset ID	sp_foas_a01_it_enus
Course Type	Video Course
Course Category	Developer Collection

Objectives
Android Environment Fundamentals start the course describe the major components of the Android Environment, specifically the Android SDK, Eclipse IDE and ADT, Tools (DDMS, ADB) download and install the Android standalone SDK tools package download and install the Android Studio IDE describe how the Linux kernel provides security on the Android platform, including Linux permissions enforcement describe Android runtime components, specifically the Dalvik VM and Core Libraries describe how to start, bind, and create an application service, as well as how to declare a service in the Manifest.xml file define an activity and describe activity stack and callback methods used to implement activity lifecycles describe the Android application framework layer services, specifically the Resource Manager, Activity Manager, Location Manager, Notification Manager, Package Manager, Views, and Content Providers Understanding Android OS Security Features describe Android software stack layers define the user protection levels that can be assigned in a Manifest permissions file describe the process of application code signing securely package an Android application install and test operation of the Android Debug Bridge tool from the standalone SDK tools package identify application-based permissions, specifically Android Manifest Permissions Protecting Android Application Code enable the ProGuard code obfuscation tool in Android SDK create an Android application signing key and certificate in Android Studio use code signing to protect Android application code from malware attacks use Linux security services to protect Android application data Working with Permissions describe how permissions and process attributes are assigned in Android OS describe how permissions are granted and managed for applications with shared user IDs declare Android application permissions in a Manifest permissions file describe how permissions are enforced at the kernel level, native daemon level, and the framework level in Android OS declare a custom permission in a Manifest permissions file Practice: Securing Application Code identify the permissions for a sample application and sign application code in Android Studio

Objectives

Android Environment Fundamentals

start the course
describe the major components of the Android Environment, specifically the Android SDK, Eclipse IDE and ADT, Tools (DDMS, ADB)
download and install the Android standalone SDK tools package
download and install the Android Studio IDE
describe how the Linux kernel provides security on the Android platform, including Linux permissions enforcement
describe Android runtime components, specifically the Dalvik VM and Core Libraries
describe how to start, bind, and create an application service, as well as how to declare a service in the Manifest.xml file
define an activity and describe activity stack and callback methods used to implement activity lifecycles
describe the Android application framework layer services, specifically the Resource Manager, Activity Manager, Location Manager, Notification Manager, Package Manager, Views, and Content Providers

Understanding Android OS Security Features

describe Android software stack layers
define the user protection levels that can be assigned in a Manifest permissions file
describe the process of application code signing
securely package an Android application
install and test operation of the Android Debug Bridge tool from the standalone SDK tools package
identify application-based permissions, specifically Android Manifest Permissions

Protecting Android Application Code

enable the ProGuard code obfuscation tool in Android SDK
create an Android application signing key and certificate in Android Studio
use code signing to protect Android application code from malware attacks
use Linux security services to protect Android application data

Working with Permissions

describe how permissions and process attributes are assigned in Android OS
describe how permissions are granted and managed for applications with shared user IDs
declare Android application permissions in a Manifest permissions file
describe how permissions are enforced at the kernel level, native daemon level, and the framework level in Android OS
declare a custom permission in a Manifest permissions file

Practice: Securing Application Code

identify the permissions for a sample application and sign application code in Android Studio