Index

images A

Android architecture

    components

        application framework

        Dalvik Virtual Machine

        divisions

        kernel

        libraries

    HTC Dream

    security

        API call process

        content providers

        definition

        intents

        protecting user’s data

        protection levels

        risks

        sample code

        self-defined permissions

        zygote process

    security architecture

        application code signing

        permissions

        privilege separation

Android security architecture

    permissions architecture

        API call process

        content providers

        intents

        protection levels

        sample code

        self-defined permissions

    zygote process

Authentication techniques

    browser setting

    CA trusts

    CipherSuites

    cryptography

    DigiNotar

    feature

    handshake

    introduction

    man-in-the-middle (MitM)

        data flow

        DigiNotar

        reference

        websites

    mobile device

    OAuth

        access token, Picnik

        Android app

        application details

        authentication flow

        back-end web application

        client ID

        consumers

        ID and secret

        photos

        Picasa/Flickr

        Picnik

        project creation

        service provider

        type

    POST request

    PreMaster key

    self-signed certificate

    SSL

    TLS

    traffic capture

    transport protocols

    username and password

images B

images C

Cryptography

    additional layer

    in mobile applications

        block ciphers, modes of operation

        data padding

        key generation

        symmetric key algorithm

    public key infrastructure

        instructions

        story and PKI elements

    terminology

images D

Data storage, Android

    combining data storage and encryption

        cryptographic module

        KeyManager Module

        modified RetrieveData Class

        modified StoreData Class

        New StorageExample3

        output

        specifications

    internal storage

        main class

        output

        RetrieveData.java

        StoreData.java

    mechanisms of

    shared preferences

        data retrieving code

        data storing code

        main class

        output

    SQLite databases

        contact object

        ContactsDb class

        ContactsDB helper class

        contacts table

        main class

        output

        project structure

        RetrieveData class

        SQLiteOpenHelper

        StoreData Class

images E, F, G

Enterprise resource planning (ERP)

    applications

    business

    connectivity

    mobile application

    mobile middleware

        banking application

        database access

        data representation

        goals

        interaction

images H, I

images J

images K

images L

images M, N

Malware

    anti-forensics

        definition

        detection mechanism

        fake messages

        mail messages

        technique

    exfiltration

    FlexiSPY

        activation

        commands

        explicit instructions

        features

    Government sanctioned malware

        compromise

        detection

        exfiltration

        flowchart

        infection

        RIM

        SMS message

        spread

    infection

    spread

    spyware, definition

    stages

        compromise

Mobile middleware

    banking application

    database access

        apress

        HTTP

        javax.sql and java.sql packages

        JDBC drivers

        libraries

        ListView layout

        my.cnf file

        MySQLConnectActivity.java file

        program output

        project structure

    data representation

        data formats

        JSON output

        RESTful API request

        XML output

    goal

    interaction

images O

OAuth

    access token, Picnik

    Android app

    application details

    authentication flow

    back-end web application

    client ID

    consumers

    handling authorization

        authorization code

        ClientHandler

        DataFetcher class

        doAuth() function

        getRequestToken() function

        Token object

    ID and secret

    photos

    Picasa/Flickr

    Picnik

    project creation

    service provider

    token-retrieving

        application entries

        isValidForReq() function

        project structure

    type

images P, Q

images R

images S

Security

    API call process

    architecture

        application code signing

        permissions

        privilege separation

    content providers

    intents

    protection levels

    sample code

    self-defined permissions

    zygote process

Stored information

    classification

        personal information

        sensitive information

        types

    encryption

        key-generation algorithm

        results

        routine

    proxim and data storage

        Contact Class, Contact.java

        contact object

        Location Class, Location.java

        reworked SaveController.java method

        SaveController.saveContact(get ApplicationContext(), contact)

        Save Routine, SaveController.java

        SD card image file

    security

        direct attacks

        indirect attacks

images T, U

Theoretical concepts

    challenge response authentication

        client side, login

        Constants.java

        CRAM object

        generate() function

        generateReply(String response) function

        graphical representation

        Hex.java file

        Login.java class

        project structure

        response

        server-side code

        steps

        verifyChallenge(String userResponse)

    OAuth

        handling authorization

        token-retrieving

images V

images W

Web applications. See also Authentication techniques

    advantages

    components

        advantages

        login process

        three-tier architecture

    definition

    GET and POST

    HTML pages

    HTTP

    JSON (JavaScript Object Notation)

    methods

    OWASP

        foundation

        list

        mobile security project

        testing

    RESTful API

    SOAP

    source code

    technologies

        databases and URL

        execute() method

        login class

        logon failure

        project structure

        server-side

        verification code

        XML files

    testing environment

        app creation

        applications list

        dashboard

        Google App Engine project

        home page

        login servlet

        name creation

        remote application

        stub application package

    transit

    web service

    XML

images X, Y, Z

XOR

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.224.76