028 3824 5819 traincert@tdt-tanduc.com
Tiếng ViệtEnglish

Android™ Security Essentials

This is a two-day (12 hours) professional course, which thoroughly covers the Android™ security model and concerns of both the developer and end-user point of view. 

It’s highly recommended that the attendees of this course know the basics of Android application development knowledge.To acquire good knowledge of Android application development, trainees may attend the “Android Application Development” course provided by Android ATC

Upon completing this course, students will be able to:
1. Understand Android software architecture.
2. Understand Android’s security model.
3. Build Android applications with security best practices in mind.
Build more secure and more robust application that appeals to clients.
After completing this course, you will be ready for the “Android Security Essentials” exam (exam code: AND-402). 

Lesson 1 Permissions


Android Platform Architecture

Android Security Architecture

·         Application signing

·         Installing applications


·         Why Permissions

·         Enforcing permissions

Levels of Protection

·         Normal Permissions or Level-Zero Permissions

·         Dangerous Permissions or Level-one Permissions

·         Signature Permission or Level-two Permissions

·         Signature and System Permissions or Level-three Permissions

Application Level Permissions

·         Adding system permissions required by an application

·         Declaring permissions required by other applications

Component level Permissions

·         Activity

·         Service

·         Content Providers

·         Broadcast Intents

Extending Android Permissions

·         Adding a new permission

·         Creating a permission group

·         Creating a permission tree

Lab 1: Securing Applications Using Permission

·         Create an application to use Permission

·         Create permission and access it

Lesson 2 Managing the Policy File


The Manifest File

·         Attributes of Manifest Tag

·         Attributes of Application Tag

Modifying Application Policy

·         Applications running with the same Linux ID

·         Setting application permissions

·         Permissions for external applications

·         External storage

·         Debugging Mode

·         Backup

Lab 2: Defining the Application’s Policy File

·         Creating two applications with the same Linux ID

·         Backing up Data on Cloud Storage

·         Debugging the Application

·         Moving application to the Internal Memory of the Device

Lesson 3 User Data Privacy and Protection


Data security principles

·         Confidentiality

·         Integrity

·         Availability

·         The mobile environment

·         Data states

Vulnerabilities and Attacks against Stored Data

·         Vulnerabilities of Stored Data

·         Threats to Stored Data

Protection Principles

Digital rights management

·         Tips for Android Coding Vulnerabilities

Lab 3: Data Confidentiality and Protection

·         Lab 3-1: Ensuring Data Confidentiality

·         Lab 3-2 : Protecting Application Data with Permissions

Lesson 4 Securing Storage


Data storage decisions

·         Privacy

·         Data storage period

Storage Mechanisms

Shared preferences

·         Creating a preference file

·         Writing preference

·         Preference Activity


·         Creating a file

·         Writing to a file

·         Reading from a file

·         File operations on an external storage


·         Reading preference


Lab 4: Data Storage Applications

·         Using Shared Preferences

·         File Storage Operations

·         Storing data in Cache

·         SQLite Database Storage

·         Retrieve Gmail Account Info Using Account Manager

Thời lượng: 02 ngày
Chứng nhận hoàn thành khóa học của ATC

Các khóa học liên quan
KH 2
KH 3
KH 5