|
|
|
|
LEADER |
05501nmm a2200577 u 4500 |
001 |
EB001935560 |
003 |
EBX01000000000000001098462 |
005 |
00000000000000.0 |
007 |
cr||||||||||||||||||||| |
008 |
210123 ||| eng |
020 |
|
|
|a 9780071633574
|
050 |
|
4 |
|a TK5102.85
|
100 |
1 |
|
|a Dwivedi, Himanshu
|
245 |
0 |
0 |
|a Mobile application security
|c Himanshu Dwivedi, Chris Clark, David Thiel
|
260 |
|
|
|a New York
|b McGraw-Hill
|c 2010
|
300 |
|
|
|a xxii, 408 pages
|b illustrations
|
505 |
0 |
|
|a Cover Page -- Mobile Application Security -- Copyright Page -- About the Authors -- Dedication -- Contents -- Acknowledgments -- Introduction -- Part I Mobile Platforms -- Chapter 1 Top Mobile Issues and Development Strategies -- Top Issues Facing Mobile Devices -- Physical Security -- Secure Data Storage (on Disk) -- Strong Authentication with Poor Keyboards -- Multiple-User Support with Security -- Safe Browsing Environment -- Secure Operating Systems -- Application Isolation -- Information Disclosure -- Virus, Worms, Trojans, Spyware, and Malware -- Difficult Patching/Update Process
|
505 |
0 |
|
|a Includes bibliographical references and index
|
505 |
0 |
|
|a Build and Packaging -- Distribution: The Apple Store -- Code Signing -- Executing Unsigned Code -- Permissions and User Controls -- Sandboxing -- Exploit Mitigation -- Permissions -- Local Data Storage: Files, Permissions, and Encryption -- SQLite Storage -- iPhone Keychain Storage -- Shared Keychain Storage -- Adding Certificates to the Certificate Store -- Acquiring Entropy -- Networking -- The URL Loading API -- NSStreams -- Peer to Peer (P2P) -- Push Notifications, Copy/Paste, and Other IPC -- Push Notifications -- UIPasteboard -- Conclusion -- Chapter 4 Windows Mobile Security
|
505 |
0 |
|
|a Zero Out the Nonthreats -- Use Secure/Intuitive Mobile URLs -- Conclusion -- Chapter 2 Android Security -- Development and Debugging on Android -- Android's Securable IPC Mechanisms -- Activities -- Broadcasts -- Services -- ContentProviders -- Binder -- Android's Security Model -- Android Permissions Review -- Creating New Manifest Permissions -- Intents -- Intent Review -- IntentFilters -- Activities -- Broadcasts -- Receiving Broadcast Intents -- Safely Sending Broadcast Intents -- Sticky Broadcasts -- Services -- ContentProviders -- Avoiding SQL Injection -- Intent Reflection
|
505 |
0 |
|
|a Files and Preferences -- Mass Storage -- Binder Interfaces -- Security by Caller Permission or Identity Checking -- Binder Reference Security -- Android Security Tools -- Manifest Explorer -- Package Play -- Intent Sniffer -- Intent Fuzzer -- Conclusion -- Chapter 3 The Apple iPhone -- History -- The iPhone and OS X -- Breaking Out, Breaking In -- iPhone SDK -- Future -- Development -- Decompilation and Disassembly -- Preventing Reverse-Engineering -- Security Testing -- Buffer Overflows -- Integer Overflows -- Format String Attacks -- Double-Frees -- Static Analysis -- Application Format
|
505 |
0 |
|
|a Strict Use and Enforcement of SSL -- Phishing -- Cross-Site Request Forgery (CSRF) -- Location Privacy/Security -- Insecure Device Drivers -- Multifactor Authentication -- Tips for Secure Mobile Application Development -- Leverage TLS/SSL -- Follow Secure Programming Practices -- Validate Input -- Leverage the Permissions Model Used by the OS -- Use the Least Privilege Model for System Access -- Store Sensitive Information Properly -- Sign the Application's Code -- Figure Out a Secure and Strong Update Process -- Understand the Mobile Browser's Security Strengths and Limitations
|
653 |
|
|
|a Mobile computing / Security measures
|
653 |
|
|
|a COMPUTERS / Internet / Security / bisacsh
|
653 |
|
|
|a Mobile communication systems / Security measures / blmlsh
|
653 |
|
|
|a COMPUTERS / Networking / Security / bisacsh
|
653 |
|
|
|a Mobile communication systems / http://id.loc.gov/authorities/subjects/sh85086371
|
653 |
|
|
|a Mobile computing / Security measures / blmlsh
|
653 |
|
|
|a Informatique mobile
|
653 |
|
|
|a Radiocommunications mobiles
|
653 |
|
|
|a Informatique mobile / Sécurité / Mesures
|
653 |
|
|
|a Radiocommunications mobiles / Sécurité / Mesures
|
653 |
|
|
|a Mobile communication systems / fast
|
653 |
|
|
|a Mobile computing / http://id.loc.gov/authorities/subjects/sh95004596
|
653 |
|
|
|a Mobile communication systems / Security measures
|
653 |
|
|
|a Mobile computing / fast
|
653 |
|
|
|a COMPUTERS / Security / General / bisacsh
|
700 |
1 |
|
|a Clark, Chris
|
700 |
1 |
|
|a Thiel, David V.
|
041 |
0 |
7 |
|a eng
|2 ISO 639-2
|
989 |
|
|
|b OREILLY
|a O'Reilly
|
015 |
|
|
|a GBA9B5341
|
776 |
|
|
|z 007163357X
|
776 |
|
|
|z 9780071633574
|
776 |
|
|
|z 9780071633567
|
776 |
|
|
|z 0071633561
|
856 |
4 |
0 |
|u https://learning.oreilly.com/library/view/~/9780071633567/?ar
|x Verlag
|3 Volltext
|
082 |
0 |
|
|a 331
|
082 |
0 |
|
|a 384
|
082 |
0 |
|
|a 005.8
|
520 |
|
|
|a "Implement a systematic approach to security in your mobile application development with help from this practical guide. Featuring case studies, code examples, and best practices, Mobile Application Security details how to protect against vulnerabilities in the latest smartphone and PDA platforms. Maximize isolation, lockdown internal and removable storage, work with sandboxing and signing, and encrypt sensitive user information. Safeguards against viruses, worms, malware, and buffer overflow exploits are also covered in this comprehensive resource"--Resource description page
|