What do you think?
Rate this book
Testing and Securing Android Studio Applications
Debug and secure your Android applications with Android Studio If you are a developer with some Android knowledge, but you do not know how to test your applications using Android Studio, this book will guide you. It is recommended that you are familiar with Android Studio IDE. Today, mobile applications are increasingly being used to access the Web. Mobile developers play a key role in how consumers access the Web with millions of people depending on them to create secure and functional applications. This book, beginning with the fundamentals of Android security, will guide you through the process of creating a secure and debugged application. We will look at the Android Studio development environment and take you through the steps needed to protect your local data and secure your network communications. Initially covering the threats, risks, and vulnerabilities in software and in the Android environment, this book will then dig deeper, exploring different types of authentication methods that can be adopted in your Android application. You will be introduced to techniques and classes to test your application, before finally learning about supporting tools that will help you to improve your application. By the end of this book, your Android application will be debugged and secure and you will be able to apply what you've learned to further application projects.
162 pages, Kindle Edition
First published January 1, 2014
3 people are currently reading
17 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
October 6, 2014
The book is composed by eleven chapters that on the whole are the basis to secure an Android application.
The first chapter introduces the various terms of security and the different types of vulnerability that can occur. A very important chapter because it provides the basis to understanding the rest of the book. Also, it describes the various types of tests: unit, integration, validation, system and acceptance.
The second chapter describes the architecture of Android operating system and the basics regarding the permission, Intent and content provider, highlighting the possible problems that could occur managing these badly.
Android has various tools to monitor of an application. The third chapter introduces the DDMS tool. It includes various tools like Thread monitor, Network Statistics, File Explorer, etc...all are described briefly to get an idea of what the Android SDK provides us.
The fourth chapter describes how to make common actions safe, like database communication, avoid SQL Injection, and validation of input.
The problem of the privacy is widespread in IT habit and what the fifth chapter suggests is to secure our data, saved on shared preference or storage, encrypting the data themselves. The examples of codes are very explicative and simple to understand.
The sixth chapter continues with the file of the previous chapter, adding one more security level over the network connection, recommending the HTTPS protocol that allows us to have encrypt and secure communication.
There exists several types of authentication, besides the common username and password. The seventh chapter describes the various types of authentication, based on different factors underlining these phrases: “something the user knows”, for user and password or pin code, “something the user has”, for TOTP, and “something the user is”, for biometric authentication.
Also, the chapter describes how to use the AccountManager class to manage the possible account saved on the device.
The eighth and nineth chapters talk about testing out-and-out, differentiating between unit tests and functional tests. They start with a simple test project, up to examining all the classes that promote test developing, important to prevent bugs after publishing the application. As a test-developer, reading these chapters is very important to understand how to work with the Android platform.
The tenth chapter describes foreign libraries to facilitate the creation of tests, a thing that could speed up the writing of tests.
The last chapter explains the possible parts of application to be tested, for example the behaviour without stable internet connection or when to change the orientation of the screen.
The book, in its own small way, is great to identify the basic aspects regarding the testing and the safety of the application. Every developer should have a copy of this book in his library. Highly reccomended.
The first chapter introduces the various terms of security and the different types of vulnerability that can occur. A very important chapter because it provides the basis to understanding the rest of the book. Also, it describes the various types of tests: unit, integration, validation, system and acceptance.
The second chapter describes the architecture of Android operating system and the basics regarding the permission, Intent and content provider, highlighting the possible problems that could occur managing these badly.
Android has various tools to monitor of an application. The third chapter introduces the DDMS tool. It includes various tools like Thread monitor, Network Statistics, File Explorer, etc...all are described briefly to get an idea of what the Android SDK provides us.
The fourth chapter describes how to make common actions safe, like database communication, avoid SQL Injection, and validation of input.
The problem of the privacy is widespread in IT habit and what the fifth chapter suggests is to secure our data, saved on shared preference or storage, encrypting the data themselves. The examples of codes are very explicative and simple to understand.
The sixth chapter continues with the file of the previous chapter, adding one more security level over the network connection, recommending the HTTPS protocol that allows us to have encrypt and secure communication.
There exists several types of authentication, besides the common username and password. The seventh chapter describes the various types of authentication, based on different factors underlining these phrases: “something the user knows”, for user and password or pin code, “something the user has”, for TOTP, and “something the user is”, for biometric authentication.
Also, the chapter describes how to use the AccountManager class to manage the possible account saved on the device.
The eighth and nineth chapters talk about testing out-and-out, differentiating between unit tests and functional tests. They start with a simple test project, up to examining all the classes that promote test developing, important to prevent bugs after publishing the application. As a test-developer, reading these chapters is very important to understand how to work with the Android platform.
The tenth chapter describes foreign libraries to facilitate the creation of tests, a thing that could speed up the writing of tests.
The last chapter explains the possible parts of application to be tested, for example the behaviour without stable internet connection or when to change the orientation of the screen.
The book, in its own small way, is great to identify the basic aspects regarding the testing and the safety of the application. Every developer should have a copy of this book in his library. Highly reccomended.
November 19, 2014
Testing and Securing Android Studio Applications
What an amazing book, securing applications is so important and yet I find games that are exploitable because they don't follow security practices which result in a terrible experience. There are zero day hacks for many games on both the iOS and Android markets, and this book would be the holy grail for developers for securing their applications. The book was practical and very easy to follow. I enjoyed the coverage over each authentication method, and I was delighted to find out about the HTTPS utilization in applications, I figured it was the de facto standard, boy was I wrong.
If you're developing applications then you should pickup a copy of this book, it is a real eye opener. Before I conclude this review it is highly noteworthy to mention the coverage on unit testing, I find many books ignore this completely and shouldn't. I'm very glad this book included it and didn't leave it out!
Publisher Link: https://www.packtpub.com/application-...
What an amazing book, securing applications is so important and yet I find games that are exploitable because they don't follow security practices which result in a terrible experience. There are zero day hacks for many games on both the iOS and Android markets, and this book would be the holy grail for developers for securing their applications. The book was practical and very easy to follow. I enjoyed the coverage over each authentication method, and I was delighted to find out about the HTTPS utilization in applications, I figured it was the de facto standard, boy was I wrong.
If you're developing applications then you should pickup a copy of this book, it is a real eye opener. Before I conclude this review it is highly noteworthy to mention the coverage on unit testing, I find many books ignore this completely and shouldn't. I'm very glad this book included it and didn't leave it out!
Publisher Link: https://www.packtpub.com/application-...
October 17, 2014
As an IT professional with architecture, quality and security among his responsibilities, I cannot but recommend "Testing and securing ..." to anybody involved in the development of serious Android applications.
This book is too short to allow for an in-depth treatment of this vast domain of testing and security but it addresses all the relevant aspects of the theme. Moreover, its very clear and well-thought structure makes for a nice and never boring reading. It's mainly junior developers who will benefit from it but even seasoned ones will probably learn one or another trick specific to Android (I did).
With its good and balanced mix of theory and practical considerations, this is a book that is worth reading (and reading again).
This book is too short to allow for an in-depth treatment of this vast domain of testing and security but it addresses all the relevant aspects of the theme. Moreover, its very clear and well-thought structure makes for a nice and never boring reading. It's mainly junior developers who will benefit from it but even seasoned ones will probably learn one or another trick specific to Android (I did).
With its good and balanced mix of theory and practical considerations, this is a book that is worth reading (and reading again).
November 13, 2014
The combination of security and testing is a little strange, but this book is a good introduction to both topics. I hoped that the testing topics would combine testing and security, but that was not the case.
If you have looked into security and testing yourself, then this book is most likely too high level, even though you might learn something here and there. If you don't know about these topics, then it's an interesting read. It's very high level, so you will still need to do a lot of research when you're done. But at least you'll be aware of the options and possibilities.
If you have looked into security and testing yourself, then this book is most likely too high level, even though you might learn something here and there. If you don't know about these topics, then it's an interesting read. It's very high level, so you will still need to do a lot of research when you're done. But at least you'll be aware of the options and possibilities.
Displaying 1 - 4 of 4 reviews