Mobile Application Security: Protecting Mobile Devices and their Applications

Front Cover
McGraw Hill Professional, Feb 18, 2010 - Computers - 400 pages
Secure today's mobile devices and applications

Implement a systematic approach to security in your mobile application development with help from this practical guide. Featuring case studies, code examples, and best practices, Mobile Application Security details how to protect against vulnerabilities in the latest smartphone and PDA platforms. Maximize isolation, lockdown internal and removable storage, work with sandboxing and signing, and encrypt sensitive user information. Safeguards against viruses, worms, malware, and buffer overflow exploits are also covered in this comprehensive resource.

  • Design highly isolated, secure, and authenticated mobile applications
  • Use the Google Android emulator, debugger, and third-party security tools
  • Configure Apple iPhone APIs to prevent overflow and SQL injection attacks
  • Employ private and public key cryptography on Windows Mobile devices
  • Enforce fine-grained security policies using the BlackBerry Enterprise Server
  • Plug holes in Java Mobile Edition, SymbianOS, and WebOS applications
  • Test for XSS, CSRF, HTTP redirects, and phishing attacks on WAP/Mobile HTML applications
  • Identify and eliminate threats from Bluetooth, SMS, and GPS services

Himanshu Dwivedi is a co-founder of iSEC Partners (www.isecpartners.com), an information security firm specializing in application security. Chris Clark is a principal security consultant with iSEC Partners. David Thiel is a principal security consultant with iSEC Partners.

 

Selected pages

Contents

Mobile Platforms
1
Mobile Services
251
Appendixes
363
Index
391
Copyright

Other editions - View all

Mobile Application Security
Himanshu Dwivedi,Chris Clark,David Thiel
No preview available - 2010

Common terms and phrases

allows Android application developers application’s authentication Binder BlackBerry Bluetooth devices buffer overflows capabilities carrier certificate CLDC client configuration connection cookie create cross-site scripting CSRF database debugging default desktop device’s DLLs e-mail emulator encryption enforce example executable Figure file system functionality header implementation installed integer overflows Intent interface Internet iPhone Java JavaScript kernel Linux malicious malware Manager memory method Microsoft MIDP mobile application mobile browser mobile operating systems mobile phone mode NetBeans notification object options package parameter password perform permissions platform profiles protection protocol provides request runtime script security policy sensitive server signature signed applications SMS messages specific SQL injection stack storage stored Symbian target testing third-party tool update user’s victim’s Visual Studio vulnerabilities web application WebOS Windows Mobile wireless Wireshark

About the author (2010)

Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization. He is a co-author of Hacking Exposed: Web 2.0 and several other books.

Bibliographic information

TitleMobile Application Security: Protecting Mobile Devices and their Applications
IT Pro
AuthorsHimanshu Dwivedi, Chris Clark, David Thiel
PublisherMcGraw Hill Professional, 2010
ISBN007163357X, 9780071633574
Length400 pages
Subjects ›  › 

Computers / Networking / General
  
Export CitationBiBTeX EndNote RefMan