Bulletproof Android: Practical Advice for Building Secure Apps (Paperback)
暫譯: 防彈 Android:構建安全應用的實用建議 (平裝本)
Godfrey Nolan
- 出版商: Addison Wesley
- 出版日期: 2014-12-07
- 售價: $1,400
- 貴賓價: 9.5 折 $1,330
- 語言: 英文
- 頁數: 240
- 裝訂: Paperback
- ISBN: 0133993329
- ISBN-13: 9780133993325
-
相關分類:
Android
立即出貨 (庫存=1)
買這商品的人也買了...
-
C 語言程式設計 + C 語言程式技巧問答實戰 (Kernighan: The C Programming Language, 2/e) (雙書合購)$980$980 -
大話設計模式$620$527 -
程式設計師的自我修養-連結、載入、程式庫$580$458 -
精通正規表達式, 3/e (Mastering Regular Expressions, 3/e)$780$616 -
實戰封包分析-使用 Wireshark (Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, 2/e)$450$356 -
不會寫程式也可以學 Android 來賺錢$560$476 -
![ASP.NET 4.5 專題實務 [I]-C# 入門實戰篇-cover](https://cf-assets1.tenlong.com.tw/images/71291/medium/9789572240601_bc.jpg)
ASP.NET 4.5 專題實務 [I]-C# 入門實戰篇$780$616 -
Hadoop 技術手冊, 3/e (Hadoop: The Definitive Guide, 3/e)$880$695 -
雲端時代資訊安全重裝白皮書$450$383 -
科技犯罪安全之數位鑑識─證據力與行動智慧應用$560$437 -
嵌入式 Android 系統 (Embedded Android: Porting, Extending, and Customizing)$680$537 -
Android App 程式設計教本之無痛起步, 2/e$480$379 -
Visual C# 2013 程式設計經典 (書附雙光碟 VS 2013 Express 中文版, 範例檔)$650$514 -
Android 3D 遊戲開發完全學習手冊─你我都能開發硬體加速的商業版 Android 3D 遊戲$680$578 -
Python 錦囊妙計, 3/e (Python Cookbook, 3/e)$880$695 -
Windows Server 2012 R2 系統建置實務$680$537 -
Intel Galileo 快速上手指南 (Getting Started with Intel Galileo)$380$342 -
Make 國際中文版 vol.12 (Make: Volume 36 英文版)$380$342 -
EEC 網路行銷特訓教材, 2/e$450$356 -
改變世界的九大演算法 : 讓今日電腦無所不能的最強概念 (Nine Algorithms That Changed the Future: The Ingenious Ideas That Drive Today’s Computers)$360$284 -
Make 國際中文版 vol.13 (Make: Volume 37 英文版)$260$234 -
資料挖礦與大數據分析$650$618 -
初探 NFC:近距離無線通訊與 Arduino、Android 和 PhoneGap (Beginning NFC: Near Field Communication with Arduino, Android, and PhoneGap)$500$395 -
啊哈!圖解演算法必學基礎$350$277 -
Android 程式設計入門、應用到精通--增訂第三版 (適用 5.X~1.X, Android Wear 穿戴式裝置)$560$442
商品描述
Battle-Tested Best Practices for Securing Android Apps throughout the Development Lifecycle
Android’s immense popularity has made it today’s #1 target for attack: high-profile victims include eHarmony, Facebook, and Delta Airlines, just to name a few. Today, every Android app needs to resist aggressive attacks and protect data, and in Bulletproof Android™, Godfrey Nolan shows you how.
Unlike “black hat/gray hat” books, which focus on breaking code, this guide brings together complete best practices for hardening code throughout the entire development lifecycle. Using detailed examples from hundreds of apps he has personally audited, Nolan identifies common “anti-patterns” that expose apps to attack, and then demonstrates more secure solutions.
Nolan covers authentication, networking, databases, server attacks, libraries, hardware, and more. He illuminates each technique with code examples, offering expert advice on implementation and trade-offs. Each topic is supported with a complete sample app, which demonstrates real security problems and solutions.
Learn how to
- Apply core practices for securing the platform
- Protect code, algorithms, and business rules from reverse engineering
- Eliminate hardcoding of keys, APIs, and other static data
- Eradicate extraneous data from production APKs
- Overcome the unique challenges of mobile authentication and login
- Transmit information securely using SSL
- Prevent man-in-the-middle attacks
- Safely store data in SQLite databases
- Prevent attacks against web servers and services
- Avoid side-channel data leakage through third-party libraries
- Secure APKs running on diverse devices and Android versions
- Achieve HIPAA or FIPS compliance
- Harden devices with encryption, SELinux, Knox, and MDM
- Preview emerging attacks and countermeasures
This guide is a perfect complement to Nolan’s Android™ Security Essentials LiveLessons (video training; ISBN-13: 978-0-13-382904-4) and reflects new risks that have been identified since the LiveLessons were released.
商品描述(中文翻譯)
**在整個開發生命週期中保護 Android 應用的實戰最佳實踐**
Android 的巨大受歡迎程度使其成為當今攻擊的首要目標:高知名度的受害者包括 eHarmony、Facebook 和 Delta Airlines 等。如今,每個 Android 應用都需要抵禦激烈的攻擊並保護數據,而在 **Bulletproof Android™** 中,Godfrey Nolan 將告訴你如何做到這一點。
與專注於破解代碼的「黑帽/灰帽」書籍不同,本指南匯集了在整個開發生命週期中加固代碼的完整最佳實踐。Nolan 使用他親自審核的數百個應用的詳細範例,識別出常見的「反模式」,這些模式使應用暴露於攻擊之下,然後展示更安全的解決方案。
Nolan 涵蓋了身份驗證、網絡、數據庫、伺服器攻擊、庫、硬體等主題。他用代碼範例闡明每種技術,並提供實施和權衡的專家建議。每個主題都附有完整的示範應用,展示實際的安全問題和解決方案。
學習如何:
- 應用保護平台的核心實踐
- 保護代碼、算法和業務規則免受逆向工程
- 消除密鑰、API 和其他靜態數據的硬編碼
- 徹底清除生產 APK 中的多餘數據
- 克服移動身份驗證和登錄的獨特挑戰
- 使用 SSL 安全地傳輸信息
- 防止中間人攻擊
- 安全地在 SQLite 數據庫中存儲數據
- 防止對網絡伺服器和服務的攻擊
- 避免通過第三方庫的側信道數據洩漏
- 確保在不同設備和 Android 版本上運行的 APK 的安全
- 達成 HIPAA 或 FIPS 合規性
- 使用加密、SELinux、Knox 和 MDM 加固設備
- 預覽新興攻擊和對策
*本指南是 Nolan 的 Android™ Security Essentials LiveLessons(視頻培訓;ISBN-13: 978-0-13-382904-4)的完美補充,並反映了自 LiveLessons 發布以來已識別的新風險。*
