Book Review: "Android Security Internals"

"Android Security Internals: An In-Depth Guide to Android's Security Architecture" By Nikolay Elenkov, who also runs a blog on Android Security, is one of the best technical books I've read in awhile. It should be said right off the bat, this book focuses on Android 4.4 (kitkat), which dosn't cover Lolipop or the new Android M (that we saw at Google I/O). That said, this book is amazing and one of the most comprehensive Android texts I have read to date, really bringing me up to speed on Android since my trek into it ages ago.  This 430 page book is a steal at ~$35 (on Amazon, $50 at NoStarch)!! The "Android Security Internals" is a highly technical book, the writing is descriptive and utilizes lots of graphics, system screen-shots, and code to help illustrate it's points, as you can see in the public first chapter of the book. Overall, I give the book 8 out of 10 stars, as it's highly technical and provides great insight to the security architecture of Android, but unfortunately is already a bit dated due to the incredibly fast innovation rate of Android. Below is a high level overview of the table of contents, although a more in-depth Table of Contents is available via NoStarch.

Chapter 1: Android’s Security Model

• Android’s Architecture
• Android’s Security Model

Chapter 2: Permissions

• The Nature of Permissions
• Requesting Permissions
• Permission Management
• Permission Protection Levels
• Permission Assignment
• Permission Enforcement
• System Permissions
• Shared User ID
• Custom Permissions
• Public and Private Components
• Activity and Service Permissions
• Broadcast Permissions
• Content Provider Permissions
• Pending Intents

Chapter 3: Package Management

• Android Application Package Format
• Code signing
• APK Install Process
• Package Verification

Chapter 4: User Management

• Multi-User Support Overview
• Types of Users
• User Management
• User Metadata
• Per-User Application Management
• External Storage
• Other Multi-User Features

Chapter 5: Cryptographic Providers

• JCA Provider Architecture
• JCA Engine Classes
• Android JCA Providers
• Using a Custom Provider

Chapter 6: Network Security and PKI

• PKI and SSL Overview
• JSSE Introduction
• Android JSSE Implementation

Chapter 7: Credential Storage

• VPN and Wi-Fi EAP Credentials
• Credential Storage Implementation
• Public APIs

Chapter 8: Online Account Management

• Android Account Management Overview
• Account Management Implementation
• Google Accounts Support

Chapter 9: Enterprise Security

• Device Administration
• VPN Support
• Wi-Fi EAP

Chapter 10: Device Security

• Controlling OS Boot-Up and Installation
• Verified Boot
• Disk Encryption
• Screen Security
• Secure USB Debugging
• Android Backup

Chapter 11: NFC and Secure Elements

• NFC Overview
• Android NFC Support
• Secure Elements
• Software Card Emulation

Chapter 12: SElinux

• SELinux Introduction
• Android Implementation
• Android 4.4 SELinux Policy

Chapter 13: System Updates and Root Access

• Bootloader
• Recovery
• Root Access
• Root Access on Production Builds

Some of my favorite bits include the in-depth dive on the Permissions enforcement, I really liked all of the code examples in Chapter 2, showing the various socket calls for resources. Chapter 10 was another of my favorite chapters, focusing on the device security, this chapter really conveyed how the trusted boot process worked. Overall, this book was great, unified, deep dive on Android.