Secure today's mobile devices and applications

Implement a systematic approach to security in your mobile application development with help from this practical guide. Featuring case studies, code examples, and best practices, Mobile Application Security details how to protect against vulnerabilities in the latest smartphone and PDA platforms. Maximize isolation, lockdown internal and removable storage, work with sandboxing and signing, and encrypt sensitive user information. Safeguards against viruses, worms, malware, and buffer overflow exploits are also covered in this comprehensive resource.

• Design highly isolated, secure, and authenticated mobile applications
• Use the Google Android emulator, debugger, and third-party security tools
• Configure Apple iPhone APIs to prevent overflow and SQL injection attacks
• Employ private and public key cryptography on Windows Mobile devices
• Enforce fine-grained security policies using the BlackBerry Enterprise Server
• Plug holes in Java Mobile Edition, SymbianOS, and WebOS applications
• Test for XSS, CSRF, HTTP redirects, and phishing attacks on WAP/Mobile HTML applications
• Identify and eliminate threats from Bluetooth, SMS, and GPS services

Himanshu Dwivedi is a co-founder of iSEC Partners (www.isecpartners.com), an information security firm specializing in application security. Chris Clark is a principal security consultant with iSEC Partners. David Thiel is a principal security consultant with iSEC Partners.

Back To Top

New Features:

• • Secure applications that are written for the most popular mobile phone devices, such as the Apple iPhone, Windows Mobile, and Google Android.
  • Author provides global case studies based on his work with major international corporate clients, banks, and software organizations building mobile phone applications.
  • Himanshu Dwivedi is the author of Hacking Exposed Web 2.0 and he speaks worldwide and at major conferences such as RSA Security and Black Hat on web 2.0 and mobile security.

Back To Top

Table of Contents:

Part I: Mobile Platforms; Chapter 1. Top Mobile Issues and Development Strategies; Chapter 2. Android Security; Chapter 3. The Apple iPhone; Chapter 4. Windows Mobile Security; Chapter 5. BlackBerry Security; Chapter 6. Java Mobile Edition Security; Chapter 7. SymbianOS Security; Chapter 8. WebOS Security; Part II: Mobile Services; Chapter 9. WAP and Mobile HTML Security; Chapter 10. Bluetooth Security; Chapter 11. SMS Security; Chapter 12. Mobile Geolocation; Chapter 13. Enterprise Security on the Mobile OS; Part III: Appendices; Appendix A. Mobile Malware; Appendix B. Mobile Security Penetration Testing Tools; Index

Back To Top