Testing and Securing Android Studio Applications电子书

Testing and Securing Android Studio Applications

Table of Contents

Testing and Securing Android Studio Applications

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Introduction to Software Security

Software security terms

Threats, vulnerabilities, and risks

Threat

Vulnerability

Risk

Secure code-design principles

Testing the basics

Summary

2. Security in Android Applications

The mobile environment

An overview of Android security

Permissions

Interapplication communication

Intents

Content providers

Summary

3. Monitoring Your Application

Debugging and DDMS

Threads

Method profiling

Heap

Allocation Tracker

Network Statistics

File Explorer

Emulator Control

System Information

Summary

4. Mitigating Vulnerabilities

Input validation

SQL injection

Permissions

Handling a user's data and credentials

Interapplication communication

Securing Intents

Securing the content providers

Summary

5. Preserving Data Privacy

Data privacy

Shared preferences

Files in the internal storage

Files in the external storage

The database storage

Encryption

The encryption methods

Generating a key

Using encryption to store data

Summary

6. Securing Communications

HTTPS

SSL and TLS

Server and client certificates

Keytool in the terminal

Android Studio

Code examples using HTTPS

Summary

7. Authentication Methods

Multifactor authentication

The knowledge factor

The possession factor

The inherence factor

Login implementations

AccountManager

Summary

8. Testing Your Application

Testing in Android

Testing the UI

The uiautomator API

The UiDevice class

The UiSelector class

The UiObject class

The UiCollection class

The UiScrollable class

The uiautomatorviewer tool

The UI test project

Running UI test cases

Summary

9. Unit and Functional Tests

Testing activities

The test case classes

Instrumentation

The test case methods

The Assert class and method

The ViewAsserts class

The MoreAsserts class

UI testing and TouchUtils

The mock object classes

Creating an activity test

Creating a unit test

The unit test setup

The clock test

The layout test

The activity Intent test

Creating a functional test

The functional test setup

The UI test

The activity Intent test

The state management test

Getting the results

Summary

10. Supporting Tools

Tools for unit testing

Spoon

Mockito

Android Mock

FEST Android

Robolectric

Tools for functional testing

Robotium

Espresso

Appium

Calabash

MonkeyTalk

Bot-bot

Monkey

Wireshark

Other tools

Genymotion

Summary

11. Further Considerations

What to test

Network access

Media availability

Change in orientation

Service and content provider testing

Developer options

Getting help

Summary

Index