Lines Matching refs:that

26 <p>Android was designed so that most developers will be able to build
29 into the operating system that significantly reduce the frequency and impact of
32 <p>Some of the security features that help developers build secure applications
35 <li>The Android Application Sandbox that isolates data and code execution on a
42 <li>An encrypted filesystem that can be enabled to protect data on lost or
48 and to reduce the likelihood of inadvertently introducing security issues that
52 that can have security implications for your application and its users. As
58 <p>Writing secure code that runs in virtual machines is a well-studied topic
60 rehash these topics, we’d recommend that you familiarize yourself with the
72 programming in other environments, there are two broad issues that may be
84 that are not verified, such as unsecured network sources or external storage,
85 since that code can be modified to include malicious behavior.</li>
107 good way to think about it for developers familiar with Linux is to know that
121 storage</a> are only accessible to the application that created the file. This
136 choose to encrypt local files using a key that is not accessible to the
139 protected with a user password that is not stored on the device).  While this
140 does not protect data from a root compromise that can monitor the user
156 section).  We strongly recommend that applications not store executables or
163 <p>ContentProviders provide a structured storage mechanism that can be limited
178 </a></code> that will be exported for use by other applications, you can specify
182 within the manifest. We recommend that you limit your permissions to those
183 required to accomplish the task at hand. Keep in mind that it’s usually
205 that activates the component.  The scope of these permissions can be further
217 Injection</a> from untrusted data. Note that using parameterized methods is not
222 that the write permission allows SQL statements which make it possible for some
225 number in a call-log by modifying a row only if that phone number already
248 property to false.  This is useful for applications that consist of multiple processes
249 within the same UID, or if you decide late in development that you do not
263 <p>One area that can introduce confusion is the use of intent filters. Note
264 that Intent filters should not be considered a security feature -- components
265 can be invoked directly and may not have data that would conform to the intent
267 confirm that it is properly formatted for the invoked receiver, service, or
279 <p>Note that ordered broadcasts can be “consumed” by a recipient, so they
284 <p>Senders of an intent can verify that the recipient has a permission
285 specifying a non-Null Permission upon sending.  Only applications with that
287 sensitive, you should consider applying a permission to make sure that
296 interface that enables mutual authentication of the endpoints, if required.</p>
298 <p>We strongly encourage designing interfaces in a manner that does not require
303 implemented.  If you are creating an interface that requires authentication
307 <p>If providing an interface that does require access controls, use <code><a
360 the implementation of that call.  We generally recommend using the
369 declared.  In general, we recommend that you specifically declare a Receiver or
371 functionality that is not intended for use by other applications.</p>
391 <p>If it is possible to design your application in a way that does not require
392 a permission, that is preferable.  For example, rather than requesting access
407 to protect IPC that is security sensitive and will be exposed to other
418 over IPC that is only available because it has a specific permission, but does
419 not require that permission of any clients of it’s IPC interface. More
442 that you need to consider.
444 <li>The permission must have a string that concisely expresses to a user the
462 environments.  The key consideration is making sure that appropriate protocols
465 web traffic.   We prefer use of HTTPS over HTTP anywhere that HTTPS is
467 that are not secured, such as public WiFi hotspots.</p>
482 may receive requests from anywhere.  We’ve seen that, too.)</p>
484 <p>Also, one common issue that warrants repeating is to make sure that you do
493 Developers should keep in mind that this protocol was primarily designed for
499 <p>Many developers do not realize that SMS is not encrypted or strongly
501 should expect that a malicious user may have sent the SMS to your application
503 Also, you should be aware that SMS may be subject to spoofing and/or
506 by other applications that have the READ_SMS permission.</p>
519 keep in mind about dynamically loaded code is that it runs with the same
521 install your application based on your identity, and they are expecting that
522 you provide any code run within the application, including code that is
525 <p>The major security risk associated with dynamically loading code is that the
540 <p>Since WebView consumes web content that can include HTML and JavaScript,
552 in sample code that might be repurposed in production application -- so
559 particular care because it allows JavaScript to invoke operations that are
566 JavaScript that is contained within your application APK.</p>
569 you are connecting only to a single website that you trust or control, HTTP is
574 not ever be exposed to unverified script downloaded over HTTP. Note that even
586 headers like no-cache can also be used to indicate that an application should
594 have platform-level countermeasures that reduce the exposure of applications to
596 note that selection of type-safe languages tends to reduce the likelihood of
607 Android provides a number of technologies like ASLR and DEP that reduce the
616 <p>If you are using data within queries that are submitted to SQL Database or a
632 of well-structured data formats and verifying that the data conforms to the
640 <p>In general, the best approach is to minimize use of APIs that access
643 Finally, consider if there is a way that your application logic can be
651 usernames, keep in mind that some jurisdictions may require you to provide a
652 privacy policy explaining your use and storage of that data.  So following the
663 <p>If access to sensitive data is required, evaluate whether that information
668 <p>Also, make sure that you do not inadvertently expose user data to other
698 <p>Services that will be accessible to multiple applications should be accessed
710 </code> before passing in any credentials, so that you do not inadvertently pass
713 <p>If credentials are to be used only by applications that you create, then you
731 implementation that can  support your use case.  If you need to securely
741 recommend that you not implement your own cryptographic algorithms. Use
750 <code>KeyGenerator</code></a>). Use of a key that is not generated with a secure random
755 href="{@docRoot}reference/java/security/KeyStore.html">KeyStore</a></code> that
763 sure that your application takes advantage of the security benefits provided by