Android Security by Misra Anmol

Author:Misra, Anmol [DUBEY, ABHISHEK]
Language: eng
Format: epub, mobi
ISBN: 978-1-4822-0986-0
Publisher: CRC Press
Published: 2013-03-04T16:00:00+00:00

5.4 Miscellaneous Issues

5.4.1 Data Storage on Internal, External, and Cloud

There are various locations available for Android application data storage, including files, databases, preferences, and cache. Data can be stored in the internal memory or on an external card. If data is stored in plain text and the device is compromised or stolen, data will be exposed. It is usually a best practice to encrypt data that is being stored. The application needs to ensure that a strong encryption algorithm is being used to do this. In-house encryption is usually is the weakest compared to publicly available encryption tools.

A pen tester needs to review the following locations for data storage—local: files, SQLite DBs, cache, and preferences; and external: files, cloud.

Code review can help identify places where file/data storage occurs. Typical operations that need to be reviewed include the opening/creating of files, accessing the directory and its contents, accessing cache/preferences, opening/creating a database, and so forth.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.