i want make app mcafee secure container. container app should launch other (specific) apps , provide them isolated execution environment. there should no data sharing outside container , apps inside container should use container's network connection.
what can way forward?
i know 1 solution runs each app within it's own dalvik vm unique id (uid ref linux) protect resources app. makes use of linux file permissions protect these resources. way apps running same uid sign same publisher key , declare id in manifest. resources world readable have declare explicitly when opening resources within app. further more apps can access system resources if declare permission in manifest. think of io operations , on. these permissions prompted user , install time.
... it's called android :-)
or in other words more search provided android system? if you're looking security android system pretty secure on own. some threats can think of listed next.
a possible threat system (not app) compromised (rooted or so). app data exposed on system. solution encrypting data. google android derived key more information on how key user password , use key encrypt sensitive data stored on device. main rule here store sensitive data if have , encrypt if do. make sure use cbc mode instead of ecb mode , provide salt , iv.
never ever think code save. not if obfuscated. obfuscation not make impossible code in readable format. makes harder. it's bad idea keep sensitive data in code.
another possible threat can think of network traffic. use ssl/tls , verify hostnames. limit credentials going on network using generated tokens authentication. encrypt data on network, time use dynamic iv. validate input , aware of sql injection.
Comments
Post a Comment