Mobile Application Security (Paperback)

Himanshu Dwivedi, Chris Clark, David Thiel

  • 出版商: McGraw-Hill Education
  • 出版日期: 2010-02-01
  • 定價: $1,580
  • 售價: 5.0$790
  • 語言: 英文
  • 頁數: 432
  • 裝訂: Paperback
  • ISBN: 0071633561
  • ISBN-13: 9780071633567
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 4)

買這商品的人也買了...

商品描述

Secure today's mobile devices and applications

Implement a systematic approach to security in your mobile application development with help from this practical guide. Featuring case studies, code examples, and best practices, Mobile Application Security details how to protect against vulnerabilities in the latest smartphone and PDA platforms. Maximize isolation, lockdown internal and removable storage, work with sandboxing and signing, and encrypt sensitive user information. Safeguards against viruses, worms, malware, and buffer overflow exploits are also covered in this comprehensive resource.

  • Design highly isolated, secure, and authenticated mobile applications
  • Use the Google Android emulator, debugger, and third-party security tools
  • Configure Apple iPhone APIs to prevent overflow and SQL injection attacks
  • Employ private and public key cryptography on Windows Mobile devices
  • Enforce fine-grained security policies using the BlackBerry Enterprise Server
  • Plug holes in Java Mobile Edition, SymbianOS, and WebOS applications
  • Test for XSS, CSRF, HTTP redirects, and phishing attacks on WAP/Mobile HTML applications
  • Identify and eliminate threats from Bluetooth, SMS, and GPS services

Himanshu Dwivedi is a co-founder of iSEC Partners (www.isecpartners.com), an information security firm specializing in application security. Chris Clark is a principal security consultant with iSEC Partners. David Thiel is a principal security consultant with iSEC Partners.

商品描述(中文翻譯)

保護今日的移動設備和應用程式

藉助這本實用指南,在您的移動應用程式開發中實施系統化的安全方法。《移動應用程式安全》透過案例研究、程式碼範例和最佳實踐,詳細介紹了如何保護最新的智慧型手機和個人數位助理平台免受漏洞的侵害。最大程度地隔離、鎖定內部和可移動儲存空間,使用沙箱和簽署功能,以及加密敏感的使用者資訊。本書還全面介紹了防範病毒、蠕蟲、惡意軟體和緩衝區溢位攻擊的方法。

以下是本書的主要內容:
- 設計高度隔離、安全且驗證的移動應用程式
- 使用Google Android模擬器、除錯器和第三方安全工具
- 配置Apple iPhone API以防止溢位和SQL注入攻擊
- 在Windows Mobile設備上使用私鑰和公鑰加密
- 使用BlackBerry Enterprise Server實施細粒度安全策略
- 修補Java Mobile Edition、SymbianOS和WebOS應用程式中的漏洞
- 在WAP/Mobile HTML應用程式上測試XSS、CSRF、HTTP重定向和釣魚攻擊
- 辨識並消除藍牙、簡訊和GPS服務的威脅

作者Himanshu Dwivedi是iSEC Partners(www.isecpartners.com)的共同創辦人,該公司專注於應用程式安全。Chris Clark是iSEC Partners的首席安全顧問,David Thiel是iSEC Partners的首席安全顧問。