Android Architecture, Protection, and Development Best Practices

This course is included in our On-demand training solution.


Given the relatively open nature of the Android development environment, developers ought to have a clear understanding of the OS structure, as well as how to securely protect application code. In this course, you will be introduced to the Android environment and overall architecture, and will also be presented with a basic understanding of key Android OS security features. You will also learn how to protect Android application code and will learn about best practices to employ when developing secure Android applications.

Target Audience

Application developers on the beginner and intermediate level seeking to create and deploy secure Android applications



Expected Duration

150 min.

Course Objectives

Course Introduction

Understanding the Android Environment

  • describe the major components of the Android Environment, specifically the Android SDK, Eclipse IDE and ADT, Tools (DDMS, ADB)
  • Installing Android Standalone SDK Tools

  • download and install the Android standalone SDK tools package
  • Installing the Android Studio IDE

  • download and install the Android Studio IDE
  • Understanding the Linux Kernel

  • describe how the Linux kernel provides security on the Android platform, including Linux permissions enforcement
  • Understanding Android Runtime Components

  • describe Android runtime components, specifically the Dalvik VM and Core Libraries
  • Getting Familiar with Android Application Services

  • describe how to start, bind, and create an application service, as well as how to declare a service in the Manifest.xml file
  • Getting Familiar with Activity Lifecycles

  • define an activity and describe activity stack and callback methods used to implement activity lifecycles
  • Understanding Android Application Framework

  • describe the Android application framework layer services, specifically the Resource Manager, Activity Manager, Location Manager, Notification Manager, Package Manager, Views, and Content Providers
  • Overview of Android Software Stack Layers

  • describe Android software stack layers
  • Overview of Application User Protection Levels

  • define the user protection levels that can be assigned in a Manifest permissions file
  • Getting Familiar with Code Signing

  • describe the process of application code signing
  • Packaging an Android Application

  • securely package an Android application
  • Installing Android Debug Bridge

  • install and test operation of the Android Debug Bridge tool from the standalone SDK tools package
  • Identifying Application-based Permissions

  • identify application-based permissions, specifically Android Manifest Permissions
  • Enabling the ProGuard Tool in Android SDK

  • enable the ProGuard code obfuscation tool in Android SDK
  • Creating a Signing Key and Certificate

  • create an Android application signing key and certificate in Android Studio
  • Signing Application Code to Protect Against Malware

  • use code signing to protect Android application code from malware attacks
  • Leveraging Linux Security Services to Protect Data

  • use Linux security services to protect Android application data
  • Understanding Permissions Assignment

  • describe how permissions and process attributes are assigned in Android OS
  • Working with Permissions and Shared User IDs

  • describe how permissions are granted and managed for applications with shared user IDs
  • Declaring Application Permissions

  • declare Android application permissions in a Manifest permissions file
  • Enforcing Permissions

  • describe how permissions are enforced at the kernel level, native daemon level, and the framework level in Android OS
  • Declaring Custom Permissions

  • declare a custom permission in a Manifest permissions file
  • Exercise: Identifying Permissions and Signing Code