OWASP Mobile Security Project Platform Specific Guidance Android Code Draft

From OWASP
Revision as of 07:39, 20 October 2011 by Dancornell (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Authentication

Session Management

Access Control

Input Validation

Output Encoding/Escaping

Cryptography

Error Handling and Logging

Data Protection

Android code examples for Data Protection:

   try {
       Context context = getApplicationContext();
       FileOutputStream stream;
       stream = context.openFileOutput("local_filename", Context.MODE_PRIVATE);
       OutputStreamWriter bw = new OutputStreamWriter(stream);
       bw.write(sb.toString());
       bw.flush();
       bw.close();
   } catch (IOException ioe) {
       // Handle the exception
   }

Communication Security

HTTP Security

Security Configuration