muellerberndt/android_app_security_checklist

Project phase 6: Security recommendations

Opened this issue · 0 comments

Owen-Rose commented

Security recommendations for Passlock, A mobile password manager application

No sensitive data should be included in backups:

Security Recommendation: It is important to avoid including sensitive data in backups to prevent unauthorized access if the backup files are compromised. I chose this recommendation because backing up sensitive data poses a security risk, especially if the backup is stored in an insecure location or if the backup process itself is vulnerable.

Beneficiary: This recommendation primarily benefits end-users, as it ensures that their sensitive data, such as passwords stored in the password manager, is not exposed in case of a backup compromise.

Source: This recommendation is derived from common security best practices for handling sensitive data and is not explicitly mentioned in the provided checklist. It aligns with general data security principles.

Implementation Timeframe: This recommendation should be implemented from the initial development stages and continuously maintained throughout the application's lifecycle. Regular audits and reviews should be conducted to ensure that sensitive data is not inadvertently included in backups.

Project Justification: In a password manager application, user credentials are highly sensitive. If included in backups, there's a risk of unauthorized access to the stored passwords. Implementing this recommendation helps safeguard user data and maintains the confidentiality and integrity of the information stored in the password manager.

Application: My team needs to ensure that sensitive data, particularly user credentials, are explicitly excluded from the backup process. This can be achieved by implementing a backup strategy that identifies and excludes sensitive data from the backup set. Regular testing and reviews of backup processes should be conducted to validate the effectiveness of the implementation.

Sensitive data should be removed from views when they're moved to the background:

Security Recommendation: This recommendation is vital to protect sensitive information from being accessed when the application is in the background. It prevents unauthorized users or malicious applications from capturing sensitive data from the application's views.

Beneficiary: This recommendation primarily benefits end-users, ensuring that their sensitive data is not exposed when the password manager application is in the background.

Source: This recommendation aligns with mobile application security best practices, and while not explicitly stated in the provided checklist, it is a common requirement for securing mobile applications.

Implementation Timeframe: This recommendation should be implemented during the development phase of the application. It is critical to the overall security posture of the password manager and should be continuously validated through testing and code reviews.

Project Justification: In a password manager application, sensitive data such as passwords should be visible only when the application is actively being used. Implementing this recommendation prevents the exposure of sensitive information if the application is minimized or running in the background.

Application: My team can implement this recommendation by ensuring that sensitive views are appropriately cleared or obscured when the application is moved to the background. This may involve implementing lifecycle event handlers to trigger the removal or obfuscation of sensitive data in the user interface when the application transitions to the background. Regular testing and code reviews are essential to verify the effectiveness of the implementation.

The app should be using proven implementations of cryptographic primitives:

Relevance of Recommendation: This recommendation is highly relevant to the project as it directly addresses the security of the password manager application by ensuring the use of reliable and secure cryptographic implementations.

Beneficiary: Both developers and end-users’ benefit. Developers gain from using established and secure cryptographic libraries, while end-users benefit from the overall security of the application.

Sources: This recommendation aligns with cryptography best practices and industry standards, ensuring that the cryptographic components employed in the application are widely recognized for their security.

Implementation Timeframe: This recommendation should be implemented from the initial development stages and continuously maintained through regular security assessments. The selection of cryptographic primitives should be revisited as technology evolves and security landscapes change.

Project Justification: Employing proven cryptographic primitives is essential to ensure the security of user data. It guards against potential vulnerabilities and exploits that may arise from using outdated or insecure cryptographic algorithms.

Application: To implement this recommendation, I would need to thoroughly research and select well-established cryptographic libraries and algorithms. Regular security assessments, audits, and updates should be conducted to ensure the ongoing reliability and security of the chosen cryptographic primitives.