Data encryption in Android
Ghimire, Ashim (2020)
Ghimire, Ashim
2020
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2020110922409
https://urn.fi/URN:NBN:fi:amk-2020110922409
Tiivistelmä
The importance of data security is growing every year and the threats to it are increasing every year. Data security in mobile applications is never easy. If a mobile phone is stolen and the screen lock is breached, then the security of data is threatened. Raisoft which is a Finnish software company owns mobile application called RaiMobile. It is an application which can run with or without internet connection. RaiMobile is currently in development mode and its data security is to be improved.
The aim of this thesis is to improve the data security of the RaiMobile application. In this thesis a proof of concept application for RaiSecure is made. It tries to tackle the security problem faced by RaiMobile and implement a solution following the best security practices. The solution implemented in RaiSecure needs to be compatible with the RaiMobile. RaiSecure is a small application containing a SQLite database with dummy data and with three screens. The main task of RaiSecure is to keep the data in the database and local storage safe. The data in the database is kept safe by encrypting the database. Since RaiSecure is an offline application key used for database encryption it is stored in a local data storage. The key is again used for decrypting database. The key is kept safe by encrypting it with key material from Android KeyStore provided by Android. The key is later saved in a local encrypted shared preference. RaiSecure tries to keep the data protected by using secure encryption and with the best security practices followed in Android Community.
The aim of this thesis is to improve the data security of the RaiMobile application. In this thesis a proof of concept application for RaiSecure is made. It tries to tackle the security problem faced by RaiMobile and implement a solution following the best security practices. The solution implemented in RaiSecure needs to be compatible with the RaiMobile. RaiSecure is a small application containing a SQLite database with dummy data and with three screens. The main task of RaiSecure is to keep the data in the database and local storage safe. The data in the database is kept safe by encrypting the database. Since RaiSecure is an offline application key used for database encryption it is stored in a local data storage. The key is again used for decrypting database. The key is kept safe by encrypting it with key material from Android KeyStore provided by Android. The key is later saved in a local encrypted shared preference. RaiSecure tries to keep the data protected by using secure encryption and with the best security practices followed in Android Community.