get to prod tasks
This commit is contained in:
80
tasks/android-production/07-encrypted-storage.md
Normal file
80
tasks/android-production/07-encrypted-storage.md
Normal file
@@ -0,0 +1,80 @@
|
||||
# 07. Encrypted SharedPreferences & DataStore Audit
|
||||
|
||||
meta:
|
||||
id: android-production-07
|
||||
feature: android-production
|
||||
priority: P1
|
||||
depends_on: []
|
||||
tags: [security, data-protection, production]
|
||||
|
||||
objective:
|
||||
- Audit and secure all local data storage using encrypted SharedPreferences and DataStore
|
||||
|
||||
deliverables:
|
||||
- EncryptedSharedPreferences for sensitive data
|
||||
- DataStore for preferences
|
||||
- Secure data deletion
|
||||
- Storage audit report
|
||||
|
||||
steps:
|
||||
1. Audit current storage:
|
||||
- Review all SharedPreferences usage
|
||||
- Review DataStore usage
|
||||
- Review CacheManager.kt
|
||||
- Identify all sensitive data stored locally
|
||||
2. Implement encrypted preferences:
|
||||
- Use EncryptedSharedPreferences from androidx.security
|
||||
- Store auth tokens, refresh tokens
|
||||
- Store biometric preference
|
||||
- Store user profile data
|
||||
3. Configure DataStore:
|
||||
- Use DataStore for non-sensitive preferences
|
||||
- Theme, language, notification settings
|
||||
- Migrate from SharedPreferences if needed
|
||||
4. Secure CacheManager:
|
||||
- Ensure no sensitive data in unencrypted cache
|
||||
- Encrypt cached API responses containing PII
|
||||
- Set cache size limits
|
||||
- Implement secure eviction
|
||||
5. Add secure deletion:
|
||||
- Overwrite sensitive data before removal
|
||||
- Clear all secure storage on logout
|
||||
- Handle account deletion (GDPR)
|
||||
6. Add backup exclusion:
|
||||
- Exclude encrypted preferences from cloud backup
|
||||
- Mark sensitive files with android:allowBackup="false"
|
||||
- Document backup strategy
|
||||
7. Test storage security:
|
||||
- Verify data encrypted at rest
|
||||
- Verify no plaintext sensitive data in files
|
||||
- Test backup/restore behavior
|
||||
|
||||
tests:
|
||||
- Unit: Test encrypted storage read/write
|
||||
- Security: Verify no plaintext tokens in files
|
||||
- Integration: Test logout clears all data
|
||||
|
||||
acceptance_criteria:
|
||||
- All sensitive data in EncryptedSharedPreferences
|
||||
- Auth tokens encrypted at rest
|
||||
- Refresh tokens encrypted at rest
|
||||
- Non-sensitive preferences in DataStore
|
||||
- No sensitive data in unencrypted cache
|
||||
- Secure deletion overwriting data
|
||||
- Sensitive storage excluded from backup
|
||||
- Logout clears all auth data
|
||||
- Account deletion removes all local data
|
||||
- No plaintext sensitive data discoverable in app files
|
||||
|
||||
validation:
|
||||
- Inspect app files → no plaintext tokens
|
||||
- Check EncryptedSharedPreferences → data encrypted
|
||||
- Logout → all auth data cleared
|
||||
- Backup app → sensitive data not included
|
||||
- Account deletion → all data removed
|
||||
|
||||
notes:
|
||||
- EncryptedSharedPreferences uses AES-256 encryption
|
||||
- Master key stored in Android Keystore
|
||||
- DataStore is modern replacement for SharedPreferences
|
||||
- Consider using SQLCipher for database encryption if using Room
|
||||
Reference in New Issue
Block a user