The following lists map to the Java development guidelines in the book, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, and state their applicability to the development of Android applications.
Rules: Applicable to Android in Principle
Applicable means that the guideline can be applied to general Java platforms including Android.
MSC59-J. Limit the lifetime of sensitive data
SEC55-J. Ensure security-sensitive methods are called with validated argumentsIDS56-J. Prevent arbitrary file upload
Rules: Applicable to Android
Applicable in principle means that the guideline can be applied to Android but the examples shown in the guideline are not relevant to Android, and in some cases the guideline's full description also needs edits (the latter are provided in the section on each corresponding page).
FIO52-J. Do not store unencrypted sensitive information on the client side
IDS53-J. Prevent XPath Injection
MET52-J. Do not use the clone method to copy untrusted method parameters
Rules: Not Applicable to Android
Not applicable means that the guideline cannot be applied to Android platforms.
ERR54-J. Use a try
-with-resources statement to safely handle closeable resources
SEC52-J. Do not expose methods that use reduced-security checks to untrusted code
SEC54-J. Create a secure sandbox using a security manager
Rules: Unknown Applicability to Android
OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers
SEC57-J. Do not let untrusted code misuse privileges of callback methods
Bibliography
[Long 2013] | Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs |