Complete Mediation - Security & Sustainability I | Coursera

For EnterpriseFor Students

Browse
Top Courses
Log In
Join for Free

Complete Mediation

Loading...

Engineering Maintainable Android Apps

Vanderbilt University

4.5 (245 ratings) | 24K Students Enrolled

Course 4 of 5 in the Android App Development Specialization

Enroll for Free

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

Skills You'll Learn

Software Testing, Unit Testing, Android Software Development, Junit

Reviews

4.5 (245 ratings)

5 stars
67.75%
4 stars
23.26%
3 stars
5.30%
2 stars
2.04%
1 star
1.63%

GN

Aug 2, 2017

An Excellent course. I will say it is an online course that made me study as if I were in a classroom

ME

Sep 19, 2017

gave me a very good overview on security as a whole and on security specifically for android.

From the lesson

Security & Sustainability I

Security & Sustainability3:48

Economy of Mechanism4:10

Economy of Mechanism Example17:04

Least Privilege6:26

Least Privilege Example7:02

Complete Mediation3:10

Complete Mediation Example8:41

Secure Defaults5:35

Secure Defaults Example7:29

Taught By

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
Dr. Jules White
Associate Professor of Computer Science

Try the Course for Free

Transcript

When we're building apps that have sensitive data or sensitive capabilities in them, we maybe storing somebody's personal memories or we maybe doing something else in the app, it's really important that we employ a principle of design called complete mediation. And what we want to do is whenever some entity or object in our system is accessing one of these sensitive capabilities or pieces of information, we want to check that that access is appropriate and do any type of authentication or other things that we need, to make sure that that access is right. Every time, if possible, we want to check if that access should be happening. If the thing that is accessing it really should have access to it at that point in time, and given the context. Complete mediation is being very, very careful in doling out access to the sensitive capabilities. There are sensitive pieces of information that our app has. Now for example if we build a system where you log in once and then once you've logged in, you always have access to these different capabilities, that maybe not the best idea depending on the environment that we're operating in. For example, let's say that we build an app that has very sensitive banking information in it and you can once you signed in, you can instantly launch that app and see all of the banking information. And then we're not going to check anything that goes on with it. That might be a violation because somebody else may be able to pick up that app, that phone who isn't the owner of that bank account and look at that banking information. Or what if we create a system whereby once you've logged in as the user, you can then issue any transactions you want. You install the app once, you log in, and then you can open the app at any time and make transactions. And we accidentally expose an activity that can receive an intent from the outside. And suddenly the other apps on the device can start requesting that transactions be made and we aren't rechecking that this really an appropriate access. We're not completely mediating these transactions on the bank account and making sure that they should really be happening. This is a really important principle that we're always checking these accesses to secure sensitive information to sensitive capabilities or a device. And we're not just allowing and assuming that just because something's authenticated once, that it's always going to get access and that we shouldn't check those things later down the road. We always want to carefully check what we're doing and ensure that we're not creating in a security issue and this is what a complete mediation is about.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera Footer

Top Online Courses

Finding Purpose & Meaning in Life
Understanding Medical Research
Japanese for Beginners
Introduction to Cloud Computing
Foundations of Mindfulness
Fundamentals of Finance
Machine Learning
Machine Learning Using Sas Viya
The Science of Well Being
Covid-19 Contact Tracing
AI for Everyone
Financial Markets
Introduction to Psychology
Getting Started with AWS
International Marketing
C++
Predictive Analytics & Data Mining
UCSD Learning How to Learn
Michigan Programming for Everybody
JHU R Programming
Google CBRS CPI Training

Top Online Specializations

Natural Language Processing (NLP)
AI for Medicine
Good with Words: Writing & Editing
Infections Disease Modeling
The Pronounciation of American English
Software Testing Automation
Deep Learning
Python for Everybody
Data Science
Business Foundations
Excel Skills for Business
Data Science with Python
Finance for Everyone
Communication Skills for Engineers
Sales Training
Career Brand Management
Wharton Business Analytics
Penn Positive Psychology
Washington Machine Learning
CalArts Graphic Design

Online Certificates

Professional Certificates
MasterTrack Certificates
Google IT Support
IBM Data Science
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI Applied Project Management
Instructional Design Certificate
Construction Engineering and Management Certificate
Big Data Certificate
Machine Learning for Analytics Certificate
Innovation Management & Entrepreneurship Certificate
Sustainabaility and Development Certificate
Social Work Certificate
AI and Machine Learning Certificate
Spatial Data Analysis and Visualization Certificate

Online Degree Programs

Computer Science Degrees
Business Degrees
Public Health Degrees
Data Science Degrees
Bachelor's Degrees
Bachelor of Computer Science
MS Electrical Engineering
Bachelor Completion Degree
MS Management
MS Computer Science
MPH
Accounting Master's Degree
MCIT
MBA Online
Master of Applied Data Science
Global MBA
Master's of Innovation & Entrepreneurship
MCS Data Science
Master's in Computer Science
Master's in Public Health

Coursera

About
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus
Coronavirus Response

Community

Learners
Partners
Developers
Beta Testers
Translators
Blog
Tech Blog
Teaching Center

More

Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates

Get it on Google Play

© 2020 Coursera Inc. All rights reserved.