Traditional App Accounts

Loading...

From the course by Vanderbilt University

Engineering Maintainable Android Apps

125 ratings

Vanderbilt University

Engineering Maintainable Android Apps

125 ratings

Course 4 of 5 in the Specialization Android App Development

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

From the lesson

Security & Sustainability II

This module provides an introduction to Unit Testing using the Junit 4.0 Framework in Android, as well as an introduction to Testing Frameworks using the Robotium open-source test framework for writing graybox testing cases to automate the testing of multi-Activity Android apps.

Traditional App Accounts3:15

Traditional vs. Mobile App Accounts5:28

App Account Mapping to Linux Users4:45

Apps Lie & Steal4:23

How Android Protects Apps13:52

What Android Does Not Protect14:20

The Challenges of Secure Coding2:48

Security Vulnerability Walkthrough7:30

The iRemember App Example3:38

Privilege Escalation I5:40

Privilege Escalation II4:07

Privilege Escalation III6:22

Course Wrap-up13:59

Meet the Instructors

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Electrical Engineering and Computer Science
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
EECS
Dr. Jules White
Associate Professor of Computer Science
Electrical Engineering and Computer Science

[MUSIC]

So, one of the important things to understand when building Android

applications is how do I secure Android applications.

We've all seen stories in the news about

Apps that didn't properly secure their users data.

And allowed other apps to read and write their private messages or contacts.

And so,

what this series of lectures is going to cover is what are sort of the basic

things that you need to understand about how Android security works.

And then, based on your understanding of what Android provides you from a security

perspective.

How you can write your app to improve its security?

So, one of the first things to understand when we're talking about Android security,

is how Androids version or how application or apps operates is different

from what we see on a traditional desktop computing environment.

So, in a traditional desktop and computing environment,

if we launch an application, let's say it's a photo editor and

we'll say this is our first app that we're launching.

So, this is app one and let's say that that photo editor goes and

we open it, and we decide that we want to access the internet maybe

to download some images that we have stored on Facebook or Flickr.

And then after getting those images.

We go and we edit the images.

And we save them to the storage on the disk.

Now, one of the important things about the way that desktop environments work,

is that they associate each app.

That you launch with a single person, that is your user account.

If you launch an app, that app is associated with your user account, and

has all of the permissions and

capabilities that are part of whatever's in your user account.

So, this app will be part of your user account.

And when you go and launch a second application, this is where this

concept of each app running within your user account becomes important.

So, if we go and

we launch a second application, let's say that this is your browser and

you're going to view in web browser, exactly what that image looks like.

So, we will launch our web browser.

This is our second application.

One of the important things is this will also be running in our user account,

and what that means is this application can go and directly access those

same areas of storage that the first app could access.

And the reason is that the privileges and permissions that are governing

the web browser, which is another app that I, the user, have launched,

are exactly the same, as the privileges and permissions of the first app.

And that's because, I as a user launched both of these applications and

therefore both of them are associated with my user account.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2019 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play