Differences
This shows you the differences between two versions of the page.
|
smd:res:assignment [2020/02/18 11:49] adriana.draghici |
smd:res:assignment [2023/04/12 13:10] (current) cosmin.chenaru |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Assignment ====== | ====== Assignment ====== | ||
| - | The assignment is an **individual project** in which you will apply what you have learned at the laboratories (Android programming and security guidelines) to develop a secure Android application. | + | The assignment is an **individual project** in which you will apply the concepts learned during the labs to develop a secure Android application. |
| - | Create an application which has the following components and functionalities: | + | Your task is to develop an app with any topic/purpose of your choice, which has the following components and functionalities: |
| - | - At least 2 activities | + | |
| - | - At least 1 service | + | |
| - | - At least 1 broadcast receiver | + | |
| - | - Integration with at least 1 API, for example: | + | |
| - | - https://api.tfl.gov.uk/ - data for air quality, pollution, transportation etc | + | |
| - | - https://earthquake.usgs.gov/fdsnws/event/1/ - data for earthquakes | + | |
| - | - https://openweathermap.org/api - weather | + | |
| - | - 1 Settings Activity (can be included in the minimum of 2 activities required for the project) and the use of Shared Preferences | + | |
| - | - :!: **Respect the security guidelines presented throughout the lectures and labs** | + | |
| - | In order to receive **bonus points**, the project must also have the main components and functionalities. In total there can be 2 bonus points. | + | * At least 2 activities - **1p** |
| + | * At least 1 broadcast receiver - **1p** | ||
| + | * Asynchronous work performed on threads other than the main one, or periodically scheduled work **1.5p** | ||
| + | * Notifications - **0.5p** | ||
| + | * Integration with at least 1 API, for example: **3p** | ||
| + | * https://api.tfl.gov.uk/ - data for air quality, pollution, transportation etc | ||
| + | * https://earthquake.usgs.gov/fdsnws/event/1/ - data for earthquakes | ||
| + | * https://openweathermap.org/api - weather | ||
| + | * [[ https://medium.com/rakuten-rapidapi/top-10-best-food-and-recipe-apis-yelp-zomato-untappd-and-more-2bf712a032c2|Food APIs list]] | ||
| + | * 1 Settings Activity (can be included in the minimum of 2 activities required for the project) and the use of Shared Preferences **1p** (settings activity **0.5p** and shared preferences **0.5p**) | ||
| + | * :!: Respect the security guidelines presented throughout the lectures and labs :!: **2p** | ||
| - | **Bonus points** can be obtained for including: | ||
| - | * special UI design | ||
| - | * unit testing. | ||
| - | **Timeline** | + | The application must be implemented using native Android code, in Kotlin or in Java. If implemented in a framework such as Flutter, all the security requirements must be implemented and the student must show an understanding of their role, in order for the project to be considered for grading. |
| - | - Choose a topic for your app: 8-22 March 2020 | + | |
| - | * discuss your idea with your teaching assistant (at the lab or by email) | + | |
| - | * submit a description of your app on Moodle ([[https://acs.curs.pub.ro/2019/mod/assign/view.php?id=10054|SAS]], [[https://acs.curs.pub.ro/2019/mod/assign/view.php?id=10056|SRIC]]) | + | |
| - | * the TA will provide feedback, suggestions on Moodle for your idea | + | |
| - | - Intermediary project presentation: 4-8 May 2020 | + | |
| - | * Presentation will be a discussion with the TA, during the lab, about the progress you made on your project | + | |
| - | - Project presentations: 18-22 May 2020 | + | |
| - | * The assignment will be presented during the lab in the last week of the semester. | + | |
| - | **Grading** | + | In the cases where the topic chosen for the app doesn't fit very well into the requirements (e.g. it doesn't need a notification from a usability point of view), then the student should discuss this with the Teaching Assistant to receive advice on how to replace that requirement with something else. |
| - | - **3 points** for a complete assignment | + | |
| - | - Penalties: | + | ===== Security guidelines ===== |
| + | |||
| + | * You can use this [[https://www.immuniweb.com/mobile/|web APK scanner]] to check how secure your app is | ||
| + | * Do not export components (services, broadcast receivers, apps) unless it's really necessary | ||
| + | * Use a local broadcast manager if applicable | ||
| + | * Declare only the necessary permissions | ||
| + | * Check/request permissions in the activity/other component | ||
| + | * Always use https and, if necessary, validate the digital certificate if a custom one is used | ||
| + | * Always use internal storage | ||
| + | * Sensitive information to be encrypted (authentication tokens, passwords) using **EncryptedFile** or **EncryptedSharedPreferences**. For more information you can check [[https://developer.android.com/topic/security/data|here]] | ||
| + | * Encrypt the data for sensitive communication (e.g. over Bluetooth) | ||
| + | |||
| + | |||
| + | ===== Logistics ===== | ||
| + | |||
| + | The code must be submitted on each student's private Github repository used for the SMD activities and created via Github classroom. | ||
| + | |||
| + | The projects will be checked for plagiarism. | ||
| + | |||
| + | |||
| + | ==== Timeline ==== | ||
| + | |||
| + | - **Choose a topic for your app:** until April 20th 2023 | ||
| + | * discuss your idea with your teaching assistant (at the lab, on MS Teams or by email) | ||
| + | - **Intermediary project presentation:** April 27th 2023 | ||
| + | * Presentation will be a discussion with the Teaching Assistant, during the lab, about the progress you made on your project | ||
| + | * There will be slots in which you can present | ||
| + | * Each presentation will take at most 10 minutes | ||
| + | - **Project presentations**: May 25th 2023 | ||
| + | * The assignment will be presented during the lab | ||
| + | |||
| + | ==== Grading ==== | ||
| + | |||
| + | |||
| + | **Bonus points** can be obtained for including: | ||
| + | * Input sanitization for database storage (to prevent SQLite injection) | ||
| + | * Special UI design | ||
| + | * MVVM, livedata | ||
| + | * Kotlin corutines or rxJava/rxKotlin | ||
| + | * Unit testing | ||
| + | * Code readability, modularization, clean code | ||
| + | * Integration with an API which belongs to a custom server written by you | ||
| + | |||
| + | The amount of bonus points will be decided by the teaching assistant when evaluating the project. | ||
| + | |||
| + | In order to receive bonus points, the project must be functional, respect the security guidelines and the required components. | ||
| + | |||
| + | - **3 points** out of the total 10 for the whole semester (exam, labs etc) for a complete assignment | ||
| + | - **Penalties:** | ||
| * 0.3 points - for not submitting **the project topic** in time | * 0.3 points - for not submitting **the project topic** in time | ||
| * 0.5 points - for not presenting **the intermediary project presentation** | * 0.5 points - for not presenting **the intermediary project presentation** | ||
