Differences
This shows you the differences between two versions of the page.
|
smd:res:assignment [2021/02/28 19:36] adriana.draghici [Assignment] |
smd:res:assignment [2023/04/12 13:10] (current) cosmin.chenaru |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Assignment ====== | ====== Assignment ====== | ||
| - | The assignment is an **individual project** in which you will apply what you have learned at the laboratories (Android programming and security guidelines) to develop a secure Android application. | + | The assignment is an **individual project** in which you will apply the concepts learned during the labs to develop a secure Android application. |
| - | Create an application which has the following components and functionalities: | + | Your task is to develop an app with any topic/purpose of your choice, which has the following components and functionalities: |
| * At least 2 activities - **1p** | * At least 2 activities - **1p** | ||
| Line 17: | Line 17: | ||
| * :!: Respect the security guidelines presented throughout the lectures and labs :!: **2p** | * :!: Respect the security guidelines presented throughout the lectures and labs :!: **2p** | ||
| - | The application must be implemented using native Android code, in Kotlin or in Java. If implemented in a framework such as Flutter, all the security requirements must be implemented and the student to show an understanding of their role, in order for the project to be considered for grading. | ||
| - | In the cases where the topic chosen for the app doesn't fit very well into the requirements (e.g. it doesn't need a notification from an usability point of view), then the student should discuss this with the Teaching Assistant to receive advice on how to replace that requirement with something else. | + | The application must be implemented using native Android code, in Kotlin or in Java. If implemented in a framework such as Flutter, all the security requirements must be implemented and the student must show an understanding of their role, in order for the project to be considered for grading. |
| + | |||
| + | In the cases where the topic chosen for the app doesn't fit very well into the requirements (e.g. it doesn't need a notification from a usability point of view), then the student should discuss this with the Teaching Assistant to receive advice on how to replace that requirement with something else. | ||
| ===== Security guidelines ===== | ===== Security guidelines ===== | ||
| * You can use this [[https://www.immuniweb.com/mobile/|web APK scanner]] to check how secure your app is | * You can use this [[https://www.immuniweb.com/mobile/|web APK scanner]] to check how secure your app is | ||
| - | * All services must not be exported if they are not meant to be used by other apps | + | * Do not export components (services, broadcast receivers, apps) unless it's really necessary |
| * Use a local broadcast manager if applicable | * Use a local broadcast manager if applicable | ||
| - | * Declare only the necessary permissions in the manifest | + | * Declare only the necessary permissions |
| * Check/request permissions in the activity/other component | * Check/request permissions in the activity/other component | ||
| * Always use https and, if necessary, validate the digital certificate if a custom one is used | * Always use https and, if necessary, validate the digital certificate if a custom one is used | ||
| Line 34: | Line 35: | ||
| - | **Bonus points** can be obtained for including: | + | ===== Logistics ===== |
| - | * Input sanitization for database storage (to prevent SQLite injection) | + | |
| - | * Special UI design | + | |
| - | * MVVM, livedata | + | |
| - | * Kotlin courutines or rxJava/rxKotlin | + | |
| - | * Unit testing | + | |
| - | * Code readability, modularization, clean code | + | |
| - | * Integration with an API which belongs to a custom server written by you | + | |
| - | The amount of bonus points will be decided by the teaching assistant when evaluating the project. | + | The code must be submitted on each student's private Github repository used for the SMD activities and created via Github classroom. |
| - | :!:In order to receive **bonus points**, the project must be functional, respect the security guidelines and the required components. | + | The projects will be checked for plagiarism. |
| - | ===== Timeline ===== | ||
| - | - **Choose a topic for your app:** until April 4th 2020 | + | ==== Timeline ==== |
| + | |||
| + | - **Choose a topic for your app:** until April 20th 2023 | ||
| * discuss your idea with your teaching assistant (at the lab, on MS Teams or by email) | * discuss your idea with your teaching assistant (at the lab, on MS Teams or by email) | ||
| - | * submit a description of your app on Moodle ([[https://acs.curs.pub.ro/2019/mod/assign/view.php?id=10054|SAS]], [[https://acs.curs.pub.ro/2019/mod/assign/view.php?id=10056|SRIC]]) | + | - **Intermediary project presentation:** April 27th 2023 |
| - | * the TA will provide feedback, suggestions on Moodle for your idea | + | |
| - | - **Intermediary project presentation:** middle of May exact date TO BE ANNOUNCED | + | |
| * Presentation will be a discussion with the Teaching Assistant, during the lab, about the progress you made on your project | * Presentation will be a discussion with the Teaching Assistant, during the lab, about the progress you made on your project | ||
| * There will be slots in which you can present | * There will be slots in which you can present | ||
| * Each presentation will take at most 10 minutes | * Each presentation will take at most 10 minutes | ||
| - | - **Project presentations**: towards the end of the semester, exact date TO BE ANNOUNCED | + | - **Project presentations**: May 25th 2023 |
| * The assignment will be presented during the lab | * The assignment will be presented during the lab | ||
| - | ===== Grading ===== | + | ==== Grading ==== |
| + | |||
| + | |||
| + | **Bonus points** can be obtained for including: | ||
| + | * Input sanitization for database storage (to prevent SQLite injection) | ||
| + | * Special UI design | ||
| + | * MVVM, livedata | ||
| + | * Kotlin corutines or rxJava/rxKotlin | ||
| + | * Unit testing | ||
| + | * Code readability, modularization, clean code | ||
| + | * Integration with an API which belongs to a custom server written by you | ||
| + | |||
| + | The amount of bonus points will be decided by the teaching assistant when evaluating the project. | ||
| + | |||
| + | In order to receive bonus points, the project must be functional, respect the security guidelines and the required components. | ||
| - | - **3 points** for a complete assignment | + | - **3 points** out of the total 10 for the whole semester (exam, labs etc) for a complete assignment |
| - | - Penalties: | + | - **Penalties:** |
| * 0.3 points - for not submitting **the project topic** in time | * 0.3 points - for not submitting **the project topic** in time | ||
| * 0.5 points - for not presenting **the intermediary project presentation** | * 0.5 points - for not presenting **the intermediary project presentation** | ||
