Assignment

The assignment is an individual project in which you will apply what you have learned at the laboratories (Android programming and security guidelines) to develop a secure Android application.

Create an application which has the following components and functionalities:

  1. At least 2 activities - 1p
  2. At least 1 service - 2p
  3. At least 1 broadcast receiver - 1p
  4. Integration with at least 1 API, for example: 3p
    1. https://api.tfl.gov.uk/ - data for air quality, pollution, transportation etc
  5. 1 Settings Activity (can be included in the minimum of 2 activities required for the project) and the use of Shared Preferences 1p (settings activity 0.5p and shared preferences 0.5p)
  6. :!: Respect the security guidelines presented throughout the lectures and labs :!: 2p

:!: Security guidelines :!:

  • all services should not be exported if they are not meant to be used by other apps
  • use a local broadcast manager if necessary
  • declare only the necessary permissions in the manifest
  • check/request permissions in the activity/other component
  • always use https and, if necessary, validate the digital certificate if a custom one is used
  • always use internal storage
  • sensitive information to be encrypted (authentication tokens, passwords) using EncryptedFile or EncryptedSharedPreferences. For more information you can check here
  • encrypt the data for sensitive communication (e.g. over Bluetooth)
  • you can use this web APK scanner to check how secure your app is

In order to receive bonus points, the project must also have the main components and functionalities. Bonus points can be obtained for including:

  • Input sanitization for storage db (to prevent SQLite injection) 1p
  • special UI design 1p
  • unit testing 1-2p (depends on the unit tests)
  • code readability, modularization, clean code 1p
  • integration with an API which belongs to a custom server written by you 1p

Timeline

  1. Choose a topic for your app: 8-22 March 2020
    • discuss your idea with your teaching assistant (at the lab or by email)
    • submit a description of your app on Moodle (SAS, SRIC)
    • the TA will provide feedback, suggestions on Moodle for your idea
  2. Intermediary project presentation: 6-7 May 2020, 20-22
    • Presentation will be a discussion with the TA, during the lab, about the progress you made on your project
    • There will be 4 slots on both 6 and 7 May in which you can present
    • Each presentation will take at most 10 minutes
  3. Project presentations: 21 May 2020, 18-22
    • The assignment will be presented during the lab in the last week of the semester.

Grading

  1. 3 points for a complete assignment
  2. Penalties:
    • 0.3 points - for not submitting the project topic in time
    • 0.5 points - for not presenting the intermediary project presentation
    • No points will be given if the project is not functional and doesn't respect the assignment requirements
smd/res/assignment.txt ยท Last modified: 2020/04/30 00:02 by vlad.traista
CC Attribution-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0