App Account Mapping to Linux Users - Security & Sustainability II | Coursera

Para EmpresasPara los estudiantes

Explorar
Principales cursos
Inicia Sesión
Únete de forma gratuita

App Account Mapping to Linux Users

Loading...

Engineering Maintainable Android Apps

Universidad Vanderbilt

4.5 (237 calificaciones) | 22K estudiantes inscritos

Curso 4 de 5 en Android App Development Programa Especializado

Inscríbete gratis

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

Destrezas que aprenderás

Software Testing, Unit Testing, Android Software Development, Junit

Reseñas

4.5 (237 calificaciones)

5 stars
67.51%
4 stars
23.20%
3 stars
5.48%
2 stars
2.10%
1 star
1.68%

GN

Aug 03, 2017

An Excellent course. I will say it is an online course that made me study as if I were in a classroom

ME

Sep 20, 2017

gave me a very good overview on security as a whole and on security specifically for android.

De la lección

Security & Sustainability II

This module provides an introduction to Unit Testing using the Junit 4.0 Framework in Android, as well as an introduction to Testing Frameworks using the Robotium open-source test framework for writing graybox testing cases to automate the testing of multi-Activity Android apps.

Traditional App Accounts3:15

Traditional vs. Mobile App Accounts5:28

App Account Mapping to Linux Users4:45

Apps Lie & Steal4:23

How Android Protects Apps13:52

What Android Does Not Protect14:20

The Challenges of Secure Coding2:48

Security Vulnerability Walkthrough7:30

The iRemember App Example3:38

Privilege Escalation I5:40

Privilege Escalation II4:07

Privilege Escalation III6:22

Course Wrap-up13:59

Impartido por:

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
Dr. Jules White
Associate Professor of Computer Science

Prueba el curso Gratis

Transcripción

When your app gets installed, that's when the system creates the identity, or the account, that's going to be associated with your app. So, let's dive a little deeper into what that actually means on app or Android when you install an app, and what happens under the hood to create that user account. Well, when you create an Android app, one of things you have to specify is an Android manifest.xml file. And this is a file that all of you should be very well familiar with if you've been building Android apps. And what this does is it tells Android things that it needs to know about your app in order to install it on the system, in order to understand what each different components are. And very importantly from a security perspective, it tells it which capabilities of the hardware platform on the Android device or the capabilities provided by other apps, like the Contacts app, that you want to have access to in your app. So you declare a series of uses permissions. And these are things that your app wants to have access to on the underlying platform. And each of these user permissions corresponds to some type of underlying capability of the device. Something like access to the Internet maybe, or access to the camera. And your app declares all of these things up front so that when the user installs your app on their device, Android can go and scan all of these user permissions, figure out what they map to in terms of capabilities in your device, and then present a menu to the user saying do you want to allow this app to have access to x, y and z things. So the user gets to decide is this okay? And if they say that it's okay, what Android does is it takes all these user permissions and it goes and creates an account on the underlying Linux operating system that's part of Android for your app. So, Android is a modified version of Linux that runs on mobile devices. And when you create, install an app, and then create a user account for it, what's actually happening is that the underlying Linux operating system is creating a user for that app. So, this and this, basically create the Linux user for your app. This is what's going to define the capabilities of this linux user. It's the things that you ask for in your manifest file. Underneath the hood, each of the things you ask for like Internet or camera, each of those has a separate Linux group that's associated with it. For example, you may have the camera group. And this is a user group that is set up to define the set of users that have access to the camera. And this is already on the device when you install the app. And so, what Android does is it creates your Linux user and then based on each of the uses permissions it figures out which of the different user groups your account should be associated with. So it associates this app for a photo editor, let's say, with its own Linux user. And then it associates that Linux user with the underlying camera group. And so now, when your app is running, if your app goes and tries to access the camera, Android and it's underlying Linux kernel can look at the user account associated with your app, and then can check if it's part of this Linux user group that should have access to the camera. So underneath the hood, all of these permissions that we see in our apps and that are manifested as uses permissions in the Android manifest XML files, actually get mapped down to Linux user groups.

Explora nuestro catálogo

Inscríbete de manera gratuita y obtén recomendaciones personalizadas, actualizaciones y ofertas.

Coursera Footer

Principales cursos en línea

Buscar el objetivo y el significado de la vida
Comprender las investigaciones médicas
Japonés para principiantes
Introducción a la Informática en la nube
Bases para la concientización
Aspectos básicos de las finanzas
Aprendizaje Automático
Aprendizaje automático con Sas Viya
La ciencia del bienestar
Rastreo de contactos de COVID-19
IA para todos
Mercados financieros
Introducción a la Psicología
Primeros pasos con AWS
Marketing internacional
C++
Análisis predictivo y minería de datos
Aprender a aprender en UCSD
Programación para todos de Michigan
Programación JHU R
Capacitación en CPI de Google CBRS

Principales especializaciones en línea

Procesamiento natural del lenguaje (NLP)
IA para medicina
Experto en palabras: escritura y edición
Modelización de enfermedades infecciosas
Pronunciación del inglés americano
Automatización de las pruebas de software
Aprendizaje profundo
Python para todos
Ciencia de Datos
Aspectos básicos de los negocios
Habilidades de Excel aplicadas para los negocios
Ciencia de los datos con Python
Finanzas para todos
Habilidades de comunicación para ingenieros
Capacitación en ventas
Carrera en gestión de marcas
Análisis de negocios en Wharton
Psicología positiva en Penn
Aprendizaje automático en Washington
Diseño gráfico de CalArts

Certificados en linea

Certificados profesionales
Certificados MasterTrack
Soporte de TI de Google
Ciencia de datos de IBM
Ingeniería de datos de Google Cloud
IA aplicada por IBM
Arquitectura de Google Cloud
Analista de ciberseguridad de IBM
Automatización de TI de Google con Python
Profesional de mainframe de z/OS de IBM
Gestión aplicada de proyectos en UCI
Certificado en diseño instruccional
Certificado en ingeniería y gestión de la construcción
Certificado en grandes datos
Certificado en Aprendizaje automático para el análisis
Certificado en emprendimientos y gestión de la innovación
Certificado en Sostenibilidad y Desarrollo
Certificado en trabajo social
Certificado en IA y aprendizaje automático
Certificado en Análisis y visualización de datos espaciales

Programas de titulación en línea

Títulos en ciencias informáticas
Títulos en negocios
Títulos en salud pública
Títulos en ciencias de los datos
Licenciaturas
Licenciatura en Ciencias de la Computación
Maestría en Ingeniería eléctrica
Título de finalización de licenciatura
Maestría en Gestión
Maestría en Ciencias informáticas
MPH
Maestría en contabilidad
MCIT
MBA en línea
Maestría en ciencias de los datos aplicada
MBA global
Maestría en Innovación y emprendimiento
Maestría en Ciencia de los datos
Maestría en Ciencias informáticas
Maestría en Salud Pública

Coursera

Acerca de
Liderazgo
Empleo
Catálogo
Certificados
Certificados MasterTrack™
Grados
Para Empresas
Para gobiernos
Para el campus
En respuesta al Coronavirus

Comunidad

Estudiantes
Socios
Desarrolladores
Probador beta
Traductores
Blog
Blog de Tecnología
Centro de enseñanza

Más

Términos
Privacidad
Ayuda
Accesibilidad
Prensa
Contacto
Directorio
Afiliados

Consíguelo en Google Play

© 2020 Coursera Inc. Todos los derechos reservados.