App Account Mapping to Linux Users - Security & Sustainability II | Coursera

Explorar
Principales cursos
Inicia Sesión
Únete de forma gratuita

App Account Mapping to Linux Users

Loading...

Engineering Maintainable Android Apps

Universidad Vanderbilt

4.5 (198 calificaciones) | 16K estudiantes inscritos

Curso 4 de 5 en Android App Development Programa Especializado

Inscríbete gratis

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

Destrezas que aprenderás

Software Testing, Unit Testing, Android Software Development, Junit

Revisiones

4.5 (198 calificaciones)

5 stars
67.17%
4 stars
23.23%
3 stars
5.55%
2 stars
2.52%
1 star
1.51%

GN

Aug 03, 2017

An Excellent course. I will say it is an online course that made me study as if I were in a classroom

ME

Sep 20, 2017

gave me a very good overview on security as a whole and on security specifically for android.

De la lección

Security & Sustainability II

This module provides an introduction to Unit Testing using the Junit 4.0 Framework in Android, as well as an introduction to Testing Frameworks using the Robotium open-source test framework for writing graybox testing cases to automate the testing of multi-Activity Android apps.

Traditional App Accounts3:15

Traditional vs. Mobile App Accounts5:28

App Account Mapping to Linux Users4:45

Apps Lie & Steal4:23

How Android Protects Apps13:52

What Android Does Not Protect14:20

The Challenges of Secure Coding2:48

Security Vulnerability Walkthrough7:30

The iRemember App Example3:38

Privilege Escalation I5:40

Privilege Escalation II4:07

Privilege Escalation III6:22

Course Wrap-up13:59

Impartido por:

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
Dr. Jules White
Associate Professor of Computer Science

Prueba el curso Gratis

Transcripción

When your app gets installed, that's when the system creates the identity, or the account, that's going to be associated with your app. So, let's dive a little deeper into what that actually means on app or Android when you install an app, and what happens under the hood to create that user account. Well, when you create an Android app, one of things you have to specify is an Android manifest.xml file. And this is a file that all of you should be very well familiar with if you've been building Android apps. And what this does is it tells Android things that it needs to know about your app in order to install it on the system, in order to understand what each different components are. And very importantly from a security perspective, it tells it which capabilities of the hardware platform on the Android device or the capabilities provided by other apps, like the Contacts app, that you want to have access to in your app. So you declare a series of uses permissions. And these are things that your app wants to have access to on the underlying platform. And each of these user permissions corresponds to some type of underlying capability of the device. Something like access to the Internet maybe, or access to the camera. And your app declares all of these things up front so that when the user installs your app on their device, Android can go and scan all of these user permissions, figure out what they map to in terms of capabilities in your device, and then present a menu to the user saying do you want to allow this app to have access to x, y and z things. So the user gets to decide is this okay? And if they say that it's okay, what Android does is it takes all these user permissions and it goes and creates an account on the underlying Linux operating system that's part of Android for your app. So, Android is a modified version of Linux that runs on mobile devices. And when you create, install an app, and then create a user account for it, what's actually happening is that the underlying Linux operating system is creating a user for that app. So, this and this, basically create the Linux user for your app. This is what's going to define the capabilities of this linux user. It's the things that you ask for in your manifest file. Underneath the hood, each of the things you ask for like Internet or camera, each of those has a separate Linux group that's associated with it. For example, you may have the camera group. And this is a user group that is set up to define the set of users that have access to the camera. And this is already on the device when you install the app. And so, what Android does is it creates your Linux user and then based on each of the uses permissions it figures out which of the different user groups your account should be associated with. So it associates this app for a photo editor, let's say, with its own Linux user. And then it associates that Linux user with the underlying camera group. And so now, when your app is running, if your app goes and tries to access the camera, Android and it's underlying Linux kernel can look at the user account associated with your app, and then can check if it's part of this Linux user group that should have access to the camera. So underneath the hood, all of these permissions that we see in our apps and that are manifested as uses permissions in the Android manifest XML files, actually get mapped down to Linux user groups.

Explora nuestro catálogo

Inscríbete de manera gratuita y obtén recomendaciones personalizadas, actualizaciones y ofertas.

Principales cursos en línea

IA para todos
Introducción a TensorFlow
Redes neurales y aprendizaje profundo
Algoritmos, parte 1
Algoritmos, parte 2
Aprendizaje Automático
Aprendizaje automático con Python
Aprendizaje automático con Sas Viya
Programación R
Introducción a la programación con Matlab
Análisis de datos con Python
Aspectos básicos de AWS: El paso a la nube nativa
Aspectos básicos de la plataforma en la nube de Google
Ingeniería de confiabilidad del sitio
Hablar inglés de manera profesional
La ciencia del bienestar
Aprendiendo a aprender
Mercados financieros
Prueba de hipótesis en el área de la salud pública
Aspectos básicos del liderazgo diario

Principales especializaciones en línea

Aprendizaje profundo
Python para todos
Ciencia de Datos
Ciencias de los Datos Aplicada con Python
Aspectos básicos de los negocios
Arquitectura con Google Cloud Platform
Ingeniería de datos en la plataforma en la nube de Google
Excel para MySQL
Aprendizaje automático avanzado
Matemática aplicada al aprendizaje automático
Automóviles de auto conducción
Revolución de la cadena de bloques para la empresa
Análisis comercial
Habilidades de Excel aplicadas para los negocios
mercadeo digital
Análisis estadístico con R para el área de la salud pública
Aspectos básicos de la inmunología
Anatomía
Gestión de la innovación y del pensamiento de diseño
Aspectos básicos de la psicología positiva

Certificados en linea

Soporte de TI de Google
Especialista en compromiso con el cliente de IBM
Ciencia de datos de IBM
Administrador de proyectos aplicado
Certificado profesional de IA aplicada de IBM
Aprendizaje automático para análisis
Análisis y visualización de datos espaciales
Gestión e ingeniería de construcción
Diseño instruccional

Programas de titulación en línea

Maestría en Ciencia de Datos
Licenciatura en Ciencias de la Computación
Títulos de Ciencias de la Computación e Ingeniería
Maestría en Aprendizaje Automático
Maestría en Administración de Empresas y títulos de estudios de negocios
Maestría en Ingeniería Eléctrica
Maestría en Salud Pública
Maestría en Tecnología de la Información

Coursera

Acerca de
Liderazgo
Empleo
Catálogo
Certificados
Certificados MasterTrack™
Grados
Para Empresas
Para gobiernos
Para el campus
En respuesta al Coronavirus

Comunidad

Estudiantes
Socios
Desarrolladores
Probador beta
Traductores
Blog
Blog de Tecnología

Más

Términos
Privacidad
Ayuda
Accesibilidad
Prensa
Contacto
Directorio
Afiliados

Consíguelo en Google Play

© 2020 Coursera Inc. Todos los derechos reservados.