MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.

I'm not curious

Programming Cloud Services for Android Handheld Systems Security

Course Summary

This course introduces students to basic issues in mobile cloud security, malware, and secure client/server communication. Students will learn about security risks in Android and cloud services, threat mitigation strategies, secure coding practices, and tools for managing security of devices.

  • +

    Course Syllabus

    The course is organized into the sections outlined below.

    • Module 1: Android App Security and Risks
      • Part 1: Traditional App Accounts
      • Part 2: Mobile vs. Traditional App Accounts
      • Part 3: App Account Mapping to Linux Users
      • Part 4: Apps Lie & Steal
      • Part 5: How Android Protects Apps
      • Part 6: What Android Doesn't Protect
      • Part 7: Avoid Storing Sensitive Data in Public Locations
      • Part 8: Risks of Insecure File Permissions
    • Module 2: Building More Secure Android Apps
      • Part 0: The Challenge of Secure Coding
      • Part 1: Security Vulnerability Walkthrough
      • Part 2: Principles of Secure Abstractions
      • Part 3: Avoid Coupling Data & Security State
      • Part 4: Build Abstractions that are Hard to Use Insecurely
      • Part 5: Bound & Strongly Type Security State
      • Part 6: Avoid Conditional Logic in Secure Pathways
      • Part 7: Prevent Secure Pathways from Being Broken at Runtime
      • Part 8: Privilege Escalation Concepts
      • Part 9: Privilege Escalation Scenario
      • Part 10: Privilege Escalation Code Walkthrough
      • Part 11: Privilege Escalation Fixes
      • Part 12: User Interface Attacks
      • Part 13: Cross-platform User Interface Attacks
    • Module 3: Secure HTTP Communication
      • Part 1: Man in the Middle Attacks Public Key Infrastructure
      • Part 2: HTTPS
      • Part 3: Challenges of Storing Secrets on Mobile
      • Part 4: WebView Security Issues & Best Practices
    • Module 4: What was I Saying: Keeping Track of Sessions
      • Part 1: Sessions
      • Part 2: Spring Security Overview
      • Part 3: Spring Security Configuration in Java
      • Part 4: Building a Custom UserDetailsService
      • Part 5: Setting up a custom UserDetailsService
      • Part 6: The Principal
      • Part 7: Spring Security Role Annotations
      • Part 8: More Complex Expression-based Pre Post Authorize Annotations
      • Part 9: Spring Security Controller Code Walkthrough
      • Part 10: Spring Security Controller Test Code Walkthrough
    • Module 5: Authenticating Mobile Clients with OAuth
      • Part 1: Stateful Sessions with Cookies Why They Aren't Ideal for Mobile
      • Part 2: Stateless Sessions with Tokens
      • Part 3: OAuth 2.0
      • Part 4: Spring Security OAuth 2.0
      • Part 5: A Spring OAuth 2.0 Secured Service
      • Part 6: A Retrofit Oauth 2.0 Client for Password Grants

  • +

    Recommended Background

    Ideally, students who take this course will be familiar with general object-oriented design and programming concepts (such as encapsulation, abstraction, polymorphism, extensibility ), fundamental Java object-oriented programming language features (such as classes, inheritance, interfaces, and generics available in Java, basic systems programming concepts (such as event handling, processes/threads, synchronization), and networking terminology (such as client/server and peer-to-peer architectures).  

  • +

    Course Format

    The class will consist of lecture videos designed to ensure you understand the material covered in the videos. Students in this track will also complete auto-/peer-graded programming assignments. The programming assignments will involve fixing security vulnerabilities in Android apps or writing cloud services using popular software frameworks written in Java, such as Spring Framework. 

  • +

    Suggested Reading

    Although the lectures are designed to be largely self-contained, it's recommended (but not required) that students refer to the following books:

    • Martin Fowler, Refactoring: Improving the Design of Existing Code, Addison-Wesley Professional, 1999.
    • Goetz et al., Java Concurrency in Practice, Addison-Wesley, 2006.
    • Doug Lea, Concurrent Programming in Java, Prentice Hall, 1999.
    • Gamma et at., Design Patterns: Elements of Reusable Object-Oriented Software, Addison-Wesley, Reading, MA, 1995..
    • Schmidt et al., Pattern-Oriented Software Architecture, Vol 2: Patterns for Concurrent and Networked Objects, Wiley and Sons, 2000.
    • Buschmann et al., Pattern-Oriented Software Architecture:, Vol 4: A Pattern Language for Distributed Computing, Wiley and Sons, 2007.
    • Buschmann et al., Pattern-Oriented Software Architecture, Vol 5 On Patterns and Pattern Langauges, Wiley and Sons, 2007.

    Much of this material is available online.

Course Fee:

Course Type:


Course Status:



1 - 4 hours / week

Attended this course?

Back to Top

Awards & Accolades for MyTechLogy
Winner of
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top