Programming Cloud Services for Android Handheld Systems: Security

Programming Cloud Services for Android Handheld Systems: Security

课程
en
英语
40 时
此内容评级为 4.5/5
来源
  • 来自www.coursera.org
状况
  • 自定进度
  • 免费获取
更多信息
  • 5 序列
  • 等级 介绍

Their employees are learning daily with Edflex

  • Safran
  • Air France
  • TotalEnergies
  • Generali
Learn more

课程详情

教学大纲

This MOOC describes, by example, the basics of securing mobile applications and back-end cloud services. The class is taught in the context of Java, Android, and the

. Although the cloud service topics in this course will be taught in the context of connecting mobile devices to the cloud, the concepts are broader and will give students the ability to create the cloud services to support large-scale web applications, such as social networking applications; cloud services for embedded systems, such as the Internet of Things and Industrial Internet; and wearable computing devices.

The course is organized into the sections outlined below (additional lectures may be provided live once the MOOC has begun):

  • Module 1: Android App Security and Risks

    • Part 1: Traditional App Accounts
    • Part 2: Mobile vs. Traditional App Accounts
    • Part 3: App Account Mapping to Linux Users
    • Part 4: Apps Lie & Steal
    • Part 5: How Android Protects Apps
    • Part 6: What Android Doesn't Protect
    • Part 7: Avoid Storing Sensitive Data in Public Locations
    • Part 8: Risks of Insecure File Permissions
  • Module 2: Building More Secure Android Apps
    • Part 0: The Challenge of Secure Coding
    • Part 1: Security Vulnerability Walkthrough
    • Part 2: Principles of Secure Abstractions
    • Part 3: Avoid Coupling Data & Security State
    • Part 4: Build Abstractions that are Hard to Use Insecurely
    • Part 5: Bound & Strongly Type Security State
    • Part 6: Avoid Conditional Logic in Secure Pathways
    • Part 7: Prevent Secure Pathways from Being Broken at Runtime
    • Part 8: Privilege Escalation Concepts
    • Part 9: Privilege Escalation Scenario
    • Part 10: Privilege Escalation Code Walkthrough
    • Part 11: Privilege Escalation Fixes
    • Part 12: User Interface Attacks
    • Part 13: Cross-platform User Interface Attacks
  • Module 3: Secure HTTP Communication
    • Part 1: Man in the Middle Attacks Public Key Infrastructure
    • Part 2: HTTPS
    • Part 3: Challenges of Storing Secrets on Mobile
    • Part 4: WebView Security Issues & Best Practices
  • Module 4: What was I Saying: Keeping Track of Sessions
    • Part 1: Sessions
    • Part 2: Spring Security Overview
    • Part 3: Spring Security Configuration in Java
    • Part 4: Building a Custom UserDetailsService
    • Part 5: Setting up a custom UserDetailsService
    • Part 6: The Principal
    • Part 7: Spring Security Role Annotations
    • Part 8: More Complex Expression-based Pre Post Authorize Annotations
    • Part 9: Spring Security Controller Code Walkthrough
    • Part 10: Spring Security Controller Test Code Walkthrough
  • Module 5: Authenticating Mobile Clients with OAuth
    • Part 1: Stateful Sessions with Cookies Why They Aren't Ideal for Mobile
    • Part 2: Stateless Sessions with Tokens
    • Part 3: OAuth 2.0
    • Part 4: Spring Security OAuth 2.0
    • Part 5: A Spring OAuth 2.0 Secured Service
    • Part 6: A Retrofit Oauth 2.0 Client for Password Grants

    先决条件

    没有。

    讲师

    • C. White - Electrical Engineering and Computer Science
    • - Electrical Engineering and Computer Science

    编辑

    Vanderbilt University, located in Nashville, Tenn., is a private research university and medical center offering a full-range of undergraduate, graduate and professional degrees.

    平台

    Coursera是一家数字公司,提供由位于加利福尼亚州山景城的计算机教师Andrew Ng和达芙妮科勒斯坦福大学创建的大型开放式在线课程。

    Coursera与顶尖大学和组织合作,在线提供一些课程,并提供许多科目的课程,包括:物理,工程,人文,医学,生物学,社会科学,数学,商业,计算机科学,数字营销,数据科学 和其他科目。

    完成这个资源,写一篇评论