Reference no: EM132722981
CI7160 Mobile Security
Part A (Secure Mobile App Design, Implementation and Testing)
SYNOPSIS
In this assignment you need to create a secure mobile application (‘app') based on the Android platform, and to demonstrate and explain its functionality and security features. For achieving a top grade, an awareness of appropriate software development methodologies and evidence of testing (including that of security features) needs to be demonstrated.
Secure Mobile App
You can create any type of mobile Android application you wish, or you can use the code from one of the workshops, or select an existing Open Source project and extend that to add further functionality This needs to involve at least one wireless communication functionality, and a substantial security feature in your app by either expanding on the ideas given in the workshops, or by implementing your own approach. You are advised to discuss your idea with the module leader before you start work on it.
You may use code from other libraries and APIs (including cryptographic libraries), but if you do you must clearly indicate what code you have written yourself and all code you have taken from elsewhere, otherwise you may be found guilty of plagiarism. Please note that you need to acknowledge and reference the sources of any code you might use that you have not written.
Software Demonstration
At the software demonstration you will be expected to demonstrate the functionality of your app, explain your security testing methodologies and results obtained, explain the code you have written, and answer questions about it.
Part B (Secure Mobile App Functional Specification and Report)
SYNOPSIS
The aim of this coursework is to write a technical note containing a description of the functionality of the secure app of Coursework Part A that you have implemented, including a presentation and analysis of its security features, and a brief review of the technology underlying its mobile communication mechanisms and protocols.
The description of the functionality would be similar to a functional specification and will include basic documentation, screenshots, and any known issues or limitations.
The presentation and analysis of the security features of your app needs to justify the strengths of the security that your implementation may have, by explaining the secure design, coding and testing methodology that you have undertaken when developing your app. It also needs to identify potential weaknesses based on the knowledge you have acquired on overarching principles underpinning mobile security.
The review of the technology needs to put the specific, implemented mechanisms into the broader picture of the wireless principles and protocols that were explained in the lectures.
REPORT STRUCTURE
Overall, the report should contain 12 pages maximum, using Arial font size 11pt. Please include title, your name and k-number as well as an abstract on the first page. The breakdown of the remaining pages is as follows:
• Description of the functionality of the app including basic documentation and screenshots and known issues or limitations (5 pages max).
• Discussion of security aspects of the mobile app such as implemented features, limitations, or possible enhancements (6 pages max).
• Review of relevant wireless technology used in your app for communication (1 page max)
Part C (Mobile Security Report)
This coursework allows you to extend your knowledge and understanding of a particular security-related topic presented during the taught component of the module.
This coursework assessment will count for 60% of the overall marks for the module.
SYNOPSIS
The overall aim of this coursework is to write a technical paper on the application of principle of mobile security techniques to a well-defined area within the area of mobile computing domain, including a case study. This will also comprise a discussion of social and ethical issues in your chosen mobile application.
For suitable security techniques, you may select techniques presented during the lecture (e.g. security assessment, key management protocols or cryptographic techniques) or choose a technique of your choice provided you have it approved by the coursework setter.
The following areas of mobile security can be used as application mobile domains: mobile ad-hoc networking, mobile health, mobile cloud, mobile banking, mobile learning or mobile social networking. You may choose a different area, but please consult with the module teaching team in order to assess its suitability.
The case study must present either an existing research prototype, commercial system or your own original idea.
The application domain should not be based on a case study, involving a real organisation, without the written permission from a senior person within the organisation and this written permission must be appended to the report. If you are using a real organisation, make sure you are not including any confidential information in your coursework report and contact the module leader to arrange additional precaution measures.
Your discussion of social and ethical issues should identify one pertinent aspect that may be seen as a security or privacy-related threat in the application area, illustrate its relevance for the case study, and suggest some ideas for its mitigation.
REPORT STRUCTURE
The report must contain a title, abstract, key terms, introduction section, main body and a conclusion. In addition to this, full references are required as are captions for all illustrations and tables. You should include your affiliations with the report, i.e. your name, School and University, MSc course and K-number. The IEEE conference Microsoft Word template can be found online and is also available on Canvas for this report and must be followed.
The abstract should summarize the scope of the paper in no more than 150 words. The report must be 4 pages (this is approximately 3000 words in length, using the 2-column IEEE format and font size prescribed by the template).
Please pay attention to the marking scheme as a further guidance for content that you should include in the main body of the report.
References should take the following form: full list of authors (i.e. not ‘et al.'), title of paper/book, title of journal (publisher if a book), year of publication, volume number and first and last page numbers. If you are using a Web reference, the full URL must be included along with the date of access. The referencing should be done using the Vancouver referencing style
Remember that this is to be a technical report, so make sure the contents are presented in a format suitable for publication in a technical conference or journal.
Attachment:- Coursework C.rar