SCI/ICT/1269/22 Mobile Application Development Assignment 2025/2026, Exams of Computer Science

SCI/ICT/1269/22 Mobile Application Development Assignment 2025/2026 1."Material design guidelines" in mobile application development by Google and "Human interface Guidelines" by Apple.Check on the Topics:Best practices for UI /UX design and using XML in Android and SwiftUI in iOS. Then design a simple user interface using figma or sketch for a banking app Best Practices for UI/UX Design Google’s Material Design Guidelines (Android) and Apple’s Human Interface Guidelines (iOS) both focus on the following principles to ensure a cohesive and user-friendly experience: 1. Consistency • Material Design emphasizes consistency in the layout, color scheme, typography, and iconography. Consistent elements across different screens help users understand how to interact with the app.

Typology: Exams

2025/2026

Available from 06/12/2026

PROF.DICKSON-LOGAN
PROF.DICKSON-LOGAN 🇺🇸

1.7K documents

1 / 35

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
EZRA KIMATHI
SCI/ICT/1269/22
Mobile Application Development Assignment 2025/2026
1."Material design guidelines" in mobile application development by Google and
"Human interface Guidelines" by Apple.Check on the Topics:Best practices for UI
/UX design and using XML in Android and SwiftUI in iOS. Then design a simple user
interface using figma or sketch for a banking app
Best Practices for UI/UX Design
Google’s Material Design Guidelines (Android) and Apple’s Human Interface Guidelines
(iOS) both focus on the following principles to ensure a cohesive and user-friendly experience:
1. Consistency
Material Design emphasizes consistency in the layout, color scheme, typography, and
iconography. Consistent elements across different screens help users understand how to
interact with the app.
Human Interface Guidelines focus on consistent user experience through the use of
system-wide elements such as buttons, tab bars, and navigation controls. iOS apps should
follow native design patterns to provide seamless integration with iOS conventions.
2. Simplicity Material Design encourages clean, uncluttered designs that emphasize
essential content and controls.
Apple’s Human Interface Guidelines prioritize simplicity in UI, avoiding complex or
overloaded screens, and allowing for easy navigation.
3. Accessibility Both platforms emphasize the importance of designing for accessibility.
Material Design highlights color contrast and provides clear guidelines for color usage and
readable text.
Apple ensures that apps are navigable for users with disabilities, including voiceover
functionality, dynamic text sizes, and high contrast options.
4. Responsiveness Material Design encourages building layouts that adapt to different
screen sizes, using responsive grids and flexible components.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23

Partial preview of the text

Download SCI/ICT/1269/22 Mobile Application Development Assignment 2025/2026 and more Exams Computer Science in PDF only on Docsity!

EZRA KIMATHI

SCI/ICT/1269/

Mobile Application Development Assignment 2025/

1."Material design guidelines" in mobile application development by Google and

"Human interface Guidelines" by Apple.Check on the Topics:Best practices for UI

/UX design and using XML in Android and SwiftUI in iOS. Then design a simple user

interface using figma or sketch for a banking app

Best Practices for UI/UX Design

Google’s Material Design Guidelines (Android) and Apple’s Human Interface Guidelines (iOS) both focus on the following principles to ensure a cohesive and user-friendly experience:

1. Consistency - Material Design emphasizes consistency in the layout, color scheme, typography, and iconography. Consistent elements across different screens help users understand how to interact with the app. - Human Interface Guidelines focus on consistent user experience through the use of system-wide elements such as buttons, tab bars, and navigation controls. iOS apps should follow native design patterns to provide seamless integration with iOS conventions. 2. Simplicity • Material Design encourages clean, uncluttered designs that emphasize essential content and controls. - Apple’s Human Interface Guidelines prioritize simplicity in UI, avoiding complex or overloaded screens, and allowing for easy navigation. 3. Accessibility • Both platforms emphasize the importance of designing for accessibility. Material Design highlights color contrast and provides clear guidelines for color usage and readable text. - Apple ensures that apps are navigable for users with disabilities, including voiceover functionality, dynamic text sizes, and high contrast options. 4. Responsiveness • Material Design encourages building layouts that adapt to different screen sizes, using responsive grids and flexible components.

  • iOS encourages auto-layout and size classes to ensure that the UI adapts to different screen sizes, orientations, and devices (iPhone, iPad).

Using XML in Android (Material Design)

XML (Extensible Markup Language) is used to design UI elements in Android. It is used to define layouts, widgets, and styles. Here’s an example of how a simple banking app UI might be created in XML:

Using SwiftUI in iOS (Human Interface Guidelines)

SwiftUI is Apple's framework for building user interfaces across all Apple platforms. It follows Apple's Human Interface Guidelines, promoting clear and simple designs. Example SwiftUI for iOS: swift Copy code import SwiftUI struct ContentView: View { var body: some View { VStack { // Account balance title Text("Account Balance") .font(.title2) .foregroundColor(.black) .padding(.top, 50) // Account balance value Text("$1,250.00") .font(.largeTitle) .foregroundColor(.black) .padding(.top, 10) // Transfer Button Button(action: { print("Transfer initiated") }) { Text("Transfer") .font(.title) .foregroundColor(.white) .padding() .frame(maxWidth: .infinity) .background(Color.blue) .cornerRadius(10) } .padding(.top, 24)

In mobile development, there are various architectural patterns such as MVC , MVVM , and Clean Architecture , each providing a distinct way to structure the app to separate concerns and improve maintainability. Let’s break them down:

Model-View-Controller (MVC)

Structure:

  • Model : Represents the data layer and business logic. It could be a database, web service, or in-memory data.
  • View : Responsible for rendering the UI elements and handling user interactions.
  • Controller : Acts as an intermediary between the Model and the View, updating the View when data in the Model changes. Pros:
  • Simple and easy to understand.
  • Suitable for small applications or simple UIs. Cons:
  • The Controller often becomes bloated with business logic and UI handling, which can make the code harder to maintain as the app grows.
  • Difficult to test, as the View and Controller are tightly coupled. Use Case: MVC was popular in early mobile app development, particularly on platforms like iOS, but is less favored today due to its tendency to create large, monolithic controllers.

Model-View-ViewModel (MVVM)

Structure:

  • Model : Contains the data structure and business logic (like in MVC).
  • View : The UI components that display data to the user and pass user actions to the ViewModel.
  • ViewModel : This layer acts as a mediator between the View and the Model. It handles the data logic (such as fetching or updating data) and provides data to the View in a format that is easy to display. Pros:
  • Separation of Concerns : The ViewModel manages the UI logic, keeping it away from the View and the Model.
  • Data Binding : MVVM allows for automatic UI updates when the data in the ViewModel changes (especially in Android using LiveData or StateFlow ).
  • Testability : The ViewModel is independent of the UI, making it easier to write unit tests.
  • Clean UI : The View only needs to observe the data and delegate actions to the ViewModel. Cons:
  • Can be more complex to set up, especially with data binding in Android.
  • Views in MVVM can still become complex if not managed properly. Use Case: MVVM is widely used in mobile development today. In Android, it pairs well with LiveData , ViewModel , and Data Binding. In iOS, SwiftUI heavily leverages MVVM.

Clean Architecture

Structure: Clean Architecture divides the software system into distinct layers, typically as follows:

  • Entities (Core) : Represent the business logic and domain model of the application. These are independent of any external dependencies like databases or UI frameworks.
  • Use Cases (Interactors) : Contain the specific application logic. They are responsible for orchestrating the flow of data between the entities and the outer layers.
  • Interface Adapters (Presenters) : Transform the data into a format suitable for the View. This is where the ViewModel (in MVVM) or Presenter (in MVP) would sit.
  • Frameworks and Drivers (UI, Database, Network) : These are the outermost layers that interact with the app’s external dependencies (UI components, databases, or APIs). Pros:
  • Separation of Concerns : Each layer has a distinct responsibility, which makes the code more modular and easier to test.
  • Testability : Since the core business logic is isolated, it is highly testable.
  • Scalability and Flexibility : Since the system is decoupled, it is easier to scale, and different parts of the system can be swapped out with minimal changes to other parts. Cons:
  • Complexity : Implementing Clean Architecture can be difficult, especially for smaller apps. It requires careful planning and discipline.
  • Overhead : The separation of layers introduces overhead, which might not be necessary for smaller, less complex applications.
  1. ViewModel : o Responsible for handling logic such as fetching product data, adding items to the cart, and checking out. Here is the UML Diagram representing the MVVM Architecture for an e-commerce app: plaintext Copy code +---------------------+ +---------------------+ +------------- --------+ | Product |<------>| ProductModel |<------->| ProductRepository | | (Data Model) | | (Business Logic) | | (Data Source Layer)| +---------------------+ +---------------------+ +------------- --------+ +-----------------------------------------+ | ViewModel | | (Handles UI Logic and Data Binding) | +-----------------------------------------+ ^ ^ | | +---+---+ +---+---+ | Cart | | Order | | Model | | Model | +-------+ +-------+ +--------------------+ | View | | (Activity/Fragment)| +--------------------+

3.Discuss on learning SQL on SQLite. Focus on: Using SQLite and Room database

in Android and core Data framework for iOS. Then create a mobile app to store

and retrieve use profile using SQLite.

Learning SQL on SQLite: A Discussion

SQLite is a popular lightweight database engine that is widely used in mobile development. It is an embedded relational database, which means it is integrated directly into the application without requiring a separate server or complex setup. SQL (Structured Query Language) is the standard language used for interacting with relational databases, including SQLite. SQLite allows you to create, read, update, and delete (CRUD) data using SQL commands, and it supports full ACID (Atomicity, Consistency, Isolation, Durability) compliance. Using SQLite in Android (with Room Database) Android uses SQLite as the default relational database for local storage. However, direct interaction with SQLite in Android can be cumbersome and prone to errors. Therefore, Google introduced Room , an abstraction layer over SQLite, to simplify database management.

Room Database in Android

Room is part of Android's Architecture Components and provides a more powerful, flexible, and type-safe way of interacting with SQLite databases. It eliminates much of the boilerplate code associated with SQLite, offering a clear API and enhancing the development experience. Steps to Use Room in Android:

  1. Add dependencies : Add Room dependencies to the (^) build.gradle file.
  2. Define Entities : Create Java classes representing database tables.
  3. Create DAO : Define methods for CRUD operations.
  4. Database Class : Create a RoomDatabase class to access the DAO. Using SQLite in iOS (with Core Data) On iOS, Core Data is the primary framework used for data management, but it can also work with SQLite as a persistent store. Core Data is an object graph and persistence framework, providing a higher-level abstraction than directly using SQLite.

Core Data Framework

Core Data is primarily used for object-oriented data storage. It handles complex data models, relationships, and object persistence. It can use SQLite as the underlying database engine for storing data.

profile.setEmail("[email protected]"); new Thread(() - > { db.userProfileDao().insert(profile); }).start(); // Retrieve User Profile new Thread(() - > { UserProfile retrievedProfile = db.userProfileDao().getUserProfile(1); runOnUiThread(() - > { Log.d("UserProfile", "Retrieved: " + retrievedProfile.getName()); }); }).start(); } }

4. Discuss on RESTful Web APIs and focus on: Fetching and parsing JSON data and

making HTTP requests using libraries like Retrofit or Alamofire and Develop a

weather app that fetches real time data using using an open API.

RESTful Web APIs and Fetching JSON Data

RESTful Web APIs (Representational State Transfer) are a popular architectural style for building web services. REST APIs allow different software systems to communicate with each other over HTTP, and they commonly use standard HTTP methods like GET, POST, PUT, and DELETE. When interacting with a REST API, most responses are in JSON (JavaScript Object Notation), a lightweight data-interchange format that is easy for both humans and machines to read and write.

Key Concepts of RESTful Web APIs

  • Resources : The data or objects exposed by the API (e.g., users, weather data, etc.).
  • Endpoints : URLs used to interact with the resources. Each endpoint corresponds to a specific resource (e.g., (^) GET /weather to get weather data).
  • HTTP Methods : These represent actions performed on the resources: o (^) GET: Retrieve data from the server. o (^) POST: Send data to the server to create or update resources. o PUT/PATCH: Update a resource.^ o^ DELETE: Remove a resource. In mobile app development, JSON is commonly used for data interchange due to its simplicity and flexibility. Mobile apps make HTTP requests to RESTful APIs, parse the JSON responses, and display the data to the user.

Fetching and Parsing JSON Data

When developing mobile applications, developers need to make HTTP requests to fetch JSON data and parse it into usable objects. This is commonly done using libraries that simplify the process.

Libraries for Making HTTP Requests and Parsing JSON

For Android: Retrofit Retrofit is one of the most popular libraries for handling network requests in Android. It simplifies HTTP request creation, parsing JSON responses, and managing network communication. Developing a Weather App that Fetches Real-Time Data Using an Open API Step 1: Add Dependencies In your (^) build.gradle file: gradle Copy code dependencies { implementation 'com.squareup.retrofit2:retrofit:2.9.0' implementation 'com.squareup.retrofit2:converter-gson:2.9.0' } Step 2: Create the Data Model java Copy code public class WeatherResponse { @SerializedName("main") private Main main; public class Main { @SerializedName("temp") private double temperature;

5. Discuss on OWASP mobile security Testing guide and focus on: Securing user

data and authentication. And preventing vulnerabilities like SQL injection and data

leaks. Then review the security of a provided mobile app and suggest

improvements.

OWASP Mobile Security Testing Guide: Focus on Securing User Data,

Authentication, and Preventing Vulnerabilities

The OWASP Mobile Security Testing Guide (MSTG) is a comprehensive framework designed to help security professionals test the security of mobile apps. It provides detailed security testing methodologies, helping developers and security testers identify and mitigate potential security risks within mobile applications.

Key Focus Areas: Securing User Data, Authentication, Preventing Vulnerabilities

(SQL Injection & Data Leaks)

1. Securing User Data User data is one of the most sensitive assets an app can handle. In mobile applications, it is critical to ensure that user data is protected both during storage and transmission. Securing user data involves ensuring confidentiality, integrity, and availability, preventing unauthorized access or leaks. Best Practices for Securing User Data:

  • Data Encryption : Encrypt sensitive data both at rest (when stored on the device) and in transit (when transmitted over the network). AES (Advanced Encryption Standard) with a 256-bit key is commonly used for encrypting data at rest. o At Rest : Data should be encrypted before being saved in local storage, databases, or shared preferences. o In Transit : Use HTTPS (TLS/SSL) for communication between the mobile app and the server to protect data from being intercepted during transmission.
  • Key Management : Use secure key storage solutions such as Android’s Keystore or iOS’s Keychain to store encryption keys securely.
  • Use Strong Hashing : For storing passwords or other sensitive information, use secure, one-way hashing algorithms like bcrypt, scrypt, or PBKDF2 instead of storing plaintext passwords. Testing for Data Security:
  • Verify that sensitive data (e.g., passwords, personal information) is not stored in plaintext.
  • Check that encryption keys are not hard-coded or stored insecurely.
  • Test whether data is encrypted while being transmitted over the network using HTTPS (and not HTTP).
  • Evaluate if the app uses secure storage mechanisms such as Keychain or Keystore.

2. Securing Authentication Authentication is the process of verifying the identity of users and ensuring that only authorized users can access certain resources or perform specific actions. Mobile applications often deal with various types of authentication, including username/password-based, token-based (JWT), and biometric authentication (fingerprint, Face ID, etc.). Best Practices for Securing Authentication:

  • Multi-Factor Authentication (MFA) : Implement MFA to add an extra layer of security. In addition to traditional username and password, you can use one-time passwords (OTP) sent via SMS or email, or biometric authentication.
  • Session Management : Ensure that session tokens are short-lived and properly handled. Tokenbased authentication (e.g., JWT) should include secure token management practices, such as secure storage, expiry, and revocation mechanisms.
  • Strong Password Policy : Enforce strong password policies that require a combination of uppercase, lowercase, numeric, and special characters, and ensure password length meets security standards (typically 8-12 characters).
  • OAuth2 and OpenID Connect : For third-party authentication, use industry-standard protocols like OAuth2 and OpenID Connect to ensure secure, token-based authentication. Testing for Authentication Security:
  • Check that passwords are not stored in plaintext (use hashing and salting).
  • Ensure that the application uses secure authentication mechanisms like OAuth2, JWT, or session tokens.
  • Test for session hijacking by inspecting how session tokens are managed and whether they are vulnerable to interception or leakage.
  • Verify that the app implements MFA or other advanced authentication measures for critical actions. 3. Preventing Vulnerabilities: SQL Injection & Data Leaks SQL Injection SQL injection is a type of vulnerability that allows attackers to manipulate SQL queries to interact with a database in unintended ways. This is often possible when user input is directly included in SQL queries without proper sanitization or parameterization. Best Practices to Prevent SQL Injection:
  • Use Parameterized Queries : Always use parameterized queries or prepared statements to interact with databases. This ensures that user inputs are treated as data, not executable code.
  • Avoid Dynamic SQL : Avoid dynamically building SQL queries with user inputs. If dynamic queries are necessary, sanitize inputs rigorously to prevent the inclusion of malicious SQL code.
  1. Perform Dynamic Analysis : o API Testing : Test the APIs that the app interacts with, ensuring that they are secure and do not expose sensitive data or have vulnerabilities like SQL injection. o Network Traffic Monitoring : Use tools like Burp Suite or Charles Proxy to intercept and analyze the app’s network traffic. Ensure that all sensitive data is transmitted over HTTPS, and check for any unencrypted data leaks.
  2. Security Testing Tools : o Use tools like MobSF (Mobile Security Framework) for automated static and dynamic analysis of the app. o Use OWASP ZAP for automated security testing of APIs and web services.
  3. Vulnerability Assessment : o Check Authentication Mechanisms : Ensure that the app uses secure methods for authentication (OAuth, JWT) and prevents session hijacking. o Test Data Encryption : Check that sensitive data is properly encrypted both in transit and at rest. Test for any unencrypted storage of sensitive information on the device. o Evaluate Error Handling : Check that the app doesn’t expose sensitive information in error messages, logs, or crash reports.

Suggested Improvements:

  • Strengthen Authentication : Implement multi-factor authentication (MFA) to increase security during login, especially for sensitive actions like password changes or transactions.
  • Encrypt Sensitive Data : Ensure that all sensitive data, including passwords, API keys, and user information, is encrypted both in transit (using TLS) and at rest (using AES-256).
  • Use Secure APIs : Review API endpoints for proper authentication and authorization checks to ensure they do not expose sensitive data.
  • Secure Session Management : Use short-lived tokens for session management and ensure that tokens are securely stored in Keychain (iOS) or Keystore (Android). Implement token expiration and revocation mechanisms.
  • Address SQL Injection Risks : Ensure that all database queries are parameterized and that raw SQL is not used directly with user inputs.
  • Test for Data Leaks : Conduct comprehensive testing to identify any data leakage risks, particularly around sensitive user information and configuration files.

Conclusion

Securing mobile applications is critical to protect sensitive user data, ensure proper authentication, and prevent vulnerabilities like SQL injection and data leaks. Following the OWASP Mobile Security Testing Guide helps developers and security testers systematically assess and improve the security of mobile apps. By employing best practices for encryption, session management, authentication, and vulnerability testing, mobile app security can be significantly enhanced. Regular security testing, coupled with continuous monitoring and improvement, is essential to ensure mobile apps remain secure in a constantly evolving threat landscape.

4o mini

6. Read on: High-Performance Android Apps and focus on: Memory

management and app profiling and best practices for efficient coding.

Then optimize a slow-performing mobile app and measure the

improvements.

Optimizing a slow-performing mobile app involves multiple steps, from memory management to profiling and efficient coding practices. Below is a comprehensive approach to address memory management, app profiling, and best practices for optimizing a mobile app.

Memory Management

Proper memory management is crucial for optimizing Android apps. Poor memory management leads to app crashes, memory leaks, and poor performance. Key principles for effective memory management include:

  1. Avoid Memory Leaks : Memory leaks occur when objects are no longer needed but are still referenced, preventing garbage collection. Common causes include: o Static references to objects like Context or Views. o Unclosed resources like database cursors, network connections, etc. o Long-running asynchronous tasks like background threads or listeners that don't get cleaned up. Solution : o Use Weak References where appropriate (e.g., to avoid retaining views or contexts). o Ensure that resources are properly closed using try-with-resources or manually managing lifecycle (e.g., closing database connections). o Remove listeners or callbacks in onStop() or onDestroy().
  2. Use (^) Bitmap Efficiently : Large images can consume significant memory, especially when they are loaded into memory all at once. Best Practices : o Use BitmapFactory to scale down images before loading them into memory. o Use LruCache to store and reuse bitmaps efficiently. o Use libraries like Glide or Picasso that handle image caching and optimization.
  3. Optimize Object Creation : o Reuse objects instead of creating new ones, especially inside loops. o Use StringBuilder for concatenating strings rather than (^) + for repeated concatenation.
  4. Use (^) RecyclerView and (^) ViewHolder : These components help in managing memory more efficiently by reusing views and only creating views when necessary.
  1. Leverage Dependency Injection : Use frameworks like Dagger or Hilt to manage dependencies efficiently and ensure that objects are only created when needed.
  2. Avoid Overuse of Reflection : Reflection can be slow and consume additional memory.

Avoid using it in performance-critical parts of your app. Steps

to Optimize a Slow-Performing Mobile App

To optimize a slow-performing app, follow these key steps: 1. Profile the App : o Identify performance bottlenecks using Android Studio’s Profiler tools (CPU, Memory, and Network Profilers). o Measure the app's frame rate and response time to identify areas of UI lag.

Identify Memory Leaks and Optimize Memory Usage : o Use the Memory Profiler to track memory usage over time and identify any objects that are not being garbage collected. o Look for large objects being loaded into memory unnecessarily (e.g., large Bitmaps or large data sets) and optimize them. o Ensure proper cleanup of resources (listeners, callbacks, database cursors, etc.) to prevent memory leaks.

  1. Optimize Network Requests : o Use OkHttp or Retrofit to manage API calls efficiently and minimize unnecessary network requests. o Reduce network latency by optimizing API endpoints and compressing data when possible. o Cache responses where appropriate using libraries like Room or Retrofit caching.
  2. Optimize UI : o Remove unnecessary UI updates and re-renders. o Use RecyclerView with view holders to handle lists efficiently. o Avoid complex layouts that require too much processing.
  3. Test on Real Devices : Profiling on an emulator can give you some insight, but testing on real devices under actual usage conditions is essential to observe performance differences, especially for memory management and network behavior.
  4. Refactor Inefficient Code : o Refactor areas of the code where objects are being created excessively. o Replace complex loops or nested calls with optimized algorithms or data structures.
  5. Re-profile After Changes : After implementing optimizations, re-profile the app to measure improvements. Compare memory usage, CPU utilization, and frame rate before and after changes.

7. Read on: Flutter for Beginners and focus on: Using Flutter and Dart for

cross-platform development and Code-sharing and platform-specific

customization. Then Build a to-do list app using Flutter.

Using Flutter and Dart for Cross-Platform Development

Flutter is a powerful open-source UI toolkit developed by Google, enabling developers to build natively compiled applications for mobile, web, and desktop from a single codebase. Dart is the programming language used in Flutter, designed for ease of use and performance, particularly in mobile and UI-heavy applications. Advantages of Flutter for Cross-Platform Development: