Presentation by Donna Burke ( http://exadel.com ) at the Wolters Kluwer Tech Conference 2013 on July 23, 2013 in Minneapolis
Referenced in article: http://blog.exadel.com/exadel-at-the-wolters-kluwer-tech-conference-2013/
3. Agenda
Session Objectives
Introduction
Enterprise Mobile situational analysis
Mobile Strategy
Challenges in mobile development
- Some approaches for discussion
Wolters Kluwer mobile success stories
Lessons learned
Closing
3
4. Session Objectives
Explore how mobile is impacting enterprise business
Discuss “lessons learned” and how to avoid pitfalls
Identify key aspects for your mobile strategy
Understand approach for securing HTML5 apps
Discuss alternative for secure document handling
4
5. Donna Burke
Vice President
Exadel
Donna is responsible for Exadel’s Professional Services
engagements and insuring that Exadel’s value to
stakeholders is realized in each and every
engagement. Donna has strategic insight from her
roles ranging from Product Management Director of
Ericsson Global Network Management products to the
founding of LEC Information Systems, a professional
services firm providing unique set of skills for
telecom and hi-tech companies.
Presenter
5
6. Exadel
A global software engineering
company that provides
services, technology
innovations, and solutions to
businesses worldwide with a focus
on
Enterprise Mobile Enablement.
From Strategy to Delivery
6
8. 8
Exadel Global Presence
8
Headquarters Delivery CenterSales Office
Donetsk, Ukraine
Kharkov, Ukraine
Munich, Germany
Yekaterinburg, Russia
Chelyabinsk, Russia
Moscow, Russia
Vitebsk, Belarus
Minsk, Belarus
Chicago, IL
New York, NY
Walnut Creek, CA
10. Why Mobile?
1.1 billion smartphones in the world
At the height of Internet bubble, there were only 28
million broadband users 10
11. The Future: Mobile, Social, and Collaborative..
Growing demand to use the latest technology
Increasing trend towards "bring your own device"
Clients expect a mobile experience (smart phones,
By 2013, 80% of businesses will support a workforce
using tablets for anytime, anywhere service. *
By 2014, 90% of organizations will support corporate
applications on personal devices. *
Online/mobile/social is creating new opportunities to
enrich interactions
*Forrester
11
15. What is your mobile strategy?
One size does not fit all
Native, hybrid or mobile web – depends on use case
- Native costs are much higher
- Hybrid (HTML5) security
- Mobile web extends reach to more devices
Platforms
- iOS, Android, Windows
- Devices – Phone or tablet
Backend support
Security
Distribution Approach
15
16. Challenges in Mobile App development
Ease of use of mobile phones and tablets creates
impression of simplicity
Platform & Technology fragmentation
“Consumer” expectations are high
Time to market pressure “to be in the game”
Integration with existing systems
HTML5 security
Secure document handling
16
17. Integration Challenges
Not all Enterprise back-ends are mobile ready
Re-use of corporate assets is mandatory
- Changing systems is not realistic
Securely exposing Enterprise assets via REST
Expensive, time consuming and tedious work
Ongoing support and maintenance
17
18. Integration approach for mobile age
18
Any client device:
- Desktop
- Laptop
- Tablet
- Phone
- …
Corporate
Firewall
REST request (Post, Get, …)
REST response (JSON or XML)
SOAP Server
DB
Server
RestXpress:
Creates SOAP request and
invokes Web Service
Parses SOAP response and
converts it to JSON or XML
RestXpress:
Sends SQL statement to DB
Parses returned dataset and
converts it to JSON or XML
19. Security Challenges – HTML5 (hybrid) apps
Hybrid apps are the best way to write once run
anywhere.
Generic hybrid app is exposed to all sorts of security
threats. Namely code, data at rest/transit.
There is currently no generic or platform specific
solution on the market.
HTML5 app source code (HTML5, JS, CSS) is not secure
Web browser content and data storage not secure.
19
20. Approach for Secure HTML5 Apps
20
Server
REST API
Business Logic
Cordova Native Libraries
HTML5 Cache
Cookies Cache
HTML5 Local Storage
HTML5 Local Session
Web View Secure Server
Authentication
Authorization
HTML5 Apps Repository
HTML5 App
Secure Cache
HTML5 App
HTML JS
Cordova.js
CSS
HTTPS /
SSL
Channel
HTTPS / SSL Channel
Web SQL Database
Proxy Service
21. Security Challenges – Secure Document handling
21
Wolters Kluwer Demo
• Develop additional security framework for iOS as
extension creating security for web cache & cookie files
on iOS devices.
• Store any document in the security storage to access it
in offline mode.
• Security storage utilizes AES-256 CBC encryption on
1024 bytes long pages for web cache (and 4096 bytes
long pages for files)
• This security framework can be used with any hybrid
application based on iOS.
• Web sources will be on the private web server and use
client authentication.
30. Lessons Learned
Assemble small, focused development teams
Favor simple development tools over complex ALM
processes
Adapt Agile principles to the realities of mobile
development
Balance release speed with a focus on quality.
Prioritize gathering user feedback and forming a rapid
response to it
30
31. How we can partner
Strategic Vision
Provide Technology Innovation
Professional Consulting
Practical Implementation and best practices
Augment your team’s resources
31
32. The Exadel Difference
Red Hat….
Client centric approach
Efficient, proven development processes
Top notch talent
Forward looking Innovation
Budget friendly
Uncompromised high standards
Financially successful, proven management
Complete Services Portfolio
- Full product life-cycle coverage
32
From voice, texting, and emailprovide instant access to information, from weather to stock quotes to location-based services, videos, and social media. Higher network speeds, more advanced devices, high quality user experience driving adoption
Someone said “mobile in the enterprise is like Crack, can’t get enough”
device users generate more transactionsTablets: 87 Million 10” Tablet users by 2013 YE7” table use is not clear yetBackend vs frontend: More focus to frontend – power is driven by the backend Use tools like RESTXpress to simplify and streamline
RESTXPressSecure Document
The app runs out of secured cache inside proprietary developed container.Entire web data content runs inside proprietary developed container.Secure server serves as a proxy for entire app calls as well as the app repository.Secure server will support multiple appsMinimum effort required in order to secure existing hybrid apps.
Application is running after authorization (username and password should be provided to open security storage)User can browse any previously viewed documents
Wolkters Kluwer NLValue add to customer at no additional cost
Application DevelopmentEnd-to-end integrationCustom application developmentMobile Center of ExcellenceCloud ImplementationTesting Test Automation Test ExecutionPerformance Benchmarking and Analysis