Mobile is forcing enterprises to make information assets available to app developers in a consistent, easily consumable, mobile-optimized manner. However, mobile also introduces special security and management challenges that complicate app development and app governance in BYOD scenarios. These slides are from a Webinar, featuring Forrester Research Mobile Analyst Jeff Hammond, Eli Lilly Mobile Architect Tom Nienhaus and Layer 7 VP of Products Phil Walston, will examine some of these challenges and introduce how specialized backend mobile middleware can be used to make enterprise apps mobile-ready in a way that is secure and manageable.
2. Drilling Deeper Into the Service Façade …
Key Areas to Address:
• Identity
• Security
• Adaptation
• Optimization
• Integration
3. Identity – Extend Enterprise Identity to Mobile Apps
• Map SSO & SAML
identity to mobile-
friendly tokens
• Create user, app and
device-based access
policies
• Act on
geolocation, messag
e content or
networking attributes
• Simplify provisioning
of certificates
4. Security – Mobile Application Firewalling
• Protect APIs against
DoS and Web App-
specific exploits
• Proxy streaming
protocols like
HTML5, WebSockets
and XMPP
• Enforce privacy and
integrity through
strong crypto
• Validate and filter
message data and
headers
5. Adaptation – Translate and Orchestrate Data & APIs
• Surface legacy
applications / data as
RESTful APIs
• Quickly map
between data
formats
• Recompose and
virtualize APIs to
specific apps and
devices
• Orchestrate API
<?xml version="1.0"
encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://..
<soapenv:Header>
<?xml version="1.0"
encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://..
<soapenv:Header>
mashups into new
APIs
… …
</soapenv:Header> </soapenv:Header>
<soapenv:Body> <soapenv:Body>
… …
</soapenv:Body> </soapenv:Body>
</soapenv:Envelope> </soapenv:Envelope>
6. Optimization – Scale to Deliver The Right User Experience
• Cache calls to / from
backend systems
• Compress data to
help manage
bandwidth and
latencies
• Aggregate calls for
better mobile
experience
• Pre-fetch content for
hypermedia-based
APIs
7. Integration – Centralize Cloud Connectivity
• Proxy app
interactions with
social networks
• Broker calls to/from
Cloud services like
Salesforce.com
• Bridge connectivity to
device-specific
mobile notification
services
• Integrate with legacy
applications
8. SecureSpan Mobile Access Gateway
Identity Integration
Proxy and manage app
Map SSO to OAuth, OpenID interactions to social networks
Connect & JSON Web tokens Available as both hardware and Broker call-outs to Cloud
Create access policies at virtual appliance services like Salesforce.com
user, app and device level
Bridge connectivity to
Act on geolocation, content, or iPhone, Android and Windows
networking attributes notification services
Simplify PKI-based certificate Integrate with legacy apps
delivery and provisioning using ESB-like capabilities
Security Optimization
Intelligently cache calls to
Protect APIs from DoS and backend applications
REST, SOAP & JSON-specific
attacks Recompose small backend
calls into aggregated mobile
Proxy streaming protocols like requests
WebSockets and XMPP
Compress data to reduce
Enforce FIPS-level privacy Adaptation bandwidth costs and improve
and integrity user experience
Validate all data: Surface any legacy app or Pre-fetch content for
JSON, XML, headers & database as RESTful API hypermedia-based API calls
parameters
High speed format mapping
between XML, JSON, …
Recompose and virtualize APIs
to suit target app or device
Ochestrate mashups of multiple
APIs, DB callouts, etc.
9. Mobile Access Gateway + Layer 7 API Portal
Developer Management
Developer onboarding and API
Identity key issuance Integration
API registration, publication and
documentation Proxy and manage app
Map SSO to OAuth, OpenID Account management and interactions to social networks
Connect & JSON Web tokens subscription monetization Broker call-outs to Cloud
Create access policies at Detailed API monitoring and services like Salesforce.com
user, app and device level analytics Bridge connectivity to
Act on geolocation, content, or iPhone, Android and Windows
networking attributes notification services
Simplify PKI-based certificate Integrate with legacy apps
delivery and provisioning using ESB-like capabilities
Security Optimization
Intelligently cache calls to
Protect APIs from DoS and backend applications
REST, SOAP & JSON-specific
attacks Recompose small backend
calls into aggregated mobile
Proxy streaming protocols like requests
WebSockets and XMPP
Compress data to reduce
Enforce FIPS-level privacy Adaptation bandwidth costs and improve
and integrity user experience
Validate all data: Surface any legacy app or Pre-fetch content for
JSON, XML, headers & database as RESTful API hypermedia-based API calls
parameters
High speed format mapping
between XML, JSON, …
Recompose and virtualize APIs
to suit target app or device
Ochestrate mashups of multiple
APIs, DB callouts, etc.
10. The Mobile Shift Creates Multi-Channel Reality
• Mobile is the biggest shock since the introduction of
the PC
• Context creates new opportunities to engage
• Define your 360° experiences from the customer out
• Mobile + APIs + Cloud = your next gen architecture
• You must get faster, and more flexible, MBaaS can
help