08448380779 Call Girls In Civil Lines Women Seeking Men
Cloud & The Mobile Stack
1. Cloud & The Mobile Stack
How to Mesh Mobile Devices and Applications with
Current Systems
Subbu Ramanathan
Presented at CAMP-IT Conference, Chicago, IL
October 18, 2012
2. Objective
To provide a high level understanding of effective
strategies for architecting enterprise mobile solutions
possibly utilizing cloud technology
3. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
4. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
5. Smartphone Marketplace
Share of Smartphone subscribers
60.00%
50.00%
40.00%
30.00%
20.00%
10.00%
0.00%
Google Apple RIM Microsoft Other
Source: comScore Reports – May 2012
7. Mobile Content Usage
Three month avg. ending Feb-12
Three month avg. ending May-12
51.50%
51.00%
50.50%
50.00%
49.50%
49.00%
48.50%
48.00%
Used downloaded apps Used browser
Source: comScore Reports – May 2012
8. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
9. Goals
What can this new channel do for us?
∗ Reach the largest possible audience
∗ Improve the experience of existing customers
10. Understand your audience
∗ Determine their interest
∗ Research
∗ Buy
∗ Social connection
∗ Other?
∗ Validate customer behavior
∗ Analytics
∗ A/B tests
∗ Assess their preferred experience
12. Mobile Application
An application designed & developed to run on a specific
mobile platform
∗ Saturated space
∗ More than 500,000 apps in Apple AppStore & Android
Marketplace
∗ Effort to consume
∗ Native functionality
∗ Offline capabilities
∗ Ideal for frequent need for mobile context
13. Hybrid Application
An application designed & developed to run on a specific
mobile platform to render HTML pages
∗ Effort to consume
∗ Native functionality with effort
∗ Offline capabilities
∗ Typically less value added over mobile web site option
14. Mobile website
A website designed & developed to run on mobile platforms
∗ Low effort to consume
∗ Less offline capabilities
∗ No/less native functionality
∗ Mobile First
∗ Approach optimized to target the growing market
∗ Bring focus to important data and actions
∗ Extends solution capabilities
∗ Responsive design
∗ Multichannel delivery
∗ Websites that are adaptive to the rendering media
15. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
16. Elements of a Mobile Stack
∗ Target platform(s)
∗ Client architecture
∗ Server side architecture
∗ Client to server access protocols
∗ JSON, BSON, SOAP, REST, HTTP(S), RTMP
17. Mobile Website Frameworks
∗ Basic frameworks
∗ UI components and widget library
∗ Custom events to detect mobile actions
∗ Local storage and caching
∗ Stylesheets for native look
∗ Multi-device browser support
∗ Abstract layer for client-server communication
∗ Some tools: jQuery Mobile, M-Project, Sencha touch,
SproutCore
∗ UI MVC frameworks for Improved Modularity
∗ Some tools: Backbone.js
18. For Richer Mobile Websites
∗ Native device access
∗ Some tools: Phonegap, Mosync
∗ Templates to make your site fluid
∗ Some tools: Mobile boilerplate, 1140 Grid, Skeleton
19. Mobile App Client Stack
∗ Native
∗ Platform specific effort
∗ Best native experience
∗ Tools: Objective-C , Xcode, iOS SDK(iOS), Java, Android SDK
(Android), C#/VB, Silverlight (Windows Phone)
∗ Cross platform App Generators
∗ Efficient
∗ Possibly some less functional native functionality
∗ Vendor dependency & vendor stability
∗ Some Tools: Appcelerator, Rho Mobile, Xamarin
20. Server side Stack
∗ Very similar to regular web application
∗ Service oriented middleware
∗ Content Management System (CMS)
∗ Database Management System (DBMS)
∗ Enterprise directory for authentication
∗ Native application additions
∗ Data synchronization
21. Mobile Data Management
∗ Fetch data from server as needed and send updates
when work is completed
∗ Pros – No local storage
∗ Cons – Availability and latency
∗ Store data locally
∗ Pros – Availability and performance
∗ Cons – Device horsepower and consistency
22. Mobile Data Storage
∗ Mobile database requirements
∗ Power optimization
∗ Better memory management
∗ Small footprint
∗ Cross-platform or specific OS
∗ ACID (atomicity, consistency, isolation, durability)
∗ Some tools: SQLite, HanDBase, SQLAnywhere Ultralite
∗ For mobile websites: HTML5 Local Storage,
IndexedDB (not currently supported by all browsers)
23. Rule of Three by Gartner
∗ Support three or more mobile applications?
∗ Support three or more mobile OS?
∗ Integrate with three or more back-end data sources?
Consider using a
Mobile Enterprise Application Platform
(MEAP)
24. MEAP
∗ MEAP is the entire mobile stack provided by a vendor
∗ Design
∗ Build
∗ Integrate
∗ Publish
∗ Run
∗ Manage
∗ Analyze
∗ Tools
∗ Sybase, Antenna, Syclos, Rhomobile, Verivo, BrightXpress
25. MEAP – Pros and Cons
∗ Pros
∗ Extensive development background on particular
programming language not required
∗ Ease of development
∗ Con
∗ Extensive development background on particular
programming language not required
∗ Vendor dependent
26. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
27. Typical Web Application Architecture
Client
Browser
Web Server
External Interfaces
Browser Interfaces
(HTML/JSP/ASPX) Web services Interfaces
Security
Business Logic Services
Server
Domain Model
Persistence
DBMS Dir. Server
Application User
Data Directory
28. Simple Mobile Web Site
Client
Mobile Browser Browser
Web Server
External Interfaces
Browser Interfaces
Mobile CSS Web services Interfaces
(HTML/JSP/ASPX)
Security
Business Logic Services
Server
Domain Model
Persistence
DBMS Pro Less time to market Dir. Server
Con
Application • Suboptimal user experience User
Data • Same amount of data transfer Directory
leads to poor performance
• Limited offline functionality
29. Optimized Mobile Web Site
Client
Mobile Browser Browser Local Storage
Web Server
External Interfaces
Browser Interfaces Mobile Browser
(HTML/JSP/ASPX) Interfaces (HTML 5) Web services Interfaces
Security
Business Logic Services
Server
Domain Model
Persistence
DBMS Dir. Server
Pro Better user experience
Application Con User
Data • Solution biased by existing Directory
web site
30. Mobile App
Client
Mobile App Browser Local Storage
Web Server
External Interfaces
Browser Interfaces
(HTML/JSP/ASPX) Web services Interfaces
Security
Business Logic Services
Server
Domain Model
Persistence
DBMS Dir. Server
Pro Native user experience
Application Con User
Data • Initial time and cost Directory
• Long term maintenance cost
31. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
32. Forecast
∗ Market for cloud based mobile apps
expected to grow 88% form 2009 – 2014
[ Juniper Research ]
∗ More than 240 million business
customers will access cloud computing
services via mobile devices by 2015
[ ABI Research ]
33. Cloud Advantages For Mobile
∗ Cloud has storage
∗ Cloud provides processing power
∗ Cloud allows extension
34. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
40. Mobile Notification Services
∗ Mobile apps include remote data provider web service for
updated information delivery
∗ Notifications are pushed using target specific protocols
∗ Apple Push Notification Service (APNS)
∗ Cloud to Device Messaging Framework (C2DM)
∗ Microsoft Push Notification Service (MPNS)
∗ Device Agnostic - Common Push Notification Service (CPNS)
∗ “Push” preserves battery life, bandwidth and improves
user experience
41. Microsoft Push Notification
Workflow
Data to App
Return URI
App Push client
Open push channel
Send URI Send push
to server data to client
Your Send push data to URI Push
Event service service
(on cloud) (MPNS)
43. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
45. Design Guidelines
∗ Define optimized core building blocks
∗ Identify core user stories for focused optimization
∗ Speed up perception
46. Design Guidelines - 2
∗ Smart loading
∗ HTTP Pipelining
∗ Background loading through asynchronous transfer
∗ Local caching
∗ Mobile RDBMS: SQLite, Sybase SQL Anywhere
∗ Content Delivery Network (CDN)
∗ Akamai, Edgecast, Limelight, Amazon Cloudfront
47. Design Guidelines - 3
∗ Compression
∗ REST with JSON
∗ Images sized appropriately for device
∗ HTTP compression (if you have a web server)
∗ Web content optimization for mobile web
∗ Intercept and optimize web content
∗ Based on performance rules such as Google PageSpeed
∗ Tools: Stingray Aptimizer, Blaze FEO
49. Agenda
∗ The Mobile Marketplace
∗ Defining a Mobile Strategy
∗ Elements of a Mobile Stack
∗ Mobile Solutions Using Existing Architecture
∗ Cloud Advantages for Mobile Solutions
∗ How to Leverage the Cloud for Mobile Delivery
∗ Increasing Robustness on Wireless Platforms
∗ Improving Security of Mobile Solutions
50. Risk
∗ Mobile devices can be lost/stolen easily
∗ They can store data
∗ They can connect to servers
∗ Users are less aware of risks
52. Mobile Security Threats
∗ Device based attacks
∗ Personal info stolen from device
∗ Malicious software allows visibility to user transactions
∗ Network based attacks
∗ Sensitive info stolen while in transmission
∗ Server based attacks
∗ Authentication, SQL injection, Cross-site scripting…
∗ (Consider a picture like – Anatomy of a Mobile Attack)
53. Securing Mobile Client
∗ Avoid local storage of sensitive data
∗ Implement secure storage when local storage needed
∗ Discard sensitive data in RAM, as soon as possible
∗ Avoid crash logs
∗ Fully validate SSL/TLS
∗ Implement local session timeout
∗ Use tokens instead of account numbers on client
∗ Obfuscate binaries to complicate reverse engineering
∗ Address Space Layout Randomization (ASLR)
54. Securing Mobile Client - 2
∗ Disable copy/paste of sensitive data
∗ Avoid using device provided identifier to identify user
∗ Create your own device id at installation/activation
∗ Build in tamper detection & handling
∗ Protect application settings – in encrypted files/code
55. Securing Server Components
∗ Eliminate all HTTP traffic to secure server component
∗ Client side validation to enforce SSL
∗ Certificate pinning
∗ Implement server side validation of client input
∗ Prevent framing & clickjacking
∗ Protect against CSRF using form tokens
56. Takeaway
∗ Understand your target and define your strategy
∗ Take stock and determine your stack
∗ Leverage existing services
∗ Understand your complexity and leverage cloud
∗ Robustness is key for success
∗ Security is key for survival