Security strategies for html5 enterprise mobile apps

2,461 views

Published on

Strategies for creating highly secure, enterprise class HTML5 mobile applications.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,461
On SlideShare
0
From Embeds
0
Number of Embeds
1,532
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • HTML5 represents a revolutionary step for HTML-based browsers as the first truly cross-platform technology for rich, interactive applicationsEndorsed by all major IT vendors (Google, Microsoft, IBM, Oracle, et al)Enables functionality previously possible only in native appsResponsive design supports desktop and mobile simultaneouslyUndergoing rapid adoption for interactive B2C websites as well as B2B/B2E business apps
  • Lots of debate/ hype /sides out there on native v html5..   We are not here to take sides, but to talk about the relative strength of html5 for enterprise apps
  • HTML5 represents a revolutionary step for HTML-based browsers as the first truly cross-platform technology for rich, interactive applicationsEndorsed by all major IT vendors (Google, Microsoft, IBM, Oracle, et al)Enables functionality previously possible only in native appsResponsive design supports desktop and mobile simultaneouslyUndergoing rapid adoption for interactive B2C websites as well as B2B/B2E business apps
  • But not without its challenges:Many different frameworks and toolsNew set of programming languagesEarly solutions target open source/startup developers for B2C apps – enterprise needs unmetBack end performance issues for data-intensive operationsMissing functionality (e.g. control richness, UX quality, mobile device HW access)Lack of centralized management (“app” vs. “website” gap)Unclear security models
  • HTML5 represents a revolutionary step for HTML-based browsers as the first truly cross-platform technology for rich, interactive applicationsEndorsed by all major IT vendors (Google, Microsoft, IBM, Oracle, et al)Enables functionality previously possible only in native appsResponsive design supports desktop and mobile simultaneouslyUndergoing rapid adoption for interactive B2C websites as well as B2B/B2E business apps
  • Secure sandbox model – Browser model is more secure than nativeThin client – secure by design. Server based app logic protects sensitive IPNothing left behind – data security
  • Thin client – secure by design. Server based app logic protects sensitive IP
  • Nothing left behind – data security
  • Device and application inventory management control who gets access to what app on which device.Control software distribution through enterprise app store – hybrid apps or MDM-supported, secure browsers for accessing HTML5 appsImplement enterprise security standards – passwords, encryption, VPN, authentication, etc…Control who sees what by enforcing enterprise access control policies (integration with active directory)
  • On premise or cloud
  • Leverages patented compiler algorithms to rapidly move code from one platform to anotherDelivers new code (e.g. C# and HTML5), while mapping key dependencies and controls.Developer guides process using toolkit – refactoring and re-architecting as desired.New code is of highest quality – as if written from scratch for .NET
  • Increasingly important technology as desktop client server app inventory continues to age
  • Security strategies for html5 enterprise mobile apps

    1. 1. Building Secure HTML5 Business Applications Eugene Kuznetsov, CEO Itzik Spitzen, CTO
    2. 2. Eugene Kuznetsov Gizmox CEO Itzik Spitzen Gizmox CTO & Cofounder Abine, IBM, DataPower, CRV deltathree, FileNet
    3. 3. Poll Question Which mobile technology do you think of as being more secure?  Native apps -or-  HTML5 apps (select one)
    4. 4. Context HTML5 done right What’s in a platform? Gizmox
    5. 5. vs.
    6. 6. The future of enterprise applications
    7. 7. MDM Keychain MEAP application provisioning Cloud Services MVC PhoneGap Cross platform BYOD CSS3 MVVM Eclipse device emulators SDK AJAX OpenGL Push Notification Root (device) mobile-first application distribution Hybrid BaaS Universal Apps Java …is not without its challenges Objective C VPN app stores Touch User Interface Gestures JavaScript Object Notation PaaS Scalability Native App JQuery XML Monetization Unique Device Identifier (UDID) Mobile Fragmentation SOAP
    8. 8. Context HTML5 done right What’s in a platform? Gizmox
    9. 9. 4 Ways that HTML5 apps “done right” can be more secure than native apps
    10. 10. #1 HTML5 security model
    11. 11. #1 HTML5 security model Your browser is a secure sand box
    12. 12. #1 HTML5 security model Thin clients are “secure-bydesign”
    13. 13. #1 HTML5 security model Nothing gets left behind
    14. 14. #2 Secure browsing / Containerization
    15. 15. #3 MDM Integration MDM MDM MDM c MDM
    16. 16. #4 HTML5 is ideal for a BYOD world
    17. 17. Context HTML5 done right What’s in a platform? Gizmox
    18. 18. 5 Things You should expect from an enterprise HTML5 platform
    19. 19. #1 Integrate with enterprise access control
    20. 20. #2 Enable fine-grained security
    21. 21. #3 Provide the flexibility to implement in cloud or on premise
    22. 22. #4 Integrate with BaaS of your choice c
    23. 23. #5 Let you develop in a single language
    24. 24. Poll Question Are you required to deliver the same application to multiple form factors (e.g. desktop & mobile)  Yes -or-  No (select one)
    25. 25. Context HTML5 done right What’s in a platform? Gizmox
    26. 26. Gizmox provides an enterprise HTML5 platform for bringing business applications to web and mobile – quickly, securely, and with your existing skills. For new and existing apps, we deliver a native-quality user experience and enterprise-class deployment. Secure “Secure-by-design” apps integrated with enterprise security program Fast Rapid time to market. High performance solutions. Familiar Keep design in house by leveraging existing .NET and Visual Studio skills Build and deploy new HTML5 apps with C# and visual designer Convert existing desktop client-server apps to .NET and HTML5
    27. 27. Visual WebGui Technology Stack server design Theme Libraries and Designer Management console Web Server Control Libraries and Designer Client optimization (device, browser) Backend integrations Visual Design Environment Application logic Security Management C# / VB.NET support Form Factor Designer Patented protocol Development Server Device Client Thin HTML5 client (no install) Device Integration (optional) Client APIs
    28. 28. Platform Deployment Application Databases Enterprise Applications LDAP
    29. 29. Managing legacy challenges <VB6> <ASP> <etc…> Learn More: gizmox.com/ebook <C#>
    30. 30. Poll Question Does your company still rely on custom developed, Microsoft desktop client-server apps?  Yes -or-  No (select one)
    31. 31. VB6 Vulnerability Status: Panic Status in effect until 2014-04-08 00:00:00.0 UTC What is happening on the desktop…
    32. 32. …may well happen in mobile.
    33. 33. Get your business apps to enterprise-class HTML5 quickly, securely, with your existing development team.
    34. 34. Bring your apps to mobile with native-quality HTML5 quickly, securely, with your existing development team.
    35. 35. The Safe Choice
    36. 36. Push http://www.gizmox.com/resources/

    ×