Challenges in enterprise mobility development 2

2,775 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,775
On SlideShare
0
From Embeds
0
Number of Embeds
1,612
Actions
Shares
0
Downloads
36
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Challenges in enterprise mobility development 2

  1. 1. Challenges in Enterprise Mobile Development Gustavo Machado gus@kidozen.com KidoZen, Inc.
  2. 2. About Me ● Passionate about Technology and Devices ● Developer ● http://machadogj.com ● Speaker ● VP of Engineer at KidoZen
  3. 3. Agenda ● Security ● Backend Services ● Integration ● Front End
  4. 4. Enterprise Mobile Development Why is it different? BYOD Multiple Applications Existing Infrastructure Third Parties Outside the confines of your Intranet
  5. 5. Security ● Authentication ● Authorization ● Mobile Context
  6. 6. Security – Auth Dilemma AD Compa ny B
  7. 7. Security – Auth App B A LIB D App A A LIB D App C A LIB D AD
  8. 8. Security – Auth part 1 DRAWBACKS ● Bug fixes / Deployments ● Configuration ● Not extremely secure (credentials) BENEFITS ● Simplicity and...
  9. 9. Security – Auth part 2 App B lib Token App A Token Token Credentials lib TRUST STS AD
  10. 10. Security – Auth part 2 TOKENS ● JWT (JSON) ● SWT (form-encoded) ● SAML (XML) PROTOCOLS ● WS-* (WS-Trust, WS-Federation) ● OAuth 2.0 ● SAML 2.0 (SSO)
  11. 11. Security – Auth part 2 DRAWBACKS ● Adds Complexity ● Building STS can be challenging BENEFITS ● Centralizes ● Standardizes ● Interoperability
  12. 12. Security – Auth part 3 STS Company B Cr ls ia nt e ed JW T JWT ?? OAuth App A lib SAML SA ML Cr ed en ti WS-Fed als STS AD
  13. 13. Security – Auth part 3 l tia en d re C s ?? App A lib JW T ? ? STS Compa ny B ?? OAuth Fed Provi der JW T WS-Fed ? ? Cr s ede nti al STS AD
  14. 14. Security – Auth part 3 DRAWBACKS ● Adds Complexity ● Building a Fed Service IS challenging BENEFITS ● Centralizes ● Standardizes ● Interoperability ● Existing Federation Services
  15. 15. Security - Authorization ● Claims based – ● Role based – ● user.claims.ofType('action').contains('approve') user.isInRole('manager') Resource based – Allow GET /my/resource
  16. 16. Security - Context ● Passive (web) ● Active (native) ● Passive (native) App A Token Token Credentials lib TRUST STS
  17. 17. Security - Solutions ● Windows Azure WAAD / ACS (Fed Provider) ● ADFS (Fed Service) ● Ping Identity (Fed Provider) ● Apperian (MAM - policies) ● Citrix MDX (MDM - policies)
  18. 18. Backend Services ● Storage ● Messaging ● Mobile
  19. 19. BS - Storage ● Configuration ● Logging ● Caching ● Data ● Files
  20. 20. BS - Messaging ● Queues (long running processes) ● Pub Sub (real-time) ● Email
  21. 21. BS - Mobile ● SMS ● Native Push Notifications – – C2DM (Android) – ● APNS (iOS) MPNS (WP) Media Processing
  22. 22. BS – Offline Sync Everything needs to be done regardless of network access.
  23. 23. Backend Services - Solutions ● Twilio (SMS) ● SendGrid (Email) ● Urban Airship (Push Notifications) ● Loggly, Splunk (Logging) ● MBaaS – KidoZen – Feedhenry – Kony – AnyPresence
  24. 24. Integration ● Cloud Services – ● SaaS Providers On Premise – LoB Applications – Web Services
  25. 25. Integration – Cloud Services SaaS Provider cr ed en t ia ls Servi ce Impersonating User Service Account
  26. 26. Integration – Cloud Services ● Use SDKs – It's documentation – It's dependencies ● Versioning ● Adds complexity to the client app ● Might require a custom service – Securely store service accounts – Enforce Authorization rules
  27. 27. Integration – On Premise Behind Firewall DMZ Syste m A Servic e B Syste m B Servic e/ Adapt er Company Service Bus
  28. 28. Integration – Solutions ● Azure Service Bus ● KidoZen Enterprise APIs
  29. 29. Front End ● Web App ● Native ● Hybrid ● Cross Compile
  30. 30. Front End – Web App
  31. 31. Front End – Web App ● jQuery Mobile ● jqTouch ● Sencha UI ● Kendo UI ● Bootstrap 3.0 (responsive)
  32. 32. Front End - Native Xcode - Objective-C Android Studio - Java Visual Studio - C#
  33. 33. Front End - Native ● Full access to native capabilities ● Best Performance
  34. 34. Front End - Hybrid Build HTML5 + js Native App WebView APP Libs ● Native Application Package ● Access through App Stores ● Access to Native capabilities ● Not the best performance
  35. 35. Front End - Hybrid
  36. 36. Front End – Cross Compile Single Codebase Interpreted Compile ● Access to Native capabilities ● Native performance Native Apps
  37. 37. Front End – Cross Compile Xamarin
  38. 38. Front End - Summary ● Web Applications for simple apps and fast development. ● Native Apps for full Native Performance ● Hybrid for maximum code reuse ● Cross Compile for significant code reuse and Native performance
  39. 39. Other Challenging Stuff ● ● ● Analytics Security Policies (dual-factor auth, geo, antijailbroken) Testing – Unit Testing, Automated UI Testing, Usability Testing.
  40. 40. Summary ● ● ● ● ● Federate Security Generalize as many Backend Services as possible Publishing services to the internet is not the only way, we have service bus too. There's a front end approach (or more) for every scenario. Building Mobile Apps for Enterprises is HARD.
  41. 41. Thanks! ● gus@kidozen.com ● @machadogj ● http://machadogj.com

×