Native apps with IBM Worklight 2014 IBM Corporation
Native apps with IBM Worklight © 2014 IBM Corporation
Agenda Introducing IBM Worklight 6. 2 Enhancing the development process Integrating and securing enterprise mobile apps Managing the enterprise mobile app environment Supporting the mobile lifecycle 2 © 2014 IBM Corporation
Mobile apps go deeper than front-end UI Teamwork Short time to market 30% Industrialize dev Web? Hybrid? Native? of the value and effort is visible (mobile UI) Integrate with SDLC Front-end 70% Back-end User engagement Operations Connect to back-end Manage and enforce app versions Efficient and flexible push notifications z Track and leverage location B 2 E app distribution Track problems that affect UX Security Offline availability Push upgrades User authentication of the value and effort lies under the surface App security Data protection Ensuring continued support in a quickchanging landscape © 2014 IBM Corporation
The IBM Worklight Platform Integrated mobile app development with continuous delivery Quality Assurance Application Scanning Detect code vulnerabilities at the time of development Quality Assurance Server Studio Runtime Console Collect beta test feedback, crashes and analyze user sentiment Foundation Development, Runtime, Operations Console & Private Store Application Center Development 4 Continuous Delivery © 2014 IBM Corporation
IBM Worklight Foundation Speeding the development, integration and management of mobile applications and infrastructure Accelerate Web, Native, and Hybrid Development • Rich infrastructure, enabling developer focus on business logic • Preview, simulation, and testing tools for shortening development lifecycle • Mechanisms to industrialize app development • Team work facilitation and development lifecycle tools IBM Worklight goes beyond mobile app UI creation to deliver mobile optimized, standards-based, middleware and tools for enterprise-grade mobile applications and services creation Engage Users with the Enterprise • Mobile-friendly enterprise integration • Codeless integration • Unified push and SMS notifications • Geo-location and context collections and intelligence Facilitate App Security and Trust • Server-enforced authentication • App authenticity and user-app-device binding • Secure and syncable on-device storage • App version enforcement Support Mobile Operations • Operational analytics with efficient data acquisition • Offline and online event management integration • Remote user and app control without MDM 5 “Best Enterprise Mobility Application Development Platform" by Compass Intelligence for 2014 Mobility Awards "Best Mobile Development Solution" as voted by SIIA members for 2013 CODi. E Awards © 2014 IBM Corporation
… the most advanced platform for native development Accelerate Native Development • Most flexible and open platform, enabling developers control user experience and cross-platform savings • Testing tools for shortening development lifecycle • Team work facilitation and development lifecycle tools Engage Users with the Enterprise • Mobile-friendly enterprise integration • Codeless integration • Unified push and SMS notifications • Geo-location and context collections and intelligence Objective C Facilitate App Security and Trust • Server-enforced authentication • App authenticity and user-app-device binding • Secure and syncable on-device storage • App version enforcement Java C# Support Mobile Operations • Operational analytics with efficient data acquisition • Remote-controlled log collection for problem determination • Offline and online event management integration • Remote user and app control without MDM 6 Feature applicable for native New/Enhanced-for-native in 6. 2 © 2014 IBM Corporation
Agenda Introducing IBM Worklight 6. 2 Enhancing the development process Integrating and securing enterprise mobile apps Managing the enterprise mobile app environment Supporting the mobile lifecycle 7 © 2014 IBM Corporation
Spectrum of mobile app development approaches Pure web Mobile web site (browser access) Hybrid Native shell enclosing external m. site Prepackaged HTML 5 resources Pure native HTML 5 + native UI Mostly native, some HTML 5 screens Pure native Web-Native Continuum • HTML 5, JS, and CSS 3 (full site or m. site) • Quicker and cheaper way to mobile • Sub-optimal experience 8 • HTML 5, JS, and CSS • Usually leverages Cordova • Downloadable, app store presence, push capabilities • Can use native APIs • As previous • + more responsive, available offline • Web + native code • Optimized user experience with native screens, controls, and navigation • App fully adjusted to OS • Some screens are multiplatform when makes sense • App fully adjusted to OS • Best attainable user experience • Unique development effort per OS, costly to maintain © 2014 IBM Corporation
Bring Your Own Tools! In Worklight 6. 2 developers have the flexibility to use the development tools of their choice – Worklight Studio is no longer required A Command Line Interface (CLI) is provided to enable the use of other development tools The CLI provides the following capabilities: - Add Worklight SDKs to a native project - Create Worklight hybrid projects - Add environments to a Worklight hybrid project - Create Worklight Adapters - Test Worklight Adapters - Deploy Worklight applications and adapters to the Worklight Server - Start and stop the Worklight Server - Launch the Worklight administrative console 9 © 2014 IBM Corporation
Example CLI commands for native apps Ø wl create [? ] What do you want to name your project? My. Project ‘My. Proj’ created Ø cd My. Proj Ø wl add api [? ] What do you want to name your native API? My. Ios. Api [? ] What platform do you want to target? Android � i. OS Java ME Windows Phone 8 Native api for ‘ios’ created Context aware builds Ø wl build Ø wl deploy If at project level, all apps and adapters are built. If in adapters (all or single), then only those are built. If within a single app, then only that app is processed. If within a single env of app, only it is built and deployed. Embedded Worklight server control Ø wl start Ø wl console Ø wl stop 10 The “wl run” command is a long running task that starts the server, and tails (follows) the server log file © 2014 IBM Corporation
Worklight gives developers complete control over their app Attractive App Startup • • Control default splash screen behavior Add a custom splash screen Start application with native screen Control Worklight framework initialization, e. g. in background Engaging UI • • Display a specified native screen in full screen Mix native and web components on a same screen Control native components that host web application Use native components hosting web application inside of a container Compelling app flow 11 • Call native code from Java. Script and vise-versa • Invoke both native and Java. Script WLClient APIs in any order e. g. authenticate in native, UI in HTML 5 © 2014 IBM Corporation
Unsurpassed flexibility in hybrid development Complete freedom in mixing native and web code in the same app Native header with button, title and icon Native and web components on a same screen Web. View with web components Native scrolling ticker 12 © 2014 IBM Corporation
Bridge native and hybrid elements with an action API Use the Worklight action API to enable native-hybrid communication: - Send data from Java. Script to Native Send data from Native to Java. Script Register Native action handlers Register Java. Script action handlers Example: Clicking native side menu button triggers web UI change 13 © 2014 IBM Corporation
Mobile Functional Test Tools Comprehensive, complete, resilient functional testing Android and i. OS, native and hybrid HTML and JQuery Record, edit, and run on mobile devices or emulator Same test runs across multiple devices in the platform family Natural language scripts can be used by developers and nondevelopers alike Simple process 1. Record 2. Author 3. Playback 4. Report 14 © 2014 IBM Corporation
Agenda Introducing IBM Worklight 6. 2 Enhancing the development process Integrating and securing enterprise mobile apps Managing the enterprise mobile app environment Supporting the mobile lifecycle 15 © 2014 IBM Corporation
Worklight Server: Adapters Run time Lightweight server-side logic to expose systems of records in a mobilefriendly way - Automatic JSON transformation of enterprise data for quick transport and ease of consumption by mobile developer - Server-side service composition to reduce number of requests over slow mobile network - XSLT to reduce fat SOAP responses Security - Automatic enablement of server-side authentication control and audit Analytics - Automatic collection of user actions and device and app properties Data sync - Enables synchronization with on-device JSON Store Mobile user engagement - Push notifications and geo-based event management For the server developer JS anywhere: Simple APIs for server-side Java. Script development Extensibility: Java API for custom adapters For the client developer Easy-to-use, consistent client-side API to call any back-end system 16 SQL / JDBC SOAP / HTTP JMS REST CAST IRON Java Extension Node* ESB** Worklight Server Enterprise back-ends and cloud services * As tech preview ** Available with IBM Message Broker © 2014 IBM Corporation
A quick overview of Worklight Security Application Security Design: Develop secure mobile apps using corporate best practices Encrypted local storage for data Offline user access Challenge response on startup App authenticity validation Enforcement of organizational security policies Protect data on the device Streamline corporate security approval processes Proactively enforce security updates Provide robust authenticatio n and authorization to secure users Protect From Known Application Security Threats Application Security Objectives 17 © 2014 IBM Corporation
User Authentication and Authorization Authenticatio n integration framework Data protection realms Coupling device id with user id Provide robust authentication and authorization to secure users Need to integrate with existing authentication infrastructure Authenticate users when offline Very flexible framework for simplifying integration of apps with existing authentication infrastructure Manages authenticated sessions with configurable expiration Open: e. g. , custom OTP as anti-keylogger mechanism Server-side services grouped into separate protection realms for different authentication levels Two-factor authentication using device id as “what you have” factor Mobile passwords are more vulnerable 18 © 2014 IBM Corporation
Protecting data on the device Device theft Offline access Phishing, repackaging Protect data on the device Encrypted cache / DB Offline authentication Secure challengeresponse on startup App authenticity testing Device provisioning integration Encrypted JSON Store Offline authentication using password Extended authentication with server using secure challenge response App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through repackaging or app forgery Device provisioning integration: allow for the authentication of devices in addition to apps and users HTTPS/TLS based initiation of Worklight Server connectivity from WL Client runtime using FIPS 140 -2 compliant libraries - Tie in with User-Provision to use X 509 Cert in establishing HTTPS/TLS connection using user certificate - On top of the already compliancy for communication (data in transit) and for storage (JSONStore) 19 © 2014 IBM Corporation
Inter-application data sharing • New API allows developers to securely share data between applications in an application family • The API can be used to share security tokens and other small data sets • Data is always shared as a string • Native API support on i. OS and Android in addition to Java. Script API Hybrid applications WL. Client. set. Shared. Token({key: my. Name, value: my. Value}) WL. Client. get. Shared. Token({key: my. Name}) WL. Client. clear. Shared. Token({key: my. Name}) i. OS native applications [WLSimple. Data. Sharing set. Shared. Token: my. Name value: my. Value]; NSString* token = [WLSimple. Data. Sharing get. Shared. Token: my. Name]]; [WLSimple. Data. Sharing clear. Shared. Token: my. Name]; 20 Android native applications WLSimple. Shared. Data. set. Shared. Token(my. Name, my. Value); String token = WLSimple. Shared. Data. get. Shared. Token(my. Name); WLSimple. Shared. Data. clear. Shared. Token(my. Name); © 2014 IBM Corporation
Device Single Sign-On (SSO) Enables a mobile user to authenticate once and gain access to all apps from the same organization (technically, with the same developer certificate) without re-authenticating. Enhanced to support integration with Data. Power, ISAM, and other gateways 21 Session x Worklight Server App 1 ID Duplicate after receiving ID fro App 2 Session y App 2 secure Mobile OS key store Implementation - Implemented using combination of server -side capabilities (realms) and unique device identification (device ID) - On successful login the authentication state is saved in the database and used for validations in subsequent sessions from the same device. © 2014 IBM Corporation
Agenda Introducing IBM Worklight 6. 2 Enhancing the development process Integrating and securing enterprise mobile apps Managing the enterprise mobile app environment Supporting the mobile lifecycle 22 © 2014 IBM Corporation
Managing mobile apps with the Worklight Console Supports multiple versions on the same platform Device specific versions are uncoupled 23 © 2014 IBM Corporation
Remote-controlled client-side log collection Worklight provides Native and Java. Script API for client-side logging Administrator defines log collection profiles on the server which are automatically retrieved by the Worklight client-side runtime - By default sent on init, resume, and 75% full – can be customized Administrator can perform analysis and text search of client-side logs via server-side analytics console 24 © 2014 IBM Corporation
Unified Client and Server Analytics Out-of-the-box analytics address the following: - User adoption, device and app properties User actions and called adapter procedures Performance and data usage information Exceptions, crashes, logs, response time Geolocation data Analytics component now provided in a WAR for simple install and administration 25 © 2014 IBM Corporation
Service integration analytics Robust analytics for adapter usage including average response time, average data usage, and server usage statistics 26 © 2014 IBM Corporation
Agenda Introducing IBM Worklight 6. 2 Enhancing the development process Integrating and securing enterprise mobile apps Managing the enterprise mobile app environment Supporting the mobile lifecycle 27 © 2014 IBM Corporation
Introducing IBM Worklight Quality Assurance Delivers mobile app quality across a fragmented environment with end user feedback and quality metrics available at every stage of development. Evidence-based prioritization – enable business and IT to collaborate on mobile strategy and user experience User Feedback Crash logs Bugs Over the air app distribution – get the latest in the hands of testers as soon as it is available Frictionless bug reporting – spend every minute on testing latest and greatest builds, not the hassles In-app crash reporting – rapid understanding of why an app fails Sentiment analysis – mine app ratings and reviews to extract actionable feedback before they go viral 28 Quality Assurance © 2014 IBM Corporation
Introducing IBM Worklight Application Scanning Detect vulnerabilities at the time of code change to reduce risk of data leakage and breaches • A single Eclipse Integrated Development Environment (IDE). Scan existing code projects or Worklight Studio projects • Native and hybrid mobile applications support • Enhanced Java. Script analysis, which includes improved performance and additional framework support • Optionally connect to IBM Security App. Scan Enterprise Server to share scan configurations, filters, and custom rules across all projects 29 Application Scanning © 2014 IBM Corporation
The value of Worklight for Native Apps 30 Focus more on business logic Decrease development cost • Robust and extensible enterprise integration framework • Proven user and app security framework • API discovery for SAP and SOAP • Encrypted JSON Store with bi-directional synchronization • Efficient geo-location services and geo-fencing • Standard server API for push engagement • Automated functional testing for native apps • Out of the box operational analytics Manage the mobile app lifecycle Support the mobile ecosystem • Console for app management, version enforcement, and fine-grained user control • Support for enterprise SDLC integration • App Center for managing distributed test process • Proven timely support for new OS versions • Support for use of third party libraries and services © 2014 IBM Corporation
IBM Worklight Key Differentiators Standards-based Flexibility and choice Consumability Security Ecosystem 31 • Tooling for HTML 5 development and device adaptation • Application lifecycle management of HTML 5 artifacts • Leveraging de-facto standards to provide added value for developers • Native / hybrid / web • Full coverage of the hybrid spectrum • Leverage any 3 rd Party Java. Script Framework: More Choice! • For developers: easy learning curve, small number of programming models, JS anywhere, small footprint • Collaborative development • Quick and Easy Installation and deployment • Flexible security model • Portfolio integration • Advanced in-app security features • IBM products already leveraging Worklight as a mobile standard • Starting to build a catalog for third-party APIs • Mobile. First Solutions for Testing, Team Dev, Analytics, Security and Mgmt © 2014 IBM Corporation
Three Ways to Get Started with IBM 1 2 3 32 Download the free IBM Worklight Developer Edition: ibm. co/worklightde Talk with your IBM representative or Business Partner to find the right next step for you Learn more at www. ibm. com/mobile-enterprise Interact with us @ibmmobile and #ibmmobile © 2014 IBM Corporation
- Slides: 32