ibm worklight for digital agencies
DESCRIPTION
Digital agencies build mobile apps but they don't always do so as inexpensively as they could. But if they used IBM Worklight they could.TRANSCRIPT
© 2014 IBM Corporation
IBM Worklight -- The IBM MobileFirst Application Platform:The Secret Weapon forDigital Agency Profitability
Graham ChurchillIBM MobileFirst and Internet of Things Solutions [email protected]
Sept 7, 2014
© 2014 IBM Corporation2
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How does IBM Worklight save cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation3
Two Types of Digital Agencies
InternalDevelop apps for their own organization
ExternalDevelop apps for other organizations
LOB LOB LOB LOB LOB LOB
Goals are the same develop more at lower cost.
© 2014 IBM Corporation4
• Fragmentation of devices and platforms• Must build and maintain different code bases
• Speed and frequency of iterations• High cost of testing and change management
• Connectivity to back-end systems and cloud• Build, maintain and manage
• Security to protect corporate data• Much greater chance of data breach
• Context and other capabilities such as geo-location• Specialized capabilities required
• Delivery of high quality apps that rapidly incorporate customer feedback
• Mechanisms to capture and act on feedback• Adoption of apps in a crowded market; 25% of
mobile apps are used only once• Build apps that people actually use.
• Skills on platforms, frameworks, UI design, and all other disciplines.
• Mobile development skills are expensive
Mobile apps are expensive to develop!
$
© 2014 IBM Corporation5
The challenge of finding skilled mobile developers
• Developers often have different skill sets and its difficult to find single developers with skills on all platforms
• When you do, you will pay a premium for their services• For multi-platform projects, when you must maintain different assets, this
creates challenges in harnessing the team
I am more cool than
you.
I am more liberated than you.
Peace man.
+ + =$
© 2014 IBM Corporation6
Traditional Web development vs. Mobile development
$ $ $ $ $
Mobile development
$Initial app
development cost
$Applicationchange cost Frequency of change (continuous)
$Initial app
development cost
$ $
Frequency of change (occasional)
$
Applicationchange cost
Traditional Web
© 2014 IBM Corporation7
Spectrum of mobile app development approaches
Low fidelity, low cost High fidelity, high cost
© 2014 IBM Corporation8
z
Operations
Back-end
Mobile apps require more than a focus on front-end UI
Front-end
30% of the value and effort is visible (mobile UI)
70%
of the value and effort lies under the surface
Short time to market
Web? Hybrid? Native?
Teamwork
Industrialize dev
Integrate with SDLC
Ensuring continued support in a quick-
changing landscape
Track problems that affect UX
Manage and enforce app
versions
Security Data
protection
Push upgrades
Appsecurit
y
Userauthenticatio
n
User engagementConnect to back-
endEfficient and flexible
push notifications
Offline availability
B2E app distribution
Track and leverage location
© 2014 IBM Corporation9
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation10
$ $ $ $ $$$$$$$$$$$$$$$$$$
Affords you the opportunity make more changes
4
Reduces applicationchange cost
$$
2
Shortens time required to make changes
3
$$$$$
What does IBM Worklight do for digital agencies?
$$Reduces initial application cost1
© 2014 IBM Corporation11
Impact of IBM Worklight on digital agency profitability
$$
$$ $
Price charged customer
Development cost
Worklight license
Profit
Profit
Development cost
Price charged customer
WithoutWorklight
WithWorklight
{{ }
}
}
© 2014 IBM Corporation12
For the value it delivers, IBM Worklight is very inexpensive
No charge version for developers- IBM Worklight for Developer Edition
• No charge, non-warranted program• Support is best effort via Stack Overflow • Available for download from the IBM developerWorks®
website
Production versions for deployment• IBM Worklight Consumer Edition
• Pricing is per app; unlimited users
• IBM Worklight Enterprise Edition• Pricing is per user, unlimited apps
© 2014 IBM Corporation13
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation14
How IBM Worklight saves costs
Accelerate Native, Web, and Hybrid development
Shorten App Lifecycle Change Management
Facilitate App Security and Trust
Engage users with the Enterprise
Support Mobile Operations Management
© 2014 IBM Corporation15
IBM Worklight goes beyond mobile app UI creation to deliver mobile optimized, standards-based, middleware and tools for enterprise-grade mobile applications
and services creation
________ _________
The IBM MobileFirst Application Platform – IBM Worklight
Accelerate Native, Web, and Hybrid Development• Complete IDE enabling the plug-in of native, Javascript, user-
defined libraries• Rich APIs for native development• Central place to keep track of all types of content • Enables developer to focus on business logic
Facilitate App Security and Trust• Server-enforced authentication• App authenticity and user-app-device binding• Secure and syncable on-device storage• App version enforcement
Engage Users with the Enterprise• Mobile-friendly enterprise integration • Codeless integration• Unified push and SMS notifications• Geo-location and context collections and intelligence
Support Mobile Operations Management• Operational analytics with efficient data acquisition • Offline and online event management integration• Remote user and app control without MDM
"Best Mobile Development Solution" as voted by SIIA members for 2013 CODiE Awards
“Best Enterprise Mobility Application Development Platform" by Compass Intelligence
for 2014 Mobility Awards
Shorten App Lifecycle Change Management• Preview, simulation, and testing tools for shortening
development lifecycle• Capture user feedback in a fraction of the time• Mechanisms to industrialize app development• Team work facilitation and development lifecycle tools
© 2014 IBM Corporation16
Focus more on business logic• Robust and extensible enterprise
integration framework• Proven user and app security
framework• API discovery for SAP and SOAP• Encrypted JSON Store with bi-
directional synchronization • Efficient geo-location services
and geo-fencing
Decrease development cost• Standard server API for push engagement• Automated functional testing for native
apps• Out of the box operational analytics
Manage the mobile applifecycle• Console for app management, version
enforcement, and fine-grained user control
• Support for enterprise SDLC integration• App Center for managing distributed test
process
Support the mobile ecosystem
• Proven timely support for new OS versions• Support for use of third party libraries and
services
The Value of Worklight for Native Apps – The Best Platform for Native
Objective C
Java
C#
© 2014 IBM Corporation17
The Value of Worklight for Hybrid Apps
Focus more on business logic• Proven optimization framework including
Skins• Robust and extensible enterprise
integration framework• API discovery for SAP and SOAP • Worklight App Run-time for quick data-
driven hybrid apps• Encrypted JSON Store with bi-directional
synchronization• Efficient geo-location services and geo-
fencing
Decrease development cost• Instant hybrid app preview• Accurate mobile simulator + visual
location simulator• Automated functional testing for hybrid
apps• Out of the box operational analytics
Manage the mobile app lifecycle• Console for app management, version
enforcement, and fine-grained user control
• Custom app templates and screen templates
• Custom app components and shell• Support for enterprise SDLC integration• App Center for managing distributed test
process
Support the mobile ecosystem• Cordova is shipped with Worklight; IBM
provides bug fixes and production-level support for version shipped with Worklight
• Proven timely support for new OS versions• Support for use of third party libraries and
services
© 2014 IBM Corporation18
Outline of the IBM MobileFirst Application Platform – IBM WorklightA comprehensive mobile app development approach with continuous delivery
Application Center
Quality AssuranceApplication Scanning
Development Continuous Delivery
Studio Console
Server Runtime
Application ScanningDetect code vulnerabilities at the time of development
Quality AssuranceCollect beta test feedback, crashes and analyze user sentiment
Worklight Foundation Development, Runtime, Operations Console & Private Store
© 2014 IBM Corporation19
Feedback Management
Reporting for Statisticsand Diagnostics
Public App Stores
Worklight Application Center
Development Team Provisioning
App Feedback Management
Enterprise App Provisioning
and Governance
2Device Runtime
Cross-Platform Compatibility
Layer
Encrypted and Syncable Storage
Runtime Skins
Server Integration Framework
Ap
pli
cati
on
Cod
e
3
Worklight Console
5
Unified Push and SMS Notification
Development and Operational Analytics
App Version Management
En
terp
rise B
acken
d S
yste
ms
& C
lou
d S
erv
ices
Worklight Server
User Authentication and Mobile Trust
Mashups and Service
Composition
JSON Translation
Adapter Library for Backend Connectivity
Sta
ts a
nd
Log
s A
gg
reg
ati
on
Unified PushNotifications
Client-SideApp Resources
Direct Update
Mobile Web Apps
4
Geolocation Services
HTML5, Hybrid, and Native
Coding
Optimization FrameworkIntegrated
Device SDKs
3rd Party Library Integration B
uild
En
gin
e
Worklight Studio
SDKs
Functional Testing
WYSIWG Editor and Simulator
Blackberry
Android
iOS
Windows Phone
Java ME
Windows 8
Mobile Web
Desktop Web
1
Enhanced crash & platform-level exception capture
Location-based event handling
IBM Worklight Foundation Components
© 2014 IBM Corporation20
WorklightCluster
Load Balancer
Backend 1 Backend 2
WorklightDatabase
Web SSOServer
App
https
https
Corporate LAN
Corporate DMZ
IBM Worklight Foundation – Typical Topology
© 2014 IBM Corporation21
What’s new in IBM Worklight Foundation 6.2
Flexible application
development
New command line tooling
More native API
Mixing native and HTML5
Wizards for Backend integrations
Worklight Application FrameworeBeta
IBM's cloud services on Bluemix
Extended user reach
Native app start-up and transitions
Enhanced push notification
Campaign manage with xtify
USSD support
C# API for Windows Phone 8
SSO via iSAM
Comprehensive mobile
operations
Enhanced operational analytics
REST APIs and CLI for management task
automation
Role-based access with Java EE-security
Remote-controlled mobile device log
collection
Cluster and active-active arch
Cloud-hosted on SoftLayer
Security
MaaS 360 integration
Trusteer integration
JSONStore for native iOS and Android apps
JSONStore for Hybrid W8 and WP8
Direct Update for WP8
Enhanced app authenticity for iOS
and Android
© 2014 IBM Corporation22
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation23
Spectrum of mobile app development approaches
Web-Native Continuum
• HTML5, JS, and CSS3 (full site or m.site)
• Quicker and cheaper way to mobile
• Sub-optimal experience
• HTML5, JS, and CSS
• Usually leverages Cordova
• Downloadable, app store presence, push capabilities
• Can use native APIs
• As previous• + more
responsive, available offline
• Web + native code
• Optimized user experience with native screens, controls, and navigation
• App fully adjusted to OS
• Some screens are multi-platform when makes sense
• App fully adjusted to OS
• Best attainable user experience
• Unique development effort per OS, costly to maintain
Hybrid
Pure web Pure native
Mobile web site
(browser
access)
Native shell
enclosing
external m.site
Pre-packag
ed HTML5
resources
HTML5 +
native UI
Mostly native, some
HTML5 screens
Pure native
© 2014 IBM Corporation24
Worklight Studio – The IDE for hybrid app development
Eclipse-based IDE
Code assist tools with auto-complete and validation
Application scaffolding and componentization
Mobile OS-specific optimization
Device-specific optimization with Skins
3rd-party library integration for HTML5 and native components
Quick access to simulators, emulators, and debugging tools
HTML5, Hybrid, and Native
Coding
Optimization FrameworkIntegrated
Device SDKs
3rd Party Library Integration B
uild
En
gin
e
Worklight Studio
SDKs
Functional Testing
WYSIWG Editor and Simulator
Blackberry
Android
iOS
Windows Phone
Java ME
Windows 8
Mobile Web
Desktop Web
1
© 2014 IBM Corporation25
Worklight gives developers complete control over their app
Attractive App Startup
• Control default splash screen behavior• Add a custom splash screen• Start application with native screen• Control Worklight framework initialization, e.g.
in background
Engaging UI
• Display a specified native screen in full screen• Mix native and web components on a same
screen• Control native components that host web
application• Use native components hosting web
application inside of a container
Compelling app flow
• Call native code from JavaScript and vise-versa
• Invoke both native and JavaScript WLClient APIs in any order e.g. authenticate in native, UI in HTML5
© 2014 IBM Corporation26
Unified Worklight Studio
• Worklight Studio and Worklight Developer Edition are now the same• Licensing terms and support difference only
• Same installation can be used for both evaluation and production environments
• Common Worklight Studio now available through• Free for evaluation from Eclipse Marketplace• Paid for production from Passport Advantage
• Evaluation assistance for Worklight provided through
• Paid product support available through direct support channels
• For more information, go to the Worklight page on
http://www.ibm.com/developerworks/mobile/worklight/
© 2014 IBM Corporation27
Native and web components on the
same screen
Native header with button, title and icon
Native scrolling ticker
WebView with web components
Unsurpassed flexibility in hybrid developmentComplete freedom in mixing native and web code in the same app
© 2014 IBM Corporation28
Use the Worklight action API to enable native-hybrid communication:- Send data from JavaScript to Native- Send data from Native to JavaScript- Register Native action handlers- Register JavaScript action handlers
Bridge native and hybrid elements with an action API
Example: Clicking native side menu button triggers web UI change
© 2014 IBM Corporation29
Create reusable enterprise UI patterns
Create and reuse custom UI patterns- For corporate branding- Improved governance: Patterns which
were adequately designed, implemented and tested
Patterns contain HTML, CSS and JS resources
Package patterns inside a pre-defined archive format, so that they can be distributed among teams to re-use in their Worklight projects with Worklight Studio
© 2014 IBM Corporation30
Create custom components and templates
Custom screen patterns- HTML, CSS and JS resources- Extend the list of out-of-the-box patterns
Application Components- Reusable libraries (Client or server runtime) that
developers can add to apps Worklight Project Templates
- A reusable Worklight hybrid project that developers can use to jump start new application development
Shareable ZIP archives.wlc or .wlt extns
Create components
and templates
Add Components
and templates to a Worklight
Project
Save development time by reusing code Help enforcing governance by providing
ready-made, tested components with corporate-approved code and branding
Created and managed using a Worklight Studio wizard
© 2014 IBM Corporation31
Bring Your Own Tools!
In Worklight 6.2 developers have the flexibility to use the development tools of their choice – Worklight Studio is no longer required
A Command Line Interface (CLI) is provided to enable the use of other development tools
The CLI provides the following capabilities:- Add Worklight SDKs to a native project- Create Worklight hybrid projects- Add environments to a Worklight hybrid project- Create Worklight Adapters- Test Worklight Adapters- Deploy Worklight applications and adapters to the Worklight Server- Start and stop the Worklight Server- Launch the Worklight administrative console
© 2014 IBM Corporation32
Example CLI commands for native apps
wl create[?] What do you want to name your project? MyProjProject ‘MyProj’ created cd MyProj wl add api[?] What do you want to name your native API? MyIosApi[?] What platform do you want to target? Android❯ iOS Java ME Windows Phone 8Native api for ‘ios’ created
Context aware builds wl build wl deploy
If at project level, all apps and adapters are built.If in adapters (all or single), then only those are built.If within a single app, then only that app is processed.If within a single env of app, only it is built and deployed.
Embedded Worklight server control wl start wl console wl stop
The “wl run” command is a long running task that starts the server, and tails (follows) the server log file
© 2014 IBM Corporation33
Example CLI commands for hybrid apps
wl add hybrid[?] What do you want to name your Worklight App? MyHybrid
cd apps/MyHybrid
wl add environment[?] What environments you want to add to the hybrid app? ⬢ iPhone ⬡ iPad ⬢ Android phone and tablets ⬡ BlackBerry 6 and 7 ⬡ BlackBerry 10❯ ⬡ Windows Phone 8 ⬡ Windows 8 desktop and tablets ⬡ Mobile web app
wl build wl deploy wl console
© 2014 IBM Corporation34
Example CLI commands for adapters wl add adapter Accounts --type http edit adapters/Accounts/Accounts* wl build && wl deploy
Implement desired procedures
wl invoke[?] Which adapter do you want to use? (Use arrow keys) ❯ Accounts Foo
[?] Which procedure do you want to invoke? (Use arrow keys) getAccountList ❯ getAccount
[?] Enter the comma-separated parameters: "111-001"
Invoking Accounts:getAccount...Arguments:[ "111-001” ]Invocation result:{ "id": "111-001", "balance": 623.45, . . .}
Interactively test the adapter
wl invoke Accounts:getAccount '["111-001"]’{ "id": "111-001", "name": "Checking", . . .}
Direct syntax
© 2014 IBM Corporation35
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation36
Rapid testing of hybrid apps with the Mobile Browser Simulator
Accurate simulation of the app’s HTML5 screens (e.g., right fonts, sizes, and layout) Supports Cordova and Worklight client API
© 2014 IBM Corporation37
Mobile Functional Test Tools Comprehensive, complete, resilient functional testing
Android and iOS, native and hybridHTML and JQuery
Record, edit, and run on mobile devices or emulator
Same test runs across multiple devices in the platform family
Natural language scripts can be used by developers and non-developers alike
Simple process
1. Record
2. Author
3. Playback
4. Report
© 2014 IBM Corporation38
Evidence-based prioritization – enable business and IT to collaborate on mobile strategy and user experience
Over the air app distribution – get the latest in the hands of testers as soon as it is available
Frictionless bug reporting – spend every minute on testing latest and greatest builds, not the hassles
In-app crash reporting – rapid understanding of why an app fails
Sentiment analysis – mine app ratings and reviews to extract actionable feedback before they go viral
Introducing IBM Worklight Quality AssuranceDelivers mobile app quality across a fragmented environment with end user feedback and quality metrics available at every stage of development.
QualityAssurance
User Feedback
Crash logs Bugs
© 2014 IBM Corporation39
Introducing IBM Worklight Application ScanningBased on AppScan v9.0
• A single Eclipse Integrated Development Environment (IDE). Scan existing code projects or Worklight Studio projects
• Native and hybrid mobile applications support
• Enhanced JavaScript analysis, which includes improved performance and additional framework support
• Optionally connect to IBM Security AppScan Enterprise Server to share scan configurations, filters, and custom rules across all projects
Application Scanning
Detect vulnerabilities at the time of code change to reduce risk of data leakage and breaches
© 2014 IBM Corporation40
Application Center for managing the app testing phase
Share apps across developers, testers, and other stakeholders
- iOS, Android, Windows Phone 8, BlackBerry 6 and 7
Developers• E
asily distribute app to testers
Testers• E
asily find apps and versions to test
Testers• P
rovide rating and feedback directly from the device
Developers• A
ccess all feedback in a centralized manner
© 2014 IBM Corporation41
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement with the enterprise
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation42
Protect data on
the device
Streamline
corporate
security approval processe
s
Proactively
enforce security updates
Provide robust
authentication and authoriza
tion to secure users
Protect From
Known Applicati
on Security Threats
Application Security Objectives
A quick overview of Worklight Security
Application Security Design: Develop secure mobile apps using
corporate best practices Encrypted local storage for data Offline user access Challenge response on startup App authenticity validation Enforcement of organizational security
policies
© 2014 IBM Corporation43
Proactively enforce security
updates
Remote disable
Direct update
Provide robust authentication and
authorization to secure users
Authentication
integration framework
Data protection
realms
Coupling device id with user
id
Streamline corporate security approval processes
Mobile platform as a trust
factor
Protect from Known
Application Security Threats
Code obfuscatio
n
SSL with server
identity verificatio
n
Proven platform security
Security Features Mapping
Device provisioni
ng integratio
n
App authenticity testing
Protect data on the device
Encrypted cache / DB
Offline authenticati
on
Secure challenge-
response on startup
© 2014 IBM Corporation44
User Authentication and Authorization
Very flexible framework for simplifying integration of apps with existing authentication infrastructure
Manages authenticated sessions with configurable expiration
Open: e.g., custom OTP as anti-keylogger mechanism
Server-side services grouped into separate protection realms for different authentication levels
Two-factor authentication using device id as “what you have” factor
Need to integrate with existing authentication infrastructure
Authenticate users when offline
Mobile passwords are more vulnerable
Provide robust authentication and
authorization to secure users
Authentication
integration framework
Data protection
realms
Coupling device id with user
id
© 2014 IBM Corporation45
Extensible authentication framework
Leverage open framework to integrate with enterprise authentication and authorization systems
Develop custom JavaScript or Java extensions to enable custom authentication approaches including multi-factor authentication and biometric credential collection
Use LTPA tokens when running on WebSphere Application Server
IBM Worklight Server
Session authentication
1. Call Protected Procedure
2. Request Authentication
© 2014 IBM Corporation46
User-certificate provisioning for client-side authentication
X509 certificates - Are installed on devices and can can be used to automate user authentication
Certificate provisioning options- For all apps on a device - For a particular app
Benefits- Cost saving: Certificates are typically provided by MDM solutions and is quite costly
(some charge $70 per device). - Usability: Simple, automated user authentication; User’s device does not need to be
managed by an MDM
© 2014 IBM Corporation47
Protecting data on the device
Encrypted JSON Store Offline authentication using password Extended authentication with server using secure challenge response App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through repackaging or
app forgery Device provisioning integration: allow for the authentication of devices in addition to apps and users
HTTPS/TLS based initiation of Worklight Server connectivity from WL Client runtime using FIPS 140-2 compliant libraries- Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user certificate- On top of the already compliancy for communication (data in transit) and for storage (JSONStore)
Device theftOffline accessPhishing, repackaging
Device provisioni
ng integratio
n
App authenticity testing
Protect data on the device
Encrypted cache / DB
Offline authenticati
on
Secure challenge-
response on startup
© 2014 IBM Corporation48
Application Security
Proven platform security: tested by the most demanding customers (e.g., top tier banks)
Client<->Middleware communications over HTTPS to prevent data leakage
Server certificate is automatically verified to thwart man-in-the-middle attacks
Developers can obfuscate application JS code to make static analysis more difficult
SQL adapter designed to mitigate SQL-injection
Built-in audit trail
HackingEavesdropping
Man-in-the-middle
Protect from Known
Application Security Threats
Code obfuscatio
n
SSL with server
identity verificatio
n
Proven platform security
© 2014 IBM Corporation49
Device Single Sign-On (SSO)
Enables a mobile user to authenticate once and gain access to all apps from the same organization (technically, with the same developer certificate) without re-authenticating.
Enhanced to support integration with DataPower, ISAM, and other gateways
App 1
secu
re M
ob
ile O
S ke
y store
WorklightServer
App 2
ID
Session x
Session y
Duplicate after receiving ID fro App 2
Implementation- Implemented using combination of
server-side capabilities (realms) and unique device identification (device ID)
- On successful login the authentication state is saved in the database and used for validations in subsequent sessions from the same device.
© 2014 IBM Corporation50
Enforcing security updates
Remote Disable: shut down specific versions of a downloadable app, providing users with link to update
Direct Update: automatically send new versions of the locally-cached HTML/JS resources to installed apps
Can’t rely on users getting the latest
software update on their own
Proactively enforce security
updates
Remote disable
Direct update
© 2014 IBM Corporation51
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement with the enterprise
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation52
Worklight Server: AdaptersRun time
Lightweight server-side logic to expose systems of records in a mobile-friendly way
- Automatic JSON transformation of enterprise data for quick transport and ease of consumption by mobile developer
- Server-side service composition to reduce number of requests over slow mobile network
- XSLT to reduce fat SOAP responses Security
- Automatic enablement of server-side authentication control and audit
Analytics- Automatic collection of user actions and device and app
properties Data sync
- Enables synchronization with on-device JSON Store Mobile user engagement
- Push notifications and geo-based event management Worklight Server
SQL / JDBC
ESB**
SOAP / HTTP
JMS
CAST IRON
REST
Java Extension
Node*
*As tech preview **Available with IBM Message
Broker
For the server developer JS anywhere: Simple APIs for server-side JavaScript
development Extensibility: Java API for custom adapters
For the client developer Easy-to-use, consistent client-side API to call any back-end
system
Enterprise back-ends and cloud servicesEnterprise back-ends and
cloud servicesEnterprise back-ends and cloud services
© 2014 IBM Corporation53
Automatic adapter generation for SOAP and SAP NetWeaver
Speed-up creation of mobile apps which interact with Enterprise back-end system of records
Reduce the amount to coding to zero or near-zero for invoking SOAP based web services and services from the SAP NetWeaver Gateway
Consume these services via the generated adapter from your web, hybrid, or native app
© 2014 IBM Corporation54
Unified Push Notifications
• Uniform access to push notifications providers‒ Register for, notify, and receive a notification via Worklight APIs or SMS
• Register for and send SMS based notifications‒ E.g., for feature phones
Back-end System
Back-end System
Back-end System
Back-end System
Polling Adapters
Message-based Adapters
Unified Push API
Notification State Database
User-Device Database
iOS Dispatcher
Android Dispatcher
Windows Phone Dispatcher
SMS Dispatcher
Apple Push Servers (APN)
Google Push Servers (GCM)
Microsoft Push Servers
SMS/MMS Brokers
Administrative ConsoleNotification statistics, SMS subscription control
Worklight Client-side Push Services
iOSPush API
Android Push API
WindowsPush API
Broker API
Worklight Client-side Push Services
Worklight Client-side Push Services
Optional 2-way SMS
© 2014 IBM Corporation55
Push notification enhancements in Worklight Foundation 6.2
Group notifications based on tags- Notifications are targeted to only a select set of users based on their topics of interest- Tags allow message producers / senders to segment devices - One or more tags can exist per application- Defined in application-descriptor.xml – created during deployment
Broadcast, unicast and narrowcast notifications New APIs available to send a notification to all the devices that installed the application
Also provides for an option to opt out of receiving broadcast notifications Enhanced APIs to send a notification to specific user or device that installed the
application Support for a notification targeted to devices of a particular platform that installed the
application
New server side REST APIs for device and subscription management
Improved scalability of the push infrastructure to handle large volumes of push messages
© 2014 IBM Corporation56
Two-way SMS communication
Why SMS?- For feature phone users: A preferred mode of interaction- For roaming users: When data roaming fees are not affordable- In emerging markets: More reliable than Internet connection
Mobile user enterprise- Sends SMS messages based
on keywords published by the enterprise
Enterprise mobile user- Responds to a user request - Initiates a new request by
sending an SMS notification to a subscribed user
Source of phone image: http://shmector.com/photo/3d_mobile_phone_icon/1-0-646
Backend ServiceWorklight
SMS Gateway
SMS HTTPS
SMS in Worklight- HTTP integration with SMS gateway or aggregator for the SMS delivery- Seamless backend integration, mapping of incoming SMS to the relevant
backend calls
© 2014 IBM Corporation57
Worklight Geo-Location Services
Store
Integrate context information with
business processes
Handle business events
Efficient, controlled acquisition of GPS,
triangulation, and Wi-Fi coordinates in
background and foreground
Define points of interest and geo-
fences
Trigger actions based on location
changes
Collect and use on the mobile device
Use on the server
Store while offline, Efficiently send to
server
API availability• Hybrid: iOS, Android, Windows
Phone 8• Native: IOS and Android
Scenarios debug-able with Worklight’s Mobile Simulator
Perform analytics
© 2014 IBM Corporation58
Mobile Data support: JSON Store
On-device, mobile database support- Embedded JSON mobile database- JavaScript APIs to store, query and update
the data in offline mode using MongoDB-like APIs
Encrypt sensitive data- Using a key provided by developer or
obtained as user’s password- FIPS140-2-compliant
Server-to-client Sync- Retrieve, store and keep data store up-to-
date using adapters Client-to-server Sync
- Simplify write actions on data while the app is offline and send these actions to the server
Enterprise API-based- Leverages corporate API / SOA layer to
access sensitive enterprise data
Back-end system or database
Corp
ora
te S
OA
/
En
terp
rise
Bus
Mobile App
JSON Store
Worklight Server
Worklight Adapter
JSON
XML, JDBC, …
API now available for native iOS and Android apps!
© 2014 IBM Corporation59
Extending enterprise services via USSD
Unstructured Supplementary Service Data (USSD) provides a cost-effective alternative to mobile apps in emerging markets where feature phones are still fairly common
USSD (Unstructured Supplementary Service Data) is a protocol used by GSM cellular telephones to communicate with the telecom provider.
Worklight will now enable the following:• Accept incoming requests from
a USSD gateway and map the USSD short codes to corresponding Worklight adapters
• Construct and respond with USSD menu options
• Invoke corresponding backend services via Worklight adapters
© 2014 IBM Corporation60
Example: Mobile app using Worklight for USSD communication
USSD Gateway
Worklight
Enterprise backend
HTTP/S
Mobile User dials USSD short code
say, *123#
Telco forwards this to a USSD
gateway
Gateway maps the short code to a known URL provided by the
enterprise and creates the USSD
session
Worklight responds to the gateway request with the USSD menu options (configurable)
Enterprise
Adapter
© 2014 IBM Corporation61
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement with the enterprise
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation62
Managing mobile apps with the Worklight Console
Supports multiple versions on the same platform
Device specific versions are uncoupled
© 2014 IBM Corporation63
The Worklight Console supports several Worklight projects
Ability to administrate several project WAR files deployed on the same topology (WAS ND cluster, single server, farm of servers) with a single console
New console page allows navigation between several runtimes
Simplified navigation for a single project runtime use case
© 2014 IBM Corporation64
Administrators can use CLI or REST API for management tasks
REST API for all administrative operations- List, deploy, delete and change applications and adapters- Device management API- Secured with basic authentication- Role-based access- XML and JSON payload
Ant tasks for all administrative operations- Same feature set as REST services- ANT tasks defined in worklight-ant-deployer.jar- Supports SSL and password encryption in ant files- Role-based access
Command Line Interface for all administrative operations- Command line version of ant tasks- Role-based access
© 2014 IBM Corporation65
Examples of REST API, ANT tasks, and CLI
REST services
• Get all applications or post a new one /management-apis/1.0/runtimes/{runtime-name}/applications
• Get or delete an application /management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
• Retrieve or delete an adapter /management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
• Lock an application version /management-apis/1.0/runtimes/{runtime-name}/applications/{app name}/{environment}/{version}/accessRule
Ant tasks
• <wladm url=... user=... password=...|passwordfile=... [secure=...]> • <list-apps runtime=... />• <delete-app-version runtime=... name=... environment=... version=... />• <deploy-adapter runtime=... file=... />• </wladm>
Command Line interface
• wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name]• wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name environment version• wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter
© 2014 IBM Corporation66
Worklight Console and CLI secured by default
Standard JEE security is used in the console and CLI tools
Login / Logout from the console out of the box
Role based access to the console
Simplified connection to user repositories- Use standard role mapping in WAS
console , Liberty , Tomcat
© 2014 IBM Corporation67
Role based access to administration tasks
Role Description
monitorAbility to view the deployed Worklight projects and the deployed artifacts, this role is a read-only role
operator
Can do all mobile application management operations but cannot add or remove application versions or adapters.
deployer same role as operator but can also deploy apps and adapters.
administrator
Ability to do all application management operations including the ability to add new versions of applications and add and remove adapters. The app administrator can also configure more information on the application itself such as runtime specific settings such as SMS proxy configuration.
© 2014 IBM Corporation68
Disable a mobile app using the Worklight Console
Remote Disable: Deny access to an app of a specific version on a specific environment
• Ensure users use the latest security fixes• Avoid using previously installed old versions that are no longer
supported
© 2014 IBM Corporation69
Direct Update for mobile apps on the device
1. Web resources packaged with app to ensure initial offline availability
2. Web resources transferred to app's cache storage
3. App checks for updates on startup and foreground events
4. Updated web resources downloaded when necessary, with user confirmation or silently
Worklight Server
Native Shell
Pre-packaged resources
Download
Update web resource
App Store
Web resources
Cached resources
Transfer
Check for updates
1
2
3
4
© 2014 IBM Corporation70
Enhancements to Direct Update in Worklight Foundation 6.2
Direct Update is now integrated into the Worklight Server security framework and exposes a client-side API for better control and customization:- Control when to invoke Direct Update
• perSession, perRequest, or custom• Disable Direct Update for an app
- Replace the default behavior and UI with a branded one
Description JavaScript
Direct update events listener class name
WLDirectUpdateListener
Invoked by WL framework once direct update has started
onStart(statusJSON)
invoked by WL framework once HTTP chunk has been downloaded
onProgress(statusJSON)
invoked by WL framework once direct update has finished (with either success/failure)
onFinish(statusJSON)
STARTEDDOWNLOAD_IN_PROGRESSUNZIP_IN_PROGRESSSUCCESSFAILURE_NETWORK_PROBLEMFAILURE_DOWNLOADINGFAILURE_NOT_ENOUGH_SPACEFAILURE_UNZIPPINGFAILURE_ALREADY_IN_PROGRESSFAILURE_UNKNOWN
© 2014 IBM Corporation71
Remote-controlled client-side log collection
Worklight provides Native and JavaScript API for client-side logging
Administrator defines log collection profiles on the server which are automatically retrieved by the Worklight client-side runtime- By default sent on init, resume, and 75% full – can be customized
Administrator can perform analysis and text search of client-side logs via server-side analytics console
© 2014 IBM Corporation72
Unified Client and Server Analytics
Out-of-the-box analytics address the following:- User adoption, device and app properties- User actions and called adapter procedures- Performance and data usage information - Exceptions, crashes, logs, response time- Geolocation data
Analytics component now provided in a WAR for simple install and administration
© 2014 IBM Corporation73
Service integration analytics
Robust analytics for adapter usage including average response time, average data usage, and server usage statistics
© 2014 IBM Corporation74
Server and Client log inspection made easy
Worklight Analytics Console enables easy searching of both client and server logs
© 2014 IBM Corporation75
Agenda
① The high cost of building mobile apps
② The IBM Worklight value proposition for digital agencies
③ How IBM Worklight saves cost?
④ Looking at Worklight in depth
① Accelerating development
② Shortening the mobile app lifecycle management
③ Securing the mobile ecosystem
④ Enabling user engagement with the enterprise
⑤ Managing the mobile ecosystem
⑤ Summary
© 2014 IBM Corporation76
• Tooling for HTML 5 development and device adaptation• Application lifecycle management of HTML5 artifacts• Leveraging de-facto standards to provide added value for developers
Standards-based
• Native / hybrid / web• Full coverage of the hybrid spectrum• Leverage any 3rd Party JavaScript Framework: More Choice!
Flexibility and choice
• For developers: easy learning curve, small number of programming models, JS anywhere, small footprint
• Collaborative development• Quick and Easy Installation and deployment
Consumability
• Flexible security model• Portfolio integration• Advanced in-app security features
Security
• IBM products already leveraging Worklight as a mobile standard• Starting to build a catalog for third-party APIs• MobileFirst Solutions for Testing, Team Dev, Analytics, Security and Mgmt
Ecosystem
IBM Worklight Key Differentiators
© 2014 IBM Corporation77
1 Download the free IBM Worklight Developer Edition: ibm.co/worklightde
Talk with your IBM representative or Business Partner to find the right next step for you2
3 Learn more at www.ibm.com/mobile-enterpriseInteract with us @ibmmobile and #ibmmobile
Three Ways to Get Started with IBM
© 2014 IBM Corporation78
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
http://www.ibm.com/developerworks/mobile/worklight