ENTERPRISE MOBILE DEVELOPMENT

estrapadetubacityMobile - Wireless

Dec 10, 2013 (3 years and 8 months ago)

299 views




ENTERPRISE MOBILE DEVELOPMENT


TRENDS AND
BEST PRACTICES




Page
1


© Alliance Global Services 2013

TABLE OF CONTENTS

1.

Introduction


2.

Framework to develop multi
-
platform mobile apps

3.

Key Considerations in Mobile App
development

3.1

Which is the right choice
choose Native or Hybrid or web?

3.2

Careful Architecture from the beginning

3.3

User Interface

3.4

Security Measure

3.5

Continuous Integration (CI) for mobile App

4.

Pros and Cons of
Native, Web
and

Hybrid

5.

Preferred Hybrid model
-

PhoneGap with jQuery
Mobile

6.

Native App for iOS platform


A case study

7.

Conclusion



Page
2


© Alliance Global Services 2013

1.
INTRODUCTION


Enterprise
mobile
app development
is

one of
highest priority business goals

for
any
organizations and it is changing
the way
organizations

do
their
business

now
and
help
ing

them
leverage
relevant
data to reach out to their customers
more
efficiently and
effectively.

The challenge of building an app with the right mix of features, performance
and platform support at an affordable
cost

requires
industry
to decide whether
to bui
ld a native, web and hybrid app
.

This paper explains some of the general
best practices followed in mobile
development
with different approaches used to develop the apps. This paper
also highlighted some of the key consideration
s

that
an
o
rganization
needs to
follow
when
providing
a
solution for
Enterprise Mobile
app

development.


2.
Framework
s

to develop multi
-
platform mobile apps

With the increasing popularity
of
smartphones devices, the market for
developing applications for such devices
has

been grow
ing rapidly
.
At the
beginning, the development was primarily focused in
developing in single
native
platform like iOS,
Android
, Windows
;

but
with the rise in demand from
customer
to
develop apps quickly which can run on
varied device platforms
,

the
popularity of
Hybrid app which
provides a cost
-
effective solution for a very wide
range of downloadable app types
,

is increased.

Hybrid apps development acts as a bridge between
native app

and web app;

it
offers a blend of native
and web
development
features
.

We
achieve

the
web app
characteristics

like

rapid
development, support of cross platform and lower
maintenance cost

and long term solution;
It
also leverages the best
features
of
native apps like full

device integration
, native look
-
and
-
feel and

app sto
re
distribution.

The main advantages of using Hybrid technologies are speed to market and
easier maintenance of one app instead of multiple apps.



Page
3


© Alliance Global Services 2013


As workers increasingly use their own and corporate mobile devices in the
workplace
,

the necessity of

offering software and t
ools across multiple platforms
while keeping development costs down, will drive businesses towards hybrid
app development


said
Van Baker
, research vice
president at Gartner
.

“Our advice would be to assume the enterprise will have to manage a large and
diverse set of mobile applications that will span all major architectures,”
---

Van
Baker
, research vice
president at Gartner
.

“Enterprises should consider how applications can

be enriched or improved by
the addition of native device capabilities and evaluate development frameworks
that offer the ability to develop native, hybrid and Web applications using the
same code base. Where possible, development activities should be cons
olidated
via cross
-
platform frameworks.”

According to
Gartner,

more than half of mobile apps deployed by enterprise by
2016 will be
hybrid
.


3.

Key Considerations in Mobile App
D
evelopment

3.1


Which is the right choice



n
ativ
e,
h
ybrid or
w
eb
?

T
he debate over native vs
.

w
eb

or
h
ybrid
a
pp development has been ongoing
.
We need to make
a careful study of the business need
before

we

decide

any
app
development approach
, although s
ometimes we need to go with what
a
client suggests based on
their strategic and future roadmap.

I
n

general,
the
f
ollowing are
a

few
of the
aspects that we need to watch out bef
ore proposing
which platform is ideal for mobile app development.



Superior user experie
nce and responsiveness



Scalability i.e. supporting multiple platforms



A
ccess to handset information and properties (Address books)



Access to device capabilities such as GPS
camera, microphone,

gyroscope, accelerometer, file upload



offline work (Offline
storage)



Page
4


© Alliance Global Services 2013



C
onsistent UI look (buttons and other layout components)



App store distribution

If
a

business needs

an app with
a
lot graphics
intensive operations,
animations with real time calculation which we see in
game
s
, native is best
suited for such
a
requirem
ent
.

A
business application
which
targets multiple platforms;
requires wide
consumer distribution
and full device integration (
a
ccess to device
capabilities
) should
adopt

Hybrid app development

approach
.

3.2
Careful Architecture from the
B
eginning

Consider the
structure of your final application before you start coding
. Your
architecture should be
more flexibl
e to adopt rapidly changing mobile
technology and upcoming feature without rewriting code from scratch
.

If the client expects the app
t
o
work across
platforms, definitely Hybrid
development model is best option and will give more flexibility to adopt the
changes.


If it’s a native application,

the
push and pull data from the server
through
services are done
typically through REST APIs

using JSON format
. It is
recommended that Native app

should be
designed and developed u
sing MVC
and Delegate patterns that
leverages the ARC (Automatic Reference
Checking) to keep track of the Object references and memory management
.

3.3
User Interface

Every platform has it
s own flavor when it comes to user interface design and
other usability factors and
functionality of any app should reflect the visual
and interactive design conventions of the platform it’s running on.

An
Android app

should not
look like iPhone apps

or vice versa
.

D
esigning a UI for non
-
touchscreen phones is very different from that of
designing for touchscreen phones
.

For example touch screen for iOS,
Android and web vs. keyboard for blackberry
,
another one

the Large UI
elements suitable for Android

will certainly not fit into Blackberry.



Page
5


© Alliance Global Services 2013

A native app for
game
-
like applications
would definitely
require

a
highly
rich
UI
with
real
-
time
responsiveness.

3.4


Security Measure

Information is the key asset in every organization
. We need to understand
the risks associated with
valuable or sensitive information while
storing it
locally in device and
making it readily available
.

We need to make sure the data access,
usage and recovery policies are
in
comply with Sec
urity policy
and best practices and the apps are well tested

to minimize the
v
ulnerabilities

of sensitive data
.

Following
a
re noteworthy
po
ints
to keep in mind.



User Authentication

and Authorization

Authentication

and

authorization

aspect of the security is very

crucia
l
as
enterprise
s

are
providing
more and more
easy access
to the
enterprise data through mobile apps and we need to do proper
analysis to apply some of the security protocols like
OAuth, OpenID

and SAML

for
getting secure access to resources and

services
.

The most

common authentication function is
User
ID and password.

Windley (2005) defined strong authentication is an

authentication
method that required two or more credentials

like
User
ID/password
combination plus certificate.


“Authorization is the proce
ss of determining whether an

already
identified and authenticated user is allowed to access

information
resources in a specific way.” (Todorov, 2007)



Encryption

of in
-
transit data

We need to apply appropriate encryption mechanism while
transferring
user
data i.e. authentication data, session data or any
other personal data.

Use SSL or TSL to protect
this

kind of in
-
transit

data
.





Page
6


© Alliance Global Services 2013



Encryption

of user data stored locally

Even when we store any sensitive user data in local storage of any
smart phone, we should

encrypt those

data
.

Sensitive information

like
user id, password, email address, SSN numbers which are used for
authentication

purpose should be encrypted.



Password protection of file with sensitive data stored locally

We need to be aligned with client’s
information protection policy. For
example a patient report in Health care domain needs to
be
password
protected before
storing in the device as per their information security
compliance.

3.5


Continuous Integration
(CI) for mobile
a
pp



What is CI?

Continuous Integration is a software development practice where
members of a team integrate their work frequently; usually each person
integrates at least daily
-

leading to multiple integrations per day. Each
integration is verified by an automated build
(including test) to detect
integration errors as quickly as possible. Many teams find that this
approach leads to significantly reduced integration problems and allows
a team to develop
cohesive software more rapidly
.

--

Martin Fowler (
w
idely recognized
as one of the key founders of Agile
methods)



Page
7


© Alliance Global Services 2013




What is required

to set CI platform
?



Source Control System [TFS/CVS/SVN/GIT, etc.]



Jenkins Build Server with master and slave nodes

o

Mac OS X Machines [Required for IOS Build, can be used for
android]



ANT



Xcodebuild (required to build the xcode project)



Git
-
tf (git interface for TFS) and TEE
-
CL (Team Explorer
Everywhere)



Wod (A ruby gem, to automate the Apple Developer
Portal)

o

Windows Machines [for Windows Phone Builds, can be used for
android]



Page
8


© Alliance Global Services 2013

o

FoneMonkey f
or Test Automation on Android and IOS.

o

TestFlightApp.com for IOS Test Build Distribution.



Ad hoc/Enterprise distribution for beta testing

TestFlight is a web based service used to manage Apple's beta and
internal distribution.

TestFlight

follows Apple's distribution guidelines
which includes the following:



When an app is built and needs to be sent out to multiple devices it
needs to be built with a distribution provisioning profile (Ad Hoc or
Enterprise)



Once the binary has been compiled
with a valid distribution
provisioning profile and packaged as an IPA, it is ready to distribute.

There are two
types of provisioning profiles, development and
distribution. Development profiles should only be used when debugging
the application on you
r own device. When you are ready to send out your
application to other users you must use an ad hoc or enterprise
distribution provisioning profile.

We will need an Apple
d
eveloper or Enterprise account to prepare an .IPA
to be distributed.

The general pr
ocess for TestFlight
:



In TestFlight:



Developer

signs up and creates a team



Invite people to join their team



People accept, create a TestFlight account and connect their device to
their account.




Once they connect their

devices, the UDIDs for the
devices show up
under their account on the Developer's team.


Outside

of

TestFlight
:






Page
9


© Alliance Global Services 2013



Developer

adds the UDIDs to the
Apple

Developer Portal



Downloads a
provisioning

profile.




Applies the provisioning profile to the build



Developer compiles and uploads
the build to TestFlight



In TestFlight:



Developer
enables

team

members to receive the build




Submits
and

distributes


4.

Pros and Cons of Native, Web and

Hybrid


Pros

Cons

Native
Apps

1.

Superior user experience
and responsiveness and
app with heavy
graphic
s

like Games

2.

Useful especially for
applications that are
transactional or in use
cases where a user has to
interact

3.

Can work around browser
limitations

4.

Provide better/tighter
access to handset
information and properties
(such as address book)

5.

Can wo
rk in offline mode

6.

Native apps get better
ratings than web apps
because of their consistent
look (buttons and other
layout components) and
way better performance

1.

Not a scalable model. With
multiples operating systems,
it is difficult to keep
supporting new

OS versions
and different SDKs

2.

Development time, cost and
ongoing maintenance cost is
higher.

3.

Require specialized
knowledge of proprietary
SDKs

4.

Difficult to upgrade


Web
Apps

1.

Offers fast development,
simple maintenance, and
full application portability
.
1.

A browser
-
based paradigm is
not very efficient when you
have to transact or interact.


Page
10


© Alliance Global Services 2013

One mobile web app works
on any platform.

2.

Most useful for content
centric, read
-
only use
cases where information is
mostly consumed

3.

Can target many more
different types of devices
without significant
additional investments. So
a much more scalable
model

4.

Based on open standards

For example, an IM using
browser is certainly not the
best way to chat

2.

Not all devices and browsers
support similar capabilities.
So the
ultimate

experience
might just not be “good
enough”

3.

Not effective for offline
applications or application
that requires access to device
capabilities such as GPS or
camera

4.

Can’t handle heavy graphics.
Can’t access camera or
microphone

Hybrid

App

1.

Enable quick
ready to
market solution and easier
maintenance of one app
instead of multiple apps

2.

Combines the development
speed of mobile web apps
with the device access and
app store distribution of
native apps.

3.

Consumer
-
focused apps
with moderately graphical
interfac
e. Business
-
focused apps that need
full device access.


1.

Can’t handle heavy graphics.
Requires familiarity with a
mobile framework




5
.
Preferred Hybrid model
-

PhoneGap

with j
Q
uery
Mobile

There
many
frameworks
available now to
enable cross
-
platform
mobile
development
. Some of the popular
frameworks are

PhoneGap
,
Appcelerator
Titanium
, Sencha Touch,
Tiggzi
,
AppMakr
,
NS Basic/App Studio
.




Page
11


© Alliance Global Services 2013

Out of all the frameworks mentioned above,
PhoneGap

with j
Q
uery
Mobile
is
the most popular
and is

open source
.
jQuery Mobile is
a
UI framework

to be
used in multiple
mobile
device
s. This

framework makes your UI development
much faster by leveraging
its

rich JS and CSS librar
ies. The framework takes
care
of
variety of
challenges related to
screen resolution
, screen sizes, UI
controls for different devices.

Once the web app is ready using jQuery Mobile framework, we
use PhoneGap to
package
our

work for specific mobile
platform.

This
PhoneGap
wraps
the web
as
a native app

on each platform
to
access native device functionality like the
camera, contacts, file system, etc
.



Summary
of the framework:



Uses
HTML
, CSS

and JavaScript to build apps



Provides access to phone features like GPS



Supports iPhone/iPad, Android, Palm,
Blackberry and Symbian
,
Windows



Page
12


© Alliance Global Services 2013

With just PhoneGap, we need to compile these PhoneGap apps locally using
Xcode, Eclipse and native SDK for each platform. This drawback is overcome by
a
nother extension

of PhoneGap called PhoneGap Build which is a
cloud

base
d
Build Service from Adobe

to compile and package the PhoneGap applications
.

With this service,
we

can upload

the source code to

PhoneGap Build
using a zip
file or through a git repository and trigger a build which will create the
application packages for

each selected platform.


6. NATIVE APP FOR IO
S

PLATFORM



A CASE STUDY


Alliance has built a strong
m
obility practice over the last few
years with
matured engineering best practices

for Native, web or cross
mobile
application
development
.



About the
Application

This
h
ealth care
system

takes care of end to end
EMR
(Electronic

Medical
Record)

solution

to help leading practices
meeting health care

requirements
quickly and efficiently
.

This system is used by
leading health care company
which

provides the
next
-
generation ambulatory cardiac monitoring service with
beat
-
to
-
beat, real time analysis, automatic arrhythmia detection and wireless
ECG transmission
.

This is a classic
mobile enablement project where client wanted
to access the
current functionality

o
f existing applications on iOS devices


iPad and iPhone
.
The current web application has limited reach and not exposed to other
application. Client wanted to enhance the reach by making this application
available on iOS devices to keep pace with the compe
tition and gain market
share.



HIPPA compliance

The project
designed and implemented in such a way that it meets required
HIPPA
compliance (Health Insurance Portability and Accountability Act). Some
of the HIPPA compliance requirements:



Security :




Page
13


© Alliance Global Services 2013

o

Authorization and authentication of the system

o

User Session time out if the application is inactive for more than
certain time



Offline Storage & Security
:

o

Medical
records (
PDF files) are stored password protected in local
storage with option to change the

passcode
.
option

for user
is
prompted
to enter passcod
e if passcode was not available
while the
PDF is saved first time
.

o

All the information stored locally in the device are encrypted with
authenticated proven encryption mechanism.

o

Functionality to decry
pt and encrypt all PDF files when passcode is
changed in the foreground and background



UI Consistency : The mobile app UI are kept consistent with the web UI in
most of the Medical report or patient enrollment forms


Application consists of two main compon
ents
Backend Services

and the
Native
IOS application
.



K
ey
S
olution
H
ighlights



Single native application for both iPad and iPhone

as per client’s
preferred business mobile platform



Web Services
(WCF
services
) are Restful services built around the
existing
web application’s Business Logic Layer and Service Layer to
expose the limited/required functionality




Services are exposed in REST (Representational State Transfer)
format to the mobile application using JSON Serialization.



Enabling offline R
eports
storag
e
in the devices in a securely encrypted
format (256 bit AES Encryption) to access the reports without having
to connect to the internet



Authentication is done when user will send a request to Access
Mobile Services
.

Once the user
is authenticated through

login
credentials, a token will be sent
in

response. Any subsequent request


Page
14


© Alliance Global Services 2013

will carry this token in request headers and that token will again be
validated using authentication service before sending the response.




Backend Services

These services are
built using WCF REST Services around the existing
Access Business Logic Layer, these services expose the data in JSON and
ATOM formats to the clients over SSL channel to encrypt the data in the
transport layer, all the services calls are authenticated and
authorized
before responding with result.


Technologies and Tools used
:



Microsoft Visual Studio 2010



Microsoft .NET Framework 4.0



WCF Services



Microsoft Unit Testing



Fiddler





Page
15


© Alliance Global Services 2013



Native IOS Application

IOS Application is built using Native IOS Framework using
Object C
language; this application designed and developed using MVC and Delegate
patterns, leverages the ARC (Automatic Reference Checking) to keep track of
the Object references and memory management.



Technologies and Tools used
:



XCode 4.5



Cocoa Framew
ork



SQLite / Core Data



TestFlightApp for Testing.


7.
CONCLUSION

I
n today’s world mobile app plays a crucial role and slowly
,

enterprises are
adopting mobile technology
to meet
growing

market demand and
increase the
reach
of the customer. The
preferred approaches of developing mobile app are
driven by many factors like device specific
functionality
of the app, project
timeframe
,

project
budget,
customer’s preference
and
organization’s roadmap
towards enterprise mobility.



Each method
of
develo
pment
comes with its
inherent
of pros and cons.

Despite
all
advantages and disadvantages of each approach,

an organization should
provide a
futuristic mobile app solution which is scalable, maintainable,
secured,
and cost
-
effective
that
support
s

cross platform.


As a mobile applicati
on development strategy, compa
nies

tend to

choose hybrid
app

approach

for
most
of their

business application

to

manage a large and
diverse set of mobile

devices and platforms
,

while keeping development costs
down
.






Page
16


© Alliance Global Services 2013








About Alliance Global Services

Alliance Global Services is a software development firm that partners with software, technology

and information
-
intensive businesses on their mission critical work. Alliance architects
, builds and
tests

software applications, pla
tforms and products that become primary drivers of innovation and
revenue growth for its clients and their businesses. Alliance is recognized for driving quality and
speed
-
to
-
market when business success depends on The Software Inside
TM
. Founded in 1994,
A
lliance is headquartered in suburban Philadelphia, Conshohocken, PA. For more information,
visit

www.allianceglobalservices.com
.

Corporate Headquarters

Six Tower Bridge | 181
Washington Street, Suite 350 | Conshohocken, PA 19428

Phone: 610.234.4301 | info@allianceglobalservices.com |
www.
allianceglobalservices.com