Welcome!

Cloud Expo Authors: Elizabeth White, Scott Bampton, Anne Buff, Gilad Parann-Nissany, Yeshim Deniz

Blog Feed Post

Intel Expressway API Manager and The Rise of Mobile Middleware

I just returned from an exhilarating trip to the Gartner AADI show in Las Vegas last week. There are a lot of exciting things happening at Intel in the Data-center Software Division (DSD), especially with respect to the Expressway Product Line.

First, we had our first live demo of the integrated solution that showcases Intel(R) Expressway API Manager and the Mashery API Management Portal. This is a true best of breed match between what we think is one of the best security gateways in the market and the de-facto market leader in API management, bringing the best possible product set to our end customers.

Second, we did multiple workshops with Gartner visionary Appcelerator. They make a slick cross-platform mobile development environment that produces native code for mobile applications, and the cool part is that the developer only has to write their code in JavaScript. So you can think of their tool as a cross-compiler that churns out native code optimized for Android, iOS, Blackberry and Windows devices but  only requires the developer to have a working knowledge of JavaScript.

The combination of Appcelerator Titanium and Intel(R) Expressway API Manager is a killer best of breed architecture for jumpstarting an Enterprise ready native mobile application. In fact, we showed a live proof of concept that went from a non RESTful back-end to a native application running on an iPhone with Enterprise grade data level security controls in 15 minutes.

Enterprises and Native Mobile Applications

Let’s walk through the scenario. Suppose you are a large Enterprise and you want to get a mobile project going at your enterprise. Furthermore, you don’t really want to compromise with HTML5 – native applications typically provide the best performance and device integration. Here are some of the hurdles – first you will likely have fragmentation in your data-center. You probably have:

  • Disparate middleware and database technologies
  • Disparate identity management silos
  • Disparate programming languages, with different levels of expertise
  • Current architecture optimized for web browsers, e.g. n-tier designed for a thin/dumb client
  • Vertical integration prohibits cloud outsourcing
  • Inconsistent security model across domains

And now, on top of these challenges you want:

  • BYOD with enterprise native mobile applications
  • Low development costs
  • Fast time to market
  • Robust security for Enterprise data

API Enabling Your Existing Architecture

Mobile applications have tremendous value for a mobile sales force. The example we took was a sales manager who is on the road and wishes to access enterprise data securely, directly from the mobile device. We took two examples of data – localized revenue information and the protection of personally identifiable information. In the first example this is a revenue report of local retail stores, which might be accessed by a manager on the road using the location of the tablet or smartphone.

In the second example we can take that same manager and assume he is hiring new employees and has to enter sensitive personally identifiable information (PII) such as a social security number, name, address, date of birth or maybe a driver’s license number.

Here is what the architecture looks like:

 

 

 

On the right hand side we have the Enterprise and the existing architecture. In this example we assumed the Enterprise has a RESTful service for handling new hire information and a SOAP web service for querying revenue information. Further, we assumed the Enterprise currently uses Active Directory for its identities.

Using the Intel(R) Expressway API Manager as a mobile middleware we can put a RESTful facade in front of these disparate systems and expose two simple endpoints for the mobile device. Further, the gateway performs important functions, including:

  • The termination and acceleration of SSL (remember, with mobile, you may easily scale to hundreds of thousands of individual “apps”, all hitting the back-end infrastrcture)
  • Perimeter security for content based threats, such as SQL injection
  • Delegated authentication to the Enterprise LDAP based on an API key in the request
  • Throttling of requests, including denial of service protection (remember, again, with mobile devices there could be thousands)
  • Optimization of content sent back to the device. In our example we showed the transformation of XML to JSON, which is optimized for the mobile phone
  • Data protection, including format preserving encryption, a special mode of AES that prefers the length and character set of data-types. This is especially useful for handling the new hire information, such as the social security number
  • Routing and composition of data accessed form multiple databases. Mobile applications may need to aggregate data from multiple databases, combine it into a single response before it is sent to the mobile device

The best part about the Intel(R) Expressway API Manager is that this entire flow can all be designed in Eclipse using drag-and-drop actions. No coding is required. If you are looking for a quick way to jump-start a native mobile application at your enterprise with minimal back-end changes, give us a shout. We may be able to help!

-Blake

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@CloudExpo Stories
SYS-CON Events announced today that Stratogent will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Stratogent is a custom managed services organization based in San Mateo, California. We design, implement, and support mission critical infrastructure 24x7 on premises, in datacenters and in the Cloud. Since 2005, we have acted as an extension of internal IT teams, achieving a customer reten...
SYS-CON Events announced today that Harbinger Systems will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Harbinger Systems is a global company providing software technology services. Since 1990, Harbinger has developed a strong customer base worldwide. Its customers include software product companies ranging from hi-tech start-ups in Silicon Valley to leading product companies in the US a...
SYS-CON Events announces a new pavilion on the Cloud Expo floor where WebRTC converges with the Internet of Things. Pavilion will showcase WebRTC and the Internet of Things. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices--computers, smartphones, tablets, and sensors – connected to the Internet by 2020. This number will con...
The only place to be June 9-11 is Cloud Expo & @ThingsExpo 2015 East at the Javits Center in New York City. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT & Big Data companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterprise. Speakers from all over the world will be hand-picked for their ability to explore the economic...
When an enterprise builds a hybrid IaaS cloud connecting its data center to one or more public clouds, security is often a major topic along with the other challenges involved. Security is closely intertwined with the networking choices made for the hybrid cloud. Traditional networking approaches for building a hybrid cloud try to kludge together the enterprise infrastructure with the public cloud. Consequently this approach requires risky, deep "surgery" including changes to firewalls, subnets...
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, has been named “Bronze Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Cloudian is a Foster City, Calif.-based software company specializing in cloud storage. Cloudian HyperStore® is an S3-compatible cloud object storage platform that enables service providers and enterprises to bui...
SYS-CON Events announced today that Gridstore™, the leader in software-defined storage (SDS) purpose-built for Windows Servers and Hyper-V, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Gridstore™ is the leader in software-defined storage purpose built for virtualization that is designed to accelerate applications in virtualized environments. Using its patented Server-Side Virtual C...
As the Internet of Things unfolds, mobile and wearable devices are blurring the line between physical and digital, integrating ever more closely with our interests, our routines, our daily lives. Contextual computing and smart, sensor-equipped spaces bring the potential to walk through a world that recognizes us and responds accordingly. We become continuous transmitters and receivers of data. In his session at Internet of @ThingsExpo, Andrew Bolwell, Director of Innovation for HP’s Printing a...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, will discuss how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP ...
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at Internet of @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., will show what is needed to leverage the IoT to transform...
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are conf...
We are all here because we are sold on the transformative promise of The Cloud. But what good is all of this ephemeral, on-demand infrastructure if your usage doesn't actually improve the agility and speed of your business? How must Operations adapt in order to avoid stifling your Cloud initiative? In his session at DevOps Summit, Damon Edwards, co-founder and managing partner of the DTO Solutions, will highlight the successful organizational, process, and tooling patterns of high-performing c...
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurri...
SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue bu...
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace. ...
Seagate has a strong track record of collaborating with others to develop better cloud solutions. The Seagate Cloud Builder Alliance program, for example, leverages the company’s knowledge of storage and cloud-optimized solutions to give cloud service providers the customized, flexible and scalable server and storage solutions to meet the high levels of service their customers demand. Seagate also is a member of the OpenStack Foundation and Open Compute Project to help define and promote open-so...
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce t...
What process has your provider undertaken to ensure that the cloud tenant will receive predictable performance and service? What was involved in the planning? Who owns and operates the data center? What technology is being used? How is it being supported? In his session at 14th Cloud Expo, Dave Weisbrot, Cloud Business Manager for QTS, will provide the attendees a look into what it takes to stand up and stand behind a highly available certified cloud IaaS.
SYS-CON Events announced today that Gigaom Research has been named "Media Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Ashar Baig, Research Director, Cloud, at Gigaom Research, will also lead a Power Panel on the topic "Choosing the Right Cloud Option." Gigaom Research provides timely, in-depth analysis of emerging technologies for individual and corporate subscribers. Gigaom Research'...
I'll be hosting an SAP HANA Cloud webinar at 11am eastern time, Wednesday, October 29. You can sign up now. Featured speakers will be Allan Adler, Managing Partner, Channel Cloud Consulting, and Thorsten Leiduck, VP ISVs & Digital Commerce, SAP. Attendees will learn about • Cloud economics, hybrid cloud strategy, market size and opportunity • Introduction to SAP HANA Cloud Platform and how to: - Build new next-generation applications - Extend on-premise solutions non-disruptively throu...