Welcome!

@CloudExpo Authors: Kevin Benedict, William Schmarzo, Elizabeth White, Liz McMillan, Pat Romanski

Blog Feed Post

Intel Expressway API Manager and The Rise of Mobile Middleware

I just returned from an exhilarating trip to the Gartner AADI show in Las Vegas last week. There are a lot of exciting things happening at Intel in the Data-center Software Division (DSD), especially with respect to the Expressway Product Line.

First, we had our first live demo of the integrated solution that showcases Intel(R) Expressway API Manager and the Mashery API Management Portal. This is a true best of breed match between what we think is one of the best security gateways in the market and the de-facto market leader in API management, bringing the best possible product set to our end customers.

Second, we did multiple workshops with Gartner visionary Appcelerator. They make a slick cross-platform mobile development environment that produces native code for mobile applications, and the cool part is that the developer only has to write their code in JavaScript. So you can think of their tool as a cross-compiler that churns out native code optimized for Android, iOS, Blackberry and Windows devices but  only requires the developer to have a working knowledge of JavaScript.

The combination of Appcelerator Titanium and Intel(R) Expressway API Manager is a killer best of breed architecture for jumpstarting an Enterprise ready native mobile application. In fact, we showed a live proof of concept that went from a non RESTful back-end to a native application running on an iPhone with Enterprise grade data level security controls in 15 minutes.

Enterprises and Native Mobile Applications

Let’s walk through the scenario. Suppose you are a large Enterprise and you want to get a mobile project going at your enterprise. Furthermore, you don’t really want to compromise with HTML5 – native applications typically provide the best performance and device integration. Here are some of the hurdles – first you will likely have fragmentation in your data-center. You probably have:

  • Disparate middleware and database technologies
  • Disparate identity management silos
  • Disparate programming languages, with different levels of expertise
  • Current architecture optimized for web browsers, e.g. n-tier designed for a thin/dumb client
  • Vertical integration prohibits cloud outsourcing
  • Inconsistent security model across domains

And now, on top of these challenges you want:

  • BYOD with enterprise native mobile applications
  • Low development costs
  • Fast time to market
  • Robust security for Enterprise data

API Enabling Your Existing Architecture

Mobile applications have tremendous value for a mobile sales force. The example we took was a sales manager who is on the road and wishes to access enterprise data securely, directly from the mobile device. We took two examples of data – localized revenue information and the protection of personally identifiable information. In the first example this is a revenue report of local retail stores, which might be accessed by a manager on the road using the location of the tablet or smartphone.

In the second example we can take that same manager and assume he is hiring new employees and has to enter sensitive personally identifiable information (PII) such as a social security number, name, address, date of birth or maybe a driver’s license number.

Here is what the architecture looks like:

 

 

 

On the right hand side we have the Enterprise and the existing architecture. In this example we assumed the Enterprise has a RESTful service for handling new hire information and a SOAP web service for querying revenue information. Further, we assumed the Enterprise currently uses Active Directory for its identities.

Using the Intel(R) Expressway API Manager as a mobile middleware we can put a RESTful facade in front of these disparate systems and expose two simple endpoints for the mobile device. Further, the gateway performs important functions, including:

  • The termination and acceleration of SSL (remember, with mobile, you may easily scale to hundreds of thousands of individual “apps”, all hitting the back-end infrastrcture)
  • Perimeter security for content based threats, such as SQL injection
  • Delegated authentication to the Enterprise LDAP based on an API key in the request
  • Throttling of requests, including denial of service protection (remember, again, with mobile devices there could be thousands)
  • Optimization of content sent back to the device. In our example we showed the transformation of XML to JSON, which is optimized for the mobile phone
  • Data protection, including format preserving encryption, a special mode of AES that prefers the length and character set of data-types. This is especially useful for handling the new hire information, such as the social security number
  • Routing and composition of data accessed form multiple databases. Mobile applications may need to aggregate data from multiple databases, combine it into a single response before it is sent to the mobile device

The best part about the Intel(R) Expressway API Manager is that this entire flow can all be designed in Eclipse using drag-and-drop actions. No coding is required. If you are looking for a quick way to jump-start a native mobile application at your enterprise with minimal back-end changes, give us a shout. We may be able to help!

-Blake

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@CloudExpo Stories
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Tintri focuses on the Ops side of the DevOps, which basically is pushing more and more of the accessibility of the infrastructure to the developers and trying to get behind the scenes," explained Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
A look across the tech landscape at the disruptive technologies that are increasing in prominence and speculate as to which will be most impactful for communications – namely, AI and Cloud Computing. In his session at 20th Cloud Expo, Curtis Peterson, VP of Operations at RingCentral, highlighted the current challenges of these transformative technologies and shared strategies for preparing your organization for these changes. This “view from the top” outlined the latest trends and developments i...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
"We focus on composable infrastructure. Composable infrastructure has been named by companies like Gartner as the evolution of the IT infrastructure where everything is now driven by software," explained Bruno Andrade, CEO and Founder of HTBase, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing bes...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
In this presentation, Striim CTO and founder Steve Wilkes will discuss practical strategies for counteracting fraud and cyberattacks by leveraging real-time streaming analytics. In his session at @ThingsExpo, Steve Wilkes, Founder and Chief Technology Officer at Striim, will provide a detailed look into leveraging streaming data management to correlate events in real time, and identify potential breaches across IoT and non-IoT systems throughout the enterprise. Strategies for processing massive ...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...