IBM Worklight V6.0 Technology overview Contents 1 IBM Worklight Overview 2 IBM Worklight Components 3 Development tools 8 Runtime server environment 9 The Worklight Console 9 Worklight device runtime components 10 Security and authentication mechanisms IBM Worklight Overview IBM Worklight software helps enable organizational leaders to transform their business and become a mobile enterprise. This software provides an open, comprehensive and advanced mobile application platform for smartphones and tablets, helping organizations of all sizes to efficiently develop, test, connect, run and manage mobile and omnichannel applications. Leveraging standards-based technologies and tools, Worklight software provides a single integrated platform that includes a comprehensive development environment, mobile-optimized runtime middleware, a private enterprise application store and an integrated management and analytics console all supported by a variety of security mechanisms. Develop. The Worklight Studio capability and the software development kit (SDK) of the Worklight offering simplify the development of mobile and omni-channel applications (apps) throughout multiple mobile platforms, including ios, Android, BlackBerry, Windows 8, Windows Phone and Java ME. The Worklight optimization framework fosters code reuse and delivers rich user experiences that match the styling requirements of each target environment. With such code reuse, Worklight software reduces costs of development, reduces time-to-market and provides strong support for your ongoing management efforts. Test. Worklight software delivers integrated functional testing capability. For apps that are developed within Worklight software, developers or testers can record a sequence of actions on a mobile device. Once the recording has been captured, it becomes the basis of an intelligent, resilient and code-less test case that can be played back on demand on virtually any ios or Android device or emulated ios or Android device within the same OS family.
Enterprise back-end systems and cloud services Enterprise back-end systems and cloud services Stats Aggregation Build Engine IBM Software Connect. The Worklight Server architecture and adapter technology simplifies the integration of mobile apps with back-end enterprise systems and cloud-based services. The Worklight Server is designed to fit quickly into your organization s IT infrastructure and is designed to leverage your existing resources. The standalone back-end integration layer can be customized and shared among multiple applications. Furthermore, Worklight Adapters support two types of datadelivery mechanisms: device requests and push notifications. Run. The Worklight Studio prepares application files for upload to public app stores and for upload to private distribution repositories. Active mobile apps communicate with virtually any enterprise back-end systems and cloud-based services through the Worklight server. This server optimizes data for mobile delivery and consumption, and is supported by a variety of security features that help to protect sensitive user data in transit on device. Manage. Once the software is deployed, administrators can manage registration and authentication for users and devices; monitor and control the access of different apps to back-end systems; directly update and disable apps based upon predefined rules or custom rules; host and manage a production-ready, cross-platform mobile application store; audit and manage mobile data synchronization to enterprise back-end systems; and control virtually all push services and event sources from one centralized web interface known as the Worklight Console. In addition, administrators can access usage information about the installed app base and its users, using built-in and customized reports. Usage data can be exported and fed into analytics platforms such as the IBM Cognos platform and the IBM Coremetrics platform. Development tools The Worklight Studio The Worklight Studio is an Eclipse-based IDE that makes it possible for developers to perform virtually all the coding and integration tasks that they require to develop rich employeefacing and customer-facing applications. The Worklight Studio augments the familiar tools of Eclipse with a wide variety of enterprise-grade features that are delivered by the Worklight Plug-ins, enabling Worklight Studio to streamline application development and to facilitate enterprise connectivity. The following are some of the main features that are supported by the Worklight Studio: Cross-platform support The Worklight Studio enables the development of rich web, hybrid and native mobile applications on ios, Android, BlackBerry, Windows 8 and Windows Phone tablets and smartphones. IBM Worklight Components SDKs Worklight Studio HTML5, Hybrid, and Native Coding Optimization Framework Integrated Device SDKs Third Party Library Integration ios Android Blackberry Windows Phone Windows 8 Java ME Mobile Web Desktop Web Worklight Application Center Development Team Provisioning Enterprise App Provisioning and Governance App Feedback Management Public App Stores Device Runtime Cross-Platform Compatibility Layer Server Integration Framework Encrypted and Syncable Storage Runtime Skinning Reporting for Statistics and Diagnostics Application Code Worklight Server User authentication and mobile trust Mashups and service composition JSON Translation Adapter Library for backend connectivity Client-Side App Resources Direct Update Mobile Web Apps Unified Push Notifications Worklight Console Reporting and Analytics Push / SMS Management App Version Management 2
Using its optimization framework, Worklight software differentiates itself from other technologies in the market that deliver a lowest-common-denominator solution. With the Worklight approach, developers can share the majority of the application code across multiple environments, without compromising platform-specific user experience or application functionality. Developers can share the common app code among multiple environments, while isolating environment-specific code in designated folders that can overwrite or augment the commonly shared code. As a result, application logic remains consistent among the different environments, while the user interface (UI) behaves natively and adheres to user expectations and the unique functionality and design guidelines of the device. Application developers can directly access the application programming interfaces (APIs) that modern devices offer, and can more-easily integrate publically available or customized third-party libraries, frameworks and tools. The result: advanced mobile applications that are built according to the unique and specific needs of your organization. Because developers are not dependent on an intermediary build-time or runtime layer, such as a cross-compiler or interpreter, native APIs are accessible upon release of new mobile operating system (OS) versions or third-party libraries when Worklight software is used. Furthermore, the app s web code is executed directly by the mobile browser, so developers have direct access to the HTML Document Object Model (DOM) and are free to use any JavaScript API or third-party JavaScript toolkits and frameworks. Hybrid coding Facing the constantly evolving fragmented ecosystem of mobile devices and operating systems, application development has become a costly, yet unavoidable, endeavor. This challenge has created a market for cross-platform mobile development solutions that is rapidly growing. However, to achieve cross-platform capabilities, many solutions in the market rely on limiting proprietary tools, form-based IDEs, what you see is what you get (WYSIWYG) tools, or simply prepackaged apps. Without the capability to fully customize the code, these solutions result in an unavoidable tradeoff between user experience and multiplatform coverage. Using Worklight software, developers can choose between using pure native code (Objective-C, Java or C#), standard web technologies (HTML5, Cascading Style Sheets 3 and JavaScript) or a combination of both within the same app. Developers can strike the desired balance between development efficiency, app functionality and user experience. The Worklight Studio supports three main hybrid scenarios: 1. HTML can be used to call native code using the Cordova plug-in (previously known as PhoneGap). The native code can be either UI-less, for example, reading the compass, or can actually display a user interface (UI). This UI component will be overlaid on top of the browser, so that the user sees a native component blended with the HTML UI. 2. Developers can decrease the size of the browser so that the browser occupies only part of the screen. The other part of the screen can be used to display native UI components. 3. Users can implement complete screens natively and can switch between native screens and web screens. The transition between the screens can be animated, as in regular screen transitions. Furthermore, the Worklight Studio ships with a UI tool for design and development. The UI tool is WYSIWYG drag-anddrop. These editing capabilities enable developers to create pure HTML or HTML and JavaScript files by dragging HTML5 and Dojo Mobile components from a built-in palette to the HTML canvas. Developers can use property sheets to control HTML and CSS properties. At the same time, these editing capabilities make possible direct editing of HTML and CSS files, updating the graphical canvas so that developers can visualize immediately the impact of their changes. These editing capabilities are integrated with the optimization framework of Worklight software, making it possible for developers to view a specific application environment or to view a specific skin. 3
No single development approach offers a complete solution to the larger challenge, but by using the unique support for hybrid coding provided by Worklight software, organizational teams are able to use the same mobile platform to develop, connect, run and manage a variety of mobile application types based on the specific needs of the project at hand. Support for HTML5 Worklight software leverages a standards-based approach, enabling developers to write HTML5 code directly into the development environment without the use of cross-compilation or transcoding. This capability circumvents the limitation of proprietary interpreters or code translators. You can benefit from capabilities that include: A cleaner, more readable and consistent HTML code. Access to rich media types (audio and video), available previously by way of native code only. Use of advanced UI components, such as data pickers, sliders and edit boxes that automatically support ellipsis and others implemented natively by the browser. Use of Cascading Style Sheets 3 (CSS3) styles and CSS3-based animation to reduce app size and to improve app responsiveness. App distribution channels that go beyond the different app stores and their time-consuming and limiting restrictions. Support for geolocation services. Offline storage capabilities. Worklight software further augments these capabilities with enterprise-grade utilities through an application container for on-device encryption and offline user authentication. Runtime skins Further optimization of apps is possible within the Worklight Studio by using runtime skins. These skins are packaged with the app s executable files and are applied to the mobile app during run time. This capability makes it possible for the app to automatically adjust to different devices from the same OS family. Common scenarios that benefit from runtime skins include: Browser access Hybrid apps - web Hybrid apps - mixed Native apps Written in HTML5 JavaScript and CSS3. Quick and cheap to develop, but less powerful than native. HTML5 code and Worklight runtime libraries packaged within the app and executed in a native shell. User augments web code with native language for unique needs and maximized user experience. Platform-specific. Requires unique expertise, pricy and long to develop. Can deliver higher user experience. Different screen sizes Different screen densities Different input method Different support levels for HTML5 Mobile browser Native shell Native shell Native application Web code Web Native Web code Device APIs Device APIs Device APIs Browser access Downloadable Downloadable Downloadable 4
Geo-location toolkit Geo-location is a powerful differentiator of mobile apps. Yet because geo-location coordinates must be polled constantly to understand where a mobile device is located, the resulting stream of geographic information can be difficult to manage. You risk exhausting resources such as battery and network. Worklight software includes geo-location services that make it easier to respond to geo events with greater intelligence. These services handle multiple geo modalities such as global positioning system (GPS), Wi-Fi sampling and interpolation, and these services include policies for acquiring geographic data and sending it in batch. This capability helps you to optimize battery and network usage. The geo-location toolkit makes it possible for business actions to be triggered when users reach a point of interest, or when users enter or exit a region (geofencing), and the geo-location toolkit can execute server-side logic to enable meaningful reaction to important geo events. Screen templates The delivery of an outstanding mobile UI experience requires conformance with continuously evolving mobile patterns of behavior that are specific to each OS family. Worklight software includes screen templates that automate the creation of mobile screens. The design of these screen templates is based upon industry-proven methods. Developers can choose from templates in four categories: Lists Authentication Navigation and search Configuration Native-device SDK integration The Worklight Studio also integrates with the software development kits (SDKs) of the mobile devices that Worklight software supports including Android, ios, Windows 8, Windows Phone and Blackberry. This integration enables developers to take full advantage of the native code capabilities and the best-in-class development tools, testing and debugging mechanisms that are native to the mobile SDKs, without leaving the development environment. To further streamline the iterative development process, the studio enhances preview capabilities for ios and Android hybrid apps. An in-browser simulator makes it possible for you to define the form factor of the target device, concurrently displaying multiple devices on the screen and simulating Apache Cordova APIs (an open-source framework for bridging calls between native components and web views). Standardized data retrieval The Worklight Studio enables developers to use XSL transformations and JavaScript code to convert retrieved hierarchical data from any back-end system to JavaScript Object Notation (JSON) format, thus preparing the data for delivery and app consumption. Developers can invoke back-end services directly from within the studio and can receive raw results in Extensible Markup Language (XML), or developers can receive processed results (after having converted to JSON using Extensible Stylesheet Language [XSL] transformations and JavaScript) in JSON format. Each screen template can be previewed live, used as is or further refined using any combination of web and native technologies. Support for third-party JavaScript toolkits and UI frameworks In addition to its support for HTML5, Worklight software provides integration with the growing ecosystem of UI frameworks, such as jquery Mobile, Sencha Touch and Dojo Mobile. Developers can pick the JavaScript UI framework of their choice and use it to develop their application within the studio. WYSIWYG tools are available for HTML5, jquery Mobile, and Dojo Mobile. 5
Developers can perform server-side mashups in JavaScript to collect data from various back-end applications and streamline them to the device, thereby reducing the number of requests that are made on the slow mobile network and greatly improving app responsiveness. In addition, developers can choose to implement server-side, back-end integration and authentication code in Java, rather than in JavaScript. Unified push notifications In the process of creating the integration adapters, developers can leverage the uniform push architecture of Worklight software to preconfigure automatic alerts from one centralized interface. Using its unified push API for its supported devices, Worklight software makes the entire process of communicating with the users and devices completely transparent to the developer. Collaboration and distributed development Enterprise mobile development is rarely a simple process that is conducted by one developer. Most commonly, the complex enterprise development environment consists of multiple development, testing and quality assurance (QA) teams all working on different portions of the app, sometimes even from different geographical locations. Worklight software is designed to support such scenarios through a variety of features and functions, including integration with other IBM collaboration tools. Centralized build The Worklight Builder is a stand-alone application that can be more-easily integrated with common central build services, such as IBM Rational Jazz Builder, Hudson and Luntbuild. Leveraging the centralized build functionality, the different teams involved in the development, testing and QA phases can work off of one common version of the code, effectively enhancing the collaboration and automation of the internal application development process. Automated mobile functional testing The accelerated delivery cycles of mobile applications requires fast and effective test cycles. Worklight software includes integrated automated functional testing. This testing is available for Android and ios native and hybrid applications. Designed for use by developers and testers, this capability automates functional testing of apps that are developed with Worklight. First, developers or testers record a sequence of actions on a mobile device, using a recording-ready app to generate a test script. Next, developers or testers edit and enhance the script using natural-language syntax to add verification points and other instructions. The enhanced test script can be run on demand on a real device, simulator or emulator. Results can be viewed and can be shared using a generated HTML report. Automated functional testing makes it possible for organizational teams to test Worklight apps more rapidly, at lower cost and more methodically. The result: higher-quality mobile apps. Polling adapters Notification state database ios dispatcher ios push API Apple push servers (APN) IBM Worklight client-side push services Back-end systems Message-based adapters Unified push API User-device database Android dispatcher Android push API Google push servers (C2DM) IBM worklight client-side push services Administrative console 6
The shell approach Often, enterprise leaders employ multiple development teams, and the individuals who compose the teams possess different skills and expertise. The shell approach enables leaders of such companies to reduce the internal barriers of mobile development, making mobile development ubiquitous throughout the organization by compartmentalizing skill sets and responsibilities. Customizable native shell code Mobile browser The shell approach breaks down the development of the app into two portions: an external shell and an inner application. The shell consists of a customizable container that provides JavaScript access to the native capabilities of the device. A devoted team of expert developers are responsible for the shell s branding, security configurations, audits and authentication frameworks. The team can create a variety of shells. Each shell carries different policies and branding, forcing inner apps that are running within each shell to automatically comply with the shell s specific parameters. Such parameters could include restriction of access to data, use of certain APIs, different branding and so forth. With the corporate policies enforced by the shell, the inner apps can be more easily built by departmental development teams, using nothing but web languages. Such teams are only required to focus on the user interface, the business logic and, potentially, data integration. Distribution of the app or apps can be achieved by way of three different channels: Inner-app web code Customizable web shell code Device APIs An inner app can be fused into a shell by the centralized build server and uploaded to a private or public app store, and new versions of the inner app are sent and updated directly (subject to the vendor s terms of service) on the user device. A shell can be packaged with a directory of corporatesanctioned applications, enabling users to choose a different inner app according to their needs. A shell can be distributed empty to the user; the user will then access a repository of applications that are stored on the server. Runtime server environment The Worklight Server The Java-based Worklight Server is a scalable gateway between apps, external services and the enterprise. The server helps facilitate encrypted communication, back-end connectivity, data manipulation, authentication, analytics, private cross-platform application store, and operational management functions that are supported by a variety of security features. Server-side entities that affect the behavior of the Worklight Server are represented in the Worklight Studio project tree, including configuration files, authentication integration code and more. From the Worklight Studio, developers can save a unified project that includes all inter-related client code, server code and resources in their source control system. With Worklight Studio, server configuration artifacts are automatically built into a web archive (WAR) file. This WAR file can then be deployed on a standalone server for collaboration or test purposes. 7
The Worklight Server can be deployed to a wide range of hardware and operating system environments. Organizational teams that deploy the server to an IBM PureApplication System on Intel or that deploy to IBM Power Systems can apply patterns of expertise. These patterns of expertise are embodied within the IBM Mobile Application Platform pattern. The pattern simplifies deployment of the Worklight Server on a scalable and cloud-ready mobile server infrastructure. This capability speeds the deployment, configuration and ongoing maintenance of your mobile server infrastructure. The Worklight Server can: Provide adapter technology that connects to a variety of enterprise information systems over widely used integration technologies, such as Simple Object Access Protocol (SOAP), representational state transfer (REST), Structured Query Language (SQL), Lightweight Directory Access Protocol (LDAP) and more. In addition, Worklight software provides a special IBM Cast Iron adapter. Enable multisource data mashups to efficiently integrate several data streams into one stream and serve that stream to the application user. Multisource data mashups are an effective way of optimizing data delivery to the mobile user and reduce overall traffic in the system. Enable developers to add custom server-side logic that is necessary for delivering back-end data for mobile consumption. This ability helps distribute processes between the client and server and helps address data-security regulations within the organization. Provide flexible security architecture with server-managed security challenges, delivering more-robust protection. Integrate with the corporate authentication infrastructure to help secure application access and data access, in addition to transaction invocation. The Worklight authentication infrastructure is flexible enough to support different types of authentication from multifactor or multistep login processes to non-interactive single sign-on (SSO) integration. You can also expect offline authentication of users to increase app availability. Furthermore, the Worklight Server simplifies the integration with HTTP-based services that require authentication. Integration with Kerberos, Windows NT LAN Manager (NTLM), Basic and Digest authentication can be more-easily achieved by simpler configuration of the HTTP adapter, without the need to write server-side code. The server also supports device-based application SSO, enabling apps to be automatically authenticated if an existing authenticated session is already available through the same mobile device. 8 Integrate with IBM security functions by providing authenticators and login modules to leverage security configuration and settings. Take action to employ standard security mechanisms and proprietary security mechanisms to help prevent attacks. More-easily scale to support hundreds of thousands of users and multiple applications through physical clustering. Provide app-deployment and version-control features that are managed and accessed by the Worklight Console. Be integrated with IT monitoring and performance management systems that verify the vitality of the Worklight Server and the services that it provides to applications. Automatically collect user-adoption and usage data for auditing and reporting purposes and gain access to custom configuration of reporting metrics. Raw data can be moreeasily exported for further analysis by the different business intelligence tools used by your organization. The Worklight Application Center The Worklight Application Center enables company teams to set up an enterprise app store to help govern the distribution and management of pre-release and production-ready mobile applications. Administrators can make the most of existing authentication frameworks, including ACL and LDAP, to manage app distribution by department, job function, geography and other schema. Employees who access the Application Center from their mobile devices will only see the mobile apps that they are allowed to download. Employees can rate apps and provide feedback that can be considered for future enhancements. For development teams, the Worklight Application Center provides a convenient way to distribute pre-release software to developers and testers. Feedback can be organized by device and by version to quickly isolate and resolve defects, whether those defects are device-specific or version-specific. The Application Center can also integrate with software-build processes to automate the distribution of the latest releases to project teams, accelerating the develop-test-debug cycle. The Worklight Application Center provides: Administrators with improved governance over the distribution of mobile apps throughout the enterprise; Employees with easier access to the latest apps that are needed by their department or job function and that are optimized for their device; Developers with an easier way to distribute mobile builds and to elicit feedback from members of development and test teams.
The Worklight Console The Worklight Console is a web-based user interface that is dedicated for the ongoing administration of the Worklight Server and its deployed apps, adapters and push-notification services. Through the console, administrators can: Access administrative dashboards that monitor virtually all deployed adapters and applications. Control and monitor virtually all push-notification services, event sources and related applications. Assign device-specific security IDs to support installation of business applications on sanctioned devices. Manage multiple versions of the same application and remotely disable applications by version and mobileoperating-system type. Access built-in and custom reports of application adoption and usage. Define device-based access-control policies to control access of apps. Application analytics and user experience management Worklight software provides a scalable operational analytics platform to analyze app usage, responsiveness and pathways. Enterprise teams can search throughout logs and events that are collected from various mobile devices apps and servers. Teams can look for patterns, determine problems and summarize the various statistical measures of platform usage from the Worklight Console. Custom reports can help you to identify new users, returning users, and usage frequency throughout mobile operating systems. Business Intelligence and Reporting Tool (BIRT)-based reports are supported. The Worklight approach enables developers to instrument mobile apps using the included IBM Tealeaf data-collection library for efficient collection and streaming of customer experience information. With Worklight software, you can utilize the collected data to provide IT diagnostics based upon actual user experiences, including app usage and effectiveness by location. A sudden drop-off or low rate of usage can help you to identify and to locate a software or operational defect. Organizational leaders who optionally upgrade to the IBM Tealeaf CX Mobile platform will gain additional insight into mobile user experience analytics. IBM Tealeaf CX Mobile unveils obstacles in near-real-time. This capability reveals why mobile users behave as they do by providing enhanced visual replay, including device orientation, screen size and touchscreen interactions. These insights empower organizational teams to diagnose and resolve customer struggles that can be difficult to identify, and which inhibit app usability and effectiveness. Worklight device runtime components Worklight software provides client-side run-time code that services HTML5, hybrid or native apps. Capabilities include: Access back-end data and access transactions. API for the invocation of Worklight services, retrieval of data and execution of transactions against back-end systems. Authentication and enhanced security. API and code for managing the authentication sequence and for securing the application data and its link to the Worklight Server. Offline access. Local JSON database for data persistence with back-end synchronization; supports encryption and large data-sets. Application management. API and code for applying new application versions and for disabling applications in accordance with policies that are defined in the Worklight Console. Troubleshooting. Code for detecting runtime connectivity problems in the app and for collecting troubleshooting information about the app and about the device. Usage reporting for audit and analytics. API for collecting built-in and custom data from apps, to be recorded by the Worklight Server for audit and analytics purposes. Cross-platform compatibility APIs. Uniform API for device features and useful UI tasks, hiding the differences throughout different environments. Skins management. Enables developers to adjust the features and functions of the app to the device s form factor in run time, optimizing the app for different versions of the same OS family as smartphones and tablets. The runtime client environment consists of the following components: JavaScript libraries. These libraries, which are used for JavaScript API implementation, are available in most runtime environments (with the exception of native iphone and Android apps, which are written in Objective-C and Java, respectively, and which do not require JavaScript libraries). Native libraries for hybrid apps. A set of native libraries (for ios and Android) that provide access to device-specific features. Apps written in JavaScript do not access these libraries directly, but rather through the relevant JavaScript APIs. In some cases, native code runs the web code provided by the developer. 9
Native libraries for native apps. A set of native libraries for ios and Android that provide access to Worklight Server functionality for natively written apps. Native code templates. For ios, Android, BlackBerry, Windows 8 and Windows Phone devices, native-code templates encapsulating a browser that runs the web code provided by the developer. Security enhancement and authentication mechanisms Worklight software provides multiple mechanisms and tools that help to support the creation of more-secure applications. The following is a list of the main security features of the platform: Mechanism Benefit Details On-device Help protect sensitive information from malware attacks Uses AES256 and PCKS #5-generated encryption keys for encrypted storage and from device theft storing app-generated information on the device Allows offline user authentication Implemented in JavaScript (highly obfuscated) with optional native performance enhancements Direct update Take action to ensure timely propagation of updated hybrid New versions of the code can be distributed without requiring app versions to the entire install base the manual update of the app (applicable to web resources) Remote disable Enforce timely adoption of critical security updates to the Server-side console allows configuration of allowed app entire install base versions. Administrator can force users to install security updates to the native code. Authentication Reduce overall cost and complexity of integration with Server-side architecture designed for integration with framework authentication infrastructure back-end authentication infrastructure based on Java Authentication and Authorization Service (JAAS) concepts, with authentication realms Specify one SSL per HTTP adapter for enhanced flexibility and security Ready-to-implement integration with Kerberos, NTLM, Basic and Digest authentication Ability to encrypt server-to-server SOAP communication with X509 certificates, following the Web Services Security (WSS) standard Client-side framework for asynchronous login requests on session expiration Server-side Help prevent SQL injection and help protect against Prepared-statement enforcement safeguards cross-site request forgery (XSRF) Validation of submitted data against session cookie Enterprise SSO Leverage existing enterprise authentication facilities and Client-side mechanism obtains and encrypts user credentials, integration user credentials and enable employee-owned devices sends to the server with requests Encryption incorporates user-supplied PIN, server-side secret and device ID Credentials cannot be retrieved from lost or stolen device Device SSO Enables a mobile user to authenticate one time in order to Upon successful login, the authentication state is saved in the integration gain access to multiple mobile applications from a single database and used for validations in subsequent sessions device. from the same device Mobile users get a more-seamless experience without No credentials are stored in the on-device database; only the having to explicitly log in to each application. state of the authentication is stored, for improved security Enterprise teams can integrate authentication services under a single umbrella, streamlining governance and reducing help-desk costs that are related to password resets and security. Developers can eliminate redundant development effort; they are no longer required to build authentication into each application independently. 10
Mechanism Benefit Details Virtual private Enable delivery and operation of mobile apps for Client-side and server-side frameworks act as secure socket network (VPN) employee-owned devices or device types that are not layer (SSL)-based VPN alternative allowed on the corporate network, and enable delivery Network access control and policies are preconfigured in the when installation of VPN client on mobile devices is not client-side framework layer possible or when such installation is complicated to manage Network access and security measures are updated using server-side framework On-device encrypted storage to help prevent compromise of sensitive data IT system security involves protecting systems and information through prevention, detection and response to improper access from within and from outside a client s enterprise. Improper access can result in information being altered, destroyed or misappropriated, or can result in misuse of systems to attack others. Without a comprehensive approach to security, no IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. Worklight systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures and may require other systems, products or services to be most effective. IBM Worklight does not warrant that systems and products are immune from the malicious or illegal conduct of any party. System requirements Production environment The Worklight server can be installed on the following operating systems: AIX HP-UX Red Hat Enterprise Linux (RHEL) SUSE Linux (SLES) Oracle Solaris Microsoft Windows Server The server requires the following databases to store metadata and cached back-end data: Derby Oracle MySQL IBM DB2 The Worklight server can run on the following application servers: Apache Tomcat IBM Application Server (and IBM Application Server Network Deployment) version 7.0 and higher (including the provided Application Server v8.5 Liberty Profile) The Worklight Server can be clustered to achieve high availability and scalability. In such cases, a load balancer is required. This load balancer can be any commercial load balancer, software or hardware, which supports sticky sessions. The load balancer can optionally act as a reverse proxy and as an SSL accelerator. Development environment The Worklight development environment includes the IBM Worklight Server, database and the Eclipse-based Worklight Studio. The development environment is supported on the following operating systems: Windows (32-bit or 64-bit) Macintosh environment For development purposes, the following databases are supported: IBM DB2 Oracle MySQL Apache Derby 11
The Worklight Studio can be installed on Eclipse and Rational Application developer (RAD). Supported application servers: IBM Application Server Base and IBM Application Server Network Deployment including the Liberty profile Tomcat For more information, please visit the following website: ibm.com/software/mobile-solutions/worklight For more information To learn more about IBM Worklight assets for mobile application development, please contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/software/solutions/mobile-enterprise IBM Worklight Developer Edition is available at no charge. To download the Worklight Developer Edition, please visit: ibm.com/worklight-trial Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We ll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing Copyright IBM Corporation 2013 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America June 2013 IBM, the IBM logo, ibm.com, Cast Iron, Jazz, Rational, Tivoli, Cognos, Coremetrics, DB2, PureApplication, Power Systems, Tealeaf, and are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at Copyright and trademark information at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the United States, other countries, or both. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates. Worklight is trademark or registered trademark of Worklight, an IBM Company. This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. It is the user s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED AS IS WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. Please Recycle WSW14181-USEN-07