THE LINK OFFLINE DATA ARCHITECTURE

Similar documents
Introduction to the Mobile Access Gateway

Securely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

KEMP LoadMaster. Enabling Hybrid Cloud Solutions in Microsoft Azure

The Challenge. The Solution. Achieve Greater Employee Productivity & Collaboration...while Protecting Critical Business Data

MOBILIZING ORACLE APPLICATIONS ERP. An Approach for Building Scalable Mobility Solutions. A RapidValue Solutions Whitepaper

Practical Enterprise Mobility

An Enterprise Approach to Mobile File Access and Sharing

When enterprise mobility strategies are discussed, security is usually one of the first topics

White Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com

Vodafone Total Managed Mobility

Mobile Application Platform

Introduction to Mobile Access Gateway Installation

The Challenge. The Solution. Achieve Greater Employee Productivity & Collaboration...while Protecting Critical Business Data

POINT-TO-POINT vs. MEAP THE RIGHT APPROACH FOR AN INTEGRATED MOBILITY SOLUTION

Achieve Greater Employee Productivity & Collaboration...while Protecting Critical Business Data

Choosing a File Sync & Share Solution. PRESENTATION TITLE GOES HERE Darryl Pace Optimal Computer Solutions

owncloud Architecture Overview

Egnyte Cloud File Server. White Paper

True Web Application Management: Fixing the Gaps in EMM Solutions

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

HP ALM Masters 2014 Connected, collaborative mobile application development for the enterprise HP Anywhere

FileCloud Security FAQ

Fileweave. Large File Transfer. Seamless Microsoft Outlook add-in. Simple drag and drop functionality

Statement of Direction

Ensuring the security of your mobile business intelligence

Feature and Technical

owncloud Architecture Overview

Security Overview Enterprise-Class Secure Mobile File Sharing

Introduction to IBM Worklight Mobile Platform

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

What We Do: Simplify Enterprise Mobility

Introduction to the EIS Guide

ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS

Middleware- Driven Mobile Applications

Skynax. Mobility Management System. System Manual

GO!es MOBILE. YOUR Enterprise. The Challenge. The Solution. Mobilise Your Services Reach Anybody, Anywhere, Anytime

Cortado Corporate Server

Configuration Guide. BES12 Cloud

CTERA Cloud Storage Platform Architecture

SureDrop Secure collaboration. Without compromise.

Kony Mobile Application Management (MAM)

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

RFI Template for Enterprise MDM Solutions

Roadmap to Solving Enterprise Mobility

ShareFile Enterprise technical overview

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Whitepaper. Simple and secure. Business requirements for Enterprise File Sync and Share solutions.

BlackBerry Enterprise Service 10. Version: Configuration Guide

CTERA Enterprise File Services Platform Architecture for HP Helion Content Depot

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

activecho Driving Secure Enterprise File Sharing and Syncing

Veritas Enterprise Vault for Microsoft Exchange Server

Citrix ShareFile Enterprise technical overview

How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development

Take Your Rocket U2 Apps Mobile with Rocket LegaSuite. Greg Mummah, Product Manager Rocket Software

Symantec Enterprise Vault.cloud Overview

Customer Cloud Architecture for Mobile

Top. Reasons Legal Firms Select kiteworks by Accellion

Introducing Databackup.com Cloud Backup. File Locker File Sharing & Collaboration EndGaurd EndPoint Protection & Device Management

Configuration Guide BES12. Version 12.1

SAP Document Center. May Public

Egnyte Local Cloud Architecture. White Paper

Mobile Application Development

Configuration Guide BES12. Version 12.2

Live Communications Server 2005 SP1 Office Communications Server Matt Newton Network Engineer MicroMenders, Inc

What s New in Juniper s SSL VPN Version 6.0

NCSU SSO. Case Study

Sisense. Product Highlights.

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX

Enterprise Private Cloud Storage

Citrix ShareFile Enterprise: a technical overview citrix.com

Solve BYOD with! Workspace as a Service!

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Content Delivery Service (CDS)

EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION

Accelerating Business Value by

Symantec Enterprise Vault for Microsoft Exchange Server

Simplifying and Empowering the Implementation of Enterprise Mobile Strategy

Securing Office 365 with MobileIron

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Smartphone Enterprise Application Integration

How To Plan A Desktop Workspace Infrastructure

Setup Guide: Server-side synchronization for CRM Online and Exchange Server

Introduction to the AirWatch Cloud Connector (ACC) Guide

Symantec Enterprise Vault.cloud Overview

PEGA MOBILITY A PEGA PLATFORM WHITEPAPER

Symantec Enterprise Vault for Microsoft Exchange

Fuze for personal computers... 7 Fuze for mobile devices... 7 ios... 7 Android... 7

How To Get To A Cloud Storage And Byod System

Features of AnyShare

Transcription:

SECURE ENTERPRISE HTML5 THE LINK OFFLINE DATA ARCHITECTURE A MOBILE HELIX WHITEPAPER

THE LINK OFFLINE DATA ARCHITECTURE The Link HTML5 SDK makes it simple for developers to build mobile apps with offline capabilities using standard HTML5. The Link system transparently extends the standard HTML5 offline storage capabilities in a number of fundamental respects, including policy-driven limits on the amount of locally stored data and data protection via encryption. This paper presents how the Link HTML5 SDK, in conjunction with the Link system, makes it easy for developers to build secure, HTML5 apps with rich policy controls that meet even the most stringent compliance requirements. Introduction The beauty of an app-first and mobile-first enterprise is anytime, anywhere access to productivity-enhancing content and applications on a mobile device. While the ubiquity of WiFi and cellular data is impressive, it is not complete. There are moments in an airplane or a remote location where it is not possible to get online, and there are physical locations where data access is prohibitively expensive. Any mobile first infrastructure must support online and offline access, with an associated architecture for synchronizing and protecting that data. Mobile Helix s data security architecture is described in the accompanying paper entitled The Mobile Helix Data Security Platform. In this document we focus on Link s caching and data synchronization technology and APIs. From the programmer s perspective, link s HTML5 SDK for offline data storage and synchronization is 100% compliant with the HTML5 standard. However, when executed within the Link container, pure HTML5 apps benefit from the unique security capabilities and policy controls implemented in the Mobile Helix technology stack described in this paper. 1

Developing Pure HTML5 Apps with Link Mobile Helix Link is an end-to-end solution for developing and delivering mobile apps using standard technologies, including HTML5, CSS3, JavaScript, Apache Cordova, and HTTPS for the implementation and delivery of these apps. Pure HTML5 apps refer to apps that are built using open technologies and delivered via standard Web servers, application servers, portal servers, and HTTPS infrastructure. Unlike native apps or hybrid-native apps, pure HTML5 apps are delivered to the mobile client the same way as any familiar Web application they are downloaded into the browser when the app is first accessed. Leveraging HTML5 s extended capabilities for supporting offline access, the app is then cached locally to improve the performance of future loads and to ensure that the app is available offline. The advantage of the pure HTML5 approach is that enterprises avoid vendor lock-in with a fully standards compliant approach, and enterprises do not need to invest in app store infrastructures, which quickly become more complex than they seem. The complexities of app stores include the app store itself, managing user upgrades (i.e. coercing users to upgrade), the additional bandwidth required to deliver packaged apps, including upgrades, and the associated processes for managing and supporting multiple app versions. Pure HTML5 apps fit into the way IT builds any Web app the same processes, tools, and technologies apply and, hence, one significant barrier to mobilizing the enterprise is eliminated in the pure HTML5 approach. THE MOBILE HELIX LINK SYSTEM CONSISTS OF 4 COMPONENTS: 1. Link Gateway 2. Link Controller 3. Link Application Server 4. Link Container The Link HTML5 SDK is designed to make the transition from enterprise Web development to HTML5 app development seamless for an experienced developer. The HTML5 SDK addresses several of the most pressing and complex issues with building HTML5 apps, including offline access, data security, and performance on the high latency, low bandwidth mobile network. This paper focuses on how the Link HTML5 SDK supports offline access as offline access is a requirement that is entirely new for Web developers and can be intimidating when make the transition from Web applications to mobile apps. We start by reviewing the Link system architecture. We will then review the Link technology architecture. With the architecture in mind, we can then discuss Link s offline access infrastructure in depth. Link System Overview The Mobile Helix Link system consists of four components: The Link Gateway, which is a reverse proxy that is the central entry point to the enterprise network. The Gateway controls and optimizes traffic between the external, public Internet and the private, corporate Intranet. The Gateway is deployed in the DMZ 2

in an on-premises deployment, and a large-scale deployment will have many gateways for redundancy and load balancing. The Link Controller is the system management console. The Controller manages all users, all devices, and all apps available on a mobile device via the Link system. The Controller integrates with Active Directory (AD) or LDAP to import users and groups, and the Controller manages authentication via AD, LDAP, or any SAML-based single sign-on solution. The Controller uses a role-based security and policy architecture to enable IT administrators to set flexible device, applications, and data policies from a central console. The Controller also monitors the Link system and collects audit data and analytics in a central database. The Link Application Server hosts Mobile Helix's pure HTML5 apps. Each app is built using the Link HTML5 SDK and is hosted in a standard Java EE container. Examples of Link apps include Link Content Share and Link E-mail. Enterprises can host their own HTML5 apps built with or without the Link HTML5 SDK and legacy Web applications available for mobile access using existing Web server, application server, or portal infrastructure. The Link Application Servers are firewall protected and integrate with standard HTTPS load balancers. The Link Container runs on mobile devices and ensures secure access to corporate assets by encrypting data at rest and in motion. The Container includes browser technology supporting critical HTML5 features including offline storage and video. In addition, the Container is enhanced with Apache Cordova (formerly PhoneGap) to enable browser access to device features that are not available across platforms via the HTML5 standard. Link may be deployed fully on-premises or in a hybrid deployment with selected components in the Cloud. In a cloud deployment, the Link cloud can either integrate with existing VPN infrastructure to access the corporate network or it can use a relay architecture to transmit encrypted data via a persistent, outbound connection from the corporate network to the cloud for routing to the mobile device. Mobile Helix Technology Architecture Overview The Mobile Helix technology architecture shown above outlines how different technology platforms, implemented across the Link system components described in the previous section, work together to enable the development and delivery of pure HTML5 apps, to protect corporate data, and to apply policies to the Link system. The Mobile Helix technology architecture includes: 3

The Link HTML5 SDK, which is a fully standards-compliant HTML5 SDK for creating rich apps that are intuitive, cross platform, and, when integrated with the Link system, transparently secured. The Mobile Helix Secure Delivery Platform, which ensures end-to-end secure delivery of pure HTML5 1 mobile apps, enterprise Web applications, and enterprise content and data. The Mobile Helix Data Security Platform, which ensures that data is uniformly protected at rest on all supported devices and enables granular policy and rolebased control of enterprise data stored on mobile devices. The Mobile Helix Administration Platform, which enables IT to manage and provision users and endpoints accessing the Link system, track and audit data delivered to mobile devices, provision pure HTML5 mobile apps and enterprise Web applications for mobile access, and monitor the Link system. Figure 1: The Mobile Helix Technology Architecture 1 Pure HTML5 apps are fully standards-compliant HTML5/CSS3/JavaScript apps delivered by standard Web servers, app servers, or portal servers via HTTPS. Pure HTML5 means 100% open, standards-based, and cross-platform mobile app development integrated transparently into a secured, containerized browser that operates across all of the major mobile platforms. 4

Offline, Pure HTML5 Apps with Mobile Helix Link To enable offline access, the Link Container includes six enhanced capabilities that are implemented as part of the Mobile Helix Data Security Platform: 1. An encrypted data store consisting of the bottom two tiers in the diagram above that is protected with strong encryption keys and managed by IT policy 2. An encrypted, offline, policy-rich cache for all requested data 3. Encrypted, offline storage in an SQL database using HTML5 s offline data storage APIs 4. A data synchronization API that enables app developers to seamlessly integrate offline storage with back-end data sources (including Web services, existing business logic services, and databases) 5. An offline request queue for managing and synchronizing actions or data updates that occur while offline 6. An offline document store, which ensures easy access to documents while offline and enables, policy permitting, secure integrations with third-party apps on the device Figure 2: We describe each HTML5 enhancement in turn below. The Encrypted Data Store in the Link Container All persistent data stored by the Link Container is encrypted. Encryption keys are managed by the Mobile Helix Data Security Platform, which is described in an accompanying white paper. Data may be marked into one of three categories when it is stored in the encrypted data store on the device: 5

1. Online-only data, which is encrypted with a key that is unknown to the user and the device unless the user is online. 2. Offline persistent data, which is available offline and is encrypted using a key derived from a credential known by the user. This data does not expire. 3. Offline transient data, which is also available offline and encrypted using a key derived from the same credential as category 2. The difference is that transient data is automatically deleted from the device after a policy-determined period of time. Applications may be assigned storage quotas, which can vary based on a user s role. These quotas ensure that applications never store an unreasonable amount of data, but they must be applied with care to avoid crippling an application s ability to function offline by preventing it from storing a sufficient amount of data. The Link Offline Cache Fundamental to Link s offline architecture is the offline browser cache, which caches data for offline access. The scope of data available offline is determined by IT policy based on a user s role and the particular application that originated the data. For data that is available by policy when a user is offline, the offline cache ensures that data is accessible transparently to the requesting application. Regardless of whether the application was designed with offline access in mind, this caching mechanism allows users, when offline, to access any previously viewed page as long as IT policy allows that data to be available offline. Offline data can be pinned to the cache via an HTML5 manifest file. This standard mechanism ensures that application HTML, JavaScript code, and required resources (images and stylesheets) are never removed from cache. The Link HTML5 SDK uses jquery Mobile s hash-tag based navigation architecture to encapsulate all of an application s HTML code in a single page. This technique helps avoid simple mistakes in the manifest file that can render an application unusable when your users are offline and need it most. Offline Application Storage Perhaps most important to Link s offline storage capability is the offline SQL-based storage built on top of the HTML5 WebSQL and IndexedDB standards and the HTML5 LocalStorage key-value cache. Applications can explicitly create databases with designated names, and they can mark those databases as application specific or sharable with other applications running in the container. Databases are fully encrypted leveraging the key management capabilities of 6

the Mobile Helix Data Security Platform. Each database can be marked as either persistent or transient with the appropriate policy applied transparently in both cases. While developers can leverage the HTML5 standard APIs for accessing these data storage capabilities, the Link HTML5 SDK goes a step further with a data synchronization layer designed to make the transition to offline app development seamless for any Web developer. The Link Data Synchronization API HTML5 offline storage can be confusing whether that confusion is due to the varying standards or to the challenges of managing data that originates on a remote server and must be available for access and manipulation offline when that server is inaccessible. By adding an O-R-M layer and an automated synchronization API on top of the standard HTML5 storage APIs, the Link HTML5 SDK makes offline storage easy. Using an enhanced version of PersistenceJS with several Mobile Helix-specific extensions, developers can download JSON-serializable objects from a Web server or Web service and synchronize them against the offline data store for offline access. As those objects are updated, either locally or remotely, the data synchronization API ensures they stay in sync. Even structural changes to objects are automatically mirrored in the local database schema on-the-fly, relieving developers from the headache of managing schema upgrades. When the device is offline, the Link SDK transparently reconstructs data objects from the local storage. When the device is online, the Link SDK refreshes and synchronizes objects and schema from the online infrastructure (application server, Web service, etc.). The online synchronization API supports sending deltas, so that an application can send changes (adds/updates/deletes) to the client rather than re-transmitting redundant data, and it leverages the Link Gateway s compression features to minimize data transmitted and to accelerate data transmission. Offline Request Queuing Link provides an offline request queue that will queue POST requests and deliver them when the device is online again. This convenient feature allows application developers to capture user inputs and edits while offline and to seamlessly transmit those offline actions back to the supporting server-side infrastructure when the device is online. Additional features of the API allow developers to easily manage local drafts of changes that users can continue to alter or undo until those drafts are submitted when the user is online. The Link Container handles the encryption and management of queued requests transparently without placing any additional requirements on the app itself. 7

Offline Document and File Storage Because of the unique importance and ubiquity of documents and files in enterprise collaboration Link has implemented additional capabilities for managing them, online and offline. These capabilities consist of five components: 1. Link s document access Web services, which allow applications to download Microsoft Office documents from SharePoint or CIFS file shares. 2. Link s file access Web services, which allow applications to download videos, images, audio files, and text files from CIFS file shares. 3. Link s document conversion and encryption services, which allow applications to convert Microsoft Office documents to PDF and to encrypt documents using Microsoft Office s AES-256, password-based encryption algorithms. 4. Link s offline file and document store, which encrypts and stores documents on the device and provides a unified interface for browsing, viewing, editing, and uploading documents. 5. Link s offline file and document viewer, which allows users to view Office documents, PDFs, videos, text files, and images while offline and to listen to audio files while offline. Link Web services are accessible via RESTful services, which can be accessed via standard AJAX requests. The Link offline file store is accessed via plugins to Apache Cordova, which are currently available as open source plugins for both Android and ios. The Link document management APIs also allow individual apps to save files that are originated or edited on the device back to a remote content store in an applicationdefined fashion. When the user indicates that a document should be saved by the Link Container, the Container allows the user to select which document should handle the save operation. The Container then invokes an app-specific user interface to specify the details of the save operation (e.g., what folder to save the file in), and an applicationspecified handler to upload the new or edited document. Conclusion Link is designed to enable apps anytime and anywhere without making compromises on security. Anywhere includes locations where a cellular data or WiFi link is not available. To enable offline access, Link provides a comprehensive suite of secure, offline storage technologies for managing cached data, application-specific databases, and files. All of these technologies are integrated into the Mobile Helix Data Security Platform, which ensures that data is safe under all circumstances and enables IT to make intelligent, policy-driven decisions about data availability and retention on the device. 8

The Link HTML5 SDK eliminates the ease-of-use, standardization, and security barriers to implementing offline data storage in your mobile apps. With Link, adding offline storage is easy, safe, and secure. 9

About Mobile Helix Link Mobile Helix is an enterprise application and data security platform provider focused on enabling unrestricted enterprise productivity. We are redefining endpoint computing by evolving and extending existing IT infrastructure and standards rather than reinventing them. At our core are three fundamental principles that are at the center of everything that we do: 1) we are applicationand data-centric we embrace the blurring lines between phones, tablets and laptops, permitting IT to relinquish control of the endpoint device entirely and embrace a bring-your-own-anything policy; 2) we provide unmatched yet unobtrusive security for sensitive corporate data by intelligently securing the data rather than the devices; and 3) simplicity is embedded into the DNA of our products, our designs and our communications. Our solution, Mobile Helix Link, is the industry s first pure HTML5 platform that combines unparalleled data security, a unique HTML5 application development and delivery platform, and breakthrough patent-pending performance enhancement technology. To learn more about Mobile Helix Link please visit us at. MOBILE HELIX INC. Mobile Helix Inc. 1140 Avenue of the Americas, 9th Floor New York, NY. 10036 USA +1.646.801.3650 phone contact@mobilehelix.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information