Enterprise Mobile Application Management Platform -A HybridApproach

Enterprise Mobile Application Management Platform -A HybridApproach

Jay R. Visariya

Research Scholar, Department of Computer Engineering, Vishwakarma Institute of Technology,

Pune, India

Mahesh R. Dube

AssistantProfessor, Department of Computer Engineering, Vishwakarma Institute of Technology,

Pune, India

AbstractBusiness process management (BPM) has widely accepted by enterprises and has become one of the business driving factor of the organizations. Mobility is a reality of todays business environment. Organizations are allowing employees use their own mobile devices at workplace. The purpose is twofold in that it leads to employee satisfaction and increase in business productivity by adopting new technologies. Mobility is one key factor that changes the way organization resources are accessed. As BPM mobile applications are growing in number, organizations are facing challenges in managing the applications. The enterprise mobile application platform is an essential platform that provisions in-house BPM applications to employees through corporate or individual mobile devices. The management platform can be used across the board to support various mobile devices like mobile phones, phablets and tablets loaded with Android or iOS.

KeywordsApplication provisioning; Business process Management; cross-platform; enterprise mobility; hybrid mobile application; mobile application management; portability

I. INTRODUCTION AND CHALLENGES Enterprise mobile applications enable employees to

connect enterprise resources increase productivity that drive real value for organization. Applications are bringing unique challenge for enterprise because employee needs different apps depending on their role, device type, and business use. Employee wants quick and easy way to access the core products and organization need a way to centrally manage the applications.

1. Business Process Management

   The importance of Business process management goes well beyond streamlining operations. Holistically, Organization can be seen as a set of business processes and BPM manages those business processes. BPM is not only about sequencing factory-style workflows but also effective dynamic model that integrate business process intelligence and tools [1].

   BPM platforms offer significant benefits to the organizations either small or large. They can automate workflow and orchestrate processes. It helps in enforcing the positive impact on business by reducing risk of errors,

   providing metrics and reducing training costs along with deadlines and proper validation [1].

   The high level business processes can be broken down into workflow level processes. Workflow level processes are the detailed activities and enforce the way activities will be performed. Business process management mainly deals with information systems in the context of enterprise systems architectures. Technologies and approaches can be combined with BPM to enhance business systems and achieve effective management within organization.

   BPM establishes the strong connection from process design efforts to management system and business strategy. BPM has been extended to incorporate human-driven processes in which human interacts with processes with the use of technology, although it had an initial focus on the automation of business processes accompanying information technology.

2. Human Interaction Workflows

   Business systems have been extended to user interaction workflow management systems. Aim of such systems is to support the environment where multiple people work collaboratively. Human interaction workflows control process model activities and support automation parts of organization processes.

   Technological advances has changed the human- workflows interaction way. Enterprise world has been changing and has been moving towards mobility as employees have bought mobile smartphones and have sought support for using these devices in corporate environment. With increasing tendency among employees to bring their own devices, organizations favor bring your own device strategy with the aim to achieve employee satisfaction and to increase the productivity with the use of advanced technologies [2]. This strategy leads to the challenge of supporting diversity of devices in terms of device sizes and mobile operating systems. While mobility aims for employee productivity, it has created management challenges for IT organizations.

3. Application Management

In organization, employees prefer to use personal mobile devices for accessing the services, interacting with business processes, accessing organization data as well as for the

personal use. Applications in the organizations are growing in the number. Many organizations dont have the application platform that delivers proper applications to the right employee and therefore all the applications are accessible to all employees even if some applications are unwanted for them. Increasing number of applications and employees leads to unique challenge of application management.

The aim is to adopt the approach to build enterprise mobile application platform that can solve the problem of distribution of in-house applications and help achieving the availability of applications through the access control policies which are critical part of the enterprise platform. Access control mechanism also restricts the unwanted and unauthorized access to the enterprise applications.

The remainder of the paper is organized as follows: Section II summarizes and compared related work, Section III describes selection of development methodology. System architecture is described in Section IV followed by Features and Capabilities in Section V. Results are discussed in Section

1. Section VII concludes the paper.

   1. RELATED WORK

      This section describes the related work divided into 4 parts as implementation, frameworks, access control models and web services.

      1. Implementation methods

         In enterprises where users have diverse mobile devices, native specific solutions might not be preferred always because of resources, cost and time associated with the development activity for each platform. So ideal solution for this problem is to create and maintain single application for different platforms. Cross platform development targets on creating a single application which can be used across multiple platforms. Therefore cross platform development approach is relevant in this scenario. Following section describes four cross platform development approaches.

         1. Mobile Web Application : Mobile Web Applications are the web applications that are capable of correctly executing in mobile web browser. These are developed using web technologies such as HTML, CSS, and JavaScript.

            This approach has browser based application and server driven application data. Applications built by this approach are platform independent as they are browser based. Applications are similar to web applications so they can be accessed through URL in mobile web browser [5]. Mobile web applications cannot be distributes through app stores. Applications need to support screen resolution in order to run in different devices. This is one of the key things to be considered. Also, such applications cannot have access to device specific hardware such as camera, GPS etc.

         2. Hybrid Mobile Application: As the name suggests, it is the mixture of web and native methodology. In this approach, applications are built with web technologies similar to web applications but they get executed iside native container on the device. It means applications are rendered in the browser engine and displays webpage in full screen Web View. Fig. 1 shows a high level architecture of hybrid development approach.

            The JavaScript abstraction layer exposes device capabilities as APIs. Unlike mobile web applications, hybrid applications can be published to web stores and can be downloaded. Hybrid applications are inferior in performance as compared to native applications [6].

            Fig. 1. Hybrid Mobile Approach

            Also such applications lack in native look and feel. But to avoid the cost and time to develop separate application, these limitations can be accepted. Hybrid applications are thus suitable for the enterprise environment.

         3. Interpreted Mobile Applications: In this approach, the application code is deployed to the mobile device and then gets interpreted. Code is executed at runtime by interpreter across different platforms. Application logic can be captured in platform independent way and also native capabilities can be accessed through this approach.

            Business logic thus can be reused across different platform but application provides native look and feel. Like hybrid application, interpreted applications can be distributed through app stores. The performance of application might degrade because of runtime interpretation of code [6].

         4. Cross Compiled Applications: Cross compiler converts source code into native binaries in cross Compiled development approach. It allows developer to write application in common programming language and cross compiler converts source code into native specific code. Thus this approach is based on efficiency and reliability of cross compiler.

            All the features provided by native mobile applications are also provided by this approach. This approach thus able to access device specific features and such applications have native look and feel [6]. The code for user interface and platform specific code cannot be reused.

      2. Frameworks

         1. PhoneGap: Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The two main purposes of the framework are to provide an embedded Web browser (for example, WebView on Android, UIWebView in iOS, or WebBrowser in Windows Phone) that executes the apps Web code and to supply bridges that allows Web code to access local resources on the device such as the geolocation, camera, contacts, etc., thus developers need not to write their own device-based code in platform-specific languages such asjava or Objective-C.PhoneGap architecture is shown in fig. 2.

            Fig. 2. Apache PhoneGap

            This framework thus provides support for portable mobile apps with the development using HTML, CSS, JavaScript and the conversion of existing web apps into mobile apps. Framework adds the wrapper consisting of set of APIs that invoke HTML rendering engine and opens devices web view [7]. Their target platforms include mobile-phone operating systems such as android, iOS.

         2. Titanium: Architecture consists of two major parts- JavaScript Interpreter that executes application code and titanium library that provides access to native functionalities [5]. Titanium Library is natively implemented functionality accessible via JavaScript.

            JavaScript Application code runs on JavaScript interpreter and call to titanium library is given by JavaScript native bridge. This framework leverages JavaScript as main programming language.

            Fig. 3. Titanium Framework

      3. Access Control Models

         Access Control models have primary intension to restrict unauthorized access and allow authorized access to authenticated users. Following section describes different access control models.

         1. Access control Lists: In this oldest and basic access control mechanism, each object has its own associated list of mapping between entities requesting access to the resource and the set of actions that each entity can take on the resource. Users are allowed to do only those operations with resources. Limitation of ACL is it cannot be efficiently applied for hierarchies of permissions [9].Updating ACLs on individual files or group of files is time consuming and error

            prone.

         2. Attribute Based Access Control: In this approach, the access control permissions are based on a set of characteristics, or attributes, associated with the requester, the environment, and/or the resource itself. Attributes can be date an employee was hired, the projects on which the employee works or some combination. Employees role in the organization can also serve as one attribute. With this approach, it is not necessary that customer to be known in advance. This approach gets complicated with large number of attributes [9].

         3. Role Based Access Control: In this approach, access for the resource is permitted to the user based on his/her role in the organization. Administrator creates role, grants permission and then assigns user to the role [9]. This model consists of four entities namely Session (S), User (U), Roles (R), and Permission (P). Session describes the period in which user remain active with subset of roles. Each session maps one user to possibly many roles. User in this context denotes employee and role denotes his job function in the organization. Approval of particular access is referred as permission.

            RBAC model can formally be defined as-

            RBAC= {U, R, P, URR, PRR, S}

            Where U: Users; R: Role; P: Permission; S: Session

            URR: User-Role Relationship.

            URR U×R (many-to-many). PRR: Permission-Role Relationship. PRR P×R (many-to-many).

            User: S Uis a function that map each session to single user User (Si) (Constant for session life time)

            Roles: S 2Ris a function that map each session to set of roles- Roles (Si) {r| (user (Si), r) URR} (which can change with time)

            Fig. 4 describes the relationship between users, roles and permissions. RBAC creates the potential for hierarchies of permissions and RBAC also allows users to be members of multiple groups [8].In Enterprise world, implementing RBAC will be more useful.

      4. Web Services: SOAP vs REST

      REST does not enforce message format as XML or JSON or etc. But SOAP is XML based message protocol.

      SOAP provides a mechanism for services to describe themselves to clients (WSDL), and to advertise their existence (UDDI).One of the major benefits of RESTful API is that it is flexible for data representation; RESTful APIs are cleaner or easier to understand because they add an element of using standardized URIs and gives importance to HTTP verb used (i.e. GET, POST, PUT and DELETE).RESTful services are also lightweight, that is they dont have a lot of extra xml markup.

   2. SELECTION OF DEVELOPMENT METHODOLOGY

      Selection of the cross platform methodology depends primarily upon the application requirement. It also depends upon the targeted platforms, type of application, etc. The tool and framework support also is a factor to consider while selecting the methodology.

      Cross-platform development methodologies have been described in section II. Available frameworks for different methods of developing cross-platform mobile applications and languages that are used for development are described in I based on the information available in the documentation of respective frameworks [11, 12, 13].

      It is very important to decide upon the cross platform methodology to be followed for particular application. Different parameters considered for choosing the methodology are listed in II.Cross-compiled methodology does not involve the use of widespread technologies such as HTML, CSS, and JavaScript. Also, in this methodology User Interface and platform specific features cannot be reused. Cross-compiled methodology is thus less relevant as per the requirement.

      It is shown in II that code reuse in Web and Hybrid methodology is high. As web applications run in browser and hybid approach uses browser engine of device, many of the widely used platforms are supported whereas Interpreted approach support less number of platforms. Even it is not supporting Windows mobile platform. It is required to purchase license of Titanium for business use, thus development cost with Interpreted approach is higher than Web and Hybrid Approach. Applications developed with hybrid methodology can be deployed on marketplace but it is not possible in case of mobile web approach. Mobile Web app cannot have access to native device functionalities whereas Hybrid approach allows app to access native functionalities.

      Hybrid approach thus can be seen more suitable for our portable mobile platform.

      TABLE I. CROSS PLATFORM METHODOLOGIES, FRAMEWORKS AND PLATFORMS

      Methodology	Corresponding frameworks, languages and platforms
      	Frameworks	Languages	Platforms
      Web	Web Technologies	HTML, CSS, JavaScript	Android, iOS, Windows
      Hybrid	PhoneGap (Apache Cordova)	HTML, CSS, JavaScript	Android, iOS, Windows
      Interpreted	Appecelerator Titanium	HTML, CSS, JavaScript	Android, iOS
      Cross Compiled	Monocross	C# (.Net)	Android, iOS

      TABLE II. SUITABILITY OF APPROACHES BASED ON PARAMETERS

      Parameters	Approaches
      	Web	Hybrid	Interpreted
      Code Reuse	High	High	Moderate
      Platforms Supported	More	More	Less
      Development Cost	Less	Less	High
      Learning Curve	Less	Moderate	High
      App Deployment on Market	No	Yes	Yes
      Native Features Access	No	Yes	Yes

   3. SYSTEM ARCHITECTURE

      Fig.4 depicts the platform layers. System consists of five layers namely presentation, controller, authentication and authorization, service and resource. Following subsections describes the importance and role of each layer.

      1. Resource layer

         The resource layer comprises of enterprise application repository, Application Database and Authentication Database. Enterprise mobile applications which are uploaded by managers are present in application repository. Applications can be android applications or iOS applications. Application Databases holds the information about applications which is necessary for application provisioning and governance. Service layer accesses these resources and provides services to users.

      2. Service Layer

         The service layer provides the services to the clients in presentation layer. This layer includes three components namely update manager, application provisioning manager and download manger.These services are executed at server and are accessed by controller layer.

         Update manager provides services for upgrading application information. Application provisioning manager communicates with resource layer, handles the change in application permissions for users and helps in making right applications available to right employee. This can be achieved based on group and position based access policies. This closely related to the authorization component in Authentication and Authorization layer. It also takes care about notifying the user the updated applications.

         Fig. 4. Platform layers

         Download Managercommunicates with application database and provides the services to maintain the download count and other information related to downloads.

      3. Authentication and Authorization layer

         It establishes security framework. This layer ensures the proper access to the enterprise applications.Authentication allows only valid user to enter into the system and access services. Authentication is based on the username and password credentials. It checks whether entered credentials are correct and grant the access to the applications. Authorization layer restricts the access to the enterprise resources and allows the access to only useful resources based on access restrictions enforced by administrator.

      4. Controller Layer

         This layer interacts with the service layer though RESTful interface to provide the desired view in presentation layer.The response to the client request is sent through JSONformat. This helps to achieve interoperability between client and server. This controller layer acts as intermediate between Presentation layer and Service layer. These controllers use the RESTful web services to interact with various services at service layer. It has four controllers namely authentication, upload and upgrade, statistical and download controller.

         Authentication controller works in combination with authentication component to form authentication framework. Upload and upgrade controller interacts with app provisioning manager and update manager in service layer to imply the access restrictions through admin web panel.Statistical controller interacts with update manger and download manger to provide statistical reports on both mobile and web interface. Download controller interacts with download manger and allows users to download and install applications.

      5. Presentation layer

      This layer provides the cross platform mobile interface and web interface. Client Application interacts with the web server using REST architecture which is based on Hyper Text Transfer Protocol. Mobile Client application is RESTful client and is developed by HTML5, CSS3 and JavaScript. Apache Cordova framework adds wrapper to the developed application to make application capable of running on multiple operating system. Mobile interface is used by employees and managers to access enterprise applications. Administrators use

      the mobile interface to monitor the upload and download trends of applications. Web Interface is used by mangers to upload and upgrade the newly developed application and manage the access permissions for the employees.

      Fig.5 gives the architectural overview which is divided into high level components-Client application user interface and logic, Web server based business logic, and Enterprise applications and databases. Client server communication takes place through RESTful web services.

   4. FEATURES AND CAPABILITIES

      1. Positions and group based Access Control

         Platform restricts the unauthorized access to the resources based on the position of the employees within organization

         Fig. 5. System architecture

         and the groups to which they belongs. Fig. 6 shows the relationship between users, positions and applications. Relationship mapping between Employees and Positions/groups is many-to-many. Also, Relationship mapping between Positions/groups and Applications is many- to-many. Group based access permissions are useful to restrict or allow application accesses from large number of employees whereas Position based access permissions are useful to restrict or allow application accesses from relatively small group of employees which belongs to that specific permission. Employees belongs to different level of hierarchy may belongs to the same group.

      2. Portability as a paradigm

         Capability of software application that can be transferred from one environment to another is referred to as portability of application.

         Portability is the vital part of the motivation behind evaluating HTML5 as a cross platform strategy. In cross- platform mobile application, with the single code base application can be runnable on multiple platforms. Adaptability and Installabilty are the important measurable decisive sub characteristics of Portability.

         Fig. 6. Relationship mapping between Users, Positions and Applications

         1. Adaptability: Adaptability describes if application can be adapted to other platforms. Adaptability can be evaluated on the basis of how much work is required to adapt on different platforms. Since application should be adapted on android and iOS and work required adapting application on both android and iOS evaluates adaptability. This attribute is useful to verify that management platform all of its intended behavior on Android and iOS.

         2. Installability: To execute the mobile application on particular platform, application must be installed on the device. Installabilty describes if application can be installed on the target mobile platform. It can be evaluated on the basis of whether can be installed on device or not. Suppose if we measure this sub-characteristic in percentage, we could say Installabilty is 100% if app can be installed on both iOS and android.

      3. Interoperability

         Interoperability describes if it is possible for the system to communicate with other systems. Communication protocol and data format are the basis for interoperability [3].

         1. Communication Protocol: Application management platform delivers information over HTTP protocol as web services based on REST architecture has been used. We consider it as Boolean criteria to support interoperability that describes either protocol is supported or not supported.

         2. Data Format: Platform sends the data to mobile client in forms of XML, JSON. RESTful web services supports many other formats such as HTML, pdf etc. Evaluation of this characteristic can be done based on if these data formats are available from application.

      4. Reachability

      Reachability is important in constructing the mobile based application platform. Reachability allows application to determine whether server is reachable. It means reachability describes whether mobile device, server has network connection. Reachability is considered as Boolean criteria that describes active or dead network connectivity.

      Development languages and frameworks provide Reachability APIs that helps checking the network connection. Management application can identify whether mobile device or applications on server are reachable or not and accordingly notifies the user. If Mobile device and server are properly connected to network, we can say apps are reachable.

   5. RESULTS AND DISCUSSION

      1. User Interface on Android and iOS

         For our mobile platform, from user interface perspective, we got the same layout results with single codebase while running application across mobile devices with different operating systems. The corresponding images are shown in fig 7 and Fig 8.We made some minor variations in code in order to run application on both Android and iOS well because of the support of platform varies with different Cordova plugins. But for most of the parts, Write once run anywhere promise is followed as we are using Ionic framework and AngularJS

         Fig. 7. Application Provisioning Viewon Android Emulator

         that iswell adapted onAndroid and iOS. As we are using PhoneGap that provides WebView on Android, UIWebView in iOS, applications run uniformly on all Android and iOS devices.

      2. Portability

         Portability has been considered as Boolean criteria. This mobile platform app is installed and adapted on different sized Android and iOS devices, thus wecan say portability has beenachieved. In performancepointofviewthis management platform may lack than native application, but it can be accepted due to its simplicity and Write once run anywhere build approach.

      3. Access Control and Application Monitoring

      Mobile Platform centrally monitors the state of all applications and generates the report. Fig. 9 shows the chart that depicts the number of applications downloaded and uploaded. These statistics can further be used to know whether or not employees are using the mobile platform and accessing organization applications permitted to them. These results are also useful for depicting the popularity and adaptation of BYOD within organization.

      Fig. 8. Application Provisioning Viewon iOS Emulator

   6. CONCLUSION

The enterprise mobile platform addresses the challenges that are currently faced by organizations with growing number of business process applications, interaction with processes through mobile devices, and device diversity. This platform mainly focuses on portability of mobile platform client application that is achieved by using PhoneGap framework.Positions and group basedaccess control model enforces access permissions based on users job function within organization and ensures the proper provisioning of applications to the employees. The platform helps effectively managing applications and user access to applications.

Although performance of adopted hybrid approach may degrade a bit, less time and less cost for development of platform will add advantage in enterprise environment. Through this management platform employees can easily access the useful mobile applications on their Android and iOS mobile devices any time. Mobile device sizes do not put any restrictions on the use of applications through platform.

ACKNOWLEDGMENT

I express my warm thanks to Prof. (Dr.) R. M. Jalnekar (Director VIT, Pune) and Prof. S. B. Karthick (HOD, CSE-IT Dept. VIT, Pune) for encouraging and providing me with the required facilities and conductive conditions for my M. Tech. project.

Fig. 9. Statistics about number of uploads and downloads

The access permissions can be easily changed with web admin panel and the employees can access only permitted applications. With web panel, administrators can effectively upload applications, and change access permissions. Also, they can upgrade applications and the users of applications can identify the updated applications through the platform. Thus overall management of enterprise applications has been simplified and employees can access the permitted applications though this single platform.

REFERENCES

1. Weske, Mathias. Business Process management Concepts, Languages, Architectures. Vol. 14. Berlin: Springer-Verlag, 2007.

2. Yong Wang,Jinpeng Wei, and Karthik Vangury, "Bring your own device security issues and challenges." Consumer Communications and Networking Conference (CCNC), 2014 IEEE 11th. IEEE, 2014.

3. Andreas Holzinger,Peter Treitler, and Wolfgang Slany, "Making apps useable on multiple different mobile platforms: On interoperability for business application development on smartphones." Multidisciplinary research and practice for information systems. Springer Berlin Heidelberg, 2012. 176-189.

4. Gavin Mulligan, and Denis Gracanin, "A comparison of SOAP and REST implementations of a service based interaction independence middleware framework." Simulation Conference (WSC), Proceedings of the 2009 Winter. IEEE, 2009.

5. Florian wolf, and Karsten Huffstadt, "Mobile Enterprise Application Developmenta Cross-Platform Framework. FHWS Science Journal:33

6. Rahul Raj C.P and SeshuBabuTolety, "A study on approaches to build cross-platform mobile applications and criteria to select appropriate approach." InIndia Conference (INDICON), 2012 Annual IEEE (Kochi, India, 2012), pp. 625-629. 2012.

7. JussiRonkainen, JuhoEskeli, TimoUrhemaa, and KaisaKoskela-Huotari, "Experiences on Mobile Cross-Platform Application Development Using PhoneGap." In ICSEA 2013, The Eighth International Conference on Software Engineering Advances, pp. 146-151. 2013.

   /li>

8. VinithBindiganavale, and Dr. Jinsong Ouyang, "Role based access control in enterprise application-security administration and user management." In, IEEE International Conference on Information Reuse and Integration, pp. 111-116. IEEE, 2006.

9. Kayem, Anne VDM, Selim G. Akl, and Patrick Martin, "A presentation of access control methods." In Adaptive Cryptographic Access Control, pp. 11-40. Springer US, 2010.

10. Wasserman, Anthony I. "Software engineering issues for mobile application development." In Proceedings of the FSE/SDP workshop on Future of software engineering research, pp. 397-400. ACM, 2010.

11. PhoneGap, PhoneGap Documentation, [online], Available: http://docs.phonegap.com/en/4.0.0/index.html.

12. Appcelerator Titanium, Appcelerator Titanium Documentation, [online], Available: http://docs.appcelerator.com/titanium/latest/.

13. Monocross, Monocross Overview, [online], Available: http://monocross.net/overview.