Integrating security, analytics and application management into the mobile development lifecycle

Abstract

The advent of mobile devices has revolutionized many aspects of the software lifecycle. Unlike Web applications, which delegate most of the business logic to the server and use the client side for the presentation logic, mobile apps are client intensive. Another crucial difference is that the client side of Web applications is typically written using a combination of platform-independentWeb languages, whereas most mobile apps have native clients written in platform-specific languages. Though nativity hinders the portability of mobile apps across different platforms and even different devices inside the same platform, it enables smooth high-fidelity experience, high performance and compliance with the platform's UI style-requirements that can only be satisfied natively. The main cost, beyond the initial coding of a mobile app, is to maintain its different variants in the presence of updates. Indeed, mobile code is typically updated frequently, with bug fixes and new features integrated into each new version. In the enterprise setting, these new features often revolve around security, analytics and Mobile App Management (MAM). This paper presents Enceladus, an app-level instrumentation framework that addresses these high-maintenance costs by transparently enriching any mobile enterprise app with new analytics, security andMAMcapabilities not otherwise present in the original app source code. With Enceladus, the mobile app lifecycle is significantly reduced because the instrumentation is visually configurable, and any change to the instrumentation policy can be pushed transparently without requiring a full app update.