Gegi Thomas

On demand web-client technologies

This paper describes a comprehensive set of technologies that enables rich interaction paradigms for Web applications. These technologies improve the richness of user interfaces and the responsiveness of user interactions. Furthermore, they support disconnected or weakly connected modes of operation. The technologies can be used in conjunction with many Web browsers and client platforms, interacting with a J2EE™ server. The approach is based on projecting the server-side model-view-controller paradigm onto the client. This approach is firmly rooted in the Web paradigm and proposes a series of incremental extensions. Most of the described technologies have been adopted by IBM server (WebSphere®) and client products.

Enabling bring-your-own-device using mobile application instrumentation

Many enterprises are investigating Bring-Your-Own-Device (BYOD) policies, which allow employees to use their personal devices in the workplace. This has led to mixed-use scenarios, where consumer and enterprise software are installed on the same device. In this paper, we describe the Secured Application Framework for Enterprise (SAFE), a comprehensive system for enabling BYOD that allows enterprise and consumer applications to coexist side-by-side on the device. Rather than partition the device by profiles, SAFE embeds enterprise functions in each enterprise application; this allows for a seamless user experience and minimal intrusiveness on the part of the enterprise. We describe the SAFE toolset that implements the embedding of the SAFE instrumentation layer, and then provide an overview of several enterprise features that can be configured using SAFE. Specifically, we describe modeling for analytics, testing and replay, anomaly detection, and cloud data services, all enterprise features that can transparently be added to mobile applications.

Improving design validation of mobile application user interface implementation

During the mobile app development cycle, User-Interface (UI) components rendered by the mobile app are typically validated against high-fidelity mockups by manually comparing screens from a mockup design to screens developed in the app. This validation most often takes the time of the lead designer, resulting in many post-sprint defects and tasks that must be folded into the next sprint iteration. To improve this process, an engineer should be able to validate layout as part of the acceptance criteria for each task submitted, providing a more complete UI, less defects and reduced cost for the app development. We propose a system of improvements for moving this process forward by automatically validating layout. The system is based on techniques from computer vision, in conjunction with style policies, which together facilitate validation of design layout prior to submitting completed task work, thereby reducing the overall cost of developing UI designs.

Runtime adaptive multi-factor authentication for mobile devices

The Runtime Adaptive Multi-factor authentication ENvironment (RAMEN) is a client and server-side framework that provides multi-factor authentication policy enforcement for mobile devices running iOS® and Android®. On the client side, RAMEN uses a security manager that can intercept network calls and forward them for secure authentication to a server-side proxy. The server-side proxy contains a dynamic policy engine that can be configured to choose between different authentication methods depending on the mobile context. RAMEN is an extensible framework that has interfaces to plug in different authentication methods. We describe the policy model and implementation of RAMEN. We show the value of RAMEN to developers through an implementation of location-aware security policies that can be set up to enforce security zones that relax or enhance security requirements for different applications.