Best Practice for Software Developers in Mobile Application Development - Security and Challenges - Case Study Example

Best practice for software developers in mobile application development: Security and challenges: Contents 1Introduction 2 2Problem ment 4 3Solutions 5 4Analysis 9 5Conclusion 11 6References 12 1 Introduction The information technology discipline has seen a monumental change in the development of the information systems that initially focused on web based platforms, to a sophisticated mobile environment. It can be explained by the consumer changes in electronic gadgets commonly used. Mobile devices have replaced Laptops and Desktops computers. (A. Smith, 2011). The emergence of smartphones and tablets has changed the I.T. world. We initially associated the smartphones to the business class, but this notion has changed. We have seen a tremendous increase in the sales of these new technologies as compared to the sales of laptops and desktops. The reasons can be expressed from their value and reliability. The key players in this new face of information technology are Apple, Google and Windows. These are not the only partners as there are the older partners; the Symbian and Palm. The Market leader is the Apple with its Apple App Store market recording an enormous market share. (Pricing for success, 2011). Apple leads in the various mobile devices like the iPod, iPhone and iPad. Its operating system, the IOS has retained its uniqueness so far associated with Apple products. Google came to the mobile world with its advanced technology that is Android. The difference created stiff competition that lead to consumer benefits. Google’s android provided new ideas and reduced various limitations that apple products presented especially with regards to hardware and software compatibility. A number of mobile devices support Google’s android. These include Samsung, HTC, LG, among other devices. Windows, a powerhouse in the desktop operating systems, also wanted a share in the mobile market and introduced its windows mobile operating system. There is immense rivalry between Apple’s IOS and Google’s Android (Pricing for success, 2011). Why is there a strong desire for mobile solutions? It is clear from the surveys that mobile consumers are increasing dramatically. A forecast of potential 2 billion users worldwide by 2015 would be accessing smartphones. On the other hand, a possible 90 million users will have access to tablets. (A. Smith, 2011). This picture shows the need for I.T specialists to focus on developing solutions that are mobile applications related and have the expertise on designing these applications. Wise I.T. Specialists should even consider cross platform solutions. The learning process focuses on the solution development. Functionality of any app is crucial; otherwise the application is useless. However, we ignore other fundamentals of any design model. The security aspects of the applications. This is essential especially in this age of hackers. We may face challenges while addressing this area. We can overcome these challenges by the different approaches we take in the development of applications. We can incorporate external developers who come in with experience, though are expensive. We may choose web based solutions that ease the conversion to mobile applications. The likes of phone gap. We may choose classic, non –codeless environment. Finally, we may want to develop applications personally. Costs, software complexity and expertise required, determine the method we will take. No matter the method selected in the development cycle, security aspects must be addressed. This report will provide the reasons as to why neglecting this area can prove futile to the success of the organization. 2 Problem Statement The mobile development phase involves several interrelated factors that need to be addressed for the success of the mobile application. Any developer needs to consider the user interface, the functionality, the network infrastructure, the mobile computing framework, and the security paradigm (A.I. Wasserman, 2011). All these paradigms present with challenges. Say the user interface, it should be as friendly as possible. It should minimize complexities which would prohibit an I.T. ignorant customer from using it. The functionality aspect of any application is critical. Otherwise, the application is useless. Functionality creates the uniqueness and originality of the developer in solving a presenting problem. It determines the success of a mobile application. We address the network infrastructure with respect to the intended target of the mobile application. There are 3G, 4G, Wi-Fi, and Wifi-Max among other network structures (J.D. Vriendt et al., 2002). The mobile computing framework presents a backend of implementation of various mobile applications. It masks the hidden aspects of the development phase. Challenges faced here are more of a technical nature. Finally, the security aspect of the mobile application. This is the main focus in this research. Mobile network implies the freedom of movement unlike in wired-network. This is the reason that is behind the preference of mobile devices rather than the traditional fixed desktops. This mobility comes with a price. We expose them to security vulnerabilities. They are more vulnerable than wired networks since we confine vulnerability of wired networks to accessibility to the wired network. For mobile networks, accessibility is unlimited. (M. Guizani and A. Raju, 2005). Thus, security aspects of any mobile program should be a pivotal role. In general, mobile application development faces many challenges. This is so from the conceptualization phase, design and programming phase, to the implementation phase. Each phase has its unique challenges. (B. Fling, 2009). Developers need to understand these various issues rose. To overcome these challenges, we use standard and detailed methods (B. Fling, 2009). Though a developer may be inexperience in a mobile environment, he or she must address these issues. Over time, he will tackle these challenges and security issues. 3 Solutions Mobile solutions developers need to understand the unique intricacies surrounding mobile applications. They are different from desktop application, and their capabilities too. We can consider the following strategic methods in any mobile development phase. Strategy development. (The citation in green comes from AT&T developer attachment provided. Document H. Be assured that I used all the attachments provided. The reference is to the previous sentence. I have reviewed this to confirm.) Like any development phase, this commences the entire project. It involves the collection of relevant documentation. It guides the developer in understanding the task in front of him. This facilitates the planning of the project. The developer examines the various stakeholders and end users after gathering the relevant documentation. Input from these sources determines a successful mobile application. (A.I. Wasserman, 2011 & AT&T Knowledge Ventures, 2007). They will determine the user interface, the expected functionality, the uniqueness and the overall reliability and significance of the application. The level of security so desired will also be tackled. Different stakeholders may opt for different levels of security for their mobile applications. This depends on what they want, the level of privacy desired, or even the seriousness and sensitivity of data. The developer should verify that all the relevant people have put forward their views. It is necessary for the planning of the mobile development phase. Research should commence after considering input from the stakeholders. (AT&T Knowledge Ventures, 2007 & B. Fling, 2009). The research focuses on the field in which the mobile program will enter. It is irresponsible for any mobile application developer to enter into an industry without proper understanding of his competitors. Here, he will carry out the SWOT analysis and with the results flagging off the next stage of development. Security issues emerge here especially when faced with aggressive competitors who do not mind crossing the ethical lines in getting business secrets. Knowing what the competitors can do, will shape the security structure for the mobile application. The developer then conducts strategy sessions, where he sets target milestones. This section also provides an in-depth of the entire development team. Role definition occurs. We outline the time schedule too. Within the strategy sessions, we describe key mobile processes and drivers. We assign the security docket to a specialist. It would be unwise to rely on an inexperienced developer. If preferable, designate this domain to a hacker. He will see the vulnerability points in the system. These are essential as they will influence the development scheme and procedure to be followed. A good strategy will automatically transform to a quality mobile application. Technology requirement evaluation Here, the developer analyzes the mobile application technical requirements and selects the exact technology to achieve the solution. Emphasis is on using technical resources within the organization’s budget while not compromising on the quality of work. It is necessary for the solution to be achieved in a user friendly environment. These requirements automatically affect the security area. Thus, a number of approaches can be followed. (AT&T Knowledge Ventures, 2007). A browser based architecture, which is easy to implement though inferior in performance and security. A rich versus thin client architecture determines the possible device array of the mobile application. It terms of security bearing, it is good. A push versus pull architecture continually puts the program in connection with the server. This exposes the server to potential breach. It is an extremely dangerous model to keep with regards to security. A custom versus native approach lays emphasis on the level of integration the application will accomplish in the various platforms. It has some influence on the security aspects. In short, the technical requirements of any mobile software are critical to the developer. Whichever structure he opts for will entirely depend on the complexities of the anticipated application. The security desired will affect the architecture too. Fitting solution to the environment Depending on the problem to be solved, the solution can follow a number of strategies. Defining the problem determines the solution. Should the desire be creating mobile solutions for data capture and sending the data for storage, then vertical market solutions are the way forward. They provide extensive features for work functions. However, they are inextensible to other organization information. They are insecure most of the time. Therefore, information that will run in these systems should not be sensitive. Should the desire be in Internet synchronization, then an approach of wireless e – mail and synchronization products is the way forward. It is pretty easy to integrate, and supports a wide range of devices. Application data of interest limits its access. This ensures its security. (S. Murugesan and B. A. Venkatakrishnan, 2005). Mobility extension from prior vendors is another method. It is the simplest approach. It includes management and security features. It is the best model to use where security is of interest. It may be restricted by the fact that it ties the software to a single vendor, and so limiting the scope of devices supported. Whichever method selected it should consider a near perfect replica of the solution to the environment. (AT&T Knowledge Ventures, 2007). Platform policy definition. This is a mainstay in the development phase. The two key policies are a native application development policy and cross – platform application development policy. (S. D. Drake, Oct. 2008). Native application development focuses on developing the mobile application on a single platform. The platform can be Android, IOS, or Windows. This will automatically determine the integrated development environment to be used by the developer. For instance, should the application be intended for android operating system, then we will use Java programming language. We will use Eclipse as the IDE. In IOS, we use Xcode. While windows mobile application utilizes C++ language. (Choi, Yoonseok, Jin-Seok Yang, and Jaewon Jeong, 2009). The native development approach limit the mobile application to one single platform. Developers may opt for developing applications for the most popular platform ignoring the others. This is usually the case after considering the strategic benefits of native applications. Native applications have a proficient level of integration into the operating system. These apps can utilize the hardware resource of the mobile devices efficiently. This improves their security potentials. Their greatest obstacle on solo platform functionality hinders most developers from using this strategy. Native applications manage security issues with ease since the applications are custom made for that platform. (S. D. Drake, Oct. 2008). Cross-platform system avails the capabilities of the mobile application across a number of operating systems. Here, we develop the mobile application with considerations that it will need to succeed in different environments. Thus, the approach will use programming languages such as HTML5, JavaScript, and CSS. Tools such as; Phone Gap, AppAccelerator utilize this strategy. (Choi, Yoonseok, Jin-Seok Yang, and Jaewon Jeong, 2009). The disadvantage is the level of integration of the application to use the hardware resources effectively is ineffective. The current operating system hinders its interaction. With regards to security, cross platform method is subject to possible bugs that may compromise data integrity. As the developer decides which strategy to use, he analyzes the functionality, freedom and security level desired in the mobile application. 4 Analysis The mobile development cycle needs continuous assessment to monitor success and identify flaws early. A comprehensive testing procedure performs this effectively. It should be closely coordinated and aims at assessing an all-round functionality, maintainability and security of the mobile application. We can incorporate different approaches. Manual testing is one of the commonest testing protocol which by far is the most time consuming, error prone and costly. It does not value security 100 percent. For quite a while, we have used emulators and simulators. (S. Murugesan and B. A. Venkatakrishnan, 2005). They provide a framework within which the mobile application can be analyzed. They are useful in evaluation of the application in the anticipated mobile devices that would run the same operating system. However, their weakness is in assuming that a tested mobile program shall work when employed in the actual device. It does not factor in the differences in mobile devices running the same operating system. Such differences explain why certain mobile application work on one android phone and not another. Like manual testing, security rating is minimal. Protocol virtualization in the application layer isolation saves on the cost required to setup middle wares for the testing protocol. (S. Murugesan and B. A. Venkatakrishnan, 2005). They still lack a high level of analysis required. Security rating is seriously inefficient. On - device instrumentation puts the tested code on the mobile device. It provides a good understanding of the behavior of the application. It is a sensible approach. It better assesses the security features of a mobile application. Device clouds save on the cost of setting up combinations of testing procedures. (S. Murugesan and B. A. Venkatakrishnan, 2005). It links the actual testing of the mobile application to the end users. It is a good model to study security features as the end users may see potential bugs. The developers could also contact paid hackers to find loop holes in the mobile application. This can be achieved in this setting protocol. The trend in selecting the testing procedure is to focus on a way that will fully analyze the effectiveness of the system. It should be able to identify bugs and allow their elimination. Other issues we address in mobile systems analysis include; the various user interfaces to meet the range of people worldwide. User interfaces for children need to be straightforward and engaging. For adults, it may be complex but meeting quick function capabilities. We particularly require Context – aware applications. Here, the application filters content based on a user’s likes and dislikes. It is a challenging sector to achieve owing to multi-cultural diversity that exists. A successful application has an organized situation awareness protocol. This improves security as it limits information accessible. Self-adaptive requirements supplement context awareness protocols, making the applications dynamic and secure. (J. Dey, Anind K., Hakkila, 2008). 5 Conclusion This research focuses on the mobile application development cycle. The challenges faced in implementation. The security challenges, analysis and maintainability aspects. We have seen a well-structured approach in achieving so desire goals. A coherent structured procedure is as good as having a successful mobile application. A good application has a good security measure. Strategy development, Environment solution fitting, technology requirement evaluation, and platform policy definition are necessary. They determine the security features of the mobile application. These solutions maneuver through the obstacles met in this foreign area of expertise. They present with a conceptual achievement of the overall goal. The analytical aspects assess the success of the solutions applied. They shape the way forward for the development circle. They define possible recommendations to the mobile application, and so ensuring its security. As stated earlier, any application must have functionality, a purpose and must ensure security of the data. This confirms that mobile application development will emphasize on these pillars. Mobile application development is still a foreign land to go to, but a necessary go zone. (S. D. Drake, 2008). The current consumers worldwide has shifted from the traditional desktop and laptop use to the more sophisticated, reliable and efficient mobile devices. Thus, developers need to addresses these challenges for the overall success. 6 References 1. Aaron Smith: Smartphone Adoption and Usage; Pew Internet, July 2011 2. Pricing for Success: Industry Trend and Best Practices, (2011), Distimo. 3. A.I. Wasserman: “Software engineering issues for mobile application development” in proceedings of the FSE/SDP workshop on Future of software engineering research – FoSER 10, (2010). Pp. 397-400 4. B. Fling: Mobile design and development. O’ Reilly, (2009). 5. J. Dey, Anind K., Hakkila: Context-Awareness and Mobile Devices, (2008). 6. AT&T Knowledge Ventures: Mobile Application Development Best Practices, White paper, (2007) 7. S. D. Drake: Embracing Next Generation Mobile Platforms to Solve Business Problems; Sybase White Paper, (Oct. 2008) 8. Choi, Yoonseok, Jin-Seok Yang, and Jaewon Jeong: Application Frame Work for Multi-Platform Mobile Application Software Development. IEEE. (2009) 9. S. Murugesan and B. A. Venkatakrishnan: Addressing the challenges of web applications on Mobile Handheld Devices. IEEE CS Press, (2005), pp. 199-205. 10. J.D. Vriendt et al., Mobile Network Evolution: A revolution on the move, IEEE Comm. Magazine, vol. 40, no. 4, (2002). 11. M. Guizani and A. Raju: Wireless Networks and Communications Security, vol. 3, Nova Science Publishers, (2005), p. 320. Read More