This application was designed to allow the client to roll out mobile client technologies (iPhone/iPad) in a manner that would meet their rigorous security requirements. Working in conjunction with telecommunication partners, we designed a system to properly isolate mobile devices and applications from the client’s sensitive internal network while simultaneously allowing access to specific network resources.
There are several components to this system.
A backend system was created that allowed mapping of various internal resources to externally accessible mechanisms. This backend system supports various communication protocols including HTTP, SOAP, REST, WebDAV and other proprietary protocols. A mechanism was developed to allow internal resource data to be transformed on the fly for specific client displays without alteration of the internal system generating the data. Security mechanisms were implemented to allow for a variety of technologies to be used seamlessly, including NTLM, Basic Auth, and the client’s proprietary SSO implementation. This backend system is deployed in a geographically distributed manner which allows client personnel across the United States access that is locally available, cutting down on network latency and providing a more efficient user experience. Additionally, this geographic distribution model provides for redundancy and failover in case of disaster.
A front-end web application was developed to allow support personnel to define and manage external endpoints to internal system mappings.
A custom iOS library was developed to allow client built mobile applications a mechanism to integrate with the internal proprietary SSO implementation.
This product suite allows the client to integrate custom built and commercially available mobile applications with existing internal systems without compromising security.
Technologies utilized: Java, Objective-C, MySQL