Dealing with identity in devices and services scenarios

Seamless device scenarios require services to store and share data across devices and
Apps. This requires the solution to authenticate the user (who is it) and to authorize the request (is this user allowed to perform this task/see this information). There are different options to deal with user authentication:

Authentication options

Authentication options

While the most pragmatic way would be to introduce a username and password for our solution, this introduces two major problems:

  • First, we need to implement a proprietary credential management system which allows us to create, store and manage the user name and password.
  • Secondly, the user needs to remember the logon information for our solution. I have to say that I really hate to create a user name and password for all the different services and website I use! Why can’t they just use one of the existing identity providers such as Microsoft Account or Facebook ID?

We actually can: It is quite simple to use existing identity providers and federate them with our solution using Windows Azure Access Control Service. This allows the users to use their identity provider of choice and work seamlessly across devices and solutions. The simplest way to get started is to use Windows Azure Mobile Services: The following tutorial shows how to configure a Mobile Service solution to give users the choice of a Microsoft Account, Facebook, Twitter or Google login. Sweet…


From applications towards Apps (2/2)

Different devices have different capabilities and many of our workflows and business processes involve multiple devices (sequential and/or simultaneous).

core device capabilities

core device capabilities

The device choice is usually based on its core characteristics:

  • Smartphones are personal devices which provide connectivity everywhere and everytime but they are not really suitable for productivity tasks
  • Tablets are great consumption and entertainment devices but may have limited connectivity
  • PCs are THE productivity devices but their form factor may introduce some mobility constraints

However it seems that these distinctions blur more and more:

  • Some Smartphones are already close to the size of tablets and provide great consumption experiences
  • Newer Tablets have dramatically improved their connectivity capabilities (e.g. built in 3G/4G)
  • Microsoft launched with Surface a tablet with PC capabilities (or vice versa, depending on the way you look at it).
from applications towards Apps

from applications towards Apps

To take advantage of the different device capabilities, the solution landscape is moving from one application that supports multiple scenarios towards multiple Apps that deliver an individual scenario across multiple devices (each App optimized for the specific device experience). Building such scenarios has an impact on how we deal with the following aspects (the list is by no means complete):

  • Identity – The underlying services need to recognize users across multiple Apps and devices. Being able to federate the user’s identity of choice enables the required single sign-on experience across services and devices.
  • Storage – The ability to access the same data from different devices independent of location requires the solution to store state and information not locally but on a shareable location.
  • Communication – Seamless, rich bi-directional communication across different users and devices. This requires collaboration and notification capabilities across Apps and devices.
  • Monetization – Different scenarios require different monetization strategies. There is a large spectrum from starting with freemium to pay for Apps to service usage subscriptions. These business models are dependent on the user type: Consumers have different needs and paying behaviors than organizations.
  • LifecycleApps will most likely change more frequently than the service they’re built on. New devices require new Apps all connecting to the same service. Decoupling of service and App becomes a core asset in providing a seamless App experience across multiple devices. Taking a service oriented approach and reducing the dependency between the service and the devices allows for independent development and release management. It’s also important to understand the Apps distribution constraints which might be given through the various marketplaces.

I will cover these aspects in more details in future posts.

From applications towards Apps (1/2)

Looking at today’s application landscape, one core distinction is whether the solution is available on the public internet or only within corporate boundaries while the application is connected to the Intranet. Bring Your Own Device (BYOD) may introduce the ability to connect devices to the corporate network, but only a few devices are able to domain join and  the existing applications are not designed with the respective device capabilities in mind. Considering that various devices have different capabilities and form factors it is no surprise that existing browser and client applications don’t deliver the best user experience across devices. With a few exceptions (such as email) these applications aren’t available outside the corporate firewalls.

Application and App landscape today

Application and App landscape today

Today, Apps are predominantly available for consumers and not for business scenarios which requires a connection to corporate data and workflows. Many device scenarios increase productivity the most while not in the office but offsite with customers or while commuting to the office. Given the nature of devices, their connectivity capabilities and compliance requirements, VPN/DA may not be an option.

That’s where dedicated device Apps together with (Internet) services will play a major role. However, the trend towards Apps won’t replace browser and client applications for the more complex workflows.

Application and App landscape tomorrow

Application and App landscape tomorrow

To deliver the most value and best usability, Apps need to be designed for a focused set of interactions. That’s why many existing and new solutions won’t be replaced by Apps but rather will require multiple Apps for dedicated tasks within longer workflows (e.g. taking a picture of a receipt and classify the expense, while the expense report will be completed using a desktop application). In addition to browser and client-based applications, Apps will become an integral part of how business processes and solutions will be delivered. The services of these solutions most likely will take advantage of cloud capabilities such as elastic/scalable compute, cheap/reliable storage and federated identity.

Setting the scene

Back in the days of client server applications, we designed systems end-to-end. This meant that most server functionality surfaced through exactly 1 application – the client. When web applications became the de-facto standard for delivering solutions, most server functionality (if not all) was consumed by just one client, the one web application for that function. This really started to change with SOA and composite applications: The monolithic client server applications were replaced by reusable services and composite UI technology. These mash-ups provided the user with rich information coming from multiple services. Early examples of such mash-ups include solutions taking advantage of mapping services such as Google or Bing maps.  This change introduced a new dynamic into the application ecosystem where suddenly one could build an application taking advantage of already existing services and now focus on value add through visualization, usability or unique composition. Or one could focus on delivering a building block service which will be used by other applications. We moved from an ecosystem of holistic application builders (ISVs) to one based on service providers and services consumers. The ability to connect to literally any web based service allowed companies to focus on their core competency, whether this was building and operating services or providing a great application experience to their users.

There seems to be an agreement that some of the recent and most impactful trends emerging are mobility, social and big data. All three become even more powerful if combined with the fourth mega trend: The cloud.

  • Mobility gives access to information anytime and anywhere. However, due to limited storage and compute capabilities and the need to access information from multiple devices, the cloud becomes the key player in providing great mobile experiences. The cloud enables new ways to store and compute information and is accessible across all devices.
  • Social undoubtedly established itself as a core marketing, content sharing and App distribution strategy. However, the power of social requires an underlying service platform that can handle the unpredictability and the viral nature of social Apps. Such Apps can cause serious headaches in forecasting the needed compute capacity. However, if such applications are written in cloud style, they can access nearly an unlimited set of resources that are easily scalable when needed.
  • Data and information is power. Big data technology enables a new level of data and business insight, but only if a significant amount of data is available. While historically storing large amounts of data was very expensive, the economies of scale of cloud computing now allow storage of huge amount of data at an affordable price. The rapid development of cloud style big data technology makes data analysis broadly accessible.

There is no doubt that these trends have an impact on the way we build and use applications. For instance the popularity of mobile devices established an App ecosystem. While many of today’s Apps resemble mini applications (reflecting the whole solution), over time we will see Apps become building blocks for rich end-to-end solutions with various Apps supporting scenarios across devices. This move will not only imply technology changes but will require new marketing, distribution and monetization strategies.

While in the beginning, Apps are predominately used in consumer scenarios, Apps for business usage will become more and more popular. Many employees expect their personal devices to seamlessly work across corporate applications and consumer apps. This obviously introduces challenges for IT departments: How to expose services and make them accessible to devices without compromising the security and compliance policies?