Sunday Mar 01, 2015

New! Establishing a Mobile Security Architecture

Excerpts from a recent publishing.

Beyond Brute Force: 3 User-Friendly Strategies for BYOD Security*

In 1825 a painter named Samuel Morse was visiting New York City to fulfill a portrait commission and received word that his wife—at home in Washington, D.C.—had fallen gravely ill. The following day, another messenger brought heartbreaking news: Morse’s wife had died from her illness. Morse rushed home as fast as nineteenth-century transit could carry him but arrived to find his wife already in her grave. This devastating series of events led Morse to dedicate the remainder of his life to finding a means of rapid communication over long distances—eventually leading to the creation of the single-line telegraph and Morse code.

In 2014 Morse’s tragic episode underscores some of the forces mobile workers are still facing today. We are working longer hours than previous generations, many of us at greater distances from those we love. Our smartphones bring us closer (expanding Morse’s vision) with the people we care about, being no more than a voice call, e-mail, text message, or Facebook wall post away. As a result, personal and work communications are intersecting, with 89 percent of employees today using personal mobile devices at work or using their work devices for personal applications.

The phenomenon of Bring Your Own Device (BYOD) to work gives employees a kind of comfort Morse never knew, but it makes CIOs and CSOs uneasy, sparking concerns about protecting corporate data and preventing unauthorized access to internal systems. These fears are not unfounded: recent statistics show that cell phone theft has created a $US30 billion black-market economy. In San Francisco alone, 50 percent of all robberies are cell phone thefts. It is not a matter of if but when a personal device with your corporate data will fall into the wrong hands.

Download and read the rest here.

Monday Feb 23, 2015

Enabling Mobile Application Management with Secure Enterprise Single Sign On

Introduction 

Oracle Mobile Security Suite (OMSS) addresses BYOD challenges by isolating corporate from personal data on consumers’ personal mobile devices without needing to lockdown the entire device. Using a technique called containerization; the Oracle Mobile Security Suite creates a Secure Workspace (SWS) in which corporate applications,email and data are stored. Only authenticated users can access the secure workspace to run applications and access data and only applications provisioned or approved by corporate IT can be installed and executed from within this secure workspace. If the device is lost or stolen, corporate IT can remotely wipe the secure workspace without affecting any personal data.

The OMSS Secure Workspace (SWS) leverages OAM infrastructure for secure authentication (or even strong authentication/risk based access in the upcoming PS3 release) and seamless single sign on to corporate resources for all containerized apps. In this blog post I'll describe how the OAM Mobile & Social (M&S) OAuth Service allows OAM to provide secure authentication and enterprise single sign on to Oracle's Mobile Secure Workspace (SWS) .

How it Works


In order for the Mobile Security Access Server (MSAS) to authenticate users against Oracle Access Manager and retrieve Oracle Access Manager and OAuth tokens for integrated single sign on, the Mobile Security Access Server (MSAS) is registered as an OAuth Client with the M&S OAuth Service. In the current PS2 release we support the Confidential Client OAuth flow only; however in the upcoming PS3 release we will support Dynamic Client Registration as well.

Confidential Client Flow - In this flow MSAS is the OAuth 2.0 Confidential Client and M&S is the OAuth Server as well as the Resource Server. MSAS uses the clientid and secret entered in the container as confidential credentials for this flow. The confidential client first obtains an JWT User Token (referred to as User Identity Assertion) using this clientid, secret and the userid and password entered by the user in the secure workspace. The confidential client then obtains an OAuth2.0 Access Token using a standard OAuth 2.0 JWT user assertion flow on behalf of the resource owner. The OAM Tokens to access 11g or 10g protected resources are then obtained using the extension OAM Credential grant type using this JWT User Token. MSAS stores the encrypted JWT UT and the OAM MT (corresponds to an OAM_ID cookie for OAM protected web resources) in an STOKEN which is returned to the secure workspace app. This allows an authenticated secure workspace app user to single sign on to OAM protected resources with the OAM MT in the STOKEN and to any OAM OAuth REST interface using the JWT UT in the STOKEN.

Dynamic Client Registration - In this authentication model, a workspace is dynamically registered with M&S through MSAS and the workspace itself obtains the JWT Client Token after successful workspace registration. Compare this to the Confidential Client Flow flow above where the workspace app uses the client credential of MSAS. The registration of the workspace basically involves app and device profile attributes to be automatically sent to the M&S OAuth Server which creates a JWT Client token based on the unique "fingerprint" specific to the app and the device of the workspace app. The rest of the flow is similar where the workspace app itself is the OAuth Client (mobile OAuth client) and M&S is the OAuth Server as well as the Resource Server. In this flow we support step up authentication (using KBA or OTP) and device context based fine grained authorization during both user authentication to the workspace app and subsequent single sign on to corporate resources from any of the containerized apps. This is now possible because M&S uses its built-in integration with OAAM (using the Security Handler Plugin) to perform risk analysis based on the device and app context now available in this authentication.

Sunday Feb 15, 2015

Oracle @ Mobile World Congress 2015


Hola! Join Oracle next month at Mobile World Congress 2015 in Barcelona.  The premier mobile event of the year. I heard over 85k people showed up last year just for the tapas!  We are in Hall 3, #3B20. The Oracle Mobile Platform team will have 1 of 18 pods (Oracle has a plethora of mobile products) and we'll be previewing Oracle Mobile Cloud Service, showing example mobile apps, demos of Oracle Mobile Security Suite and Oracle Mobile Application Framework. Espero verlos alli.


Monday Feb 09, 2015

Getting started with iOS development using Eclipse and Java

Crosspost from Shay Shmeltzer's blog.

Want to use Eclipse to build an on-device mobile application that runs on iOS devices (iPhones and iPads)?

No problem - here is a step by step demo on how to do this:

Oh, and by the way the same app will function also on Android without any changes to the code :-)  

This is an extract from an online seminar that I recorded for one of Oracle's Virtual Technology Summits - and I figured people who didn't sign up for that event might still benefit from having access to the demo part of the video.

In the demo I show how to build an on-device app that access local data as well as remote data through web services, and how easy it is to integrate device features too.

If you want to try this on your own, get a copy of the Oracle Enterprise Pack for Eclipse, and follow the setup steps in the tutorial here.

And then just follow the video steps.

The location of the web service I accessed is at: http://wsf.cdyne.com/WeatherWS/Weather.asmx?WSDL

And the Java classes I use to simulate local data are  here.


Monday Feb 02, 2015

Oracle Mobile Application Framework 2.1 - Now Available

Crosspost from last week's announcement by Shay Shmeltzer at blogs.oracle.com/mobile

The Oracle Mobile Team is happy to announce the release of Oracle Mobile Application Framework 2.1 - a major update to Oracle's mobile development framework.

This new version focuses on upgrading the framework's infrastructure and includes the following new features:

  • Support for Java 8 - Java is the language used for business logic development on Oracle MAF, in fact Oracle MAF is the only solution out there that will run the same Java code on both iOS and Android.  Now developers can leverage the latest features of the Java language - such as Lambda expressions, Collections with Generics and more - while running on a 64bit JVM that supports the Java 8 Compact2 profile.
  • Cordova 3 support - Cordova is used in Oracle MAF to provide access to device features. Oracle MAF 2.1 updates the Cordova version to 3.6.3 on Android and 3.7 for iOS, dramatically increasing the number of available plugins that developers can leverage.
  • Simpler Cordova Plugin integration - Oracle MAF leverages the plugman command line to build and incorporate plugins into Oracle MAF apps.
  • Xcode 6 and Android 5 support - use the latest SDKs to compile and deploy your MAF applications across multiple devices.

You can get Oracle MAF 2.1 by downloading the new Oracle MAF extension through the JDeveloper Help->Check for Updates functionality.

We highly recommend that you read the installation guide and migration guide before you start your upgrade process. The setup might be a bit tricky because you'll need JDK7 to run JDeveloper but JDK8 to use the extension - so follow the instructions carefully. 

Have questions? - join us on the Oracle MAF discussion forum on OTN

Unrelated side note but that was quite a Super Bowl finish, eh? A miraculous catch followed by what some have said was the worst call.  I mean, a time out left, half a yard to go, and 3 downs to use, with one of the best running backs in the league, and you throw on 2nd down? Wow. 

Tuesday Jan 20, 2015

Upcoming Mobile Events

Hello Mobile Fans!  Two upcoming Oracle sponsored mobile events you don't want to miss!

Cloud Platform Online Forum. It's on - Jan 28. It's all good but don't miss Shay Shmeltzer go over and demo the Oracle Mobile Cloud Service (The GA release is coming soon!) It's that whole bringing mobile development to the cloud, mobile backend as a service, and making everyone's lives better. Check it out!

For my European friends or anyone going to Mobile World Congress, stop by the Oracle booth and we can continue our conversant on all things mobile including: Oracle Mobile Cloud Service, Oracle Mobile Security Suite, Oracle Mobile Application Framework and our growing library of mobile applications.

Follow us @OracleMobile

Monday Jan 12, 2015

RightNow & JDEdwards Integration Demo by SOA Suite 12c Including Mobile App

Crossposted article by Richard Lefebvre 

To get access to the Oracle demo system please visit first OPN (OPN account required)

Oracle GSE account members with interest in Tech, FMW, JDEdwards or Service Cloud; +GSE +PDIT DSS

Customers today constantly engage with companies across multiple channels. Companies need to be able to engage, sell to, and service customers across all channels: the web, in a store, over the phone, via a mobile device or through social channels. Customers desire a simple, secure and consistent experience, whether it is a bank they are interacting with, or a retail store they are ordering a product from, or a service and maintenance request they are creating.

Highlights

The demo illustrates how to

  • Leverage common development technologies to enable compatibility and re-usability across multiple channels
  • Access information and applications intuitively and securely through self-service portals for customers, employees and partners
  • Automate and manage cross enterprise business process shared services across multiple channels

Showcase

  • Mobile & Identity Management: MAF 2.0, OAM Mobile and Social, OAG, OID
  • Integration:  Pre-built integrations RightNow, JDEdwards
  • Infrastructure: SOA 12c, Oracle Service Bus, WebCenter Portal

Call to Action

For questions/feedback please contact petraas.bhathena@oracle.com or anand.prasad@oracle.com in GSE.

For more information about Cloud Integration please visit the SOA Partner Community Workspace here AppAdvantage & Cloud Integration (free membership required www.oracle.com/goto/emea/soa)


Wednesday Jan 07, 2015

IT Leaders Discuss Their Business Goals and Technology Solutions

Happy New Year! Hope 2015 is off to a great start for you.

One of the biggest highlights for us in 2014 was getting an opportunity to visit and spend some time with the IT Leaders of successful organizations around the world. The objective of each of these documentaries was to understand the business imperatives of such organizations, get insights from the IT Leaders on how they align their IT objectives with the company's business goals and how they measure the impact of their IT & business investments on their customers, vendor ecosystem, the company's employees and of course, the company's bottom line. And we then have technology experts walk us through the technical implementations that has made all that possible.

Based on their business imperatives, organizations had taken different paths and driven diverse IT roadmaps to deliver business success. Northumbrian Water in the UK enabled mobility for its remote workforce to drive 24 X 7 operations. Pella, a major windows and doors manufacturer in the USA built a contextual web experience for its online visitors while creating a self-service portal for its sales and dealers network and an online appointment scheduling tool to deliver a unique and superior digital experience. Grupo Farmacos, a major medical supplies distributor in Mexico has set up an optimized IT infrastructure that is suited to each of its four different business units, one dealing with high transaction volume, other requiring 24 X 7 availability and the other requiring high level of reliability with high performance for health needs. Ricoh Americas, an IT services and office equipment company, is delivering on its "Anytime, Anywhere" promise to its customers by allowing them to scan their products and either troubleshoot issues themselves or easily log those while in the backend, the seamless cloud to on-premise integration delivers the desired results. And Siram, an energy distribution company in Italy has automated its RFP process to deliver efficiency, bring transparency and drive cost control with automated business process management.

We were incredibly fortunate to have gotten some time with the executives of such elite companies and to be able to share their stories with you. For your convenience, we have made all these documentaries available in one place, that can be played on-demand. Hope you enjoy and benefit from these as we have enjoyed pulling these together.

Happy 2015!

Monday Jan 05, 2015

New Version of Mobile App for Oracle E-Business Suite

Cross-posting from Vijay Shanmugam

What's New?

A new version (1.1.0) of Approvals for EBS smartphone app is available on Apple App Store. This new version provides following updates:

  •  Improvements to login and configuration flow
  • Ability to change server URL without reinstalling the app.
  • *Diagnostics improvements.
  • After updating to version 1.1.0, you are required to reconfigure the app to implement the configuration and login improvements included in this version.
Note: The latest app version will work with earlier server-side patches. However, the latest server-side patches must be applied to enable new features and fixes that require those patches, marked by an asterisk (*).

For more information on these updates, see My Oracle Support Note 1641772.1 at https://support.oracle.com.

Support for Demilitarized Zone (DMZ)

If your mobile users need to access the Oracle E-Business Suite mobile apps over the Internet, your Oracle E-Business Suite environment must be set up in a DMZ configuration.

  • For DMZ configuration instructions on Oracle E-Business Suite Release 12.1, see Document 380490.1.

  • For DMZ configuration instructions on Oracle E-Business Suite Release 12.2, see Document 1375670.1.

Additionally, when setting up the configuration file for your mobile app as described in Section 2.2.1, ensure that the service endpoint (or server host URL in Oracle E-Business Suite Mobile Foundation releases earlier than Release 2.1) is set to your external web entry point.

Tuesday Dec 30, 2014

'Tis The Season To Look at Middleware Highlights From 2014

2014 was all this and so much more. For a complete listing you can visit oracle.com/middleware, Oracle newsroom or subscribe to our bi-monthly Oracle Fusion Middleware newsletter. We thank you for engaging with us - listening to us and talking to us. Wishing you and yours a very Happy 2015. Looking forward to an even more fulfilling 2015 with all of you.

Peace and joy to the world.

Monday Dec 29, 2014

Northumbrian Water Increases Efficiency by Going Mobile

Tis the season. Enjoy this interview by Grant Ronald with the folks at Northumbrian Water. More videos like this are available at the Oracle Media Network.


Monday Dec 22, 2014

Accessing an IBM Mainframe from a Oracle Mobile Application Framework App


It's not common that I'd refer to IBM in a a blog post, but it's the holidays, so there you go - a present for all of us.

It seems Lloyds Register was trying to mobilize some big iron (mainframes) to the 21st century and needed some help. So it happens that Oracle Mobile Application Framework was deemed best suited for the needs. ;-)  A few key points:

  • iOS and Android
  • Local data caching to reduce the number of times you have to go to the network 
  • On demand query
  • Speed. Any click an wait for a network to respond was equivalent to death. (e.g. uninstall) 

Apparently, soup to nuts, it only took a couple of months and voila! Old iron is was now mobile iron, thanks to Oracle MAF.

You can read the article on Computer Business Review.  

Follow us on Twitter @OracleMobile and be sure to check out Oracle.com/mobile.

Monday Dec 15, 2014

Catching Up on Mobile

There's a few things we should probably catch up on regarding Oracle Mobile Application Framework (MAF) that you may have missed or should revisit...

1. There's a new version of Oracle MAF. Version 2.0.1 has support for iOS 8, enterprise management and security enhancements, component enhancements and enhanced tooling support.  Joe Huang covers it in detail in here. Speaking of enhance tooling support, leads to #2.

2. If you haven't heard about Oracle Enterprise Pack for Eclipse (OEPE), well, OEPE <3 MAF and isn't afraid to show it. The new release supports Eclipse Luna, Oracle Developer Cloud Service, and of course MAF 2.0.1.  Greg Stachnick covers it well here.

3. So now you have JDeveloper and Eclipse to choose from. Good! Time to put step up to the challenge. The Oracle Mobile Application challenge. Sign up of right challenge and potentially win some cash. Click here for details.  

4. Want a bit of extra help? This article on mobile design patterns might help.  

Sunday Dec 07, 2014

Rethink Mobile: Beyond Mobile First with Oracle

Get.Ready.

December 17, 2014 - Mark your calendars to get an update on Oracle's mobile strategy: Rethink Mobile: Beyond Mobile First with Oracle. We will be available to answer your questions via live chats. The Oracle guest lineup includes: Suhas Uliyar, Vice President, Mobile Strategy, Product Management, Laurent Pacalin, Group Vice President, Product Management, Jeanne Lowell, Vice President, E-Business Suite, and Rimi Bewtra, Sr. Director of Product Marketing.

And if you happen to be at Gartner AADI this week (Las Vegas!) stop by and say hello.  I'll give you a mobile tour at no extra charge and perhaps some free poker lessons. ;-) 

Here's a great trailer for the main event you do not want to miss.


Monday Dec 01, 2014

CACI Bv Netherlands goes Mobile with Oracle


CACI's CEO Gert Simons discusses how CACI has been serving the higher education market for nearly 20 years, leveraging Oracle technology to meet the high demands and volumes in managing student records, its workflow and analysis.

From Web to mobile and social media, scalability with WebLogic and Oracle Service Bus, and using Oracle BI to better understand trends, CACI isn't waiting on the sidelines and considers it "critical to be innovative" by embracing the latest technology trends to gain a competitive edge against the competition.its  Check out the video for yourself.


About

Get the latest on all things Middleware. Join Oracle's Middleware Community today.

Find Us on facebook Follow us on twitter Catch Us on YouTube 

Search

Categories
Archives
« March 2015
SunMonTueWedThuFriSat
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
    
       
Today