Mobile – Icenium – DOTNET based Mobile Apps Development
There is undoubtedly no profession that changes faster than ours. New tools and frameworks seem to emerge every day, and it can be easy to get lost in the sea of ingenuity. It's wonderful that the boundaries are constantly being moved, but that requires us as developers to be experts at hitting a moving target.
Icenium is a new tool in the aforementioned sea, so lets get down to brass tacks. Let's ditch the hype and the marketing speak for a bit and take a look at what Icenium really is.
Any new tool created is designed to solve a problem, or a specific set of problems. Icenium exists as an end-to-end solution for creating hybrid mobile applications using Cordova. Cordova is the foundation on which PhoneGap is built. If this is confusing for you, make sure to read Jim's post on "Demystifying Cordova and PhoneGap".
But why do you even need Icenium? What problem needs to be solved? Let me put it this way: Have you ever felt like this?
You have a remote for the TV, a remote for the DVD Player, a remote for the surround sound, a remote for the Bluray, and remote for the Playstation and if you are like Jim Cowart, you still have a VCR so you have a remote for that too. All of these devices are made by different vendors and while they all work well together, it ends up being a complicated, convoluted and downright maddening process just to be able to do the single solitary thing that you have all this stuff for - watching some TV.
Building a hybrid application can give you some serious remote control deja vu.
It usually involves creating a PhoneGap application, opening a web IDE, testing in the browser, opening in the native IDE to get to the simulator, running in a device simulator, finding some obscure setting in your project configuration that is causing the whole thing to fail and then the process repeats itself and you find yourself on the outskirts of crazytown.
Simply put, Icenium is a development platform that integrates all of the disparate libraries and fragmented processes so that you can concentrate on building your application. It exists to make it easy for you to build hybrid mobile applications with Cordova, and get them into the app stores.
The Big Pieces Of Icenium
Icenium is one environment, but has several main areas of functionality:
Icenium is an IDE
If you are going to be writing any piece of software at all, you are going to be needing an editor. You probably already have your favorite editor, be it Visual Studio, Sublime Text 2 or even VIM if you consider yourself hardcore.
Your entrance point into Icenium is it's IDE. Icenium actually provides 2 IDE's for you to choose from:
Mist - An HTML5 browser based IDE
Graphite - A native Windows IDE
Mist: The HTML5 IDE
Mist is a lightweight IDE that runs in all modern browsers and contains many of the popular features that you would expect from a desktop IDE including code completion, auto-indentation, syntax highlighting and more.
Icenium is NOT a UI Framework
Once you have opened the IDE of your choice, the very next thing you need to do is select which kind of project you want to build. You have 3 options as of the time of this writing:
A blank application (blank HTML5 and Cordova app)
A jQuery Mobile Application (contains jQuery, jQuery Mobile And Cordova)
A Kendo UI Mobile Application (contains jQuery, Kendo UI Mobile and Cordova)
Icenium Is A Simulator
Both the web and desktop versions of Icenium feature a simulator where you can run your application to see how it looks. The simulator will automatically reload every time you save so you don't have to constantly do it yourself.
The simluators feature different skins for iOS and Android, as well as the ability to simulate versions of the Operating System. They also allow you to view the application in portrait or landscape mode and provide some simulation of native features like Geolocation.on launch the simlulator, you just select from either the Mist or Graphite IDE's which platform you want to run your app on and it launches. Your app, on a device, while you build it. Simple.
Icenium Is A Debugger
One of the most frustrating things about mobile development is the debugging story. It can seem nearly impossibly at times as you can't see your app as it will appear on the phone, and you can't debug it in that context.
Icenium Is A Build Tool
Icenium will take care of packaging your application for you for both iOS and Android platforms. Don't have a Mac but want to write iOS apps? No problem. Just put your profile information into the Graphite client configuration and you can deploy to your iPhone from Windows. Really!
Icenium Is Simple
Hybrid mobile applications are a productivity multiplier because they allow you to re-use your existing web development skills to build mobile applications. Unfortunately, the fragmentation of the toolset across PhoneGap, Android, iOS and different IDE's and Operating Systems sucks that gained productivity right back out again.
Icenium is here to give it back to you. Get started with Icenium today. You concentrate on building the app, and we will jump through all the hoops for you to get you to where you need to ultimately be as quickly as possible, and that's the app store. See you there.
Cloud Computing and Data Encryption
Cloud computing moves us away from the traditional model, where organisations dedicate computing power to a particular business application, to a flexible model for computing where users access business applications and data in shared environments. Cloud is a new consumption and delivery model; resources can be rapidly deployed and easily scaled (up and down), with processes, applications and services provisioned ‘on demand’. It can also enable a pay per usage model.
In these models the risk profile for data and security changes and is an essential factor in deciding which cloud computing models are appropriate for an organisation.
Encryption could make cloud servers more secure. Only when the data is actually being processed would it be decrypted; the results of any computations would be re-encrypted before they’re sent off-chip.
According to the Massachusetts Institute of Technology, researches have been developing a system called Ascend to prevent those security vulnerabilities involving memory access.
The following article describes how a new hardware design makes data encryption more secure by disguising cloud servers’ memory-access patterns.
At the International Symposium on Computer Architecture in June, MIT researchers described a new type of secure hardware component, dubbed Ascend, that would disguise a server’s memory-access patterns, making it impossible for an attacker to infer anything about the data being stored. Ascend also thwarts another type of attack, known as a timing attack, which attempts to infer information from the amount of time that computations take.
Similar designs have been proposed in the past, but they’ve generally traded too much computational overhead for security. “This is the first time that any hardware design has been proposed — it hasn’t been built yet — that would give you this level of security while only having about a factor of three or four overhead in performance,” says Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science, whose group developed the new system. “People would have thought it would be a factor of 100.”
The “trivial way” of obscuring memory-access patterns, Devadas explains, would be to request data from every address in the memory — whether a memory chip or a hard drive — and throw out everything except the data stored at the one address of interest. But that would be much too time-consuming to be practical.
What Devadas and his collaborators — graduate students Ling Ren, Xiangyao Yu and Christopher Fletcher, and research scientist Marten van Dijk — do instead is to arrange memory addresses in a data structure known as a “tree.” A family tree is a familiar example of a tree, in which each “node” (in this example, a person’s name) is attached to only one node above it (the node representing the person’s parents) but may connect to several nodes below it (the person’s children).
With Ascend, addresses are assigned to nodes randomly. Every node lies along some “path,” or route through the tree, that starts at the top and passes from node to node, without backtracking, until arriving at a node with no further connections. When the processor requires data from a particular address, it sends requests to all the addresses in a path that includes the one it’s really after.
To prevent an attacker from inferring anything from sequences of memory access, every time Ascend accesses a particular memory address, it randomly swaps that address with one stored somewhere else in the tree. As a consequence, accessing a single address multiple times will very rarely require traversing the same path.
Less computation to disguise an address
By confining its dummy requests to a single path, rather than sending them to every address in memory, Ascend exponentially reduces the amount of computation required to disguise an address. In a separate paper, which is as-yet unpublished but has been posted online, the researchers prove that querying paths provides just as much security as querying every address in memory would.
Ascend also protects against timing attacks. Suppose that the computation being outsourced to the cloud is the mammoth task of comparing a surveillance photo of a criminal suspect to random photos on the Web. The surveillance photo itself would be encrypted, and thus secure from prying eyes. But spyware in the cloud could still deduce what public photos it was being compared to. And the time the comparisons take could indicate something about the source photos: Photos of obviously different people could be easy to rule out, but photos of very similar people might take longer to distinguish.
So Ascend’s memory-access scheme has one final wrinkle: It sends requests to memory at regular intervals — even when the processor is busy and requires no new data. That way, attackers can’t tell how long any given computation is taking.