Information Aggregation and Composite Applications
This archetype is commonly employed to provide mobility access for composite applications by
aggregating information across data sources. The benefit of implementing this type of
architecture is that multiple data sources are combined by a gateway to present a composite
picture to the user. For example, maps can be combined with automated vehicle location
information, field service automation data and location-based services to present a unified
data picture to the user. The archetype is similar in concept to "mash-ups" where a Web site is
created that combines content data from more than one source to create a new user experience.
The term mash-up comes from popular music, which refers to two songs combined into one. In
wireless Web development, it implies easy, fast integration, frequently done by access to open
APIs and data sources, to produce results that the data owners had no idea could be produced.
Thus, mash-ups are popular because they produced highly enriched applications while dispensing
with the work, time, and costs associated with designing and implementing new applications.
Key Architectural Components
- Mobility Network
- Mobility Access Gateway
- Multichannel Access Gateway
- Enterprise Applications Interfaces
Architectural Pattern: Information Aggregation
Multichannel Access Gateways (MCAG) is a key element in deploying this architecture. These
gateways act as mediators between the device and the enterprise's information assets,
performing the following main functions:
- Synchronizing device and organization data
- Messaging, including email
- Translation between data formats, platforms, and network protocols
- Security, including authentication and encryption
- Device management
- Multi-channel Access Gateways are operated by enterprise customers and are placed behind
the corporate firewall. They require the following services:
- Data access technology (JDBC/ODBC, Active X Data Objects).
- Distributed architecture
- Message oriented transactions (asynchronous communication)
- Transaction monitors (message routing, transaction support)
One of the most critical middleware functions that Multi-Channel Access Gateways (MCAGs)
perform is keeping the device and server data in sync with each other. This can be one-way
synchronization (for example, where the device always updates the enterprise data) or two-way
synchronization (where changes can be made independently on the device or at the office, after
which the two are reconciled). Carriers most commonly operate Multi-Channel Access Gateways.
These gateways integrate with Internet-based Web servers and provide information access across
various data sources. MCAGs can also include a communications component which provides email
integration with popular desktop programs, and may also include instant messaging or
integration with voice or fax services.
MCAGs generally support multiple protocols and provide transaction support.
Security Considerations
Multi-Channel Access Gateways (MCAGs) commonly provide a special client that enables the
wireless device to communicate with the gateway. These clients interface with the gateway to
provide encryption, encapsulation and compression. Several vendors support the AES (FIPS-197)
encryption algorithm on the device. The AES encryption key can be 128, 192, and 256 bits in
length and the block length is fixed at 128 bits. Any kind of string (for transmission or
storage) can be encrypted or decrypted, while the symmetric key is stored encrypted.
Multi-Channel Access Gateways operated by carriers typically do not require a special client.
They rely on the inherent capabilities of the mobile device operating system to provide
information aggregation capabilities.
Implementation Issues and Recommendations
Wireless architects should carefully consider systemic design characteristics in order to
maintain consistency throughout enterprise security efforts. In other words, while
accommodating wireless security issues on the devices themselves, architects should consider
the importance of a security system that will accommodate both wired and wireless devices and
their proper integration with backend servers and databases. Enterprises should consider
implementing mobile device management products that compliment multichannel access gateways and
offer security-enhanced mobile VPN access. This will allow the IT staff to propagate security
policies and settings based on end-user roles. Mobile device management (MDM) products also
provide additional capabilities for mobile devices. These include remotely disabling the camera
in a smartphone, or adding data encryption for every storage media on the device, including the
memory card. An MDM product offers highly integrated capabilities for system administrators
overseeing a variety of mobile devices, laptops, and desktop computers.
