Getting Started: Learn
Introducing Verivo Akula
Verivo Akula is an enterprise mobile app platform that helps you tackle the challenges associated with building, securing, and controlling enterprise mobile apps. Akula provides the infrastructure required to build apps used with any client-side technology, on any device platform. Plus, Akula's built-in security and management capabilities provide the level of control and oversight required to enforce even the most stringent corporate policies.
The components of Akula
The following image show an architectural overview of Akula:
Mobile apps built on Akula are comprised of two main components:
- Services that run on the Akula Server – These services, called app scopes, enable functionality around data integration and routing, authentication, authorization, credential storage, policy enforcement, and any custom business logic. One of the main uses of an app scope is to control access to back end data sources such as a database or web service.
Akula app scopes expose these services as REST endpoints. Client apps then make HTTP(S) requests to an app scope to access back end resources and other services.
As part of building your mobile app, you create Akula app scopes and deploy them on the Akula Server. Create app scopes by using XML files to configure prebuilt modules supplied with Akula and by using the Akula Server SDK, a Java SDK that lets you build and configure custom modules.
Standardization and Extensibility
Akula is built on well-known technologies such as Apache Camel and Shiro, and offers extensibility in nearly every area of the platform. Akula publishes well-documented APIs for custom authentication realms, data modules, management calls, server endpoints, data routing, and logging.
Scalability and performance
The Akula Server is built to scale. It handles mobile transactions efficiently and fits well into a variety of load-balanced and high-availability configurations. For standalone, single-server deployments, Akula leverages embedded data storage mechanisms to persist credentials, policies, and session data. However, for larger-scale environments with multiple instances of the Akula Server that reside behind a load balancer, Akula leverages Memcached to extract those data objects to an external source like a SQL Server or Oracle database.
Addressing the challenges of enterprise mobile app development
Akula addresses the challenges with building enterprise mobile apps as described in the following sections.
Data access and integration
Data access and integration means that a mobile device can access back end resources, including enterprise data sources, regardless of how that date it represented on the back end. For example, your data can be stored in a database, such as Microsoft SQL Server or Oracle. Additionally, many commercial systems like Siebel, SAP and Salesforce.com expose web services or other APIs to allow clients to consume their data.
- Prebuilt connection modules – Let you access popular enterprise data sources, such as the SQL Server, using out of the box modules.
- Extensible data module Java API – Lets you create data access modules. The module architecture allows connectivity to any back-end data source and offers declarative programming for routine data access and data manipulation.
- Built-in data access control – Include handling of user authorization to protect back end data from unauthorized access and single-sign-on between back end systems.
Offline access to data
Offline access means that mobile apps can function even when the device does not have network connectivity, and can maintain device data that is kept in sync with back end business data sources.
Akula supports offline access for Android and iOS client apps and supports the following features:
- Offline log in and log out – Users can log in to a client app when the device is offline by using the same credentials used for online log in. After a successful offline log in, users can access local resources on the device based on the same security rules used for online access. When the device goes back online, users log in again before they can access server-side resources
- Client-side persistence mechanism - Lets a client app store data on the device that persists across executions of the app. The app can store information to the persistent data store, and then load the data back the next time the user opens the app. The Akula client-side persistence mechanism supports CRUD (Create, Read, Update, Delete) operations on the persistent data store.
- Encrypted or unencrypted persistent data - The persistence mechanism supports encrypted and unencrypted data storage. Encryption prevents unauthorized users from reading your data.
- Data synchronization mechanism - Built on top of the persistent data store, the data synchronization mechanism lets you write data to the persistent data store on the client, modify the data, and then upload those changes to the Akula Server sometime later. The server then updates the back end data store with all of your changes. If any other client has modified data on the back end, the server returns those changes back to the client.
The Akula Server supports enterprise data authentication and provides connectors to common authentication services out of the box. Akula speeds the introduction of capabilities such as single sign-on (SSO) and multi-factor authentication, while manageability is enhanced through the use of built-in multi-level authorization (groups, roles, and permissions) for application and data access.
Akula offers a variety security features to help companies build secure apps, including the ability to encrypt data on-device, in transit using SSL, enforce user entitlements through single-sign-on and authorization roles, audit transactional history through extensive logging, and enforce security policies centrally.
Akula security features include:
- Authentication – Akula integrates with identity management system, such as Active Directory. The platform includes connectors for a few of these systems out of the box, but you can create customized behavior with the Akula Server SDK.
- Single-Sign On – Akula includes a server-side credential store that allows you to store and encrypt user credentials for multiple back-end systems. Or, if you have already invested in Siteminder, Tivoli Access Manager or other SSO tool, Akula can integrate with those systems.
- Authorization – Akula Server endpoints can be configured to allow access only to certain roles. User definitions only need to exist in the back-end system and do not need to be re-defined or managed separately on the Akula Server.
- Session Management – Once authenticated, the Akula session management capabilities allow end users to navigate through a mobile app, without being prompted to re-enter credentials on every request. The platform’s server-side persistent storage manager allows session data to persist across multiple requests and even across multiple servers, allowing for full session management even in high-availability and load-balanced sever configurations.
Operation management and control
Over time, as the number of deployed apps and users grows, the ability to perform run time monitoring and control is a must. Akula provides a set of management functions to manage users, sessions, licenses, authorization policies, and app parameters is available both through a REST service for integration with existing management tools or via the Akula Management Console.
A few of the key operational capabilities of Akula include:
- Akula Command-line Management Utility - A command-line console that you use to configure the Akula Server settings.
- Management APIs – The Akula Server provides management APIs to allow outside tools access to the various properties, roles and permissions defined on the server. You can also create a management tool by making calls to the management APIs’ REST endpoints.
- Logging– Akula provides an extensive and extensible logging framework that allows you to implement comprehensive logging strategies across all of your mobile apps.
- Enforcement of Corporate Policies – Akula includes a number of out-of-the-box properties that help administrators control the behavior of both Akula app scopes on the server and the behavior of mobile apps built using the Akula client SDKs. In addition to the properties already built into the platform, Akula includes a mechanism to allow you to create custom properties at both the app-services and server level.
Deploy across multiple devices