Looking to the clouds

When Mobile Met Cloud


Mobile backlog causing you problems? Salesforce.com Senior Developer Evangelist Sandeep Bhanot offers up a handy PaaS solution

Mobile backlog causing you problems? Salesforce.com Senior
Developer Evangelist Sandeep Bhanot offers up a handy PaaS

A recent ‘Top 10 CIO Business
and Technology Priorities in 2012
‘ worldwide survey by Gartner
identified Mobile as the #2 priority for CIOs this year. Employees,
customers and partners who are conditioned to expect ubiquitous
mobile access in their personal lives are demanding access to their
enterprise data from their phone and tablet devices. So the backlog
of mobile projects for the average CIO is growing. But what is the
fastest way to address that backlog, while still meeting the
stringent requirements of security, reliability and scalability
that are inherent to any enterprise solution?

Platform-as-a-Service (aka PaaS) solutions like the

Salesforce Touch Platform
offer a compelling value
proposition for building enterprise mobile apps and addressing that
backlog. Platform-as-a-Service is a flavor of Cloud Computing that
provides an application development platform in the cloud. Instead
of deploying and managing the hardware and software stack necessary
to develop and run applications in-house, enterprises can use a
PaaS solution to rapidly develop and deploy applications in the

In order to understand the benefits of a PaaS backend for
mobile applications, let’s first look at the typical three-tier
architecture for an enterprise mobile app.

Figure 1: Traditional three-tier
architecture for Enterprise mobile apps

Any enterprise mobile application typically needs a
server-side component to store its data, enforce business rules and
integrate with other IT applications/systems. In a traditional
architecture, you’re responsible for hosting the server-side
infrastructure in-house. In addition to hosting the physical
infrastructure (things like app and sync servers, DB servers, load
balancers, etc.), you also have to write application logic on the
server-side to expose your enterprise data to the mobile
application. Typically, this is done by developing custom REST/JSON
services that are then consumed from the mobile application. And
because this is enterprise data we’re dealing with, you also have
to embed a security layer into the API so that the access is secure
and authenticated. Alternatively, you have to deploy, configure and
manage a vendor-provided sync. server inside the corporate firewall
to access enterprise data from a mobile device.

Now, let’s look at the corresponding mobile architecture if you
were to host the back-end on a PaaS platform.

IMAGE 2: PaaS-based two-tier
architecture for Enterprise mobile apps

The two-tier architecture shown above lets you focus on
developing the mobile front-end and then simply use open (often
REST/JSON) APIs to query and update data from the cloud back-end.
This architecture offers the following benefits.

Zero Infrastructure

One of the core value propositions of cloud computing applies
equally to mobile app development as it does to any other form of
application development. Rather than trying to host the
infrastructure required to run your back-end logic in-house, cloud
computing lets you ’rent’ it online on a pay-as-you-go subscription
basis. No upfront capital expenditure is required to setup and
manage your own data centers. Moreover, PaaS solutions typically
provide a fully managed software stack on top of the underlying
infrastructure so that you never have to worry about software
upgrades, security patches, etc. Platform upgrades get pushed to
you automatically, freeing you from the ‘upgrade and pray’ cycle
that is all too familiar to anyone managing in-house IT assets.


A two-tier architecture means that instead of spending time and
resources building server-side logic, you can focus on the mobile
app functionality and user experience. This is not to imply that a
two-tier cloud mobile architecture requires no back-end logic or
work. You would still need to do work on the server-side — e.g.
designing the data schema, enforcing business rules/workflows,
developing integrations with other IT applications (if required),
etc. The productivity gains that a PaaS back-end provides, however,
means that you can implement such server-side logic rapidly and
iterate over it easily.

Let’s take a specific example to illustrate this point. Say
that your mobile application needs to query and update invoice
data. Using the Salesforce Touch Platform, you can create a
corresponding data model using a WYSIWYG, drag-and-drop data
modeling tool called

Schema Builder
in a matter of minutes. Of
more relevance to a mobile developer, once you create the data
model, the Touch Platform automatically provides a secure REST API
endpoint for performing CRUD operations on the invoice data. By
contrast, in a traditional three-tier architecture, you’d have to
develop a custom REST interface for that invoice data yourself
(and/or use some custom middleware solution). Time saved on the
server-side means that you can focus on what will ultimately decide
the fate of your mobile application – a great user


This one is simple. As a mobile developer, the last thing you
want to worry about is whether your back-end will scale to support
the numerous mobile devices running your application. With a cloud
based back-end, that is simply not a concern and the elastic
scalability offered by cloud computing platforms means that you can
scale your mobile application linearly. Salesforce for example
services nearly 1 billion transactions in a single day. Trying to
replicate that level of scalability and reliability for an in-house
mobile back-end would require significant investments in time and

Application Services

One of the benefits of using PaaS is the additional application
services that make mobile development quicker and easier. The
specific application services provided obviously depend on the
respective platform. Some platforms like Parse, StackMob and Urban Airship provide services like
Push Notifications and easy integration with social networks like
Facebook and Twitter. The Salesforce Touch Platform is targeted
specifically at enterprise mobile development and as such it
provides application services like…

  • Mobile SDK

The Mobile
allows developers to quickly and easily build
native (iOS or Android), HTML5, or hybrid mobile applications on
the Touch Platform. The SDK abstracts away the low-level ‘plumbing’
required to connect to the cloud backend (e.g. an OAuth 2.0
implementation) and also provides simple REST API wrappers that
lets you focus on the application functionality. Additionally, for
native and hybrid mobile apps, the SDK provides a

secure offline storage
module for storing
sensitive enterprise data securely on the device.

  • Security

One of the most important requirements for enterprise
mobile applications is security. As mentioned above, the SDK
provides an out-of-the-box OAuth 2.0 implementation which means
that all data access is authenticated. Additional platform features
let administrators enforce their enterprise
security policy on mobile applications (by requiring additional pin
protection in the app, for example). There is also a more subtle
user authorization security layer built into a Touch Platform
back-end that is not always apparent to developers that are new to
the platform. REST API calls from a mobile app to the Touch
Platform only return data that the respective signed-in user is
authorized to see (an important requirement for enterprise use
cases). Mobile developers don’t have to write any custom code to
implement this authorization layer. It’s built into the REST API
that is used to query/update data from the Touch

  • Geolocation

One of the most powerful features for a mobile application
is the ability to customize the user experience based on the user’s
location. You can easily geocode data in the Touch Platform by
using a custom data type called ‘Geolocation’. Once the data is
geocoded (say in the location__c data field), you can then execute
a query like the one below

SELECT caseNumber, location__c__latitude__s, location__c__longitude__s FROM Case WHERE DISTANCE(location__c, GEOLOCATION(<latitude and longitude coordinates of mobile device>), 'mi') <= 10

The above query will return all Case records (that the
signed-in user is authorized to see) that are within a 10 mile
radius of the mobile device.

Concluding Remarks

We’re living in a mobile-first world and enterprises have to
quickly adapt to that reality. The two-tier mobile architecture and
its attendant advantages described above have hopefully made the
case for why PaaS can provide quicker time-to-market for mobile app
development and help enterprises mobilize their corporate data.

Sandeep Bhanot is Developer Evangelist at Salesforce.com, where he preaches the gospel of all things Cloud.
comments powered by Disqus