WO2016049626A1 - Liaison de données efficace et intuitive pour des applications mobiles - Google Patents

Liaison de données efficace et intuitive pour des applications mobiles Download PDF

Info

Publication number
WO2016049626A1
WO2016049626A1 PCT/US2015/052637 US2015052637W WO2016049626A1 WO 2016049626 A1 WO2016049626 A1 WO 2016049626A1 US 2015052637 W US2015052637 W US 2015052637W WO 2016049626 A1 WO2016049626 A1 WO 2016049626A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
user
application
user interface
services
Prior art date
Application number
PCT/US2015/052637
Other languages
English (en)
Inventor
Christian David Straub
Peter Tehchuan Liu
Liza Lyons BROADBENT
Original Assignee
Oracle International Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/865,542 external-priority patent/US9830237B2/en
Application filed by Oracle International Corporation filed Critical Oracle International Corporation
Priority to CN201580049259.8A priority Critical patent/CN107408042B/zh
Priority to EP15782130.7A priority patent/EP3198416B1/fr
Priority to JP2017516340A priority patent/JP6661620B2/ja
Publication of WO2016049626A1 publication Critical patent/WO2016049626A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/34Graphical or visual programming
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0484Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
    • G06F3/04847Interaction techniques to control parameter settings, e.g. interaction with sliders or dials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0484Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
    • G06F3/0486Drag-and-drop
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/20Software design
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/38Creation or generation of source code for implementing user interfaces
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment

Definitions

  • Embodiments are directed generally to an application development system, and in particular, to a mobile application development system providing efficient and intuitive databinding for mobile applications.
  • An application refers to a software program, which on execution performs specific desired tasks.
  • several applications are executed in a run-time environment containing one or more of operating systems, virtual machines (e.g., supporting JavaTM programming language), device drivers, etc., as is well known in the relevant arts.
  • ADFs Application Development Frameworks
  • An ADF provides a set of pre-defined code/data modules that can be directly/indirectly used in the development of an application.
  • An ADF may also provide tools such as an IDE (integrated development environment), code generators, debuggers, etc. which facilitates a developer in coding/implementing the desired logic of the application in a faster/simpler manner.
  • An ADF thus can simplify development of applications by providing re -usable components and integrated development environments, which application developers can use to define user interfaces and application logic by, for example, selecting components to perform desired tasks and defining the appearance, behavior, and interactions of the selected components.
  • Some ADFs are based on a model-view-controller design pattern that promotes loose coupling and easier application development and maintenance.
  • Oracle Application Development Framework is one example of an ADF that utilizes this design pattern.
  • this summary is not intended to identify key/critical elements of an embodiment or example or to delineate the scope of the subject matter of this disclosure. Accordingly, one purpose of this summary may be to present some innovations, embodiments, and/or examples found within this disclosure in a simplified form as a prelude to a more detailed description presented later.
  • Each UI component can advertise which sections of the UI can be independently databound to individual properties coming from data of backend services.
  • the sections of the UI that can be databound now transforms to show relevant text describing the function of that particular section.
  • the user can be presented with a databinding interface that consistent of all the possible pieces of data that the user can bind to as well as visual slots that map to the slots in the visual preview.
  • a user can drag and drop the particular piece of data from the available list and drop that into the slot to which they want that data to apply.
  • FIG. 1 is a block diagram of a system for developing applications that use mobile cloud services, in accordance with an embodiment of the present invention.
  • FIG. 2 is a block diagram of a computing environment to facilitate communication between a mobile computing device and enterprise computer systems according to some embodiments of the present invention.
  • FIG. 3 illustrates a mobile application springboard in accordance with an
  • FIGS. 3A and 3B illustrate a mobile application user interface in accordance with an embodiment of the present invention.
  • FIG. 4 is a block diagram of a mobile application framework runtime architecture in accordance with embodiments of the present invention.
  • FIG. 5 is a block diagram of a system for developing mobile applications in a mobile cloud infrastructure in accordance with embodiments of the present invention.
  • FIG. 6 is a block diagram of network components in a system for building mobile applications in accordance with embodiments of the present invention.
  • FIG. 7 is a block diagram of mobile security suite components in accordance with embodiments of the present invention.
  • FIG. 8 is an illustration of a mobile application development portal that may be included in an application development framework for creating applications that use mobile cloud services of a cloud infrastructure system of the system environment of FIG. 1 in one embodiment.
  • FIG. 9 is a flow diagram of a method for mobile application development in accordance with embodiments of the present invention.
  • FIGS. 10, 11, 12, 13, 14A, and 14B are illustrations of one or more user interfaces that may be presented by an application definition wizard of the mobile application development portal in one embodiment.
  • FIGS. 15 A and 15B illustrate a user interface that provides a developer with a set of screen types that define the first screen of the new mobile application in one embodiment.
  • FIGS. 16A and 16B illustrate a user interface that provides a developer with a set of user interface elements specific to the type of screen selected previously in one embodiment.
  • FIGS. 17A and 17B illustrate a user interface that provides a developer with a set of designs specific to the type of screen selected previously in one embodiment.
  • FIG. 18 illustrates a user interface that provides a developer with one or more options for finalizing details of the new application in one embodiment.
  • FIG. 19 is an illustration of a user interface providing a catalog of usable components in one embodiment.
  • FIG. 20 is an illustration of a user interface where a developer can add components to a screen using one or more gestures in one embodiment.
  • FIG. 21 is an illustration of a user interface after a developer has added a map component to a screen in one embodiment.
  • FIG. 22 is an illustration of a user interface providing a catalog of services in one embodiment.
  • FIG. 23 is an illustration of a user interface where a developer can add create a UI module based on a selected business object in one embodiment.
  • FIG. 24 is an illustration of a user interface after a developer has added a UI module in one embodiment.
  • FIG. 25 is a flow diagram of a method for databinding user interfaces of mobile applications in accordance with embodiments of the present invention.
  • FIG. 26 is an illustration of a user interface after performing databinding in one embodiment.
  • FIG. 27 is an illustration of a user interface for configuring a mobile application for deployment in one embodiment.
  • FIG. 28 is an illustration of a user interface after a mobile application is available for deployment in one embodiment.
  • FIG. 29 is an illustration of a user interface after a mobile application is available for deployment in one embodiment.
  • FIG. 30 is an illustration of a user interface after a mobile application is available for deployment in one embodiment.
  • FIG. 31 depicts a simplified diagram of a distributed system for implementing one of the embodiments.
  • FIG. 32 illustrates an exemplary computer system, in which various embodiments of the present invention may be implemented.
  • individual embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed, but could have additional steps not included in a figure. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination can correspond to a return of the function to the calling function or the main function.
  • machine-readable medium or “computer-readable medium” includes, but is not limited to, portable or non-portable storage devices, optical storage devices, wireless channels, and various other mediums capable of storing, containing or carrying instruction(s) and/or data.
  • a code segment or machine-executable instructions may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements.
  • a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
  • embodiments may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof.
  • the program code or code segments to perform the necessary tasks may be stored in a machine readable or computer- readable medium.
  • One or more processors may perform the necessary tasks.
  • Systems depicted in some of the figures may be provided in various configurations. In some embodiments, the systems may be configured as a distributed system where one or more components of the system are distributed across one or more networks in a cloud computing system. In further embodiments, the systems may be configured as a single system where one or more components of the system incorporated into a single structure or package.
  • An application refers to a software program, which on execution performs specific desired tasks.
  • OSs operating systems
  • virtual machines e.g., supporting JavaTM programming language
  • device drivers etc.
  • ADFs Application Development Frameworks
  • An ADF provides a set of pre-defined code/data modules that can be directly/indirectly used in the development of an application.
  • An ADF may also provide tools such as an integrated development environment (“IDE”), code generators, debuggers, etc.
  • an ADF simplifies application development by providing re-usable components which can be used by application developers to define user interfaces ("UIs") and application logic by, for example, selecting components to perform desired tasks and defining the appearance, behavior, and interactions of the selected components.
  • Some ADFs such as "Oracle ADF” from Oracle Corp., are based on a model-view-controller (“MVC") design pattern that promotes loose coupling and easier application development and maintenance.
  • MVC model-view-controller
  • an application may need to connect and synchronize with different enterprise computer systems depending on the application type and/or the type of data used by the application.
  • These enterprise computer systems may be supported by different backend computer systems which may also vary based on application type and data type.
  • different backend enterprise systems may use different communication protocols and mechanisms to communicate data to devices, thereby causing mobile computing devices that run a variety of applications to encounter challenges for communicating with different backend computer systems that support an enterprise computer system.
  • security may become a concern in allowing access to internal computer systems of an enterprise.
  • the differences in communication protocols supported between the mobile computing devices and the enterprise computer systems may further complicate security access management for communications between mobile computing devices and enterprise computer systems.
  • different mechanisms may be implemented to ensure authentication of an application to access a particular enterprise computer system that has a proprietary security protocol.
  • Some known systems have attempted to address this issues by connecting off-the-shelf consumer mobile devices with backend enterprise systems of companies. These devices may be configured with applications or OSs that connect to an enterprise network through special portals dedicated to communication with enterprise backend computer systems.
  • manufacturers of mobile devices, application developers, and enterprises may benefit from more flexible and robust techniques for developing applications and connecting mobile devices to enterprise backend computer systems.
  • embodiments of the present invention provide a declarative browser based client application development tool for rapid business user friendly mobile application composition in a "cloud” service.
  • the cloud service is "Mobile Cloud Service” ("MCS) from Oracle Corp.
  • MCS Mobile Cloud Service
  • Embodiments allow for building mobile applications using pre-defined templates that use the cloud service for backend services, so that a service definition can be presented to a developer during application development to allow for rapid connection between UI design and backend services.
  • MCS facilitates communication between a mobile computing device and enterprise computer systems via a cloud computer system.
  • MCS uses a third party cloud based interface between mobile devices and an enterprise network of a company.
  • the cloud based interface centralizes secure adaptors for various enterprise computer systems, and translates different protocols to a standardized Representational State Transfer (“REST") architecture.
  • REST Representational State Transfer
  • Companies can use embodiments of the present invention to create their own custom mobile applications using available tools on MCS, and such applications can be downloaded in native form onto mobile user devices. Once an application is installed, it can access the cloud based interface of MCS to reach various enterprise computer systems through the secure adaptors provided by MCS.
  • MCS provides backend services under the Mobile Backend as a Service (“MBaaS,” also referred to as "BaaS”) model.
  • MaaS Mobile Backend as a Service
  • BaaS Mobile Backend as a Service
  • MBaaS allows Web and mobile application developers to link their applications to backend cloud storage and APIs exposed by backend applications while also providing user management, push notifications, integration with social networking services, etc.
  • backend services provided in MCS under the MBaaS model embodiments provide a declarative Web-based UI configured for mobile application development by non-technical users with no familiarity with coding.
  • a wizard is launched when a user starts developing a new application, and the user is asked to give a name and description for the new application. Then, the user is asked to design the first page of the application by selecting from a set of pre-defined templates (e.g., tabs, bottom tabs, pagination, etc.) that can pre-seed the UI for the first page. The UI is then completed by specifying details in the template, while a preview is automatically updated to show the changes. Upon completing the UI design, the user can use a palette to browse a catalog of available services and data sources that are available to the mobile application through MCS (e.g., a service catalog).
  • MCS e.g., a service catalog
  • the user For each item of the catalog that is added to the UI, the user is presented with a list of attributes, and using one or more gestures (e.g., drag and drop, etc.) the user can bind the attributes to UI elements.
  • the user can repeat the process of feature definition and data-binding to create a mobile application.
  • Other UI components such as maps, graphs, etc., can also be added to the UI.
  • the application When the application is ready for testing, the user may publish the application so that corresponding binaries are created (building native executables for iOS, Android, or any other mobile device OS), and a Quick Response ("QR") code is subsequently generated and provided to the user. If the user scans the QR code by a mobile device, the application is installed over the air onto the mobile device.
  • QR Quick Response
  • Embodiments use pre-built components in an ADF.
  • the components offer data interaction, data visualization, and encapsulated browser side operations, and simplify rich client application development.
  • ADF may also implement a plugin such as Apache Cordova plugin to access device features such as a camera, Global Positioning System (“GPS”), contacts, etc.
  • GPS Global Positioning System
  • an ADF when an ADF receives a request to build an application for a mobile device, it determines portions of one or more already developed applications that have been precompiled using a toolkit, and modifies declarative information associated with those existing applications. This embodiment then builds the requested application based on the modified declarative information and one or more binary artifacts of the existing applications by packaging the binary artifacts representing the requested application for a desired operating system ("OS," such as iOS, Android, etc.). The ADF then compiles the requested application to generate one or more binary artifacts and a set of definition files.
  • OS operating system
  • an artifact is an application or a complex data object that is created by an end- user without the need to know a programming language.
  • OMSS Order to Browse Ratio Security Suite
  • EMM Enterprise Mobility Management
  • MDM mobile device management
  • MAM mobile application management
  • MCM mobile content management
  • MDM mobile identity policies
  • a mobile and social service provides a software development kit (“SDK”) allowing corporate developers to secure custom enterprise applications for iOS and Android devices, bridging the gap between mobile devices, social networks, and enterprise backend identity
  • OMSS delivers a secure container to a mobile device for application and content security to separate, protect, and wipe corporate applications and data. All communication between the mobile device and enterprise intranet resources goes through an authenticated transport layer security (“TLS”) /secure socket layer (“SSL”) tunnel (“AppTunnel”) that can only be used by vetted (or “containerized”) applications of the mobile device.
  • TLS transport layer security
  • SSL secure socket layer
  • AppTunnel is terminated at a Mobile Security Access Server located at the corporate demilitarized zone ("DMZ").
  • DMF corporate demilitarized zone
  • This server offers secure Intranet access to mobile devices and terminates only the AppTunnel from the secure container, thereby lessening the risk of rogue applications and the need for device level VPN.
  • embodiments provide browser based application development, which does not require coding and which easily maps to business services. Embodiments also allow for previewing an application inline (e.g., as the application is being developed), as well as editing, testing, and publishing an application from a browser. Accordingly, instead of an IDE such as "Jdeveloper" from Oracle Corp. that is configured for use by professional developers, embodiments are configured for use by business users (e.g., non-technical users).
  • MCS provides access to an API catalog such as "Oracle API Catalog” ("OAC") from Oracle Corp.
  • OAC provides visibility to available APIs in an organization so those APIs may be reused for application development.
  • OAC includes a simple metamodel for an API asset, automation to populate OAC with APIs, and the ability for users to search OAC for APIs and understand the details of the APIs to assess their fit in their applications.
  • OAC includes a harvester that creates API assets in OAC. In some embodiments, harvesting is performed at build time of projects.
  • the harvester introspects deployed services and creates API assets representing services discovered in the project such as service oriented architecture (“SOA”) Services and Service Bus proxies, Web Services Description Language (“WSDL”) based Web services, and Web Application Description Language (“WADL”) based REST services.
  • SOA service oriented architecture
  • WSDL Web Services Description Language
  • WADL Web Application Description Language
  • curators edit the API assets using a simple editor to provide additional metadata to facilitate the discovery and understanding of the APIs. Curators can change the name, add a description, tag keywords, or add document references to the API assets in OAC. This metadata simplifies discovery and understanding of each API asset by a user.
  • curators publish the API by making it visible to users in OAC. Published assets are available in the OAC console and via the Oracle JDeveloper Oracle Enterprise Repository plug-in. Users can search OAC to discover APIs and review the metadata provided by the curator to learn more about an API.
  • Each OAC user is assigned a role which determines which OAC features and content are available for each user.
  • There are predefined roles in OAC including developer, curator, and admin.
  • Users with the developer role have the ability to search OAC for published APIs, examine the API metadata to better understand the API, declare interest in the API, and submit ratings and reviews for an API.
  • users with the curator role can run the harvester to create new API assets in OAC, edit the APIs to update their metadata, and publish them.
  • users with the admin role have access to an Admin page in OAC to administer the infrastructure of OAC by editing system settings, creating new users, creating new departments, managing sessions, and using the
  • Admins can also configure security features included with OAC.
  • an application may be developed and deployed to a mobile device as either a native application or a hosted application.
  • a complete application is installed on the device.
  • hosted application development a user needs to download a hosting application from an "app store,” where such hosting application "hosts” the hosted applications that will be installed as "features" onto the hosting application.
  • This embodiment may allow for updating a running hosting application from a server, such that declarative metadata can be sent to the device and overlaid on top of the existing application to update the application to run against this new metadata.
  • FIG. 1 is a block diagram of a system environment 100 for developing applications by using pre-defined templates that allow for use of MCS 122 as backend services.
  • a service definition can be presented to a user during application development allowing rapid connection between UI design and backend services.
  • system environment 100 includes cloud infrastructure system 102 that provides cloud services to one or more client computing devices 104, 106, and 108.
  • Client computing devices 104, 106, and 108 may be used by users to interact with cloud infrastructure system 102.
  • Client computing devices 104, 106, and 108 may be configured to operate a client application such as a Web browser, a proprietary client application (e.g., Oracle Forms), or some other application, which may be used by a user of the client computing device to interact with cloud infrastructure system 102 to use services provided by cloud infrastructure system 102.
  • client application such as a Web browser, a proprietary client application (e.g., Oracle Forms), or some other application, which may be used by a user of the client computing device to interact with cloud infrastructure system 102 to use services provided by cloud infrastructure system 102.
  • Cloud infrastructure system 102 may have other components than those depicted. Further, the embodiment shown in FIG. 1 is only one example of a cloud infrastructure system that may incorporate an embodiment of the invention. In some other embodiments, cloud infrastructure system 102 may have more or fewer components than shown in FIG. 1, may combine two or more components, or may have a different configuration or arrangement of components.
  • Client computing devices 104, 106, and 108 may be portable handheld devices (e.g., an iPhone®, cellular telephone, an iPad®, computing tablet, a personal digital assistant ("PDA”)) or wearable devices (e.g., a Google Glass® head mounted display), running software such as Microsoft Windows Mobile®, and/or a variety of mobile OSs such as iOS, Windows Phone, Android, BlackBerry 10, Palm OS, and the like, and being Internet, e-mail, short message service (“SMS”), Blackberry®, or other communication protocol enabled.
  • Client computing devices 104, 106, and 108 can be general purpose personal computers including, by way of example, personal computers and/or laptop computers running various versions of Microsoft Windows®, Apple Macintosh®, and/or Linux OSs.
  • Client computing devices 104, 106, and 108 can be workstation computers running any of a variety of commercially-available UNIX® or UNIX-like OSs, including without limitation the variety of GNU/Linux OSs, such as for example, Google Chrome OS.
  • client computing devices 104, 106, and 108 may be any other electronic device, such as a thin-client computer, an Internet-enabled gaming system (e.g., a Microsoft Xbox gaming console with or without a Kinect® gesture input device), and/or a personal messaging device, capable of communicating over network(s) 110.
  • exemplary system environment 100 is shown with three client computing devices, any number of client computing devices may be supported. Other devices such as devices with sensors, etc., may interact with cloud infrastructure system 102.
  • Network(s) 110 may facilitate communications and exchange of data between clients 104, 106, and 108 and cloud infrastructure system 102.
  • Network(s) 110 may be any type of network familiar to those skilled in the art that can support data communications using any of a variety of commercially-available protocols, including without limitation transmission control protocol/Internet protocol (“TCP/IP”), systems network architecture ("SNA”), Internet packet exchange (“IPX”), AppleTalk, etc.
  • TCP/IP transmission control protocol/Internet protocol
  • SNA systems network architecture
  • IPX Internet packet exchange
  • network(s) 110 can be a local area network (“LAN”), such as one based on Ethernet, Token- Ring and/or the like.
  • Network(s) 110 can be a wide-area network and the Internet.
  • VPN virtual private network
  • PSTN public switched telephone network
  • IEEE Institute of Electrical and Electronics
  • Cloud infrastructure system 102 may comprise one or more computers and/or servers. These computer systems or servers may be composed of one or more general purpose computers, specialized server computers (including, by way of example, personal computer("PC") servers, UNIX® servers, mid-range servers, mainframe computers, rackmounted servers, etc.), server farms, server clusters, or any other appropriate arrangement and/or combination.
  • one or more computer systems or servers associated with cloud infrastructure system 102 may be adapted to run one or more services or software applications described in the foregoing disclosure.
  • one or more computer systems or servers associated with cloud infrastructure system 102 may correspond to a server for performing processing described herein according to an embodiment of the present disclosure.
  • One or more computer systems or servers associated with cloud infrastructure system 102 may run an OS including any of those discussed above, as well as any commercially available server OS.
  • One or more computer systems or servers associated with cloud infrastructure system 102 may also run any of a variety of additional server applications and/or mid-tier applications, including hypertext transport protocol (“HTTP”) servers, file transfer protocol (“FTP”) servers, common gateway interface (“CGI”) servers, JAVA® servers, database servers, and the like.
  • HTTP hypertext transport protocol
  • FTP file transfer protocol
  • CGI common gateway interface
  • JAVA® JAVA® servers
  • database servers and the like.
  • services provided by cloud infrastructure system 102 may include a host of services that are made available to users of cloud infrastructure system 102 on demand, such as online data storage and backup solutions, Web-based e-mail services, hosted office suites and document collaboration services, database processing, managed technical support services, and the like. Services provided by cloud infrastructure system 102 can dynamically scale to meet the needs of its users. A specific instantiation of a service provided by cloud infrastructure system 102 is referred to herein as a "service instance.” In general, any service made available to a user via a communication network, such as the
  • a cloud service provider's system Internet, from a cloud service provider's system is referred to as a "cloud service.”
  • a cloud service provider's system may host an application, and a user may, via a cloud service provider's system
  • communication network such as the Internet, on demand, order and use the application.
  • a service instance instantiated by cloud infrastructure 102 may include protected computer network access to storage, a hosted database, a hosted Web server, a software application, or other service provided by a cloud vendor to a user, or as otherwise known in the art.
  • a service instance instantiated by cloud infrastructure 102 may include protected computer network access to storage, a hosted database, a hosted Web server, a software application, or other service provided by a cloud vendor to a user, or as otherwise known in the art.
  • a service instance instantiated by cloud infrastructure 102 may include protected computer network access to storage, a hosted database, a hosted Web server, a software application, or other service provided by a cloud vendor to a user, or as otherwise known in the art.
  • a service instance instantiated by cloud may include protected computer network access to storage, a hosted database, a hosted Web server, a software application, or other service provided by a cloud vendor to a user, or as otherwise known in the art.
  • infrastructure 102 can include password-protected access to remote storage on the cloud through the Internet.
  • a service instance instantiated by cloud can include password-protected access to remote storage on the cloud through the Internet.
  • infrastructure 102 can include a Web service-based hosted relational database and a script- language middleware engine for private use by a networked developer.
  • a service instance instantiated by cloud infrastructure 102 can include access to an email software application hosted on a cloud vendor's Web site.
  • cloud infrastructure system 102 may include a suite of applications, middleware, development service, and database service offerings that are delivered to a customer in a self-service, subscription-based, elastically scalable, reliable, highly available, and secure manner.
  • An example of such a cloud infrastructure system as embodied in cloud infrastructure service 102 is "Oracle Public Cloud" from Oracle Corp.
  • Cloud infrastructure system 102 may provide the cloud services via different deployment models.
  • services may be provided under a public cloud model in which cloud infrastructure system 102 is owned by an organization selling cloud services (e.g., owned by Oracle Corp.) and the services are made available to the general public or different industry enterprises.
  • services may be provided under a private cloud model in which cloud infrastructure system 102 is operated solely for a single organization and may provide services for one or more entities within the organization.
  • the cloud services may also be provided under a community cloud model in which cloud infrastructure system 102 and the services provided by cloud infrastructure system 102 are shared by several organizations in a related community.
  • the cloud services may also be provided under a hybrid cloud model, which is a combination of two or more different models.
  • the services provided by cloud infrastructure system 102 may include one or more services provided under software as a service (“SaaS”) category, platform as a service (“PaaS”) category, infrastructure as a service (“IaaS”) category, MBaaS category, or other categories of services including hybrid services.
  • the services provided by cloud infrastructure system 102 may include, without limitation, application services, platform services, infrastructure services, backend services, etc.
  • application services may be provided by cloud infrastructure system 102 via a SaaS platform.
  • the SaaS platform may be configured to provide cloud services that fall under the SaaS category.
  • the SaaS platform may provide capabilities to build and deliver a suite of on-demand applications on an integrated development and deployment platform.
  • the SaaS platform may manage and control the underlying software and infrastructure for providing the SaaS services. By utilizing the services provided by the SaaS platform, customers can utilize applications executing on the cloud infrastructure system. Customers can acquire the application services without the need for customers to purchase separate licenses and support.
  • Various different SaaS services may be provided. Examples include, without limitation, services that provide solutions for sales performance
  • platform services may be provided by cloud infrastructure system 102 via a PaaS platform.
  • the PaaS platform may be configured to provide cloud services that fall under the PaaS category.
  • Examples of platform services may include without limitation services that enable organizations (such as Oracle) to consolidate existing applications on a shared, common architecture, as well as the ability to build new applications that leverage the shared services provided by the platform.
  • the PaaS platform may manage and control the underlying software and infrastructure for providing the PaaS services.
  • Platform services include, without limitation, "Oracle Java Cloud Service” (“JCS”) from Oracle Corp., “Oracle Database Cloud Service” (“DECS”) from Oracle Corp., and others.
  • Java Cloud Service (“JCS”) from Oracle Corp.
  • DECS Organic Database Cloud Service
  • platform services provided by cloud infrastructure system 102 may include database cloud services, middleware cloud services (e.g., Oracle Fusion Middleware services), and Java cloud services.
  • database cloud services may support shared service deployment models that enable organizations to pool database resources and offer customers a Database as a Service in the form of a database cloud.
  • middleware cloud services may provide a platform for customers to develop and deploy various business applications
  • Java cloud services may provide a platform for customers to deploy Java applications, in the cloud infrastructure system.
  • infrastructure services may be provided by an IaaS platform in cloud infrastructure system 102.
  • the infrastructure services facilitate the management and control of the underlying computing resources, such as storage, networks, and other fundamental computing resources for customers utilizing services provided by the SaaS platform and the PaaS platform.
  • cloud infrastructure system 102 may provide
  • cloud management functionality may include capabilities for provisioning, managing and tracking a customer's subscription received by cloud infrastructure system 102, and the like.
  • cloud infrastructure system 102 may be adapted to automatically provision, manage and track a customer's subscription to services offered by cloud infrastructure system 102.
  • a customer via a subscription order, may order one or more services provided by cloud infrastructure system 102.
  • Cloud infrastructure system 102 then performs processing to provide the services in the customer's subscription order.
  • cloud management functionality may be provided by one or more modules, such as order management and monitoring module 114.
  • modules may include or be provided using one or more computers and/or servers, which may be general purpose computers, specialized server computers, server farms, server clusters, or any other appropriate arrangement and/or combination.
  • a customer using client computing devices 104, 106 or 108 may interact with cloud infrastructure system 102 by requesting one or more services provided by cloud infrastructure system 102.
  • the customer may issue service request 134 cloud infrastructure system 102 using a variety of means.
  • Service request 134 may include placing an order for a subscription for one or more services offered by cloud infrastructure system 102, accessing one or more services offered by cloud infrastructure system 102, or the like.
  • the customer may access a cloud UI 132, 134, 138 and place a subscription order via these UIs.
  • the order information received by cloud infrastructure system 102 in response to the customer placing an order may include information identifying the customer and one or more services offered by the cloud infrastructure system 102 to which the customer intends to subscribe. After an order has been placed by the customer, the order information is received via cloud UIs, 132, 134, and/or 138.
  • order management and monitoring module 112 sends information received from a customer to an order database to have the order placed by the customer stored.
  • the order database can be one of several databases operated by cloud infrastructure system 102 and operated in conjunction with other system elements.
  • Order management and monitoring module 112 may forward information that includes all or part of the order information stored in the order database to an order management module.
  • the order management module may be configured to perform billing and accounting functions related to the order, such as verifying the order, and upon verification, booking the order.
  • cloud infrastructure system 100 may include identity management module 114.
  • Identity management module 114 may be configured to provide identity services, such as access management and authorization services in cloud
  • identity management module 114 may control information about customers who wish to utilize the services provided by cloud infrastructure system 102. Such information can include information that authenticates the identities of such customers and information that describes which actions those customers are authorized to perform relative to various system resources (e.g., files, directories,
  • Identity management module 114 may also include the management of descriptive information about each customer and about how and by whom that descriptive information can be accessed and modified.
  • cloud infrastructure system 102 may also include infrastructure resources 116 for providing the resources used to provide various services to customers of cloud infrastructure system 102.
  • infrastructure resources 116 may include pre-integrated and optimized combinations of hardware, such as servers, storage, and networking resources to execute the services provided by the PaaS platform and the SaaS platform.
  • resources in cloud infrastructure system 102 may be shared by multiple users and dynamically re-allocated per demand. Additionally, resources may be allocated to users in different time zones. For example, cloud infrastructure system 102 may enable a first set of users in a first time zone to utilize resources of the cloud infrastructure system for a specified number of hours and then enable the re-allocation of the same resources to another set of users located in a different time zone, thereby maximizing the utilization of resources.
  • a number of internal shared services 118 may be provided that are shared by different components or modules of cloud infrastructure system 102 and by the services provided by cloud infrastructure system 102.
  • These internal shared services 118 may include, without limitation, a security and identity service, an integration service, an enterprise repository service, an enterprise manager service, a virus scanning and white list service, a high availability, backup and recovery service, service for enabling cloud support, an email service, a notification service, a file transfer service, and the like.
  • a number of external shared services 120 may be provided that are shared by different components or modules of cloud infrastructure system 102 and by the services provided by cloud infrastructure system 102.
  • These external shared services 120 may include, without limitation, a security and identity service, an integration service, an enterprise repository service, an enterprise manager service, a virus scanning and white list service, a high availability, backup and recovery service, service for enabling cloud support, an email service, a notification service, a file transfer service, and the like.
  • external shared services 120 may include one or more components that provide access, data transformation, automation, or the like to enterprise computer system(s) 126.
  • Access to enterprise computer system(s) 126 may be shared by different components or modules of cloud infrastructure system 102 and by the services provided by cloud infrastructure system 102. In some embodiments, access to enterprise computer system(s) 126 may be shared by service instances provided by cloud infrastructure system 102 that are restricted to one or more subscribers.
  • external shared services 120 may include external application programming interface (“API") services 128 that are shared by different components or modules of cloud infrastructure system 102 and by the services provided by cloud infrastructure system 102. These external API services 128 may include, without limitation, APIs provided by other third party services or entities.
  • API application programming interface
  • Various different mobile cloud services may be provided by MCS 122 in cloud infrastructure system 102.
  • MCS 122 facilitates communication between a mobile computing device and enterprise computer systems (e.g., enterprise computer systems 124 and 126) according to some embodiments of the present invention.
  • MCS 122 may include one or more memory storage devices ("local storage") used to store enterprise data and authentication information.
  • Enterprise data may be received from enterprise computer systems 126 or from client computing devices 104, 106, or 108 or may include enterprise data converted by cloud infrastructure system 102, or combinations thereof.
  • Authentication information may be received from identity management system 116 and/or generated by cloud infrastructure system 102. In some embodiments, authentication information may include information indicating security authentication of a user with regard to a request for a service.
  • Enterprise computer systems such as enterprise computer systems 126 may be physically located beyond a firewall of cloud infrastructure system 102 at a different geographic location (e.g., remote geographic location) than cloud infrastructure system 102.
  • enterprise computer systems 126 may include one or more different computers or servers.
  • enterprise computer systems 126 may be part of a single computer system.
  • enterprise computer systems 126 may communicate with cloud infrastructure system 102 using one or more different protocols. Each of enterprise computer systems 126 may communicate with cloud infrastructure system 102 using a different communication protocols. Enterprise computer systems 126 may support the same or different security protocols.
  • MCS 122 may include an agent system to handle communication with enterprise computer systems 126.
  • a protocol may include a communication protocol, such as SPeeDY ("SPDY").
  • SPDY SPeeDY
  • a protocol may include an application protocol such as an HTTP -based protocol.
  • enterprise computer systems 126 may communicate with cloud infrastructure system 102 using a communication protocol such as REST or Simple Object Access Protocol ("SOAP").
  • SOAP Simple Object Access Protocol
  • REST protocol may support a formats including uniform resource identifier ("URI”) or uniform resource locator (“URL”).
  • Enterprise Data formatted for communication using REST protocol may be easily converted to data formats such as JavaScript Object Notation (“JSON”), comma-separated values (“CSV”), and really simple syndication (“RSS”).
  • JSON JavaScript Object Notation
  • CSV comma-separated values
  • RSS really simple syndication
  • Enterprise computer systems 126 and cloud infrastructure system 102 may communicate using other protocols such as remote procedure calls (“RPC”) (e.g., extended markup language (“XML”) RPC).
  • RPC remote procedure calls
  • XML extended markup language
  • MCS 122 may include an adaptor interface configured to support communication with one or more services provided by cloud infrastructure service 102, some of which may support different protocols or techniques for communications.
  • MCS 122 may include an adaptor interface configured to support communication with enterprise computer systems 126, some of which may support different protocols or techniques for communications.
  • MCS 122 may include one or more adaptors each of which may be configured to communicate according to a communication protocol, a type of enterprise computer system, a type of application, a type of service, or combinations thereof.
  • a communication protocol supported by an adaptor may be specific to a service or one or more of enterprise computer systems 126.
  • client computing devices 104, 106, and 108 may each implement an application that can provide specific UIs to communicate with MCS 122.
  • a specific UI may be configured to communicate using a specific communication protocol.
  • specific UIs may include callable interfaces, functions, routines, methods, and/or operations that may be invoked to communicate with MCS 122.
  • Specific UIs may accept as input parameters for communicating with a service provided by cloud infrastructure service 102 or with enterprise computer systems 126 for enterprise data and/or to request a service.
  • communication through MCS 122 may be converted for communication using a custom communication protocol.
  • MCS 122 may include one or more callable interfaces, e.g., an API. Callable interfaces associated with MCS 122 may enable an application on a mobile computing device to communicate requests to MCS 122. Callable interfaces associated with MCS 122 may support a common or standard interface, which may allow requests including their parameters to be received from apps according to a standardized protocol, architectural style, and/or format (e.g., a REST protocol). Callable interfaces associated with MCS 122 may be configurable by a user of any one of computing devices 104, 106, or 108. Callable interfaces associated with MCS 122 may receive requests for services according to a communication protocol. Device application developers can connect to MCS 122 for their custom
  • a callable interface associated with MCS 122 may be configured by the same person that develops an app, such that the person can implement a custom application to communicate with MCS 122.
  • Callable interfaces associated with MCS 122 may further enable enterprise computer systems 126 to communicate with MCS 122 according to a standardized protocol or format. Similar to application developers, those who manage enterprise computer systems can implement code (e.g., an agent system) that is configured to communicate with MCS 122 via one or more callable interfaces. Callable interfaces associated with MCS 122 may be implemented based on a type of a computing device, a type of enterprise computer systems, an app, an agent system, a service, a protocol, or other criterion. In some embodiments, callable interfaces associated with MCS 122 may support requests for services including authentication, compression, encryption, pagination with cursors, client-based throttling, non- repudiation, logging, and metrics collection.
  • code e.g., an agent system
  • Callable interfaces associated with MCS 122 may be implemented based on a type of a computing device, a type of enterprise computer systems, an app, an agent system, a service, a protocol, or other cri
  • callable interfaces associated with MCS 122 may be implemented for custom business-related services, such as authentication, policy enforcement, caching of responses, throttling of calls to MCS 122, translation between asynchronous and synchronous patterns, logging of calls to underlying services, or combinations thereof.
  • callable interfaces associated with MCS 122 may enable users to load custom code for implementation by cloud infrastructure system 102.
  • the custom code may implement one or more callable interfaces associated with MCS 122 for cloud infrastructure system 102, which can enable users to access custom services or other enterprise computer systems.
  • Protocol translators associated with MCS 122 may process a message to determine a communication protocol for a message and/or to convert a message to a communication protocol for a destination.
  • Protocol translators associated with MCS 122 may convert a request received from client computing devices 104, 106, or 108. The request may be converted from a format of a communication protocol supported by client computing devices 104, 106, or 108 to a format of a communication protocol supported by a service provided by cloud infrastructure service 102 or enterprise computer systems 126.
  • Protocol translators associated with MCS 122 may convert a response received from a service provided by cloud infrastructure service 102 or enterprise computer systems 126.
  • a response may be converted from a format of a communication protocol supported by a service provided by cloud infrastructure service 102 or enterprise computer systems 126 to a format of a communication protocol supported by client computing devices 104, 106, or 108.
  • Security services associated with MCS 122 may manage security authentication for requests received from any of client computing devices 104, 106, or 108.
  • Security services associated with MCS 122 may protect the integrity of customer processes and enterprise data. To prevent system or data from being compromised, security authentication may occur when a request is received from client computing devices 104, 106, or 108. Security authentication may be performed before a request is dispatched for processing by cloud infrastructure system 102.
  • the security authentication determined for a user may enable a user associated with a mobile computing device to have authorization to request services via MCS 122.
  • the security authentication may reduce efforts for a user to authenticate for different requests and/or services requested via MCS 122.
  • Security services associated with MCS 122 may be implemented as one or more functional blocks or modules configured to perform various operations authenticating security of a request.
  • Authentication services associated with MCS 122 may manage security
  • Authentication services associated with MCS 122 may determine security authentication for a user associated with a computing device that sends a request to MCS 122.
  • Security authentication may be determined based on a time period, which may be tied to operation of an application (e.g., launching an application), a request, a computing device, an enterprise computer system, other criterion related to a request, or combinations thereof.
  • Security authentication may be verified and granted for any one of the following, such as an individual request, one or more enterprise computer systems, a particular service, a type of service, a user, a computing device, other criterion for determining security authentication, or combinations thereof.
  • cloud infrastructure system 102 may store authentication information of users received from enterprise computer systems or authentication systems supporting enterprise computer systems.
  • Cloud infrastructure system 102 may determine authentication by performing a lookup function to determine whether an identity of a user associated with a request has authority to make such a request.
  • the stored authentication information may include information such as the type of requests, functions, enterprise computer systems, enterprise data, or the like that a user may be authorized to access.
  • infrastructure system 102 may initiate communication with a requesting computing device to determine authentication.
  • security authentication may be determined based on a role associated with a user requesting a service.
  • the role may be associated with a user requesting access to MCS 122.
  • a user may request services as a subscriber or tenant of MCS 122 who may be granted access to resources and/or services provided by MCS 122.
  • Authentication may correspond to a user's subscription to MCS 122, such that a user may be authorized to request services via MCS 122 as a subscriber.
  • the subscription may be limited to a particular set of resources provided by MCS 122.
  • Security authentication may be based on the resources and/or services accessible to the user of MCS 122.
  • a request may be provisioned a template during execution called a "runtime environment.”
  • the runtime environment may be associated with resources that are allocated for a request, a user, or a device.
  • authentication services associated with MCS 122 may request an identity management system to determine security authentication for the user.
  • the identity management system may be implemented by cloud infrastructure system 102 (e.g., as identity management 114) or by another computer system that is external to cloud
  • Identity management 116 may determine security authentication of the user based on the user's role or subscription for accessing MCS 122.
  • the role or subscription may be assigned privileges and/or entitlements with respect to an enterprise computer system, a service provided by an enterprise computer system, a function or feature of an enterprise computer system, other criterion for controlling access to an enterprise computer system, or combinations thereof.
  • ADFs 124 may be provided in cloud infrastructure system 102.
  • ADFs 124 provide the infrastructure code to implement agile SOA based applications.
  • ADFs 124 further provide a visual and declarative approach to development through one or more development tools (e.g., "Oracle JDeveloper 1 lg" development tool).
  • One or more frameworks provided by ADFs 124 may implement an MVC design pattern.
  • Such frameworks offer an integrated solution that covers all the layers of the MVC architecture with solutions to such areas as Object/Relational mapping, data persistence, reusable controller layer, rich Web UI framework, data binding to UI, security and customization. Extending beyond the core Web based MVC approach, such frameworks also integrate with the Oracle SOA and WebCenter Portal frameworks simplifying the creation of complete composite applications.
  • ADFs 124 make it easy to develop agile applications that expose data as services by coupling a service interface to built-in business services provided by cloud infrastructure system 102. This separation of business service implementation details is performed in ADFs 124 via metadata. Use of this metadata-driven architecture enables application developers to focus on the business logic and user experience, rather than the details of how services are accessed. In certain embodiments, ADFs 124 store implementation details of services in metadata in a model layer. This enables developers to exchange services without modifying the UI, making the application extremely agile.
  • Creating the user experience can be as simple as dragging-and-dropping the desired business services onto a visual page designer and indicating what type of component should represent that data.
  • developers interact with ADFs 124 to create modules forming enterprise applications.
  • the enterprise applications can be executed within the context of cloud infrastructure system 102.
  • developers interact with ADFs 124 to create modules forming mobile applications.
  • the mobile applications can be executed within the context of cloud infrastructure system 102.
  • One or more frameworks provided by ADFs 124 may be embodied as Oracle ADF in one example. Accordingly, a framework in ADFs 124 can be based on an MVC design pattern.
  • An MVC application is separated into: 1) a model layer that handles interaction with data-sources and runs the business logic, 2) a view layer that handles the application UI, and 3) a controller that manages the application flow and acts as the interface between the Model and the View layers. Separating applications into these three layers simplifies maintenance and reuse of components across applications. The independence of each layer from the others results in a loosely coupled, SOA.
  • ADFs 124 provide tools and resources allowing developers to create an application in the form of multiple layers, each layer containing code modules/files implementing desired logic according to pre-defined specification.
  • ADFS 124 enables the application to be developed as four layers: a view layer containing code modules/files that provide the UI of the application, a controller layer containing code modules that control the flow of the application, a model layer containing data/code modules that provide an abstraction layer for the underlying data, and a business services layer containing code modules that provide access to data from various sources and handles business logic.
  • ADFs 124 let developers choose the technology they prefer to use when implementing each of the layers.
  • EJB Enterprise JavaBean
  • Web Services JavaBeans
  • JPA/EclipseLink/TopLink objects and many others can all be used as Business Services for ADFs 124.
  • View layers can include Web based interfaces implemented with Java Server Faces (“JSF”), Desktop Swing applications and Microsoft Office front ends, as well as interfaces for mobile devices.
  • JSF Java Server Faces
  • Desktop Swing applications and Microsoft Office front ends, as well as interfaces for mobile devices.
  • the view layer represents the UI of the application being developed.
  • the view layer can include desktop, mobile, and browser-based views, each of which provides all or a portion of the UI and is accessible in a variety of manners corresponding to view type.
  • Web pages may be sent by the application in response to receiving client requests containing corresponding URLs.
  • the Web pages may then be displayed by a browser on a display unit (not shown) associated with a requesting client system, thereby enabling users of the requesting client system to interact with the enterprise application.
  • ADFs 124 support multi-channel access to business services allowing reuse of business services and access from a Web client, a client-server swing desktop-based application, Microsoft Excel spreadsheets, mobile devices such as a smart-phone, or the like.
  • the code files/modules forming the view layer may be implemented using one or more of hypertext markup language ("HTML”), Java server pages ("JSP"), and JSF.
  • HTTP hypertext markup language
  • JSP Java server pages
  • JSF Java server pages
  • the UI may be implemented using Java components such as Swing, and/or XML.
  • the UI may leverage a user's experience and familiarity with desktop applications, such as Word and Excel by Microsoft.
  • each layer typically contains other pre-defined code/data modules provided by ADFs 124.
  • Some of the pre-defined modules may be used during development, for example, as templates for developing the Web pages, for including desired functionality in the developed code etc.
  • Other pre-defined modules (such as a URL rewriting module) may be deployed along with the developed application and may provide additional functionalities (mapping of requested URLs to internal names) to the user during execution of the enterprise application.
  • a controller layer contains code modules/files that control the flow of the application.
  • Each controller object contains software instructions and/or data implemented according to a desired manner of presenting information in the view layer.
  • the desired manner may include the specific Web pages to be displayed when links in another Web page are clicked/ selected by the user, the page to be displayed when errors occur during execution, indicating the specific data to be stored/retrieved, etc.
  • the controller layer manages the applications flow and handles user input. For example, when a Search button is clicked on a page, the controller determines what action to perform (do a search) and where to navigate to (the results page).
  • JDeveloper There are two controller options for Web-based applications in JDeveloper: the standard JSF controller or the ADF Controller that extends the JSF controller functionality. Whichever controller is used, application flow is typically designed by laying out pages and navigation rules on a diagram. An application's flow can be broken into smaller, reusable task flows; include non- visual components such as method calls and decision points in a flow; and create "page fragment" flows that run inside a region of a single containing page.
  • controller objects may also be implemented, for example, as Apache Jakarta Struts controllers or according to the JSF standard.
  • a model layer contains data/code modules that connect various business services to the objects that use them in the other layers, such as to the controller objects discussed above or directly to desktop applications.
  • Each abstract data object of the model layer provides a corresponding interface that can be used to access any type of business service executing in an underlying business service layer.
  • the data objects may abstract the business service implementation details of a service from a client and/or expose data control
  • the model layer consists of two components, data controls and data bindings, which utilize metadata files to define the interface.
  • Data controls abstract the business service implementation details from clients.
  • Data bindings expose data control methods and attributes to UI components, providing a clean separation of the view and model. Due to the metadata architecture of the model layer, developers get the same development experience when binding any type of Business Service layer implementation to the View and Controller layers.
  • ADFs 124 emphasize the use of the declarative
  • the development process for a Fusion Web application usually involves creating an application workspace. Using a wizard, libraries and configuration needed for technologies selected by a developer are automatically added and an application is structured into projects with packages and directories.
  • an online database or offline replica of any database can be created, definitions edited, and schemas updated.
  • UML unified modeling language
  • Use cases can then be created for the application.
  • Application control and navigation can also be designed. Diagrammers can be used to visually determine the flow of application control and navigation. Then, an underlying XML file describing the flow can be automatically created.
  • a resource library can be used to allow a developer to view and use imported libraries by simply dragging and dropping them into the application. From database tables, entity objects can be created using wizards or dialogs. From those entity objects, view objects are created to be used by pages in the application. Validation rules and other types of business logic can be implemented.
  • a business services layer manages interaction with a data persistence layer. It provides such services as data persistence, object/relational mapping, transaction management, and business logic execution.
  • the business services layer can be implemented in any of the following options: as simple Java classes, EJB, Web services, JPA objects, and Oracle ADF Business Components.
  • data can be consumed directly from files (XML or CSV) as well as REST.
  • each business service manages interaction with a corresponding data persistence layer, and also provides such services as
  • the business services layer may be implemented using one or more of simple Java classes, Enterprise Java Beans, Web services, etc.
  • Business components represent a business service implemented using, for example, "Oracle ADF Business Components" from Oracle Corp., to provide interaction with databases, Web services, legacy systems, application servers, and the like.
  • Oracle ADF Business Components from Oracle Corp.
  • business components of the business services layer contain a mixture of application modules, view/query objects, and entity objects, which cooperate to provide the business service implementation.
  • An application module can be a transactional
  • the application module may provide an updatable data model and also procedures/functions (commonly referred to as service methods) related to user transactions.
  • An entity object may represent a corresponding row in a database table and simplifies the manipulation (update, deletion, etc.) of the data stored in the corresponding row.
  • An entity object often encapsulates business logic for the corresponding row to ensure that the desired business rules are consistently enforced.
  • An entity object may also be associated with other entity objects to reflect relationships existing between rows stored in the underlying database.
  • FIG. 2 shows a block diagram of a computing environment 200 for facilitating communication between a mobile computing device and enterprise computer systems according to some embodiments of the present invention.
  • a mobile computing device e.g., computing device 202
  • one or more enterprise computer systems such as a cloud enterprise computer system 240 (e.g., "serviceprovider.com”) and an on-premises enterprise computer system 250.
  • Such communications may be to exchange or transfer enterprise data, request services provides by an enterprise computer system, communicate messages, or combinations thereof.
  • Messages may include service invocation messages, result messages, request messages, other messages communicated internally, other messages communicated between a computing device and an enterprise computer system, or combinations thereof.
  • a message may include a message type (e.g., a type value from a set of shared type constants), a correlation id (e.g., an id used to correlate this message with one or more other messages), priority information to support for priority based message queues, timeout, sensitivity indicator to support message data isolation, message source (e.g., a uniform resource identifier of a sender), a message destination (e.g., a uniform resource identifier that uniquely identifies the destination, a request context (e.g., request information from dispatcher), and/or a message payload.
  • the payload may have different attributes depending upon the type of message that is being sent, such as parameter data and result data.
  • Enterprise data as described herein may include data received from an enterprise computer system, data sent to an enterprise computer system, data processed by an enterprise computer system, or combinations thereof.
  • the enterprise data may be distinguishable from data for consumer applications and/or services.
  • enterprise data may change based on application or use of the enterprise data, whereas data for consumer applications (e.g., consumer data) may remain static through use.
  • enterprise data may include or be associated with rules that indicate criteria for storing, using, and/or managing the enterprise data.
  • enterprise data may be associated with policy information that indicates one or more policies for storing, using, and/or managing the enterprise data.
  • policy information may be included in enterprise data.
  • enterprise data may include data processed, stored, used, or communicated by an application or a service executing in an enterprise computer system.
  • enterprise data may include business data (e.g., business objects) such as "JavaScript Object Notation"("JSON") formatted data from enterprise applications, structured data (e.g., key value pairs), unstructured data (e.g., internal data processed or used by an application, data in JSON format, social posts, conversation streams, activity feeds, etc.), binary large objects (“BLOBs”), documents, system folders (e.g., application related folders in a sandbox environment), data using REST techniques (referred to herein as "RESTful data”) (e.g., synchronization data made available by REST endpoints), system data, configuration data, synchronization data, or combinations thereof.
  • business data e.g., business objects
  • structured data e.g., key value pairs
  • unstructured data e.g., internal data processed or used by an application, data in JSON format
  • enterprise data may include REST-formatted enterprise data.
  • REST- formatted enterprise data may include RESTful data.
  • REST-formatted data may include data formatted according to REST techniques implemented by an enterprise computer system.
  • Configuration or synchronization data may include data used for synchronization of enterprise data, such as versions, history, integration data, etc.
  • Documents in enterprise data may include XML files, visual assets, configuration files, media assets, etc.
  • a BLOB may include a collection of binary data stored as a single entity in a database management system, such as an image, multimedia object, or executable code, or as otherwise known in the art.
  • An enterprise computer system may include various computing systems that are configured to operate for an entity or an enterprise.
  • an enterprise computer system may include one or more computer systems, such as an enterprise server computer (e.g., a back-end server computer), to handle requests for services.
  • An enterprise computer system may include applications and/or services, which can process and/or operate using enterprise data.
  • enterprise computer system 250 may provide one or more services and/or applications for managing or operating an enterprise. Services may include, without restriction, customer relationship management ("CRM”), human capital management (“HCM”), human resource (“HR”) management, supply chain management, enterprise communication, email communication, business services, other enterprise management services or applications, or combinations thereof.
  • Enterprise computer system 250 may include one or more computer systems dedicated to providing one or more services.
  • each different computer system providing a service may be located on-premise of an enterprise or may be located remotely from an enterprise.
  • multiple different computer systems supporting different services may be situated in a single geographical location, such as on-premises of an enterprise.
  • on-premises enterprise computer system 250 may include an HR system 254 and a CRM system 256, both of which may be located on-premises of an enterprise.
  • enterprise computer system 250 may include or implement an agent system 252 to facilitate or handle communication between cloud computer system 210 and one or more enterprise systems 254, 256.
  • Enterprise computer systems such as cloud enterprise computer system 240 and on-premises enterprise computer system 250 are described below in further detail.
  • the computer environment 200 may include MCS 212 implemented to operate as a secure intermediary computing environment that may facilitate communication between the computing device 202 and one or more enterprise computer systems because computing device 202 may not be configured to communicate with such enterprise computer systems.
  • MCS 212 implemented to operate as a secure intermediary computing environment that may facilitate communication between the computing device 202 and one or more enterprise computer systems because computing device 202 may not be configured to communicate with such enterprise computer systems.
  • some enterprise computer systems may be supported by legacy or back-end computer systems. Such systems may be configured to operate using different
  • MCS 212 may support communication with different types of mobile computing devices. As such, MCS 212 may implement techniques to facilitate communication between enterprise computer systems and mobile computing devices to enable them to communicate with each other despite their incompatibilities in communication, such as differences between formats or communication protocols. For example, MCS 212 may translate communication protocols between mobile computing devices and enterprise computer systems.
  • Cloud computer system 210 may support MCS 212.
  • Cloud computer system 210 may be implemented using hardware, software, firmware, or combinations thereof.
  • cloud computer system 210 may include one or more computing devices, such as a server computer.
  • Cloud computer system 210 may include one or more memory storage devices and one or more processors.
  • a memory storage device can be accessible to the processor(s) and can include instructions stored thereon which, when executed by the processor(s), cause the processor(s) to implement one or more operations disclosed herein.
  • the memory storage devices may operate as local storage (e.g., cache).
  • Cloud computer system 210 may include different kinds of operating systems.
  • a memory storage device may be accessible to the processor(s) and may include instructions stored thereon which, when executed by the processor(s), cause the processor(s) to implement one or more operations, methods, or processes disclosed herein.
  • the memory storage may operate as local storage.
  • Local storage may be implemented using any type of persistent storage device, such as a memory storage device or other computer readable storage medium.
  • local storage may include or implement one or more databases (e.g., a document database, a relational database, or other type of database), one or more file stores, one or more file systems, or combinations thereof.
  • the local storage may store enterprise data.
  • cloud computer system 210 may include one or more data stores, such as a metadata repository 224, diagnostics store 226, and an analytics store 228.
  • the data stores 224, 226, 228 may be accessible by any component in cloud computer system 210.
  • Metadata repository 224 may store all the metadata associated with MCS 212. This information may be composed of both run-time and design-time data, each having their own requirements on availability and performance.
  • a tenant or subscriber of MCS 212 may have any number of applications. Each application may be versioned and may have an associated zero or more versioned resource APIs and zero or more versioned services implementations those resource API contracts. These entities are what the run-time uses to map virtual requests (mAPIs) to the concrete service implementation (service). This mapping provides a mobile developer with the luxury of not having to know the actual implementation service when she designs and builds her application. As well as not requiring her to have to republish a new application on every service bug fix.
  • mAPIs virtual requests
  • Metadata repository 224 may store one or more callable interfaces, which may be invoked by a computing device (e.g., computing device 202).
  • the callable interfaces may be customizable by a user (e.g., a developer) of an application to facilitate communication with MCS 212.
  • Metadata repository 224 may store metadata corresponding to one or more configurations of a callable interface.
  • Metadata repository 224 may be configured to store metadata for implementing a callable interface.
  • the callable interface may be implemented to translate between a one format, protocol, or architectural style for communication and another format, protocol, or architectural style for communication.
  • Metadata repository 224 may be modifiable by an authenticated user via the external network.
  • Diagnostics store 226 may store diagnostics information about processing occurring in MCS 212. Diagnostics store 226 may store messages communicated via MCS 212 and log information. Analytics store 228 may store logging and analytics data captured during processing in the system.
  • cloud computer system 210 may utilize its computing resources to enable execution of custom code 216 (e.g., operations, applications, methods, functions, routines, or the like).
  • Computing resources may be allocated for use with respect to a particular user associated as a subscriber or tenant to MCS 212. Resources may be allocated with respect to a user, a device, an application, or other criterion related to a subscriber.
  • MCS 212 may be scaled in or out, depending on the demand of mobile computing devices seeking to communicate with enterprise computer systems. MCS 212 can be configured such that it is elastic to handle surges and temporary periods of higher than normal traffic between mobile computing devices and enterprise computer systems.
  • MCS 212 may include elements that support scalability such that components may be added or replaced to satisfy demand in communication.
  • Computing device 202 may communicate (e.g., send a request message) with MCS 212 to request service provided by an enterprise computer system.
  • Computing device 202 e.g., a mobile computing device
  • Computing device 202 may communicate with enterprise computer systems 240, 250 via MCS 212.
  • Computing device 202 may include or may be implemented as an endpoint device, a PDA, a tablet computer, a laptop computer, a mobile computing device, a desktop computer, a wearable computer, a pager, etc.
  • Computing device 202 may include one or more memory storage devices and one or more processors. Computing device 202 may include different kinds of operating systems.
  • a memory storage device may be accessible to the processor(s) and may include instructions stored thereon which, when executed by the processor(s), cause the processor(s) to implement one or more operations, methods, or processes disclosed herein.
  • the memory storage may operate as local storage. Local storage may be implemented using any type of persistent storage device, such as a memory storage device or other computer readable storage medium.
  • local storage may include or implement one or more databases (e.g., a document database, a relational database, or other type of database), one or more file stores, one or more file systems, or combinations thereof.
  • the local storage may store enterprise data.
  • computing device 202 may be configured to execute and operate one or more applications such as a web browser, a client application, a proprietary client application, or the like.
  • the applications can include specific applications configured for enterprise data and/or services provided by an enterprise computer system.
  • Client applications may be accessible or operated via one or more network(s).
  • Applications may include a graphical UI ("GUI") for operating the application.
  • GUI graphical UI
  • Computing device 202 may communicate with MCS 212 via one or more communication networks using wireless communication. Examples of communication networks may include a mobile network, a wireless network, a cellular network, a LAN, a wide area network ("WAN"), other wireless communication networks, or combinations thereof.
  • computing device 202 may establish a communication connection 214 with MCS 212 using a custom communication protocol (e.g., a custom protocol). Connection 214 may be established with MCS 212 through cloud computer system 210.
  • the custom protocol may be an HTTP-based protocol.
  • computing device 202 may operate on any computing device platform to communicate with cloud computer system 210.
  • Computing device 202 may communicate with cloud computer system 210 through one or more callable interfaces, e.g., APIs.
  • a callable interface may be implemented on computing device 202.
  • the callable interface may be implemented for custom applications that enable those applications to communicate with MCS 212.
  • a callable interface may be developed for MCS 212.
  • the callable interface may enable applications to communicate with MCS 212 without having to adapt to differences in protocols (e.g., communication or development protocols) and/or architectural styles or formats.
  • MCS 212 may be protected by one or more firewalls 204, 230 to provide a secure environment to process requests and execute custom code 216. Communication between computing device 202 and MCS 212 may be separated by an external communication firewall 204. Firewall 204 may be connected with cloud computer system 210 to facilitate secure access to MCS 212. Firewall 204 may permit communication of messages between cloud computer system 210 and computing devices (e.g., computing device 202). Such messages (e.g., HTTP messages or REST messages) may conform to a communication protocol (e.g., HTTP or REST), which may be supported by a callable interface. In another example, a message between cloud computer system 210 and computing device 202 may conform to a communication protocol such as SPDY.
  • a communication protocol such as SPDY.
  • MCS 212 may manage firewall 230 to secure communication between cloud computer system 210 and enterprise computer systems 240, 250.
  • Firewall 230 may permit communication of messages between cloud computer system 210 and computing devices (e.g., computing device 202). Such messages (e.g., SPDY messages, HTTP messages or REST messages) may conform to a communication protocol (e.g., SPDY, HTTP, or REST).
  • Communication between computing device 202 and enterprise computer systems 240, 250 may be two-way via MCS 212.
  • firewalls 204, 230 provide an added layer of protection for communications to and from MCS 212.
  • Firewalls 204, 230 may enable MCS 212 to distinguish its internal network from an external network connecting computing device 202 and enterprise computer systems 240, 250.
  • firewalls 204, 230 although shown as two distinct firewalls, may be implemented as a single firewall that encapsulates MCS 212.
  • Cloud computer system 210 may further operate as an intermediary computing environment by communicating with enterprise computer systems, some of which may have different communication protocols. Such communication protocols may be custom or specific to an application or service in communication with cloud computer system 210. Further, cloud computer system 210 may communicate with an enterprise computer system to provide enterprise services and/or to exchange enterprise data according to a format supported by the enterprise computer system.
  • Cloud computer system 210 may maintain local storage (e.g., local cache) of enterprise data and may use the local storage to manage synchronization of the enterprise data between mobile computing devices and enterprise computer systems 240, 250.
  • Computing device 202 may communicate (e.g., send a request message) with MCS 212 to request service provided by an enterprise computer system. Requests that are received through firewall 204 may be processed first by security service 232. Security service 232 may manage security authentication for a user associated with a request.
  • a cloud computer system may provide technical advantages that include providing security mechanisms described herein which may protect the integrity of customer communications and enterprise data. Technical advantages of cloud computer system may include preventing or reducing compromised communications and/or data from being compromised,
  • security authentication may be determined for a request, a session, a user, a device, other criterion related to the user, or combinations thereof. Security authentication may be performed for each request that is received. In some embodiments, security service 232 may determine authentication based on a previous verification of a request. Security authentication may be determined for a user or a device such that requests to different enterprise computer systems 240, 250 may be authenticated based on a single verification of security. [0142] Further technical advantages of the invention may include a cloud computer system enabling a computing device to communicate with various enterprise computer systems, some of which may be implemented differently. For example, a computing device 202, cloud computer system 210, and enterprise computer system 250 may be located at different geographical locations, physically separated from each other. Therefore, computing device 202 can communicate with enterprise computer system 250 regardless of their location.
  • Technical advantages may include a cloud computer system enabling a computing device to communicate requests for services to enterprise computer systems, which may support one or more distinct security protocols.
  • an enterprise computer system may be supported by a back-end system that is not easily adaptable to a different security protocol.
  • a user e.g., an administrator or an architect
  • Technical advantages may enable such desires to be met by implementation of a cloud computer system, as described herein, which can handle security authentication, such that requests can meet the security measures of different enterprise computer systems that are being requested.
  • security service 232 may determine a security protocol for a requested enterprise computer system and accordingly generate a security token according to such security protocol.
  • the security token may be passed along with a request to an enterprise computer system to enable that enterprise computer system to verify authentication based on the generated security token.
  • Enterprise computer systems may support different security protocols.
  • a security protocol may be a standard by which security is determined.
  • Security may be verified based on a security token that is generated by security service 232.
  • Security service 232 may determine a security protocol for an enterprise computer system identified for a request.
  • an enterprise computer system 250 may have an agent system 252, which may be configured or implemented according to a custom or specific security protocol supported by MCS 212. As such, MCS 212 may generate a security token according to such custom security protocol.
  • Cloud computer system 210 may include, implement, and/or communicate with one or more load balancer systems 206, 208. Upon determining security authentication, cloud computer system 210 may request any one of load balancer systems 206, 208 to examine a request that it receives and to detect which service the request is directed to. MCS 212 may be configured with load balancers 206, 208 and updated with resources that get started up, so that when a request comes in, load balancers 206, 208 can balance a requested load across the different resources. [0145] Cloud computer system 210 may include a dispatcher 218 that may handle requests and dispatch them to the appropriate service. A request may be routed to an appropriate service upon dispatch.
  • a service itself may route an internal request to another internal service in MCS 212 or in an enterprise computer system.
  • dispatcher 218 may resolve a request to determine its destination based on a location (e.g., an address) of a destination identified in a URI and/or URL of the request.
  • Dispatcher 218 may parse a request and its header to extract one or more of the following information: tenant identifier, service identifier, application name, application version, request resource, operation and parameters, etc.
  • Dispatcher 218 can use the parsed information to perform a lookup in metadata repository 224.
  • Dispatcher 218 may retrieve a corresponding application metadata.
  • Dispatcher 218 may determine the target service based on the requested resource and the mappings in the metadata.
  • Dispatcher 218 may perform any dispatcher-specific logging, metrics gathering, etc. Dispatcher 218 may then perform initial authorization according to the application metadata. Dispatcher 218 may format the inbound request and any other necessary information and place the message on routing bus 220 for further processing. Dispatcher 218 may place a request on a queue and await the corresponding response. Dispatcher 218 may process responses received from routing bus 220 and return a response to computing device 202. [0146] In addition to handling the dispatching for external requests, dispatcher 218 may also play a role in dispatching internal requests. Such internal requests can come in the form of composite services or custom code invocations to services. In both cases, the caller could use a logical service name as defined within the application. Dispatcher 218 may use the current execution context to determine the application and use that logical name to determine the appropriate service to invoke.
  • Cloud computer system 210 may include a routing bus 220 to manage deliver of messages to destinations registered with routing bus 220.
  • Routing bus 220 may operate as a central system for managing communications in cloud service 212. Data communicated through routing bus 220 may be processed to capture and store the data. Routing bus 220 may provide a framework so that additional centralized services (additional authorization, debugging, etc.) can be plugged in easily as necessary. Data captured by routing bus 220 may be stored in diagnostics store 226 and/or analytics store 228.
  • Routing bus 220 may route messages to one or more destinations.
  • a message may include a request to execute custom code 216.
  • routing bus 220 may request 234 custom code 216 to be invoked.
  • routing bus 220 may pass on a request to a destination enterprise computer system identified by information in a request.
  • Routing bus 220 may request 236 an adaptor interface 222 to perform translations, if necessary, to pass a request to an enterprise computer system, e.g., enterprise computer system 240 or enterprise computer system 250.
  • cloud computer system 210 may include or implement adaptor interface 222 to translate or convert a message to a protocol supported by a receiving enterprise computer system.
  • Adaptor interface 222 may establish separate communication connections with each of enterprise computer systems 240, 250.
  • Cloud computer system 210 may be configured to communicate with enterprise computer systems 240, 250 via one or more networks (not shown). Examples of communication networks may include the Internet, a mobile network, a public network, a wireless network, a cellular network, a LAN, a WAN, other communication networks, or combinations thereof.
  • communication connections may be high-speed communication connections facilitated using high-speed communication trunks.
  • cloud computer system 210 may facilitate notifications to a user of computing device 202.
  • Cloud computer system 210 may include an alert
  • the platform may come with built-in state models for popular interaction patterns and be extensible with new state models.
  • Some alert channels may include known communication resources, either oneway or two-way. Examples include SMS, Twitter®, push notifications, and Google Cloud Messaging®.
  • cloud computer system 210 may enable computing device to access and/or request one or more services, such as an object store service, database service, access web services, social services, resource services, or combinations thereof.
  • services such as an object store service, database service, access web services, social services, resource services, or combinations thereof.
  • Cloud computer system 210 may provide an object store service that may provide a storage facility for BLOBs.
  • the basic unit of storage can be text, with read and write operations.
  • a basic query facility for JSON objects may also be offered.
  • Cloud computer system 210 may provide a database service to allow for connectivity to hosted databases for performing queries or writes.
  • Required parameterization may require the full connection string for the database, the SQL string or stored procedure to execute, any parameters and possibly credentials.
  • the necessary information can be provided at run time or be pre-configured in the application metadata.
  • Cloud computer system 210 may provide access to web services such as SOAP web services. Cloud computer system 210 may provide access to REST services, such as connectivity to arbitrary REST resources.
  • Cloud computer system 210 may provide access to social services that may provide basic integration with many of the popular social sites such as Facebook®, Twitter®, etc. These services may allow for third party authentication using the user's credentials from those sites as well as access to their services. Examples include sending a tweet or updating your status.
  • Cloud computer system 210 may provide an public cloud service to enable a user to simplify and optimize communication. For example, a service developer may use the generic web service of MCS 212 to talk to a resource hosted using cloud computer system's 210 cloud service.
  • a cloud computer system such as one described herein, may enable mobile computing devices to communicate with enterprise computer system despite differences in computing resources.
  • a cloud computer system may be equipped with more resources and a faster, more reliable connection to enterprise computer systems to communicate frequently to receive enterprise data.
  • the cloud computer system may manage and coordinate requests for services from enterprise computer systems. By translating requests to a protocol supported by a recipient of a message, the cloud computer system reduces a burden on developers to configure applications for communication with different types of back-end computer systems.
  • Enterprises are able to maintain their back-end systems without having to accommodate advances or changes in communication protocols supported for mobile devices.
  • Different enterprise computer systems may support different security protocols based on a type of requests processed and services provided.
  • security authentication By managing security authentication in a centralized manner for access to different enterprise computer systems, enterprise computer systems do not need to adapt to differences in security protocols.
  • processing requests can become more efficient as authentication may not be performed in every instance.
  • an application may be deployed under a mobile application framework (“MAF") that provides built in security to control access to the application and ensure encryption of sensitive data, such as Oracle MAF from Oracle Corp.
  • MAF is a hybrid mobile architecture that uses HTML5 and Cascading Style Sheets (“CSS”) (to render the UI in the web view), Java (for the application business logic), and Apache Cordova (to access device features such as GPS activities and e-mail). Because MAF uses these cross-platform technologies, the same application can be built for both Android and iOS devices without having to use any platform-specific tools. After an application is deployed to a device, it behaves as applications created using such platform-specific tools as Objective C or the
  • MAF allows for building the same application for smartphones or for tablets, thereby allowing reuse of business logic in the same application and target various types of devices, screen sizes, and capabilities.
  • FIG. 3 illustrates an example mobile application springboard 300 that includes a MAF application called "WorkBetter” that is deployed as a "heavy” application (e.g., a mobile application that sits in a mobile device in the same manner as a normal iPhone app obtained from the App store).
  • a MAF application may include one or more embedded applications added as application features. Such added application features are represented as icons within the main application's springboard or navigation bar.
  • Application features are essentially the building blocks of such mobile application. Each application feature that is integrated into a MAF application performs a specific set of tasks. Application features can be grouped together to complement each other's functionality. For example, an application feature that provides customer contacts may be paired with one for product inventory.
  • each application feature has its own class loader and web view, application features are independent of one another, thus a single MAF application can be assembled from application features created by several different development teams. Application features can also be reused in other MAF applications. A MAF application itself can be reused as the base for another application, allowing independent software vendors ("ISVs") to create applications that can be configured by specific customers.
  • ISVs independent software vendors
  • application features may be implemented as any of the following mobile application types, depending on the requirements of a mobile application and available resources: ⁇ Mobile web applications hosted on a server. For these applications, although the code can be portable between platforms, access to device features and local storage can be limited, as these applications are governed by the device's browser.
  • MAF supports authentication and access control for refined security at the feature level in an application where a developer can specify appropriate login server, e.g., a server running "Oracle Identity Management" and/or "Oracle WebLogic" with basic authentication, a server supporting OAuth protocols, etc. At runtime users are presented with login screens and appropriate tokens are accessible for further Web service calls. With MAF, developers can build single UIs that meet the needs of users with different privileges (e.g., show/hide components based on user role or privilege).
  • privileges e.g., show/hide components based on user role or privilege
  • MAF enforces communication encryption using SSL/TLS (HTTP secure
  • HTTPS HyperText Transfer Protocol
  • MAF on-device encryption to keep credentials in an encrypted key store to be use for validation when supporting offline authentication
  • SQLite database encryption by using the SQLite encryption extension Encrypting a SQLite database for an application built with MAF may be performed via a configuration option when the application is developed.
  • MAF supports offline and online modes of operation for an application so a self-contained application can run on a mobile device in connected and disconnected modes. For data access/storage, such application may leverage a local encrypted SQLite database.
  • the application may be built such that initial access to data is performed from remote servers through Web services, and the data is then stored in the local SQLite database for offline access. The data can be replicated and synchronized to the server when connectivity is available again.
  • MAF also supports local storage of user authentication credential to enable offline authentication/authorization to secured applications.
  • FIGS. 3A and 3B illustrate an HR mobile application UI 302 in accordance with an embodiment of the present invention.
  • UI 302 may be provided upon opening an icon on a springboard such as mobile application springboard 300 of FIG. 3.
  • UI 302 includes various HR related information about an employee, such as picture, title, contact information, social networking information, performance/rating information, compensation information, manager, skills, location, etc.
  • FIG. 3B indicates various sources where the information in UI 302 may be obtained from, such as services located on premise or in the cloud.
  • basic employee information may be obtained from on premise core HR services such as PeopleSoft, Systems, Applications & Products ("SAP”), etc.
  • location information is obtained from a map service such as Google.
  • performance information may be obtained from a talent management cloud service such as TALEO, and social networking information (e.g., Twitter, Facebook, Linkedln, etc.) may be obtained from the web.
  • social networking information e.g., Twitter, Facebook, Linkedln, etc.
  • the information from these various sources is channeled through MCS before being sent down to the application on the mobile device.
  • FIG. 4 is a block diagram of an example MAF runtime architecture 400 including a "thin" native container which is deployed to a device.
  • Runtime architecture 400 represents the MVC development approach which separates the presentation from the model layer and the controller logic.
  • the thin native container allows the MAF application to function as a native application on different platforms (e.g., iOS, Android, etc.) by interacting with the local SQLite database, the Cordova API, and server-side resources. It also enables push notifications.
  • the device native container includes Web View that uses a mobile device's web engine to display and process web-based content.
  • Web View delivers the UI by rendering the application markup as HTML 5.
  • the UI may be created for a mobile application feature by implementing any of the following content types: MAF Application Mobile XML ("AMX") Views, Controller, Server HTML, or Local HTML.
  • AMX MAF Application Mobile XML
  • Controller Controller
  • Server HTML Server HTML
  • Local HTML Local HTML
  • MAF provides a set of code editors that enable a user to declaratively create a UI from components that are tailored to the form factors of mobile devices. These components can be used to create the page layout (e.g., list view) as well as input components (e.g., input fields).
  • the user can leverage data controls. These components enable the user to declaratively create data-bound UI components and access a Web service and the services of a mobile device (e.g., camera, GPS, or e-mail).
  • the JavaScript engine in the Web View renders MAF AMX view definitions into HTML5 and JavaScript.
  • the controller governs the flow between pages in the mobile application.
  • the Controller enables a user to break an application's flow into smaller reusable task flows and include non-visual components such as method calls and decision points.
  • the UI is delivered from server-generated Web pages that can open within the application feature's Web View.
  • this content type is referred to as remote URL.
  • the resources for these browser-based applications do not reside on the device. Instead, the UI, page flow logic, and business logic are delivered from a remote server.
  • the UI, page flow logic, and business logic are delivered from a remote server.
  • the Cordova JavaScript APIs When one of these remotely hosted Web applications is allowed to open within the Web View, it can use the Cordova JavaScript APIs to access any designated device-native feature or service, such as the camera or GPS capabilities.
  • a user can leverage an existing browser-based application that has been optimized for mobile use, or use one that has been written specifically for a specific type of mobile device.
  • the user can implement the remote URL content using applications created through rich client-based components such as those provided by "Oracle ADF Faces" from Oracle Corp.
  • the remote URL content can be delivered from Web pages created using MAF. Not only can applications authored with MAF render on a variety of smartphones, but they can gracefully degrade to the reduced capabilities available on feature phones through UIs constructed with Apache Trinidad JSF components and dynamically selected style sheets. Because the content is served remotely, the application is available only as long as the server connection remains active.
  • HTML pages run on the device as part of the MAF application. Local HTML files can access device- native features services through the Cordova and JavaScript APIs.
  • the device native container further includes the Apache Cordova.
  • Apache Cordova JavaScript APIs that integrate the device's native features and services into a mobile application.
  • Java code or using JavaScript when implementing a MAF mobile application as local HTML
  • the user can add device integration declaratively when creating MAF AMX pages because MAF packages these APIs as data controls.
  • the device native container further includes a Java Virtual Machine ("JVM").
  • JVM Java provides a Java runtime environment for a MAF application.
  • This JVM is implemented in device-native code, and is embedded (or compiled) into each instance of the MAF application as part of the native application binary.
  • the JVM is based on the JavaME Connected Device Configuration ("CDC") specification.
  • CDC JavaME Connected Device Configuration
  • JVM includes business logic, model and JDBC.
  • Java enables the business logic in MAF applications.
  • Managed Beans are Java classes that can be created to extend the capabilities of MAF, such as providing additional business logic for processing data returned from the server. MBeans are executed by the embedded Java support, and conform to the JavaME CDC specifications.
  • Model includes the binding layer that connects the business logic components with the UI.
  • the binding layer provides the execution logic to invoke SOAP- based web services.
  • JDBC is an API that enables the model layer to access the data in the encrypted SQLite database through Create, Read, Update and Delete (“CRUD”) operations.
  • the device native container further includes Application Configuration which refers to services that allow application configurations to be downloaded and refreshed, such as URL endpoints for a web service or a remote URL connection.
  • Application configuration services download the configuration information from a WebDav-based server-side service.
  • the device native container further includes Credential Management, Single Sign- on (“SSO”), and Access Control.
  • MAF handles user authentication and credential management through the "Oracle Access Management Mobile and Social" ("OAMMS") IDM SDKs.
  • MAF applications perform offline authentication, meaning that when users log in to the application while connected, MAF maintains the username and password locally on the device, allowing users to continue access to the application even if the connection to the authentication server becomes unavailable.
  • MAF encrypts the locally stored user information as well as the data stored in the local SQLite database. After authenticating against the login server, a user can access all of the application features secured by that connection.
  • MAF also supports the concept of access control by restricting access to application features (or specific functions of application features) by applying user roles and privileges. For remotely served Web content, MAF uses whitelists to ensure that only the intended URIs can open within the application feature's web view (and access the device features).
  • the device native container further includes Push Handler that enables MAF applications to receive events from the iOS or Android notification servers.
  • the Java layer handles the notification processing.
  • resources that interact with the native container include an encrypted SQLite Database and device services.
  • the embedded SQLite database protects locally stored data and is called by the model layer using JDBC.
  • the MAF application generates this lightweight, cross-platform relational database. Because this database is encrypted, it secures data if the device is lost or stolen. Only users who enter the correct user name and password can access the data in the local database.
  • Device Services are services and features that are native to the device and integrated into application features through the Cordova APIs.
  • the device native container enables access to server- side resources such as Configuration Server, Server-Generated HTML, Apple Push
  • Configuration Server is a WebDav-based server that hosts configuration files used by the application configuration services. Configuration Server is delivered as a reference implementation. Any common WebDav services hosted on a J2EE server can be used for this purpose. Server-Generated HTML includes Web content hosted on remote servers used for browser-based application features. APNs and GCM Push Services are the notification providers that send notification events to MAF applications. SOAP Web Services are remotely hosted SOAP -based web services. These services are accessed through the Java layer. Application features authored in MAF AMX access SOAP -based data services through data controls.
  • FIG. 5 is a block diagram of a system 500 for developing mobile applications in a mobile cloud infrastructure in accordance with embodiments of the present invention.
  • a user may use a user device 528 to develop and build applications in a cloud infrastructure 506 via a Web based tool.
  • the applications may be downloaded on a mobile device 526 over the air, thus obviating the need for an App store.
  • the native applications talk to backends 504 created in MCS 502.
  • MAF runtime architecture 400 of FIG. 4 may be used to deliver an application to mobile device 526.
  • a declarative syntax of an application is deployed on mobile device 526 over the air, and the declarative syntax is interpreted on mobile device 526 by MAF runtime architecture 400 of FIG. 4.
  • Cloud infrastructure 506 includes MCS 502 that provides an admin UI 516 through which application development may be performed.
  • MCS 502 further includes production environments 512 and testing environments 514 in which a mobile application may be developed and tested, respectively. These environments provide production/testing functionality by talking to corresponding backends 504 via connectors.
  • An application is first developed in testing environments 514. Once published, the application moves to production environments 512.
  • a mobile application is developed by using user device 528 to communicate with MCS admin UI 516 (also referred to as portal) through a security layer 524.
  • MCS admin UI 516 includes an application development server 518 that can be interfaced via MCS admin UI 516.
  • An application that is developed in MCS admin UI 516 can be run on a browser of user device 528 or on mobile device 526 by communicating with production environments 512 and/or testing environments 514.
  • mobile device 526 communicates with testing environments 514.
  • the application is updated on mobile device 526, such updates are performed through MCS admin UI 516.
  • An application that is developed in system 500 may be built as a light application or a heavy application.
  • a heavy application is a full application such as apps that are downloaded from an App store.
  • a light application is an application that is deployed as an added feature to an already deployed full application (i.e., a hosting application) such as an Oracle app.
  • the hosting application acts as a container that holds the light applications. Both heavy and light applications can be further containerized by a security container, as described herein with reference to FIG. 7.
  • FIG. 6 is a block diagram of network components in a system 600 for building mobile applications in accordance with embodiments of the present invention.
  • the user interacts with an MCS website to initiates build requests.
  • the mobile device communicates with the MCS Portal VM to perform an over the air install of native applications. This is in general a two part process including downloading a plist file that describes the application as well as the location to download the pa file, and downloading the pa file.
  • the Public OHS / Webgate is a public facing Oracle HTTP Server ("OHS") that directs traffic to the MCS Portal VM behind the firewall. It is also responsible for authenticating the user and passing along the user credentials to MCS Portal VM. Public OHS terminates the SSL connection, and port 443 is used for https.
  • MCS Portal VM is a standard WebLogic Server (“WLS") application whose data is backed by Schema as a Service, and its corresponding application development client is written on top of the Jet framework. This is a single tenant and security is provided via OWSM.
  • WLS WebLogic Server
  • MCS Portal VM runs WLS in the trusted zone. It handles requests by the user and has a connection to the schema service and the build server farm via BIG-IP appliance. It uses open port 80 (or equivalent) for http communication to/from Public OHS and to the BIG-IP appliance, and from the individual servers in the server farm.
  • Schema Service stores application data, enterprise signing certificate, and provisioning profiles for tenant. It only interacts with the MCS Portal VM.
  • a load balancer such as BIG-IP Routes farm tasks to servers in a server farm (initially in a round-robin fashion). It uses open port 80 (or equivalent) and provides redundancy. It is connected to/from the MCS Portal VM and forwards requests to servers in the server farm.
  • the server farm includes a number (e.g., 20) of servers that handle build jobs. It is connected to a filer for storing application binaries (e.g., 5TB). Connections are handled via a local Tomcat instance running locally on server. Build tools and processes handle by native OSX calls. BUILDING AN APPLICATION
  • UI e.g., at https://mcs-tenant- a.cloud.oracle. com/max/build).
  • Payload includes the application id for the application.
  • Public OHS / Webgate receives the request and terminates the SSL, authenticates and authorizes the user against OAM (assuming user is logged in), places user identity into http headers, and forwards this past the firewall to the MCS Portal VM's WLS server (e.g., running at http://mcs-tenant-a.internal/max/build).
  • MCS Portal VM receives the request and authorizes user for privileges against requested application and queries out to Tenant Schema as a Service for application data, tenant enterprise certificate, encrypted cert password, and tenant provisioning profile. Once Schema Service returns the requested items, MCS Portal VM creates a new entry in the BuildJobs table (via Schema Service) to record the attempt, and captures the primary key of this new record.
  • MCS Portal VM also creates a new POST request against the build farm's BIG-IP appliance (e.g., at http://max-mini-farm.internal/build/initiate), passing in the three parameters into the body, as well as a callback URL (which encodes the BuildJob record's primary key) for job completion.
  • An example payload is: applicationData: (app data)
  • Certificate and password are created by user for this embodiment exclusively (i.e., are not shared with other services).
  • Port 3000 is not accessible publicly.
  • BIG-IP maintains a list of healthy servers in the server farm. This is done via a health check that performs sanity checks every few minutes. It selects a server (e.g., via round robin when jobs are of equal complexity) from the healthy pool, and routes the job request to that server (e.g., http ://mac-minil . internal/build/initiate).
  • a server in the server farm includes a Tomcat running on the server. It receives request and starts an external process. This runs on an async servlet to prevent I/O blocking request thread pool.
  • Tomcat creates a POST request to the callback URL in the request payload. The payload for this new request includes: result: (success if successful, etc)
  • MCS Portal VM recieves the request and updates the given BuildJobs record's row with the binaryKey from the payload if the event was successful. It also informs the client the job was completed (e.g., via polling on 1 lg, push or async servlet with 12c planned), and produces a QR code with an encoded link (e.g., https://mcs-tenant- a.cloud.oracle.com/max/native-application/(binaryKey)).
  • an over the air install is initiated. Scanning the QR code opens the URL encoded (e.g., https://mcs- tenant-a.cloud.oracle.com/max/native-application/(binaryKey)).
  • Public OHS / Webgate receives the request and terminates the SSL. It authenticates and authorizes the user against OAM (assuming the user is logged in), places user identity into http headers, and forwards this past the firewall to the MCS Portal VM's WLS server (e.g., running at http://mcs-tenant- a.internal/max/build).
  • MCS Portal VM receives the request and authorizes user for privileges against requested application. It determines user-agent of requesting device, identifies the platform (e.g., iOS) and forwards to a corresponding URL (e.g., https://mcs-tenant- a.cloud.oracle.com/max/native-application/plist/(binaryKey)). It also directs to Public OHS, which will in turn forward to MCS Portal VM to reauthorize (as performed during the build request described herein).
  • platform e.g., iOS
  • URL e.g., https://mcs-tenant- a.cloud.oracle.com/max/native-application/plist/(binaryKey)
  • MCS Portal VM receives the request and generates a plist file (e.g., an iOS plist file) that includes application information for a corresponding platform (e.g., iPhone) as well as a link to the binary (e.g., https://mcs-tenant- a. cloud.oracle .com/max/native-application/ios/(binaryKey)) .
  • a plist file e.g., an iOS plist file
  • a corresponding platform e.g., iPhone
  • a link to the binary e.g., https://mcs-tenant- a. cloud.oracle .com/max/native-application/ios/(binaryKey)
  • the device then prompts the user if they want to install the application. Assuming yes, the device follows the binary link. It also directs to Public OHS, which will in turn forward to MCS Portal VM to reauthorize (as performed during the build request described herein). MCS Portal VM receives the request and generates a new request to the build server farm (e.g., via: http://max-mini-farm.internal/download/ios/(binaryKey)).
  • BIG-IP selects a server in the server farm (e.g., via round robin) from the healthy pool and routes the job request to that server (e.g., http://mac-minil . internal/ download/ios/(binaryKey)).
  • An application server e.g., a Tomcat on that server receives the request, checks if content exists, and streams the binary from the network (e.g.,
  • FIG. 7 is a block diagram of mobile security suite components in an embodiment that uses security services provided by a mobile security suite 700 such as OMSS.
  • OMSS components are distributed across the corporate DMZ and the enterprise intranet (or corporate network), and a security container such as "Oracle Mobile Security Container” from Oracle Corp. is installed on the mobile device.
  • the security container is configured to hold "containerized” applications, e.g., applications that have been securely linked to their specific container.
  • the security container includes a secure browser, file manager, document editor, and an optional secure mobile mail manager.
  • the secure mobile mail manager includes personal information management ("PIM”) applications such as a mail client, calendar, contacts, tasks, and notes synchronizing with corporate mail servers via the PIM" applications such as a mail client, calendar, contacts, tasks, and notes synchronizing with corporate mail servers via the PIM (PIM”) applications such as a mail client, calendar, contacts, tasks, and notes synchronizing with corporate mail servers via the PIM" applications such as a mail client, calendar
  • EAS Microsoft Exchange ActiveSync
  • Many applications such as “Oracle Business Intelligence” (“BI), “Oracle Fusion Tap,” “Oracle Social Network,” “Oracle Enterprise Manager Cloud Control,” “Oracle WebCenter Spaces,” etc., and a broad range of third-party enterprise applications can be containerized with the security container. All data at rest inside containerized applications on a mobile device is encrypted. Encrypted data storage includes database, file store, cache, and user preferences. In one embodiment, data in transit through the AppTunnel is encrypted using TLS/SSL with Federal Information
  • Security containers use a key hierarchy to protect data. All keys are derived from user credentials that are never stored. The key hierarchy involves multiple keys to support different sensitivity of data. For example, a unique key is used for the user's authentication certificate, which is allowed to be open for a very short period of time. A different key is used for the browser cache, which must remain decrypted for an entire session.
  • the main security container distributes and manages keys for the complete set of apps in the user's secure enterprise workspace.
  • the secure container has three distinctive benefits over current mobile virtual private network (“VPN”) solutions: device trust vs. gateway, secure container password vs. device password, and secure container AppTunnel vs. device-level VPN.
  • OMSS extends a network's Kerberos authentication trust directly to the user's device instead of stopping at a gateway server sitting in the DMZ.
  • OMSS is significantly more efficient and secure than implementing "constrained delegation" offered by VPN providers.
  • a constrained delegation solution is not only less secure but also more cumbersome to set up and maintain.
  • the tradeoff between usability and security is magnified when dealing with consumer devices and BYOD programs. Corporate IT requires strong passwords to protect corporate data on BYOD devices.
  • Embodiments provide the necessary balance between security and usability when dealing with BYOD programs by requiring a password only to access corporate applications.
  • device-level VPNs provide a trusted, secure tunnel between a user's device and the enterprise's network.
  • device-level VPN solutions are more appropriate for corporate-owned and secured endpoint devices such as laptops than for consumer mobile devices. Once a mobile-device VPN tunnel is open to the network, any application on a device has access to this secure tunnel. This is a huge security hole and a pathway to danger. With embodiments, however, the connection from the mobile device to the enterprise intranet exists only between the secure container and enterprise servers.
  • MSAS is typically deployed in the corporate DMZ and multiple server instances can be deployed behind a load balancer for high availability and scalability. MSAS provides tunneled connections between the server and containerized apps. MSAS brokers
  • MSAS is integrated with the OAM platform and supports the retrieval of OAM and OAuth tokens for SSO to backend resources protected by OAM, OAG, and OWSM. MSAS also supports "virtual smart card" authentication by performing PKI authentication to Microsoft Active Directory protected by a PIN. Digital certificates are provisioned inside the security container app and only accessed after successful PIN validation. MSAS integration with OAM allows for context aware, risk based, step-up authentication.
  • OWSM is a component of SOA Suite and addresses web-services-based SOA security and management.
  • the purpose of a SOA infrastructure is to allow consumers to invoke services exposed by providers.
  • OWSM offers a solution for policy management and security of such service infrastructure. It provides visibility and control of the policies through a centralized administration interface offered by "Oracle Enterprise Manager" from Oracle Corp.
  • OWSM allows companies to (1) centrally define and store declarative policies applied to the multiple web services making up a SOA infrastructure, (2) locally enforce security and management policies through configurable agents, and (3) monitor runtime security events such as failed authentication or authorization. It also provides business agility to respond to security threats and security breaches by allowing policy changes to be enforced in real time without the need to interrupt the running business processes.
  • MSM Organic Mobile Security Manager
  • LDAP Low-power Equivalent Privacy
  • polices are assigned to users by associating policy templates with users and user groups.
  • Available policy controls include Device Restrictions, Authentication (authentication frequency, failed attempt threshold, PIN strength for PKI); Catalog (apps, URLs, file shares); Container/ Apps (compromised platform, location services, offline status, inactivity duration, data leak prevention ("DLP")); Time Access (lock if outside time window); Geo Access (lock if outside geo-fence (e.g., city, state, country)); Devices (whitelist specific device models, specify minimum OS level); Browser (disable address bar, disable download); File Browser (allow/disallow, disable download, specify file server URL); PIM (mail server URL);
  • Provisioning invite template, PKI details. If a user is in multiple groups and has multiple policies, policy combinations are resolved following specific rules.
  • MSM maintains the EMM policies, which are then associated to one or more user groups in the directory. MSM does not perform any user or group management but leverages these identities and groups directly (no synchronization) from the directory store. MSM uses APNS and CGN over HTTPS to send notifications to devices. MSM also exposes a
  • OAMMS includes a server that interfaces with existing backend identity management infrastructures. The server acts as an intermediary between supported mobile client apps and backend identity services. This decouples the client apps from the backend infrastructure so that backend infrastructure can be modified without having to update mobile client programs.
  • OAMMS includes the following functionality:
  • OAMMS Internet Identity Services
  • Cloud-based identity authentication and authorization services such as Google, Yahoo, Facebook, Twitter, or Linkedln.
  • OAMMS By deploying OAMMS, the user is provided with multiple login options without the need to implement access functionality for each identity provider individually.
  • User Profile Services providing a REST interface for LDAP CRUD operations (customers use the same REST interface to build graphical UIs for apps), user self service functions such as self registration, profile maintenance, password management, and account deletion.
  • User Profile Services are also available as an OAuth resource.
  • FIG. 8 is an illustration of mobile application development portal 800 that may be included in application development framework 124 for creating applications that use mobile cloud services 122 of cloud infrastructure system 102 of system environment 100 of FIG. 1 in one embodiment.
  • FIG. 8 is merely illustrative of an embodiment or implementation of mobile application development portal 800 and should not limit the scope of any invention as recited in the claims.
  • One of ordinary skill in the art may recognize through this disclosure and the teachings presented herein other variations, modifications, and/or alternatives to those embodiments or implementations illustrated in the figures.
  • mobile application development portal 800 includes hardware and/or software elements that allow developers to create mobile applications through application development framework 124 with access to underlying components of mobile cloud services 122.
  • Mobile backend services module 810 provides developers with one or more tools, user interfaces, wizards, etc. to design, test, implement, deploy, and manage any number or type of backend services. Some examples of backend services include push notification services, storage services, user management services, or the like. A developer can specify how mobile applications access or utilize these backend services. Once backend services are created, the backend services can be automatically presented to a developer during application creation allowing the developer to select from a set of predetermined backend services for inclusion or use in a mobile application.
  • Application program interface module 820 provides developers with one or more tools, user interfaces, wizards, etc. to design, test, implement, deploy, and manage application program interfaces (APIs) for use across mobile backend services.
  • a developer can create one or more software intermediaries that make it possible for mobile applications to interact with backend services deployed using mobile backend services module 810.
  • a developer can create an implementation of representational state transfer (REST) that exposes specific functionality while protecting the rest of a backend service.
  • REST representational state transfer
  • a developer can create API that exposes functionality of a backend service according to predetermined criteria, such as user identity, mobile device type, data type, etc.
  • Connectors module 830 provides developers with one or more tools, user interfaces, wizards, etc. to design, test, implement, deploy, and manage connections with other databases, applications, cloud-based applications and services, or external APIs.
  • a developer can create one or more connections that make it possible for mobile applications to interact with other types of services, external applications or database, third-party APIs, or the like.
  • a developer can specify that connectors access these services using a variety of techniques, such as REST or simply object access protocol (SOAP).
  • Storage module 840 provides developers with one or more tools, user interfaces, wizards, etc. to design, test, implement, deploy, and manage storage used across mobile backend services.
  • a developer can create one or more storage collections that make it possible for mobile applications to retrieve and store data with mobile backend services.
  • User management module 850 provides developers with one or more tools, user interfaces, wizards, etc. to manage user access to mobile backend services.
  • a developer can create one or more user collections, user roles, user groups, or the like that make it possible for mobile applications to comply with user access restrictions for mobile backend services.
  • Application composer module 860 provides developers with one or more tools, user interfaces, wizards, etc. to design, test, implement, deploy, and manage mobile applications.
  • Mobile applications can be created for a variety of target platforms and devices, such as IOS, Android, Blackberry, or the like.
  • application composer module 860 provides a cloud-based rapid application development environment for building enterprise mobile applications.
  • Application composer module 860 can package and deploy mobile applications as native apps.
  • Application composer module 860 may be embodied as a multi- tenant application development environment hosted on Oracle Public Cloud, provided by Oracle of Redwood Shores, CA. Application composer module 860 therefore can provide complete application lifecycle management in a cloud-based service.
  • application composer module 860 provides features applicable to a variety of user personas.
  • a business analyst may be a user who has good functional knowledge of a target back-end system like customer relationship management (CRM), human capital management (HCM), or the like.
  • CRM customer relationship management
  • HCM human capital management
  • the business analyst can rapidly develop mobile applications using application composer module 860 through their understanding of business object relationships and their familiarity with general programming concepts.
  • This type of user is typically comfortable using tools like CRM Application Composer, WebCenter Layout Composer, SOA Business Process Composer, SFDC Application Configuration tool etc. enabling developers to efficiently create new mobile applications using application composer module 860.
  • an application developer can be a user that is comfortable with writing code using IDEs like JDeveloper and uses application development frameworks like ADF, OAFwk, Spring, J2EE etc. to extend and customize enterprise applications. This type of user can apply these principles to efficiently create new mobile applications using application composer module 860.
  • an application administrator can be a user responsible for configuration, deployment, provisioning, patching and general maintenance of applications and application development environment. This type of user can again apply these principles to efficiently create new mobile applications using application composer module 860.
  • a business analyst can expose mobile friendly REST APIs on the EBS backend using MCS 122. The business analyst can then build the mobile application using components of mobile application development portal 800.
  • a partner may build extensions to a CRM product and seek to create a custom mobile application with the extensions and CRM services as backend.
  • An application developer can extend the CRM with custom objects in JCS and uses MCS 122 to expose mobile friendly API mash-up for CRM and Custom objects.
  • a business analyst can then build a mobile application using components of mobile application development portal 800 to incorporate the mash-up MCS API.
  • a SIEBEL customer may build a custom mobile application using MCS API wrappers for SIEBEL backend and integration with Linkedln.
  • An application developer can build ADF Mobile Linkedln features in JDev and deploy the features using components of mobile application development portal 800.
  • a business analyst can then build a mobile application using components of mobile application development portal 800 with the MCS API for SIEBEL and the Linked feature.
  • systems and methods are provided for building mobile application using pre-defined templates.
  • the pre-defined templates allow use of MCS 122 as backend services.
  • a service definition can be presented to a developer during application development allowing rapid connection between UI design and backend services.
  • FIG. 9 is a flow diagram of a method for mobile application development in accordance with embodiments of the present invention.
  • the functionality of the flow diagram of FIG. 9 is implemented by software stored in memory or other computer readable or tangible medium, and executed by a processor.
  • the functionality may be performed by hardware (e.g., through the use of an application specific integrated circuit ("ASIC"), a programmable gate array (“PGA”), a field
  • FPGA programmable gate array
  • An application definition wizard as used herein represents a set of one or more UIs that guide a user during the definition process of a mobile application that utilizes one or more pre-defined cloud- accessible services.
  • the application definition wizard can implement one or more workflows each associated with a part of the application definition process.
  • the application definition wizard can prompt or otherwise guide a user to specify application defaults, such as application identifier prefixes, default icons, splash screens, default application/feature templates, setup enterprise provisioning profile / keystore, or the like.
  • the application definition wizard can prompt or otherwise guide a user to specify an application name, a form factor (such as a phone or tablet device), a navigation type (e.g., none meaning a single feature or UI, as springboard, a navigation bar ("NavBar”), a Spring/Nav combo, or the like), and any application preferences.
  • a form factor such as a phone or tablet device
  • a navigation type e.g., none meaning a single feature or UI, as springboard, a navigation bar ("NavBar”), a Spring/Nav combo, or the like
  • any application preferences e.g., none meaning a single feature or UI, as springboard, a navigation bar ("NavBar”), a Spring/Nav combo, or the like.
  • an application definition is received.
  • the application definition can include any information needed in order to create at least a minimally functional mobile application.
  • a mobile application is generated based on the application definition.
  • the mobile application is represented in a simulator of the target device and can include a set of definitions that when interpreted, function as a compiled mobile application.
  • a feature selection wizard as used herein represents a set of one or more UIs that guide a user during the development process of a mobile application that utilizes one or more pre-defined cloud-accessible services.
  • the feature selection wizard can implement one or more workflows each associated with a part of the application development process.
  • the feature selection wizard can prompt or otherwise guide a user to specify features, UI modules, Business Object, or the like that can be used with the mobile application.
  • the feature selection wizard can prompt or otherwise guide a user to specify components of the first screen of the mobile application. A component can be selected from a catalog of components.
  • the feature selection wizard can prompt or otherwise guide a user to specify components of other screens of the mobile application. These other screens can form part of one or more UI modules.
  • the feature selection wizard can prompt or otherwise guide a user to specify one or more UI modules of the mobile application.
  • a UI module represents a processor, task, or flow that can be performed with respect to the mobile application.
  • a UI module can be selected from a catalog of UI modules or a set of templates that provide cohesive collections of UI elements and page flows. Some examples of UI modules are approval workflows, worker tasks, data entry tasks, reports builders, or the like.
  • a template provides a pre-set arrangement/biding of a set of UI elements so that a user only needs to configure those UI elements and bind the template instead of having to arrange and bind individual UI elements.
  • a user may contribute their own templates to the set of templates available to another user.
  • the user can configure or otherwise specify a series of pages that represent the UI Module. For each page, the user can be presented with a set of layout templates much like before.
  • Each layout template might have several facets such as choosing a secondary template.
  • the feature selection wizard can prompt or otherwise guide a user to specify additional features of the mobile application, such as business objects previously defined.
  • the user can specify what resource of the backend service, API, or connector is to be used or otherwise associated with UI elements of each component, screen, UI module, or the like.
  • a data binding wizard as used herein represents a set of one or more UIs or UI elements of an existing UI that guide a user during the data binding process of a mobile application that utilizes one or more pre-defined cloud-accessible services.
  • the data binding wizard can implement one or more workflows each associated with a part of the application development process.
  • the data binding wizard can prompt or otherwise guide a user to specify how features, screens, UI modules, etc., are bound to business objects, services, APIs, or the like that can be used with the mobile application.
  • the data binding wizard can prompt or otherwise guide a user to specify a business object of the mobile application.
  • a business object can be selected from a catalog or set of services, APIs, etc. that are available to the mobile application.
  • steps 940- 870 can be performed in series or in parallel. Individual steps in 940-870 can be performed on individual element of a mobile application or to a group of elements. As illustrated, a user can repeat the process of feature definition and data binding to create a mobile application.
  • a set of templates can be presented to the developer.
  • a template includes a set of cohesive user interface components. Rather than requiring the developer to bind data to each individual user interface elements, the developer can bind data to the template and then map how the data is presented using the template.
  • the mobile application is deployed. The user can test the application using a testing application deployed on a target device, or as a native application deployed on a target device.
  • FIGS. 10-13 are illustrations of one or more user interfaces that may be presented by the application definition wizard.
  • user interface 1000 includes user interface element 1010 where a developer specifies a name for a new mobile application.
  • User interface element 1020 is associated with functionality that initiates the creation of the new mobile application.
  • FIGS. 11 and 12 illustrate user interfaces 1100 and 1200 that provide a developer with a workspace that may include links to applications previously created by the developer as well as one or more options or user interface elements to create a new application.
  • FIG. 13 illustrates user interface 1300 that can provide a developer with a video tutorial or other help information to get the developer started with creating the new application.
  • FIGS. 10-13 are illustrations of one or more user interfaces that may be presented by the application definition wizard.
  • user interface 1000 includes user interface element 1010 where a developer specifies a name for a new mobile application.
  • User interface element 1020 is associated with functionality that initiates the creation of the new mobile application.
  • FIGS. 11 and 12 illustrate user interfaces 1100
  • attributes 1410 include an application name, a description, a target device type (e.g., phone, tablet, etc.), an icon. Other attributes may be presented and collected to form the application definition.
  • FIG. 14B illustrates a set of values specified for attributes 1410 in one embodiment.
  • the application definition wizard can prompt or otherwise guide a developer to specify a type of first screen for the mobile application.
  • a developer can be presented with a set of screen types, such as simple screen, a screen with top tabs, a screen with bottom tabs, a screen with pagination, or the like.
  • FIGS. 15A and 15B illustrate user interface 1500 that provides a developer with a set of screen types 1510 that define the first screen of the new mobile application.
  • FIG. 15A illustrates a default selection of a first screen as a simple screen type.
  • FIG. 15B illustrates that a developer has selected a screen with top tabs.
  • the application definition wizard can prompt or otherwise guide a developer to specify details of the first screen of the mobile application.
  • a developer can be presented with a set of user interface elements specific to the type of screen selected previously.
  • FIGS. 16A and 16B illustrate user interface 1600 that provides a developer with a set of user interface elements 1610 specific to the type of screen selected previously.
  • FIG. 16A illustrates that based on the selection of the screen with top tabs, a developer is presented with user interface elements 1610 to define the title of the screen and the names or labels of any tabs.
  • FIG. 16B illustrates that the developer has populated user interface elements 1610 with desired information.
  • the application definition wizard can prompt or otherwise guide a developer to specify a design of the first screen of the mobile application.
  • a developer can be presented with a set of screen designs specific to the type of screen selected previously.
  • designs can include a blank design having no screen items, a list-based design where screen items are arranged according to a predefined list layout, a gallery-based design where items are arranged according to a predefined gallery layout, a map-based design where screen items are arranged on a predefined map, or the like.
  • FIGS. 17A and 17B illustrate user interface 1700 that provides a developer with a set of designs 1710 specific to the type of screen selected previously.
  • FIG. 17A illustrates a default design of the top tab first screen as one having no additional elements (e.g., a blank canvas to be populated later by the developer).
  • FIG. 17B illustrates that a developer has selected a list- based design.
  • the application definition wizard can prompt or otherwise guide a developer to finalize details of the new application.
  • FIG. 18 illustrates user interface 1800 that provides a developer with one or more options for finalizing details of the new application.
  • the developer may be presented with a QR code that installs a test application on the developer's device. This test application is different the newly created application, but can be updated with the application information in order to test the application on the developer's device.
  • FIG. 19 is an illustration of user interface 1900 providing a catalog of usable components in one embodiment.
  • a developer can add components to a screen using one or more gestures in one embodiment. For example, a developer can add a component from the catalog using a drag and drop gesture.
  • FIG. 20 is an illustration of user interface 2000 where a developer can add components to a screen using one or more gestures in one embodiment.
  • FIG. 21 is an illustration of user interface 2100 after a developer has added a map component to a screen in one embodiment. In this example, guided customizer 2110 can be opened that allows the developer to configure the added component.
  • FIG. 22 is an illustration of user interface 2200 providing a catalog of services in one embodiment.
  • FIG. 23 is an illustration of user interface 2200 where a developer can add create a UI module based on a selected business object in one embodiment. For example, a developer can add a Workers Service business object and create a Worker UI module.
  • FIG. 24 is an illustration of user interface 2200 after a developer has added a UI module in one embodiment. As discussed above, the developer can specify a template for one or more screens of pages of the UI module. Each template can drive what attributes of the selected business object are available for binding to elements of the user interface. In this example, guided customizer 2410 can be opened that allows the developer to select a template.
  • FIG. 25 is a flow diagram of method 2500 for databinding user interfaces of mobile applications in accordance with embodiments of the present invention.
  • the functionality of the flow diagram of FIG. 25 is implemented by software stored in memory or other computer readable or tangible medium, and executed by a processor.
  • the functionality may be performed by hardware (e.g., through the use of an application specific integrated circuit ("ASIC"), a programmable gate array (“PGA”), a field programmable gate array (“FPGA”), etc.), or any combination of hardware and software.
  • ASIC application specific integrated circuit
  • PGA programmable gate array
  • FPGA field programmable gate array
  • a first gesture is received binding a data source to a user interface of a mobile application.
  • the first gesture can be a user interface event, such as a swipe, click, etc.
  • the data source can be selected from a service catalog.
  • mobile applications can have screens of UI components whose data are bound to backend services (usually over HTTP and served by backend/middleware servers). In order to build these applications, users need to bind these individual components to specific parts of that data.
  • application composer module 860 provides a web-based mobile application development tool where each UI component advertises which sections of the UI can be independently databound to individual properties coming from data of backend services.
  • a high fidelity UI preview of a mobile application running as it would on a device is rendered. If the components in this preview have been previously bound, the preview will contain either real or mock data and appear as if running on the device.
  • a special databinding mode is entered.
  • the UI preview of the mobile application switches from a high fidelity preview to its databinding mode.
  • the sections of the UI that can be databound now transforms to show relevant text describing the function of that particular section. For example, assume a UI component will show a user picture. This UI has a photo of the user as well as the user's first name underneath the photo.
  • the preview of the application will show either a representative (mock) or real photo as well as either a mock or real first name underneath it.
  • step 2520 a set of data points available at the data source.
  • step 2530 a set of data bindable areas of the user interface is determined based on information provided by the user interface. For example, when enter the databinding mode, a user can be presented by slots to aid them. Previous approaches would present to the user wizards or generic forms to databind a component. Not only does this not provide any visual preview, but it requires the user to know the intricate details of how that component works and how it is technically bound to the data.
  • a second gesture is received linking a data point available at the data source to a data bindable area of the user interface.
  • each UI component is to present a standard list of slots that can be found. When the user adds data to these slots, it is the responsibility of the UI component to determine the intent and semantics of that data, and appropriately configure itself to be bound to that pieces of data.
  • each UI component tooling provides the following.
  • a list of databindable areas in the component Programmatic APIs for each of these areas (since they can differ) that can respond to data. Be able to configure visual preview for each of these databinding areas.
  • a predetermined expression of the data bindable area is modified with a reference to the data point available at the data source.
  • each UI template starts off with some expression language that binds the UI component to some preset "start" data or mock data.
  • start data or mock data.
  • the common interface will show the various databinding slots to the user as well as to tell the UI component to configure itself for databinding preview (it can do this by changing what the expression language points to from mock data to text that corresponds to the slots).
  • the user drags over data to each slot the UI component is informed and must highlight the portion of it's structure that is related to that particular slot.
  • the UI component When the data is dropped, the UI component is given information about the context of that data (what API it came from, what property it was, where it is in the result set, and what type of data it is). The UI component is then responsible for configuring itself programmatically in response that particular data.
  • the UI component is now responsible for fetching mock or real data from the services it is bound to produce the high fidelity preview.
  • FIG. 26 is an illustration of user interface 2600 after performing databinding in one embodiment. Accordingly, a developer can be presented with a list of attributes of the selected business object and, using one or more gestures, bind the attributes to user interface elements.
  • FIG. 27 is an illustration of user interface 2700 for configuring a mobile application for deployment in one embodiment.
  • a developer can select one or more mobile operating systems to which the mobile application may be deployed.
  • FIG. 28 is an illustration of user interface 2700 after a mobile application is available for deployment in one embodiment.
  • deployment dialog 2810 provides a set of deployment options. In various embodiments, selection of a deployment option cause a QR code to be generated allowing a target device to receive and install the mobile application in its native format.
  • FIG. 29 is an illustration of user interface 2900 after a mobile application is available for deployment in one embodiment.
  • dialog 2910 includes a QR code generated to trigger installation of the mobile application in its native format on various devices.
  • FIG. 30 is an illustration of user interface 3000 depicting the newly deployed mobile application in a developers workspace in one embodiment. In this example, dialog 3010 allows the developer to perform one or more actions with respect to the application project
  • FIG. 31 depicts a simplified diagram of distributed system 3100 for implementing one of the embodiments.
  • distributed system 3100 includes one or more client computing devices 3102, 3104, 3106, and 3108, which are configured to execute and operate a client application such as a web browser, proprietary client (e.g., Oracle Forms), or the like over one or more network(s) 3110.
  • Server 3112 may be communicatively coupled with remote client computing devices 3102, 3104, 3106, and 3108 via network 3110.
  • server 3112 may be adapted to run one or more services or software applications provided by one or more of the components of the system.
  • these services may be offered as web-based or cloud services or under a Software as a Service (SaaS) model or a Platform as a Serves (PaaS) model to the users of client computing devices 3102, 3104, 3106, and/or 3108.
  • SaaS Software as a Service
  • PaaS Platform as a Serves
  • Users operating client computing devices 3102, 3104, 3106, and/or 3108 may in turn utilize one or more client applications to interact with server 3112 to utilize the services provided by these components.
  • one or more of the components of system 3100 and/or the services provided by these components may also be implemented by one or more of the client computing devices 3102, 3104, 3106, and/or 3108. Users operating the client computing devices may then utilize one or more client applications to use the services provided by these components.
  • These components may be implemented in hardware, firmware, software, or combinations thereof. It should be appreciated that various different system configurations are possible, which may be different from distributed system 3100. The embodiment shown in the figure is thus one example of a distributed system for implementing an embodiment system and is not intended to be limiting.
  • Client computing devices 3102, 3104, 3106, and/or 3108 may be portable handheld devices (e.g., an iPhone®, cellular telephone, an iPad®, computing tablet, a personal digital assistant (PDA)) or wearable devices (e.g., a Google Glass® head mounted display), running software such as Microsoft Windows Mobile®, and/or a variety of mobile operating systems such as iOS, Windows Phone, Android, BlackBerry 29, Palm OS, and the like, and being Internet, e-mail, short message service (SMS), Blackberry®, or other communication protocol enabled.
  • portable handheld devices e.g., an iPhone®, cellular telephone, an iPad®, computing tablet, a personal digital assistant (PDA)
  • PDA personal digital assistant
  • wearable devices e.g., a Google Glass® head mounted display
  • running software such as Microsoft Windows Mobile®
  • mobile operating systems such as iOS, Windows Phone, Android, BlackBerry 29, Palm OS, and the like
  • Internet e-mail, short message service (SMS), Blackberry®, or other communication protocol enabled.
  • Client computing devices 3102, 3104, 3106, and/or 3108 can be general purpose personal computers including, by way of example, personal computers and/or laptop computers running various versions of Microsoft Windows®, Apple Macintosh®, and/or Linux operating systems.
  • Client computing devices 3102, 3104, 3106, and/or 3108 can be workstation computers running any of a variety of commercially-available UNIX® or UNIX- like operating systems, including without limitation the variety of GNU/Linux operating systems, such as for example, Google Chrome OS.
  • client computing devices 3102, 3104, 3106, and 3108 may be any other electronic device, such as a thin-client computer, an Internet-enabled gaming system (e.g., a Microsoft Xbox gaming console with or without a Kinect® gesture input device), and/or a personal messaging device, capable of communicating over network(s) 3110.
  • a thin-client computer such as a Microsoft Xbox gaming console with or without a Kinect® gesture input device
  • a personal messaging device capable of communicating over network(s) 3110.
  • exemplary distributed system 3100 is shown with four client computing devices, any number of client computing devices may be supported. Other devices, such as devices with sensors, etc., may interact with server 3112.
  • Network(s) 3110 in distributed system 3100 may be any type of network familiar to those skilled in the art that can support data communications using any of a variety of commercially-available protocols, including without limitation TCP/IP (transmission control protocol/Internet protocol), SNA (systems network architecture), IPX (Internet packet exchange), AppleTalk, and the like.
  • network(s) 3110 can be a local area network (LAN), such as one based on Ethernet, Token-Ring and/or the like.
  • Network(s) 3110 can be a wide-area network and the Internet. It can include a virtual network, including without limitation a virtual private network (VPN), an intranet, an extranet, a public switched telephone network (PSTN), an infra-red network, a wireless network (e.g., a network operating under any of the Institute of Electrical and Electronics
  • Server 3112 may be composed of one or more general purpose computers, specialized server computers (including, by way of example, PC (personal computer) servers, UNIX® servers, mid-range servers, mainframe computers, rack-mounted servers, etc.), server farms, server clusters, or any other appropriate arrangement and/or combination.
  • server 3112 may be adapted to run one or more services or software applications described in the foregoing disclosure.
  • server 3112 may correspond to a server for performing processing described above according to an embodiment of the present disclosure.
  • Server 3112 may run an operating system including any of those discussed above, as well as any commercially available server operating system. Server 3112 may also run any of a variety of additional server applications and/or mid-tier applications, including HTTP (hypertext transport protocol) servers, FTP (file transfer protocol) servers, CGI (common gateway interface) servers, JAVA® servers, database servers, and the like.
  • HTTP hypertext transport protocol
  • FTP file transfer protocol
  • CGI common gateway interface
  • Exemplary database servers include without limitation those commercially available from Oracle, Microsoft, Sybase, IBM (International Business Machines), and the like.
  • server 3112 may include one or more applications to analyze and consolidate data feeds and/or event updates received from users of client computing devices 3102, 3104, 3106, and 3108.
  • data feeds and/or event updates may include, but are not limited to, Twitter® feeds, Facebook® updates or real-time updates received from one or more third party information sources and continuous data streams, which may include real-time events related to sensor data applications, financial tickers, network performance measuring tools (e.g., network monitoring and traffic management applications), clickstream analysis tools, automobile traffic monitoring, and the like.
  • Server 3112 may also include one or more applications to display the data feeds and/or real-time events via one or more display devices of client computing devices 3102, 3104, 3106, and 3108.
  • Distributed system 3100 may also include one or more databases 3114 and 3116.
  • Databases 3114 and 3116 may reside in a variety of locations.
  • one or more of databases 3114 and 3116 may reside on a non-transitory storage medium local to (and/or resident in) server 3112.
  • databases 3114 and 3116 may be remote from server 3112 and in communication with server 3112 via a network-based or dedicated connection.
  • databases 3114 and 3116 may reside in a storage- area network (SAN).
  • SAN storage- area network
  • any necessary files for performing the functions attributed to server 3112 may be stored locally on server 3112 and/or remotely, as appropriate.
  • databases 3114 and 3116 may include relational databases, such as databases provided by Oracle, that are adapted to store, update, and retrieve data in response to SQL-formatted commands.
  • FIG. 32 illustrates an exemplary computer system 3200, in which various embodiments of the present invention may be implemented.
  • the system 3200 may be used to implement any of the computer systems described above.
  • computer system 3200 includes bus subsystem 3202 and processing unit 3204 that communicates with a number of peripheral subsystems via bus subsystem 3202. These peripheral subsystems may include processing acceleration unit 3206, I/O subsystem 3208, storage subsystem 3218, and communications subsystem 3224.
  • Storage subsystem 3218 includes tangible computer- readable storage media 3222 and a system memory 3210.
  • Bus subsystem 3202 provides a mechanism for letting the various components and subsystems of computer system 3200 communicate with each other as intended. Although bus subsystem 3202 is shown schematically as a single bus, alternative embodiments of the bus subsystem may utilize multiple buses. Bus subsystem 3202 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. For example, such architectures may include an Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus,
  • EISA Enhanced ISA
  • VESA Video Electronics Standards Association
  • PCI Peripheral Component Interconnect
  • Processing unit 3204 which can be implemented as one or more integrated circuits (e.g., a conventional microprocessor or microcontroller), controls the operation of computer system 3200.
  • processors may be included in processing unit 3204. These processors may include single core or multicore processors.
  • processing unit 3204 may be implemented as one or more independent processing units 3232 and/or 3234 with single or multicore processors included in each processing unit.
  • processing unit 3204 may also be implemented as a quad-core processing unit formed by integrating two dual-core processors into a single chip.
  • processing unit 3204 can execute a variety of programs in response to program code and can maintain multiple concurrently executing programs or processes.
  • Computer system 3200 may additionally include a processing acceleration unit 3206, which can include a digital signal processor (DSP), a special-purpose processor, and/or the like.
  • DSP digital signal processor
  • I/O subsystem 3208 may include user interface input devices and user interface output devices.
  • User interface input devices may include a keyboard, pointing devices such as a mouse or trackball, a touchpad or touch screen incorporated into a display, a scroll wheel, a click wheel, a dial, a button, a switch, a keypad, audio input devices with voice command recognition systems, microphones, and other types of input devices.
  • User interface input devices may include, for example, motion sensing and/or gesture recognition devices such as the Microsoft Kinect® motion sensor that enables users to control and interact with an input device, such as the Microsoft Xbox® 360 game controller, through a natural user interface using gestures and spoken commands.
  • User interface input devices may also include eye gesture recognition devices such as the Google Glass® blink detector that detects eye activity (e.g., 'blinking' while taking pictures and/or making a menu selection) from users and transforms the eye gestures as input into an input device (e.g., Google Glass®). Additionally, user interface input devices may include voice recognition sensing devices that enable users to interact with voice recognition systems (e.g., Siri® navigator), through voice commands.
  • eye gesture recognition devices such as the Google Glass® blink detector that detects eye activity (e.g., 'blinking' while taking pictures and/or making a menu selection) from users and transforms the eye gestures as input into an input device (e.g., Google Glass®).
  • user interface input devices may include voice recognition sensing devices that enable users to interact with voice recognition systems (e.g., Siri® navigator), through voice commands.
  • voice recognition systems e.g., Siri® navigator
  • User interface input devices may also include, without limitation, three dimensional (3D) mice, joysticks or pointing sticks, gamepads and graphic tablets, and audio/visual devices such as speakers, digital cameras, digital camcorders, portable media players, webcams, image scanners, fingerprint scanners, barcode reader 3D scanners, 3D printers, laser rangefmders, and eye gaze tracking devices.
  • user interface input devices may include, for example, medical imaging input devices such as computed tomography, magnetic resonance imaging, position emission tomography, medical ultrasonography devices.
  • User interface input devices may also include, for example, audio input devices such as MIDI keyboards, digital musical instruments and the like.
  • User interface output devices may include a display subsystem, indicator lights, or non-visual displays such as audio output devices, etc.
  • the display subsystem may be a cathode ray tube (CRT), a flat-panel device, such as that using a liquid crystal display (LCD) or plasma display, a projection device, a touch screen, and the like.
  • CTR cathode ray tube
  • LCD liquid crystal display
  • plasma display a projection device
  • touch screen a touch screen
  • output device is intended to include all possible types of devices and mechanisms for outputting information from computer system 3200 to a user or other computer.
  • user interface output devices may include, without limitation, a variety of display devices that visually convey text, graphics and audio/video information such as monitors, printers, speakers, headphones, automotive navigation systems, plotters, voice output devices, and modems.
  • Computer system 3200 may comprise a storage subsystem 3218 that comprises software elements, shown as being currently located within a system memory 3210.
  • System memory 3210 may store program instructions that are loadable and executable on processing unit 3204, as well as data generated during the execution of these programs.
  • system memory 3210 may be volatile (such as random access memory (RAM)) and/or non- volatile (such as read-only memory (ROM), flash memory, etc.)
  • RAM random access memory
  • ROM read-only memory
  • flash memory etc.
  • the RAM typically contains data and/or program modules that are immediately accessible to and/or presently being operated and executed by processing unit 3204.
  • system memory 3210 may include multiple different types of memory, such as static random access memory (SRAM) or dynamic random access memory (DRAM).
  • SRAM static random access memory
  • DRAM dynamic random access memory
  • a basic input/output system containing the basic routines that help to transfer information between elements within computer system 3200, such as during start-up, may typically be stored in the ROM.
  • system memory 3210 also illustrates application programs 3212, which may include client applications, Web browsers, mid-tier applications, relational database management systems (RDBMS), etc., program data 3214, and an operating system 3216.
  • operating system 3216 may include various versions of Microsoft Windows®, Apple Macintosh®, and/or Linux operating systems, a variety of commercially-available UNIX® or UNIX-like operating systems (including without limitation the variety of GNU/Linux operating systems, the Google
  • Storage subsystem 3218 may also provide a tangible computer-readable storage medium for storing the basic programming and data constructs that provide the functionality of some embodiments.
  • Software programs, code modules, instructions that when executed by a processor provide the functionality described above may be stored in storage subsystem 3218. These software modules or instructions may be executed by processing unit 3204.
  • Storage subsystem 3218 may also provide a repository for storing data used in accordance with the present invention.
  • Storage subsystem 3200 may also include a computer-readable storage media reader 3220 that can further be connected to computer-readable storage media 3222. Together and, optionally, in combination with system memory 3210, computer-readable storage media 3222 may comprehensively represent remote, local, fixed, and/or removable storage devices plus storage media for temporarily and/or more permanently containing, storing, transmitting, and retrieving computer-readable information.
  • Computer-readable storage media 3222 containing code, or portions of code can also include any appropriate media known or used in the art, including storage media and communication media, such as but not limited to, volatile and non-volatile, removable and non-removable media implemented in any method or technology for storage and/or transmission of information.
  • This can include tangible computer-readable storage media such as RAM, ROM, electronically erasable programmable ROM (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disk (DVD), or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or other tangible computer readable media.
  • This can also include nontangible computer- readable media, such as data signals, data transmissions, or any other medium which can be used to transmit the desired information and which can be accessed by computing system 3200.
  • computer-readable storage media 3222 may include a hard disk drive that reads from or writes to non-removable, nonvolatile magnetic media, a magnetic disk drive that reads from or writes to a removable, nonvolatile magnetic disk, and an optical disk drive that reads from or writes to a removable, nonvolatile optical disk such as a CD ROM, DVD, and Blu-Ray® disk, or other optical media.
  • Computer-readable storage media 3222 may include, but is not limited to, Zip® drives, flash memory cards, universal serial bus (USB) flash drives, secure digital (SD) cards, DVD disks, digital video tape, and the like.
  • Computer-readable storage media 3222 may also include, solid-state drives (SSD) based on non-volatile memory such as flash-memory based SSDs, enterprise flash drives, solid state ROM, and the like, SSDs based on volatile memory such as solid state RAM, dynamic RAM, static RAM, DRAM-based SSDs, magnetoresistive RAM (MRAM) SSDs, and hybrid SSDs that use a combination of DRAM and flash memory based SSDs.
  • SSD solid-state drives
  • volatile memory such as solid state RAM, dynamic RAM, static RAM, DRAM-based SSDs, magnetoresistive RAM (MRAM) SSDs, and hybrid SSDs that use a combination of DRAM and flash memory based SSDs.
  • MRAM magnetoresistive RAM
  • hybrid SSDs that use a combination of DRAM and flash memory based SSDs.
  • the disk drives and their associated computer-readable media may provide non-volatile storage of computer-readable instructions, data structures, program modules, and other data for computer system 3200.
  • Communications subsystem 3224 provides an interface to other computer systems and networks. Communications subsystem 3224 serves as an interface for receiving data from and transmitting data to other systems from computer system 3200. For example, communications subsystem 3224 may enable computer system 3200 to connect to one or more devices via the Internet.
  • communications subsystem 3224 can include radio frequency (RF) transceiver components for accessing wireless voice and/or data networks (e.g., using cellular telephone technology, advanced data network technology, such as 3G, 4G or EDGE (enhanced data rates for global evolution), WiFi (IEEE 802.11 family standards, or other mobile communication technologies, or any combination thereof), global positioning system (GPS) receiver components, and/or other components.
  • RF radio frequency
  • communications subsystem 3224 can provide wired network connectivity (e.g., Ethernet) in addition to or instead of a wireless interface.
  • communications subsystem 3224 may also receive input communication in the form of structured and/or unstructured data feeds 3226, event streams 3228, event updates 3230, and the like on behalf of one or more users who may use computer system 3200.
  • communications subsystem 3224 may be configured to receive data feeds 3226 in real-time from users of social networks and/or other communication services such as Twitter® feeds, Facebook® updates, web feeds such as Rich Site Summary (RSS) feeds, and/or real-time updates from one or more third party information sources.
  • RSS Rich Site Summary
  • communications subsystem 3224 may also be configured to receive data in the form of continuous data streams, which may include event streams 3228 of real- time events and/or event updates 3230, that may be continuous or unbounded in nature with no explicit end.
  • continuous data streams may include, for example, sensor data applications, financial tickers, network performance measuring tools (e.g. network monitoring and traffic management applications), clickstream analysis tools, automobile traffic monitoring, and the like.
  • Communications subsystem 3224 may also be configured to output the structured and/or unstructured data feeds 3226, event streams 3228, event updates 3230, and the like to one or more databases that may be in communication with one or more streaming data source computers coupled to computer system 3200.
  • Computer system 3200 can be one of various types, including a handheld portable device (e.g., an iPhone® cellular phone, an iPad® computing tablet, a PDA), a wearable device (e.g., a Google Glass® head mounted display), a PC, a workstation, a mainframe, a kiosk, a server rack, or any other data processing system.
  • a handheld portable device e.g., an iPhone® cellular phone, an iPad® computing tablet, a PDA
  • a wearable device e.g., a Google Glass® head mounted display
  • PC personal computer
  • workstation e.g., a workstation
  • mainframe e.g., a mainframe
  • kiosk e.g., a server rack
  • server rack e.g., a server rack, or any other data processing system.
  • Various embodiments of any of one or more inventions whose teachings may be presented within this disclosure can be implemented in the form of logic in software, firmware, hardware, or a combination thereof.
  • the logic may be stored in or on a machine- accessible memory, a machine -readable article, a tangible computer-readable medium, a computer-readable storage medium, or other computer/machine-readable media as a set of instructions adapted to direct a central processing unit (CPU or processor) of a logic machine to perform a set of steps that may be disclosed in various embodiments of an invention presented within this disclosure.
  • the logic may form part of a software program or computer program product as code modules become operational with a processor of a computer system or an information-processing device when executed to perform a method or process in various embodiments of an invention presented within this disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Stored Programmes (AREA)

Abstract

La présente invention concerne des systèmes et des procédés pour permettre à des utilisateurs finaux de lier des données d'éléments fonctionnels de manière intuitive à des services principaux au moyen de capacités de suggestion visuelles. Chaque élément d'UI peut annoncer quelles sections de l'UI peuvent être indépendamment liées par leurs données à des propriétés individuelles provenant de données de services principaux. Lorsque l'utilisateur souhaite lier les données d'un élément d'UI, les sections de l'UI qui peuvent être liées par leurs données se transforment désormais pour montrer un texte pertinent décrivant la fonction de cette section particulière. L'utilisateur peut être présenté avec une interface de liaison de données correspondant à tous les éléments de données possibles auquel l'utilisateur peut se lier ainsi que des intervalles visuels qui s'appliquent aux intervalles dans l'aperçu visuel. Pour lier des données d'un composant, un utilisateur peut glisser-déposer l'élément de données spécifique depuis la liste disponible, et le déposer dans l'intervalle où ils désirent que les données s'appliquent.
PCT/US2015/052637 2014-09-26 2015-09-28 Liaison de données efficace et intuitive pour des applications mobiles WO2016049626A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201580049259.8A CN107408042B (zh) 2014-09-26 2015-09-28 用于移动应用的高效和直观的数据绑定
EP15782130.7A EP3198416B1 (fr) 2014-09-26 2015-09-28 Liaison de données efficace et intuitive pour des applications mobiles
JP2017516340A JP6661620B2 (ja) 2014-09-26 2015-09-28 モバイルアプリケーションのための効率的および直観的なデータ・バインディング

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201462055988P 2014-09-26 2014-09-26
US62/055,988 2014-09-26
US14/865,542 US9830237B2 (en) 2015-09-25 2015-09-25 Resynchronization with compliance data preservation
US14/865,542 2015-09-25

Publications (1)

Publication Number Publication Date
WO2016049626A1 true WO2016049626A1 (fr) 2016-03-31

Family

ID=54337362

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/052637 WO2016049626A1 (fr) 2014-09-26 2015-09-28 Liaison de données efficace et intuitive pour des applications mobiles

Country Status (1)

Country Link
WO (1) WO2016049626A1 (fr)

Cited By (65)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9826045B2 (en) 2014-09-26 2017-11-21 Oracle International Corporation Efficient means to test server generated applications on mobile device
US9851968B2 (en) 2014-09-26 2017-12-26 Oracle International Corporation High performant iOS template based application build system
US9858174B2 (en) 2014-09-26 2018-01-02 Oracle International Corporation Updatable native mobile application for testing new features
US10013668B2 (en) 2015-08-14 2018-07-03 Oracle International Corporation Secure storage of enterprise certificates for cloud services
US10073679B2 (en) 2014-09-26 2018-09-11 Oracle International Corporation Efficient and intuitive databinding for mobile applications
CN109240688A (zh) * 2018-08-13 2019-01-18 重庆金融资产交易所有限责任公司 界面开发方法、电子装置及可读存储介质
US10255061B2 (en) 2016-08-05 2019-04-09 Oracle International Corporation Zero down time upgrade for a multi-tenant identity and data security management cloud service
US10261836B2 (en) 2017-03-21 2019-04-16 Oracle International Corporation Dynamic dispatching of workloads spanning heterogeneous services
US10263947B2 (en) 2016-08-05 2019-04-16 Oracle International Corporation LDAP to SCIM proxy service
US10290133B2 (en) 2014-09-26 2019-05-14 Oracle International Corporation High fidelity interactive screenshots for mobile applications
US10341354B2 (en) 2016-09-16 2019-07-02 Oracle International Corporation Distributed high availability agent architecture
US10341410B2 (en) 2016-05-11 2019-07-02 Oracle International Corporation Security tokens for a multi-tenant identity and data security management cloud service
US10348858B2 (en) 2017-09-15 2019-07-09 Oracle International Corporation Dynamic message queues for a microservice based cloud service
US10419514B2 (en) 2015-08-14 2019-09-17 Oracle International Corporation Discovery of federated logins
US10425386B2 (en) 2016-05-11 2019-09-24 Oracle International Corporation Policy enforcement point for a multi-tenant identity and data security management cloud service
US10445395B2 (en) 2016-09-16 2019-10-15 Oracle International Corporation Cookie based state propagation for a multi-tenant identity cloud service
US10452497B2 (en) 2015-08-14 2019-10-22 Oracle International Corporation Restoration of UI state in transactional systems
US10454940B2 (en) 2016-05-11 2019-10-22 Oracle International Corporation Identity cloud service authorization model
US10454915B2 (en) 2017-05-18 2019-10-22 Oracle International Corporation User authentication using kerberos with identity cloud service
US10484243B2 (en) 2016-09-16 2019-11-19 Oracle International Corporation Application management for a multi-tenant identity cloud service
US10484382B2 (en) 2016-08-31 2019-11-19 Oracle International Corporation Data management for a multi-tenant identity cloud service
US10505941B2 (en) 2016-08-05 2019-12-10 Oracle International Corporation Virtual directory system for LDAP to SCIM proxy service
US10511589B2 (en) 2016-09-14 2019-12-17 Oracle International Corporation Single logout functionality for a multi-tenant identity and data security management cloud service
US10516672B2 (en) 2016-08-05 2019-12-24 Oracle International Corporation Service discovery for a multi-tenant identity and data security management cloud service
US10530578B2 (en) 2016-08-05 2020-01-07 Oracle International Corporation Key store service
US10567364B2 (en) 2016-09-16 2020-02-18 Oracle International Corporation Preserving LDAP hierarchy in a SCIM directory using special marker groups
US10582012B2 (en) 2015-10-16 2020-03-03 Oracle International Corporation Adaptive data transfer optimization
US10582001B2 (en) 2015-08-11 2020-03-03 Oracle International Corporation Asynchronous pre-caching of synchronously loaded resources
US10581820B2 (en) 2016-05-11 2020-03-03 Oracle International Corporation Key generation and rollover
US10585682B2 (en) 2016-08-05 2020-03-10 Oracle International Corporation Tenant self-service troubleshooting for a multi-tenant identity and data security management cloud service
US10594684B2 (en) 2016-09-14 2020-03-17 Oracle International Corporation Generating derived credentials for a multi-tenant identity cloud service
US10616224B2 (en) 2016-09-16 2020-04-07 Oracle International Corporation Tenant and service management for a multi-tenant identity and data security management cloud service
CN111159585A (zh) * 2018-11-07 2020-05-15 中国移动通信集团重庆有限公司 自动提交数据的方法、装置、设备及介质
US10693861B2 (en) 2016-05-11 2020-06-23 Oracle International Corporation Task segregation in a multi-tenant identity and data security management cloud service
US10705823B2 (en) 2017-09-29 2020-07-07 Oracle International Corporation Application templates and upgrade framework for a multi-tenant identity cloud service
US10715564B2 (en) 2018-01-29 2020-07-14 Oracle International Corporation Dynamic client registration for an identity cloud service
US10735394B2 (en) 2016-08-05 2020-08-04 Oracle International Corporation Caching framework for a multi-tenant identity and data security management cloud service
US10764273B2 (en) 2018-06-28 2020-09-01 Oracle International Corporation Session synchronization across multiple devices in an identity cloud service
US10791087B2 (en) 2016-09-16 2020-09-29 Oracle International Corporation SCIM to LDAP mapping using subtype attributes
US10798165B2 (en) 2018-04-02 2020-10-06 Oracle International Corporation Tenant data comparison for a multi-tenant identity cloud service
US10831789B2 (en) 2017-09-27 2020-11-10 Oracle International Corporation Reference attribute query processing for a multi-tenant cloud service
US10834137B2 (en) 2017-09-28 2020-11-10 Oracle International Corporation Rest-based declarative policy management
US10846390B2 (en) 2016-09-14 2020-11-24 Oracle International Corporation Single sign-on functionality for a multi-tenant identity and data security management cloud service
US10878079B2 (en) 2016-05-11 2020-12-29 Oracle International Corporation Identity cloud service authorization model with dynamic roles and scopes
US10904074B2 (en) 2016-09-17 2021-01-26 Oracle International Corporation Composite event handler for a multi-tenant identity cloud service
US10931656B2 (en) 2018-03-27 2021-02-23 Oracle International Corporation Cross-region trust for a multi-tenant identity cloud service
CN112396055A (zh) * 2020-11-30 2021-02-23 泰康保险集团股份有限公司 文本提取方法、装置、电子设备及存储介质
US11012444B2 (en) 2018-06-25 2021-05-18 Oracle International Corporation Declarative third party identity provider integration for a multi-tenant identity cloud service
US11061929B2 (en) 2019-02-08 2021-07-13 Oracle International Corporation Replication of resource type and schema metadata for a multi-tenant identity cloud service
US11102313B2 (en) 2015-08-10 2021-08-24 Oracle International Corporation Transactional autosave with local and remote lifecycles
CN113422706A (zh) * 2021-06-18 2021-09-21 上海怿星电子科技有限公司 检测网络协议栈一致性的方法及车辆
CN113568637A (zh) * 2021-07-14 2021-10-29 武汉天喻信息产业股份有限公司 一种智能卡系统包更新管理方法及装置
US11165634B2 (en) 2018-04-02 2021-11-02 Oracle International Corporation Data replication conflict detection and resolution for a multi-tenant identity cloud service
US11258775B2 (en) 2018-04-04 2022-02-22 Oracle International Corporation Local write for a multi-tenant identity cloud service
US11271969B2 (en) 2017-09-28 2022-03-08 Oracle International Corporation Rest-based declarative policy management
US11321187B2 (en) 2018-10-19 2022-05-03 Oracle International Corporation Assured lazy rollback for a multi-tenant identity cloud service
US11321343B2 (en) 2019-02-19 2022-05-03 Oracle International Corporation Tenant replication bootstrap for a multi-tenant identity cloud service
EP3944070A4 (fr) * 2019-07-15 2022-06-22 Tencent Technology (Shenzhen) Company Limited Procédé et appareil de production de mini-programme, et terminal et support d'informations
US11423111B2 (en) 2019-02-25 2022-08-23 Oracle International Corporation Client API for rest based endpoints for a multi-tenant identify cloud service
US11611548B2 (en) 2019-11-22 2023-03-21 Oracle International Corporation Bulk multifactor authentication enrollment
US11651357B2 (en) 2019-02-01 2023-05-16 Oracle International Corporation Multifactor authentication without a user footprint
US11669321B2 (en) 2019-02-20 2023-06-06 Oracle International Corporation Automated database upgrade for a multi-tenant identity cloud service
US11687378B2 (en) 2019-09-13 2023-06-27 Oracle International Corporation Multi-tenant identity cloud service with on-premise authentication integration and bridge high availability
US11693835B2 (en) 2018-10-17 2023-07-04 Oracle International Corporation Dynamic database schema allocation on tenant onboarding for a multi-tenant identity cloud service
US11870770B2 (en) 2019-09-13 2024-01-09 Oracle International Corporation Multi-tenant identity cloud service with on-premise authentication integration

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050172261A1 (en) * 2004-01-30 2005-08-04 Yuknewicz Paul J. Architecture for creating a user interface using a data schema

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050172261A1 (en) * 2004-01-30 2005-08-04 Yuknewicz Paul J. Architecture for creating a user interface using a data schema

Cited By (86)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10290133B2 (en) 2014-09-26 2019-05-14 Oracle International Corporation High fidelity interactive screenshots for mobile applications
US9851968B2 (en) 2014-09-26 2017-12-26 Oracle International Corporation High performant iOS template based application build system
US9858174B2 (en) 2014-09-26 2018-01-02 Oracle International Corporation Updatable native mobile application for testing new features
US10073679B2 (en) 2014-09-26 2018-09-11 Oracle International Corporation Efficient and intuitive databinding for mobile applications
US11127178B2 (en) 2014-09-26 2021-09-21 Oracle International Corporation High fidelity interactive screenshots for mobile applications
US9826045B2 (en) 2014-09-26 2017-11-21 Oracle International Corporation Efficient means to test server generated applications on mobile device
US10841385B2 (en) 2014-09-26 2020-11-17 Oracle International Corporation Efficient means to test server generated applications on mobile device
US11102313B2 (en) 2015-08-10 2021-08-24 Oracle International Corporation Transactional autosave with local and remote lifecycles
US10582001B2 (en) 2015-08-11 2020-03-03 Oracle International Corporation Asynchronous pre-caching of synchronously loaded resources
US10013668B2 (en) 2015-08-14 2018-07-03 Oracle International Corporation Secure storage of enterprise certificates for cloud services
US10419514B2 (en) 2015-08-14 2019-09-17 Oracle International Corporation Discovery of federated logins
US10452497B2 (en) 2015-08-14 2019-10-22 Oracle International Corporation Restoration of UI state in transactional systems
US10582012B2 (en) 2015-10-16 2020-03-03 Oracle International Corporation Adaptive data transfer optimization
US10848543B2 (en) 2016-05-11 2020-11-24 Oracle International Corporation Security tokens for a multi-tenant identity and data security management cloud service
US10425386B2 (en) 2016-05-11 2019-09-24 Oracle International Corporation Policy enforcement point for a multi-tenant identity and data security management cloud service
US11088993B2 (en) 2016-05-11 2021-08-10 Oracle International Corporation Policy enforcement point for a multi-tenant identity and data security management cloud service
US10341410B2 (en) 2016-05-11 2019-07-02 Oracle International Corporation Security tokens for a multi-tenant identity and data security management cloud service
US10454940B2 (en) 2016-05-11 2019-10-22 Oracle International Corporation Identity cloud service authorization model
US10878079B2 (en) 2016-05-11 2020-12-29 Oracle International Corporation Identity cloud service authorization model with dynamic roles and scopes
US10581820B2 (en) 2016-05-11 2020-03-03 Oracle International Corporation Key generation and rollover
US10693861B2 (en) 2016-05-11 2020-06-23 Oracle International Corporation Task segregation in a multi-tenant identity and data security management cloud service
US10263947B2 (en) 2016-08-05 2019-04-16 Oracle International Corporation LDAP to SCIM proxy service
US10721237B2 (en) 2016-08-05 2020-07-21 Oracle International Corporation Hierarchical processing for a virtual directory system for LDAP to SCIM proxy service
US10516672B2 (en) 2016-08-05 2019-12-24 Oracle International Corporation Service discovery for a multi-tenant identity and data security management cloud service
US10530578B2 (en) 2016-08-05 2020-01-07 Oracle International Corporation Key store service
US10505941B2 (en) 2016-08-05 2019-12-10 Oracle International Corporation Virtual directory system for LDAP to SCIM proxy service
US10735394B2 (en) 2016-08-05 2020-08-04 Oracle International Corporation Caching framework for a multi-tenant identity and data security management cloud service
US10579367B2 (en) 2016-08-05 2020-03-03 Oracle International Corporation Zero down time upgrade for a multi-tenant identity and data security management cloud service
US11356454B2 (en) 2016-08-05 2022-06-07 Oracle International Corporation Service discovery for a multi-tenant identity and data security management cloud service
US10255061B2 (en) 2016-08-05 2019-04-09 Oracle International Corporation Zero down time upgrade for a multi-tenant identity and data security management cloud service
US10585682B2 (en) 2016-08-05 2020-03-10 Oracle International Corporation Tenant self-service troubleshooting for a multi-tenant identity and data security management cloud service
US11601411B2 (en) 2016-08-05 2023-03-07 Oracle International Corporation Caching framework for a multi-tenant identity and data security management cloud service
US11258797B2 (en) 2016-08-31 2022-02-22 Oracle International Corporation Data management for a multi-tenant identity cloud service
US10484382B2 (en) 2016-08-31 2019-11-19 Oracle International Corporation Data management for a multi-tenant identity cloud service
US10846390B2 (en) 2016-09-14 2020-11-24 Oracle International Corporation Single sign-on functionality for a multi-tenant identity and data security management cloud service
US10511589B2 (en) 2016-09-14 2019-12-17 Oracle International Corporation Single logout functionality for a multi-tenant identity and data security management cloud service
US10594684B2 (en) 2016-09-14 2020-03-17 Oracle International Corporation Generating derived credentials for a multi-tenant identity cloud service
US11258786B2 (en) 2016-09-14 2022-02-22 Oracle International Corporation Generating derived credentials for a multi-tenant identity cloud service
US11023555B2 (en) 2016-09-16 2021-06-01 Oracle International Corporation Cookie based state propagation for a multi-tenant identity cloud service
US10567364B2 (en) 2016-09-16 2020-02-18 Oracle International Corporation Preserving LDAP hierarchy in a SCIM directory using special marker groups
US10484243B2 (en) 2016-09-16 2019-11-19 Oracle International Corporation Application management for a multi-tenant identity cloud service
US10791087B2 (en) 2016-09-16 2020-09-29 Oracle International Corporation SCIM to LDAP mapping using subtype attributes
US10445395B2 (en) 2016-09-16 2019-10-15 Oracle International Corporation Cookie based state propagation for a multi-tenant identity cloud service
US10616224B2 (en) 2016-09-16 2020-04-07 Oracle International Corporation Tenant and service management for a multi-tenant identity and data security management cloud service
US10341354B2 (en) 2016-09-16 2019-07-02 Oracle International Corporation Distributed high availability agent architecture
US10904074B2 (en) 2016-09-17 2021-01-26 Oracle International Corporation Composite event handler for a multi-tenant identity cloud service
US10261836B2 (en) 2017-03-21 2019-04-16 Oracle International Corporation Dynamic dispatching of workloads spanning heterogeneous services
US10454915B2 (en) 2017-05-18 2019-10-22 Oracle International Corporation User authentication using kerberos with identity cloud service
US10348858B2 (en) 2017-09-15 2019-07-09 Oracle International Corporation Dynamic message queues for a microservice based cloud service
US11308132B2 (en) 2017-09-27 2022-04-19 Oracle International Corporation Reference attributes for related stored objects in a multi-tenant cloud service
US10831789B2 (en) 2017-09-27 2020-11-10 Oracle International Corporation Reference attribute query processing for a multi-tenant cloud service
US10834137B2 (en) 2017-09-28 2020-11-10 Oracle International Corporation Rest-based declarative policy management
US11271969B2 (en) 2017-09-28 2022-03-08 Oracle International Corporation Rest-based declarative policy management
US10705823B2 (en) 2017-09-29 2020-07-07 Oracle International Corporation Application templates and upgrade framework for a multi-tenant identity cloud service
US10715564B2 (en) 2018-01-29 2020-07-14 Oracle International Corporation Dynamic client registration for an identity cloud service
US11463488B2 (en) 2018-01-29 2022-10-04 Oracle International Corporation Dynamic client registration for an identity cloud service
US11528262B2 (en) 2018-03-27 2022-12-13 Oracle International Corporation Cross-region trust for a multi-tenant identity cloud service
US10931656B2 (en) 2018-03-27 2021-02-23 Oracle International Corporation Cross-region trust for a multi-tenant identity cloud service
US11652685B2 (en) 2018-04-02 2023-05-16 Oracle International Corporation Data replication conflict detection and resolution for a multi-tenant identity cloud service
US11165634B2 (en) 2018-04-02 2021-11-02 Oracle International Corporation Data replication conflict detection and resolution for a multi-tenant identity cloud service
US10798165B2 (en) 2018-04-02 2020-10-06 Oracle International Corporation Tenant data comparison for a multi-tenant identity cloud service
US11258775B2 (en) 2018-04-04 2022-02-22 Oracle International Corporation Local write for a multi-tenant identity cloud service
US11012444B2 (en) 2018-06-25 2021-05-18 Oracle International Corporation Declarative third party identity provider integration for a multi-tenant identity cloud service
US10764273B2 (en) 2018-06-28 2020-09-01 Oracle International Corporation Session synchronization across multiple devices in an identity cloud service
US11411944B2 (en) 2018-06-28 2022-08-09 Oracle International Corporation Session synchronization across multiple devices in an identity cloud service
CN109240688A (zh) * 2018-08-13 2019-01-18 重庆金融资产交易所有限责任公司 界面开发方法、电子装置及可读存储介质
US11693835B2 (en) 2018-10-17 2023-07-04 Oracle International Corporation Dynamic database schema allocation on tenant onboarding for a multi-tenant identity cloud service
US11321187B2 (en) 2018-10-19 2022-05-03 Oracle International Corporation Assured lazy rollback for a multi-tenant identity cloud service
CN111159585B (zh) * 2018-11-07 2023-09-22 中国移动通信集团重庆有限公司 自动提交数据的方法、装置、设备及介质
CN111159585A (zh) * 2018-11-07 2020-05-15 中国移动通信集团重庆有限公司 自动提交数据的方法、装置、设备及介质
US11651357B2 (en) 2019-02-01 2023-05-16 Oracle International Corporation Multifactor authentication without a user footprint
US11061929B2 (en) 2019-02-08 2021-07-13 Oracle International Corporation Replication of resource type and schema metadata for a multi-tenant identity cloud service
US11321343B2 (en) 2019-02-19 2022-05-03 Oracle International Corporation Tenant replication bootstrap for a multi-tenant identity cloud service
US11669321B2 (en) 2019-02-20 2023-06-06 Oracle International Corporation Automated database upgrade for a multi-tenant identity cloud service
US11423111B2 (en) 2019-02-25 2022-08-23 Oracle International Corporation Client API for rest based endpoints for a multi-tenant identify cloud service
US11645051B2 (en) 2019-07-15 2023-05-09 Tencent Technology (Shenzhen) Company Limited Mini program production method and apparatus, terminal, and storage medium
EP3944070A4 (fr) * 2019-07-15 2022-06-22 Tencent Technology (Shenzhen) Company Limited Procédé et appareil de production de mini-programme, et terminal et support d'informations
US11954464B2 (en) 2019-07-15 2024-04-09 Tencent Technology (Shenzhen) Company Limited Mini program production method and apparatus, terminal, and storage medium
US11687378B2 (en) 2019-09-13 2023-06-27 Oracle International Corporation Multi-tenant identity cloud service with on-premise authentication integration and bridge high availability
US11870770B2 (en) 2019-09-13 2024-01-09 Oracle International Corporation Multi-tenant identity cloud service with on-premise authentication integration
US11611548B2 (en) 2019-11-22 2023-03-21 Oracle International Corporation Bulk multifactor authentication enrollment
CN112396055A (zh) * 2020-11-30 2021-02-23 泰康保险集团股份有限公司 文本提取方法、装置、电子设备及存储介质
CN112396055B (zh) * 2020-11-30 2023-10-31 泰康保险集团股份有限公司 文本提取方法、装置、电子设备及存储介质
CN113422706A (zh) * 2021-06-18 2021-09-21 上海怿星电子科技有限公司 检测网络协议栈一致性的方法及车辆
CN113568637A (zh) * 2021-07-14 2021-10-29 武汉天喻信息产业股份有限公司 一种智能卡系统包更新管理方法及装置
CN113568637B (zh) * 2021-07-14 2024-05-03 武汉天喻信息产业股份有限公司 一种智能卡系统包更新管理方法及装置

Similar Documents

Publication Publication Date Title
US11127178B2 (en) High fidelity interactive screenshots for mobile applications
US10841385B2 (en) Efficient means to test server generated applications on mobile device
US10073679B2 (en) Efficient and intuitive databinding for mobile applications
US9851968B2 (en) High performant iOS template based application build system
US9858174B2 (en) Updatable native mobile application for testing new features
US10419514B2 (en) Discovery of federated logins
US10582001B2 (en) Asynchronous pre-caching of synchronously loaded resources
US9959100B2 (en) Efficient storage and transfer of iOS binary files
US10013668B2 (en) Secure storage of enterprise certificates for cloud services
US11102313B2 (en) Transactional autosave with local and remote lifecycles
EP3335128B1 (fr) Restauration d'état d'interface utilisateur (ui) dans des systèmes transactionnels
WO2016049626A1 (fr) Liaison de données efficace et intuitive pour des applications mobiles
US9851953B2 (en) Cloud based editor for generation of interpreted artifacts for mobile runtime
CA2931750C (fr) Environnement d'execution personnalise de services informatiques en nuage
US10586061B2 (en) Federated search
US10592684B2 (en) Automatic operation detection on protected field
US20170118268A1 (en) Self describing configuration
EP3365832B1 (fr) Configuration autodescriptive avec support pour partager des tables de données
JP7165715B2 (ja) 統合検索のためのサポートを伴う保護されたフィールド上の自動動作検出

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15782130

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2017516340

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2015782130

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2015782130

Country of ref document: EP