Tuesday, 30 September 2014

Secure Mobile Banking App with Windows Azure



One of my clients is based in Indonesia. The company had achieved dramatic success in the mobile field
Having built IT integration products for the business-to-business sector since 2006, a 70-strong developer team recently turned their attention to mobile apps developing a secure instant messaging service called EMASS (Encrypted Messaging and Secured Services). 
Their objective was to create a platform that enables customers or employees to use messaging for secure transactions. They planned to market EMASS to banks and phone companies, so their customers could make payments and buy top-ups using a single log-on from their cell phones.
To launch EMASS as a service, my client needed a cost-effective way to host the EMASS backend systems for each mobile app. They also expected that customers would want to use EMASS from overseas, but this presented a dilemma.

“Deploying EMASS on overseas servers would have been prohibitively expensive...” 
Hosted EMASS servers in Indonesia, the client would also  face speed and bandwidth issues.
They are after all a software-development company, not a service provider. They needed a partner (hence my role) to host EMASS for them, but their service had to be reliable, easy to work with and affordable. For financial institutions to trust them, it also had to be 100 percent secure.

The cloud solution

A cloud service that worked with EMASS was my brief and I was able to use a wide mix of technologies. These included Java and Linux for core server messaging, and C# for satellite modules attached to the core servers. On the client side, we used C#/XAML for the Windows Phone app, and C# for the iOS and Android apps, with the latest version of Xamarin on Visual Studio.
I evaluated several options, including a managed, on-premise deployment with data network firm, an infrastructure as a service (IaaS) solution from local cloud provider, Biznet Network; and two cloud platform services on Windows Azure.
The on-premise solution required a large capital investment, because the client would have to purchase and install servers. The IaaS option would also be costly, because staff would have to manage the operating system and scale the apps.

The solution

We had to deliver the easiest cloud platform to work with, Security and patching be already taken care of, so it is less labour-intensive. Although we used Linux and Java to create our payments messaging system, Azure can easily handle them because of its open architecture.
I also advised about deploying EMASS, which included migrating the backend database to MSSQL. With over 15 cloud apps running on 30 virtual machines on Windows Azure, the client began offering EMASS to banks. The service became an instant success after it was published to the cloud and tested.
With Windows Azure, I was able to provide the client with support of all open source technologies used in EMASS. Azure has proved secure and reliable, so financial institutions trust my client to create new services for their own customers.

The bottom line

Azure saved the client these capital and operational expenses, in return for a predictable and transparent monthly charge.
Minimal IT support required
The Windows Azure service also reduces costs, because it needs minimal IT support. With Azure, you can forget about managing a rack of servers, the network, security and patching.
Moreover, we can empower clients to easily manage scalability from their own PC. If they had hosted it themselves it would need at least five system administrators; with Windows Azure they only needed one.
Fast deployment times for mobile appsMy solution used the Mobile Push Service feature within Windows Azure Mobile Services to build the backend services for each app. 
With Azure Mobile Services, we can develop our mobile apps very fast. And it’s very easy to deploy on Windows Azure: the interface is very good, and the result is perfect. 

Last thoughts...

With Windows Azure, companies can turn its technology into a commercial service, while still focusing on software development. By using Azure, save on the infrastructure and management costs of deploying the software ourselves—that’s a huge strategic win.

Sunday, 28 September 2014

The Technical Interview


I was recently asked this questioned by a talented developer:
I've been a developer since 2007. I'm a solid developer with good experience. I've got a great opportunity for a new position coming up but I'm concerned about the tech interview. But I freeze like a deer in the headlights when asked to write code in front of people.
My resume is accurate and reflects my skills and experience. 
How do I prove I'm competent when I have this tendency to choke on tech questions when I'm put on the spot?
This is a great question. From my own perspective, and my early years specifically, I suffered from the same affliction. Back in those days it was the dreaded C++ test.
The best and most technical interview that I have ever had, one of my first infact, was far more searching and demanding than a set of examination questions. The very long interview wanted to establish how I thought and designed code - about for instance about memory runtime, funcs, strange pointer indirection etc. Very advanced topics. 

On reflection this is a far better approach to recruit talent. 
  
But returning the question, to level set, note that the individual was not concerned that they don't have the skill. Their skills ARE up to the task. It's a case of anxiety around the live aspect of the tech interview.

I would always start with honesty. Talk to the hiring manager or the HR person. Offer to show them lots of code, your repos, examples. Offer to share more code than you'd ordinarily need to, as a way of making it clear you have nothing to hide. Everyone has something, be it anxiety, issues with public speaking, etc. Trying to hide an issue can make it worse.

Perhaps you could do a coding test where you *walk them through existing code* and explain. Explain to them that you have anxiety about whiteboard coding, BUT you want to make sure they get an accurate picture about your skill.

Also, practice! Talk to a friend and have them interview you and and have you code live. Folks don't ordinarily code live with an audience, so it's understandable why you might freeze or not perform at your best. If you don't do something often (like code live in front of an audience) then, darn it, do it often! Practice. 

Understand also that the interview may also want to see how you react under pressure. Do you get visibly angry? Wilt? Fall back on first principles? Denigrate yourself? Apologize? These reactions can be as important as your actual code. Usually interviewers are looking for thoughtfulness, analysis, patience, calm, and humility.

Getting Started with Azure Java

Binary code

Beginning with the 0.5.0 release of the Microsoft Azure SDK for Java, Microsoft has added support for service management in the Java SDK. Service management is an area already rich in the Azure SDK for .NET and Azure SDK for Node.js but it was a new area for our Java SDK we were excited to release. Like the .NET and Node.js SDKs and the Storage team’s Java SDK, the Java SDK for service management is also open-source on GitHub. In this post, I’ll introduce you to the management libraries for Java and walk you through the process of getting an Eclipse project up and running that you can extend and use to create and manage your own Azure subscription and resources within it.

What are the Management Libraries for Java?

Simply put, these libraries provide your Java applications the ability to automate the setup, teardown, provisioning, and routine management tasks for Azure resources. Our team’s mantra is pretty simple; we want to enable a developer the ability to execute operations on their Azure subscriptions in their code that they’d otherwise have to do using the management portal. The libraries enable automation of Azure resources (and in fact, our libraries enable Microsoft's own PowerShell and XPlat CLI experiences today). You can use any of the libraries to do things like:
  • Create, delete, and update settings for resources like web sites, SQL databases, cloud services, scheduler job collections, virtual machines, and storage
  • Start and stop web sites
  • Back up databases to storage accounts
  • Automate the creation of virtual machines
The management libraries for Java are available on Maven, so they’re easily available in most modern Java development tools. This post will focus on developing using Eclipse.

Creating an Eclipse Maven Project

This area of the post will discuss this process assuming the audience has little or no experience using Eclipse to develop using Maven and the Azure libraries and will summarize at a very basic level how to get going from ground zero, so if you’re truly experienced in the arts of Java/Maven/Eclipse, some of this may seem like child’s play to you. I’m relatively new to Java, having been a long-time .NET developer, but my interest in extending the Azure SDK has given me the opportunity to get reacquainted with the language. To put it bluntly, I’m a great candidate for a getting started post in this area (the team’s sure to have a joke here).
I’ll create a new workspace to get started collecting these tutorials, so I’ll make a new folder here:
Selecting an Eclipse Workspace

Once your workspace has been created and have got the Eclipse IDE set up the way you want, create a new Maven project.

Creating a new Eclipse Maven project

Since we are actually creating an Eclipse Maven project here (you can create any type of project you want so long as you can pull in the Azure Maven packages) we need to provide some information about the app so that when its published to a repository the consumer will see what the package does. Provide some basic information here to flag this to consumers that this is demo code.

package-details

Now that you’ve got an Eclipse project set up with support for Maven packages, find the Azure packages and install them.

Installing the Management Libraries using Maven


Click the pom.xml file to see the list of packages the project has installed in it currently. There shouldn’t be any, as this is a new project. We need to add a Maven package to my project, so click the Add button here.
Now, searching for the Azure Maven packages results with success you can see the packages that we are after, so go ahead and select the base management package for now.
Selecting the Azure SDK management base client library
Now the base Azure management package is selected as a dependency.
The Azure management Maven package properly set up

Writing Java Code to Access the Azure APIs

Now that you've referenced the Azure SDK lets write some code. To start, add a new Java class file to your project.
Adding a Java class to an Eclipse project

Authenticating to the Azure API Using Certificates

The Java SDK makes it pretty simple to call out to the API. There are a few pieces of information you need to provide the API for it to work against your subscriptions. One of the attributes needed to provide the API is a management certificate. The CER file should already uploaded into your Azure subscription and retrievable from the Portal.

Calling the Azure API to Get a List of Regions

Next lets add some code to set the value of the subscriptionId field in our code and author some additional Java code that will actually make the API call to Azure to get the list of geographic regions. I’ll simply output the names of the regions to the console in the following code. This will demonstrate that I’ve successfully authenticated to the Azure Management API and done some work.
public class Program {
  static String uri = "https://management.core.windows.net/";
  static String subscriptionId = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX";
  static String keyStoreLocation = "c:\\certificates\\AzureJavaDemo.jks";
  static String keyStorePassword = "my-cert-password";

  public static void main(String[] args) throws IOException, URISyntaxException, ServiceException, ParserConfigurationException, SAXException {
    Configuration config = ManagementConfiguration.configure(
      new URI(uri), 
      subscriptionId,
      keyStoreLocation, // the file path to the JKS
      keyStorePassword, // the password for the JKS
      KeyStoreType.jks // flags that I'm using a JKS keystore
    );

    // create a management client to call the API
    ManagementClient client = ManagementService.create(config);

    // get the list of regions
    LocationsListResponse response = client.getLocationsOperations().list();
    ArrayList locations = response.getLocations();

    // write them out
    for( int i=0; i<locations.size(); i++){
      System.out.println(locations.get(i).getDisplayName());
    }
  }
}
When I debug the code in Eclipse I can see the expected output, confirming that everything’s in working order and functioning as desired. This proves that I was able to get my management certificate from my subscription successfully converted to JKS format, loaded it into my application’s runtime, and used the management libraries to call out to the API.

Summary and Next Steps

Hopefully this post demonstrates the ease of getting the Java SDK via Maven and of using it to authenticate up to Azure’s API and do some simple work. The SDK can do a lot more than just list regions – create cloud services you could then use the Eclipse Java Toolkit to deploy code to, virtual machines to use as developer workstations or self-maintained servers, Websites that can run your Java code, or storage accounts to house all your stuff. I’ll be investigating some of the options available in the Java SDK on the Azure blog in coming weeks so stay tuned – the 0.6.0. SDK release has a huge swath of new functionality useful for Azure service automation and provisioning.
Along with the Storage SDK for Java and a series of other SDKs available on the Azure home page, it’s easy to see that the opportunities for Java development in Azure are continuing to evolve.