Mobile Client Frame

- J.D. Meier, Alex Homer, Jason Taylor, Prashant Bansode, Lonnie Wall, Rob Boucher Jr, Akshay Bogawat

There are several common issues that you must consider as your develop your design. These issues can be categorized into specific areas of the design. The following table lists the common issues for each category where mistakes are most often made.

Category Key issues
Authentication and Authorization Failing to authenticate in occasionally connected scenarios
Failing to authorize in occasionally-connected scenarios
Failing to use authentication and authorization over a virtual private network (VPN)
Failing to authenticate during synchronization over the air
Failing to authenticate during synchronization with the host PC
Failing to authenticate for all connection scenarios, such as over the air, cradled, Bluetooth, and Secure Digital (SD) cards
Failing to appreciate the differences between security models of different devices
Caching Caching unnecessary data on a device that has limited resources
Relying on cached data that may no longer be available in occasionally-connected scenarios
Choosing inappropriate cache locations and formats
Caching sensitive data in unencrypted form
Failing to choose an appropriate caching technology
Communication Failing to protect sensitive data over the air
Failing to secure Web service communication
Failing to secure communication over a VPN
Not appreciating the performance impact of communication security on limited-bandwidth connections
Not managing limited-bandwidth connections efficiently
Not managing connections to multiple network services efficiently
Not designing to work with intermittent connectivity
Not considering connection cost or allowing the user to manage connections
Not designing to minimize power usage when running on battery power
Failing to use the appropriate communication protocol
Configuration Management Failing to restore configuration state after a reset
Failing to consider configuration management synchronization over the air
Failing to consider configuration management synchronization with the host PC
Choosing an inappropriate format for configuration information
Failing to protect sensitive configuration information
Failing to consider the techniques used by different manufacturers for loading configuration settings
Data Access Failing to implement data-access mechanisms that work with intermittent connectivity
Not considering database access performance
Navigating through large datasets when not required
Failing to consider appropriate replication technologies and techniques
Failing to consider access to device database services such as Microsoft SQL Server® Compact Edition
Device Failing to consider device heterogeneity, such as screen size and CPU power
Not presenting user-friendly error messages to the user
Failing to protect sensitive information
Failure to consider the processing power of the device
Exception Management Not recovering application state after an exception
Revealing sensitive information to the end user
Not logging sufficient details about the exception
Using exceptions to control application flow
Logging Not considering remote logging instead of logging on the device
Not considering how to access device logs
Not considering resource constraints when logging
Failing to protect sensitive information in the log files
Porting Failing to rewrite the existing rich client UI to suit the device
Failing to explore the available porting tools
Synchronization Failing to secure synchronization when communicating
Failing to manage synchronization over the air as opposed to cradled synchronization
Failing to manage synchronization interruptions
Failing to handle synchronization conflicts
Failing to consider merge replication where appropriate
Testing Failing to appreciate debugging costs when choosing to support multiple device types
Failing to design with debugging in mind; for example, using emulators instead of the actual devices
Failing to debug in all connection scenarios
UI Not considering the restricted UI form factor
Not considering the single window environment
Not considering that only one application can be running
Not designing a touch-screen or stylus-driven UI for usability
Not including support for multiple screen sizes and orientations
Not managing device reset and resume
Not considering the limited API and reduced range of UI controls compared to the desktop
Validation Not validating input and data during host PC communication
Not validating input and data during over-the-air communication
Failing to protect hardware resources, such as the camera and initiation of phone calls
Not designing validation with limited resources and performance in mind

Last edited Feb 2, 2009 at 5:40 PM by prashantbansode, version 1


No comments yet.