Conference PaperPDF Available

Grow your own Backend-as-a-Service (BaaS) platform

Authors:
Brian Carter at Chippewa Software Technology
Brian Carter
  • Chippewa Software Technology
Download full-text PDF
Read full-text
Download citation

Abstract

In this paper, the concepts of growing your own Backend-as-a-Service (BaaS) platform using vendor agnostic concepts are explored. The proposal is to define, architect, and design a heterogeneous micro-applications based platform. The BaaS platform is a critical business resource and growing your own is required to avoid vendor lock-in, platform shutdown/sun-setting/retirement, or any adverse changes. An introduction is given on the concepts of BaaS. A short overview about the current state of research and existing solutions is provided. To set the scope, application requirements are documented. The micro-application BaaS architecture and design is given at the conceptual level to allow for implementations using current or future tooling. Details are discussed on how to implement the platform. We conclude with the future state for BaaS platforms.
Content uploaded by Brian Carter
Author content
All content in this area was uploaded by Brian Carter on Mar 22, 2017
Content may be subject to copyright.
This work was supported by Chippewa Software Technology Brian Carter is with Chippewa Software Technology, La Grange, KY 40031
USA (e-mail: briancarter@chipsofttech.com).
Abstract In this paper, the concepts of growing your own
Backend-as-a-Service (BaaS) platform using vendor agnostic
concepts are explored. The proposal is to define, architect, and
design a heterogeneous micro-applications based platform. The
BaaS platform is a critical business resource and growing your
own is required to avoid vendor lock-in, platform shutdown/sun-
setting/retirement, or any adverse changes.
An introduction is given on the concepts of BaaS. A short
overview about the current state of research and existing solutions
is provided. To set the scope, application requirements are
documented. The micro-application BaaS architecture and design
is given at the conceptual level to allow for implementations using
current or future tooling. Details are discussed on how to
implement the platform. We conclude with the future state for
BaaS platforms.
Keywords:API; Application Programming Interface; architecture;
BaaS; Backend-as-a-Service; cloud computing; heterogeneous;
service; mongodb; mongoose; nodejs; platform; service oriented
architecture; SOA; software; web services;
I. INTRODUCTION
This is an exciting time to be a developer, the services that
we have access to and the tools we develop with are really
state of the art. The only thing limiting what we can do in an
app is our imagination. It truly is a great time to be building
the next big app idea. The space is growing and technology is
advancing to enable us to do more with less, at large scale.
We have a low entry into mobile, web, cloud, wearable
devices, and Internet of things to implement our ideas.
Do you as an app developer just tend to focus on your app
and making the experience as great as possible? You tend not
to think about the database, servers, replication, scaling,
notifications, logging, Backend-as-
a-Service (BaaS) is the perfect technology for you to power
your apps [1]. Focus on making your user experience great
and outsource the redundant backend tasks.
outsourcing the infrastructure,
platforms, software, and the backend as a services (i.e., IaaS,
PaaS, SaaS, BaaS) has had a profound impact on the speed to
market, user experience, affordability, and availability of
creating the next big app. Like all mem
family, BaaS builds on the concept that the product
can be provided on demand. The need for storing data,
analytics, push notifications, photo uploads, and many other
service offerings can be centralized and outsourced to a BaaS
platform. For app developers, we can focus on building the
next big app.
The goal of the BaaS platform is to help businesses solve
their backend dilemmas. As more and more developers and
companies realize the worth of implementing BaaS (saves
time, eliminate redundant server and stack setup for each app,
eliminate boilerplate code, brand awareness, fosters open
innovation, increases efficiency, richer app, cross app
advertisement-marketing-profiling-personalization,
services will emerge on the BaaS platforms [1, 2].
With all the service offerings provide by the BaaS platform
to all your apps, it quickly becomes a mission critical business
resource. Ownership is key. Ownership of the BaaS platform
is required to avoid platform shutdown/sun-setting/retirement,
vendor lock-in, or adverse changes. While there are many
safe? Many proprietary platforms have shutdown
PayPal
and many more). Notices received like (1) and (2) have left
many businesses questioning their future and how to move
their apps off the closed platforms.
ave a difficult announcement to make.
Beginning today we're winding down the Parse
service, and Parse will be fully retired after a year-
Kevin
Lacker, Co-founder of Parse [3] (1)
customers can export their data until
March 31, 2014, after which point data will no longer
be accessible. A data- [4] (2)
The concept of a BaaS is rock solid and worth
implementing strategies to support the emerging services [5].
The Backend as a Service (BaaS) market is projected to be
worth of over $28 billion by 2020 [6].
your BaaS to protect your business and applications.
Our argument in this paper is for you to grow your own
BaaS. We will explore what is required, how the architecture
and design is constructed, and how you would build it. Many
advantages, you have (ideally own) the source code, you build
what you need at the time, and you grow your platform for
your needs. Take full control of your critical business asset.
II. RESEARCH
-a-Service waters can be a choppy
adventure. Different service flavors exist up and down the
entire technology spectrum, starting as low as Infrastructure as
a Service (IaaS) access to physical hardware Platform as
a Service (PaaS) infrastructure and platform taken care of,
just build or bring your own app like AWS or Azure all
the way up to Software as a Service (SaaS) like Salesforce,
Office 365, and Gmail.
BaaS
offerings. At its core, BaaS platforms enable you to store your
data without the headaches and cost of developing and
maintaining unique services for each application. A BaaS
couples a basic data store with expressive user provisioning
and authentication tools. As an app developer, think of it like
Brian Carter, Chippewa Software Technology
2
a NoSQL database someone else manages for you off in the
cloud, except that access is via a REST API. Cloud-based
storage is just the beginning of a BaaS offering. Which BaaS
is right for you s look at the most commonly used
service offerings:
Storage: Every BaaS provider will offer some kind of data
storage. Some will offer schema-less and others more
structured abilities. Storage of any type of data will be
managed using APIs. The ability to query, sort, page, and
filter is required. More advanced features might include data
connectors to sync cloud-based data to other on premise data
stores.
Dashboard: The ability to manage your data and users
through some sort of portal is important. While all the
services can be performed via APIs, having a UI is often time
saving and informative. The option to manage data, services,
users, authorization, and to view reports is a nice feature.
User Administration: User provisioning and authentication:
important in most apps since apps need to limit who can
access what data and services are available. A common
example is a doctor should only have access to his or her
patients, not every patient in the application. A BaaS allows
you to configure "groups" of users and then determine what
data they should be able to access through Access Control
Lists (ACLs). Platforms need role-based user permissions and
granular claims-based permissions. Also, 3rd party
authentication with sites like Facebook, Twitter, Goggle, and
others is helpful.
Analytics: The ability to track API calls is important. This
gives you a view on who, when, and how often someone is
using your BaaS. Having the ability to track performance,
errors, events, and storage usage is important. Personalization
for your users will deliver a better user experience.
More: There are many other services that can be added or
included to a BaaS. This might include the need for:
Push notifications
Social integration
Personalization
File, photos, & assets management
Geolocation
Multiple Mobile Platform SDKs
Custom code Integration
Background Jobs
Configuration
The list of service offerings should provide you with what a
BaaS platform could offer. This list is growing and more
redundant tasks are getting added. Think of the service
offerings you add in each app, that require custom coding and
maintenance, moving the repetitive functionality to a common
backend platform makes sense. There are hundreds of options
for BaaS platforms and the list is growing quickly [7].
Reading through the list, it ranges from general purpose
providers to specific offerings. A growing trend is a move
away from monolithic platforms to more specific platforms
based on need. Decoupling the monolith into individual
offerings allow for finer grain sections and allowing for cross
vendor selections.
There are many open-source solutions in the list. When you
-source
platforms to see how they implement the offerings you are
looking for. It is recommended that you fork any open-source
you are researching. Having your own copy of the code is
critical, especially if you use it for your next app. Certainly
open-source projects implode as well, but rarely with the scale
of things like Parse. Make sure you have full open source
access, the ability to run your own server, and an active
community development and maturity (avoid risk of
abandonment if creators lose interest). An option for growing
your own BaaS is through the use of open source projects.
Choose an open source BaaS, choose open source libraries, or
III. REQUIREMENTS
As we saw, BaaS platforms come and go. Even very large
platforms have been shut down. In my option, growing your
own has many advantages. The top being the learning and
knowledge of the workings. Build it for your needs, leverage
open source libraries when needed, and leverage other open
from most).
There are things you must be aware of before heading down
this path. If following are true, then growing your own is the
way to go.
Do you have the time, skills, and resources necessary to pull
this option off?
Do you need to have more control over code, reliability,
performance, features, and costs?
With this being true, l me time to think about our
needs. For this paper, the goal is to introduce BaaS and show
how you would grow your own. To keep things simple and
clear, the first release will be constrained to include just the
storage offering discussed in the previous section. For our first
release, v1, we will include:
1. Name
2. The ability to create new databases and collections
3. An API to perform Create, Read, Update, and Delete
(CRUD) operations on the data.
4. The ability to query, sort, filter, and page the data.
As you can see from the v1 release, this is the core of the data
service for storage. Building our release roadmap, we will work
through the service offerings listed in the previous section as
needed for apps we are building. No sense adding in offerings
r see a need for (unlike closed platforms where
Additional papers and
tutorials will be presented as we build Pondwater and our next
3
big apps. Pondwater is open source so you can follow our
progress on GitHub [8]. Yes, use it as is or take parts that you
need. Even better, contribute where you can.
IV. ARCHITECTURE AND DESIGN
A great architecture encourages developers to use it and
share it with others, creating a virtuous cycle where each
additional successful implementation leads to greater
engagement and more contributions from developers who add
value to your application. To accomplish this goal, the
architecture and methodology focuses on:
o Simplicity: A consistent and modular architecture
o Flexibility: Change and add service offerings quickly
o Extensibility: Easy to add new service offerings without
impacts to other offerings and the platform.
The foundation for the architecture is based on the concepts
of growing heterogeneous Micro-Applications by incremental
development [9] as shown in Fig. 1. This fits well with our
requirements for the BaaS will be grown in increments based
on the need. This keeps the architecture and budget lean. With
this strategy, each service offering will be a micro-application.
This will allow each application to adapt to new and changing
business needs independent of vendor. This also positions for
the use of and inclusion of other micro-applications that extend
or replace platform offerings. For example, the dashboard
offering (micro-app) will change at a faster rate than others due
to the rapid changing user interface designs and technologies.
The platform acts as the gateway and can support multiple
dashboard offerings. The platform has the ability to phase in
such offerings. Together, this allows for a better adaption and
transition when there is change.
To accomplish the above goals, the platform is built around
a layered, modular architecture. But, what does that really mean
you might ask? It means that individual pieces of functionality
are self-contained: the storage offering and its components
should just be built for storage, not a sprawling monolith of
other functionality, and should be portable between other BaaS
solutions with a minimum of dependencies.
developing micro-apps that you would like exposed across
multiple areas of the platform added to the
platform layer. The platform will proxy and route the request
to the new offering. This provides a layer of protection so
future changes can be transparent to the calling application.
The architecture for our BaaS Platform is an API first design
following the beyond twelve-factor application principles [10].
Consuming applications have access to a powerful, cloud-based
Backend-as-a-Service (BaaS) platform that provides the apps
with easy to implement service offerings via a RESTful API.
The platform is the API gateway for all requests and can have
one or more service offerings. Each service offering is built
following the micro-application principles [9]. Each app is
built on a software development stack chosen by the product
team (the team building the app). There is an Object Data
Manager (ODM) to communicate to the data store. As with any
application, the micro-applications can leverage the service
offerings of other micro-applications. This dependency is done
in a hierarchy pattern to avoid circular coupling and
dependencies. For example, the storage offering will be used
by other offerings, so it is at the bottom of the dependency tree.
V. IMPLEMENTATION DETAILS
The goal of the framework is to abstract the details of
)
from the consumers. The consuming application only need to
know the APIs and what resources are available. An API
represents a contract between the service and those who
consume the service. Building an API is one of the most
important tasks. By having a simple API, the BaaS has the
potential to become a platform from which other services will
grow and other applications will use.
This starts with the implementation of the platform. The
platform is an API gateway that coordinates the requests to the
micro-applications and the returning responses. The gateway
is very light weight and its main responsibility is to route traffic.
If features are required, the platform should use micro-apps, for
such things as access control, rate limits, usage policies,
analytics, monitoring, logging, and management. In
Pondwater, we grow our own platform API gateway to include
some of the key most basic features often needed for API
management [11].
The implementation of the micro-apps follows a RESTful
API design. The consumer, a client application capable of
making HTTP requests, interact with platform via APIs. The
HTTP protocol is used for communication over a network. The
platform defines endpoints, API URLs on the server that
represents the services provided and what resources are
available. The platforms API gateway calls the corresponding
micro-application.
Standard Verbs are used for request. The URI for the API is
Figure 1: conceptual level BaaS architecture.
4
based on the service offering. The verb GET retrieves a specific
resource from the server. The POST verb creates a new
resource on the server while the PUT verb updates the resource.
DELETE removes a resource. The pattern for verbs and URI
stems is shown in Table 1 along with examples for the storage
offering. The pattern includes the service offering, the version,
and the requested resource.
The following GET storage example returns the documents
in the soccer collection:
/store/v1/soccer/players
In example (3) for a GET, the URI parameters would get the set
of documents where the jersey is greater than 0, only the jersey-
name-email fields, it would be sorted by jersey skipping none
and only returning at most 6 documents.
query={"jersey": {"$gt": 0}},
fields={"jersey":1, "name": 1,"email":1},
sort={"jersey": 1},
skip=0,
limit=6 (3)
As shown in the API pattern, versioning is an important
implementation detail. The URI is formed by api/:service-
offering/:version/:service-specifics. If you are simply adding
new features to your API, such as a new attribute on a resource
or new endpoints, you do not need to increment your API
version number since the changes do not break backwards
compatibility. Over time, the need to break a contract will be
required. The API design allows for and tracks multiple
versions of the service offering by placing the version in a URL
segment. This will allow consumers to consume the newer
version when they are ready. Older versions will be
depreciated. The version is by service offering. This allows for
each offering to be added or updated based on its schedule. It
also minimizes impacts and coupling, by only impacting the
consumer based on a specific offering and not the entire
platform. This gives the consumer more options, to consume
some updates quicker and others based on need and schedule.
The response is a critical implementation detail. Each
resource returned by an API must have resource attributes
defined. The exact metadata for the attributes depends on the
platform and service offering. For the developer, knowing the
details about the data return is critical.
implementation, the response has platform details and service
offering details. For the storage example (4) is
defined an
version and resource is echoed back which is helpful for tracing.
Specific for the storage offering, it echoes back the query,
fields, sort, and skip values received. The limit value is echoed
back or set by the micro-app if such limits are set or exceeded.
The total number of items of items in the set is returned to aide
documents. Each document has an id that uniquely
identifies it. Example (4) shows the response for v1 of the
storage offering.
{
"platform": {
"type": "store",
"version": "v1",
"resource": "soccer/players"
},
"query": {"jersey": {"$gt": 0}},
"fields": {"jersey": 1,"name": 1,"email": 1},
"sort": {"jersey": 1},
"skip": 0,
"limit": 6,
"total": 1,
"items": [
{
"_id": "5807c471cb1d53801a000002",
"name": "Brian Carter",
"email": "briancarter@chipsofttech.com",
"jersey": 1
}
]
} (4)
As with typical data applications, the storage solution adds
fields to the document in storage for POSTS and PUTS. A
feature of the storage solution is the ability to have data in a
published. When the fields are not present represents resources
in a draft state. As a developer, you have full control over the
micro-app so this can be changed based on your specific need.
Whenever something goes wrong with an API request, the
TABLE I
PONDWATER STORAGE VERBS AND URI STEMS
Verb URI Stem
[Pattern] /:service-offering/:version/:resource
POST /store/:db/:collection {JSON data in body}
GET (set) /store/:db/:collection?query,fields,sort,skip,limit
GET (1) /store/:db/:collection/:_id
PUT /store/:db/:collection/:_id {JSON updates in body}
DELETE /store/:db/:collection/:_id
TABLE II
PONDWATER ERROR TYPES
Status
Code Error Code Description
400 BadRequest Malformed request or missing parms.
400 InvalidQuery Request contained invalid query parms.
401 Unauthorized The authorization was invalid.
403 AccessDenied
Access to a resource denined.
404 NotFound Resource could not be found.
422 ValidationFailed Query references invalid fields or inv
JSON.
429 RateLimitHit Too many requests per second.
500 ServerError Error on server.
5
platform returns an error. An HTTP status code indicates the
error type, with further details in the response body as shown in
Table II. Errors share the same common attributes as other API
generated by Pondwater. A
will have a short description of the error (configurable on level
of detail). The status code is return as the response HTTP status
With the strategy and details defined, there are many options
for developing the platform and micro-applications. The
architecture, design, and implementation details could be
written in any language. For this paper, we implemented
Pondwater using Node.js, Express, and MongoDB. The nice
thing about this development stack, it can run on many different
Meeting our vendor agnostic requirement. Again, this decision
is up to you as a developer and your team as owners.
Pondwater is open source and has an MIT license so you can
use it, help me extend it, or just copy and page the good parts
[8]. Follow our project as we build code, tutorials, and
documentation. The purpose of this paper and the reference
application is to provide you with an introduction and overview
of growing your own BaaS platform and a product to get a
hands on exposure.
VI. FUTURE STATE
When growing a platform, it should be a rule that it will be
heterogeneous. Heterogeneous by default should be a design
and development practice. The computational fields are
growing at a rapid rate and heterogeneous aspects must be
embraced and supported. The rule for growing a platform is
the fact that it will be composed of applications on different
platforms, written in different languages, using different stores,
and running in different processes. This is the future for BaaS
platforms.
Many BaaS platforms owned by the largest companies have
failed and been shut down. Such applications were built as
monoliths and over time could not evolve. For the BaaS
platform to survive, it must evolve to meet the ever change
landscape of Information Technology (IT).
Future service offerings will be introduced. One of the most
exciting features are artificial intelligence and machine
learning. Such offerings are a good BaaS fit due to their
complexity. We are on the cusp of providing large scale, real
value for such technology services. Although computer science
theories and algorithms have existed for some time now, many
of the problems surrounding the implementation have made
them infeasible until the advent of cloud platforms. For many
app developers, home-grown AI solutions are still out of reach.
, AI-BaaS.
VII. CONCLUSION
Often called Backend as a Service, BaaS, an API backend is
a way for developers to link their software and application to
cloud-based services, making it easier to include with software
development kits and APIs. As a developer, you can focus on
making your next great app idea and leave the redundant tasks
to the backend.
One of the main reasons developers are choosing BaaS is
because building your own services takes time and resources,
as processes need to be duplicated and then customized across
various providers. With a consolidated BaaS, you can rapidly
connecting to. API-first movement that allows
everything from website to mobile apps to be built more quickly
on top of an API.
Many like the BaaS approach because it eliminates redundant
stack setup and boilerplate repeat code, and everything is
handled by the platform. However, an
everyone.
it can create bigger security risks.
BaaS is just one of many ways that APIs are changing the
way we develop, design and build great apps. We think the
benefits of BaaS platforms are endless if grown using evolving
architecture, design, and implementation concepts.
REFERENCES
[1] BaaS : Pros and Cons. Retrieved from https://blog.cloudboost.io/baas-
pros-and-cons-4bf0912dead2. October, 2016.
[2] Why You Should Build Apps With An API Backend BaaS. Retrieved
from http://nordicapis.com/why-you-should-build-apps-with-an-api-
backend-baas/. October, 2016.
[3] Moving On. Retrieved from
http://blog.parse.com/announcements/moving-on/. October, 2016.
[4] PayPal closing down backend service StackMob mere months after
buying it. Retrieved from http://venturebeat.com/2014/02/12/paypal-
closing-down-backend-service-stackmob-months-after-buying-it/.
October, 2016.
[5] Big Data-As-A-Service Is Next Big Thing. Retrieved from
http://www.forbes.com/sites/bernardmarr/2015/04/27/big-data-as-a-
service-is-next-big-thing/2/#2f3eb0f76efe. October, 2016.
[6] Backend as a Service (BaaS) Market worth 28.10 Billion USD By 2020.
Retrieved from
http://www.marketsandmarkets.com/PressReleases/baas.asp. October,
2016.
[7] A collaborative list of Parse alternative backend service providers. .
Retrieved from https://github.com/relatedcode/ParseAlternatives.
October, 2016.
[8] Pondwater. Retrieved from https://github.com/ChipSoftTech/pondwater.
October, 2016.
[9] B. Carter, "Growing Software Applications by Incremental Development
of Heterogeneous Micro-Applications Using Cellular Regeneration
Concepts," 2015 Annual Global Online Conference on Information and
Computer Technology (GOCICT), Louisville, KY, 2015, pp. 1-5.
[10] Beyond the Twelve-Factor App
https://pivotal.io/beyond-the-twelve-factor-app. October, 2016.
[11] Building Great APIs (Part III) The need for API Management and
Infrastructure. Retrieved from https://www.3scale.net/2013/10/great-
apis-need-api-mngmt-part-iii/. October, 2016.
... To simplify the development of these features, a new cloud service model, named Backendas-a-Service (BaaS) [Car16,FdS14,Lan15], has emerged, allowing developers to configure the backend of a mobile application without implementing it from the ground up. In fact, today many popular mobile applications are based on BaaS, e.g., the Duolingo platform for learning languages 1 and the Lyft car sharing platform 2 are both based on the Firebase BaaS platform 3 . ...
... Backend-as-a-Service (BaaS) [Car16,FdS14,Lan15], also know as Mobile Backend-as-a-Service Back4App and Firebase are platforms that deal with machine management and all the related problems, as security settings, auto-scaling or database optimization. An example of the Parse framework with the infrastructural-side is the Back4App platform, as Back4App is built on top of Parse framework. ...
MIRES: Recovering Mobile Applications based on Backend-as-a-Service from Cyber Attacks
Thesis
Full-text available
  • Nov 2020
Many popular mobile applications rely on the Backend-as-a-Service (BaaS) cloud computing model to simplify the development and management of services like data storage, user authentication and notifications. However, vulnerabilities and other issues may lead to malicious operations on the mobile application client-side that consequently generate malicious requests being sent to the backend, corrupting the state of the application in the cloud. To deal with these attacks after they happen and are successful, it is necessary to remove the immediate effects created by the malicious requests and subsequent effects derived from later requests. In this work, we present MIRES, an intrusion recovery service for mobile applications based on BaaS. MIRES uses a two-phase recovery process that restores the integrity of the mobile application and minimizes its unavailability. Besides the main intrusion recovery feature, MIRES also provides a client-side mechanism that allows the mobile application users to revert their own actions. We implemented MIRES in Android and with the Firebase platform and made experiments with 4 mobile applications that showed results of 1000 operations reverted in less than 1 minute and with the mobile application inaccessible only for less than 15 seconds.
View
... Recently, several frameworks and platforms appeared with the objective of supporting the implementation and execution of mobile applications. A highly successful case is the Backend-as-a-Service (BaaS) cloud model [6]- [8] that allows developers to configure the backend of a mobile application without implementing it from the ground up. In fact, today many popular mobile applications are based on BaaS, e.g., the Duolingo platform for learning languages, the Lyft car sharing platform, The Economist magazine's portal, and AliBaba's messaging service. 1 Despite our increasing reliance on these applications, they are complex software systems that often contain vulnerabilities, e.g., due to improper user input validation and other errors made by developers in designing and/or writing code [9], [10]. ...
... As already explained, Backend-as-a-Service (BaaS) [6]- [8], or the subcase of Mobile Backend-as-a-Service (MBaaS) [49], is a cloud service model that has been increasingly adopted to implement mobile apps. ...
MIRES: Intrusion Recovery for Applications based on Backend-as-a-Service
Article
Full-text available
  • Jan 2022
The Backend-as-a-Service (BaaS) cloud computing model supports many modern popular mobile applications because it simplifies the development and management of services such as data storage, user authentication, and notifications. However, vulnerabilities and other issues may allow malicious actions on the client side to have impact on the backend, i.e., to corrupt the state of the application in the cloud. To deal with these attacks – after they occur and are successful – it is necessary to remove the direct effects of malicious requests and the effects derived from later operations on corrupted data. We introduce MIRES, the first intrusion recovery service for mobile applications based on the BaaS model. MIRES uses a two stage recovery process that restores the integrity of the mobile application and minimizes its unavailability. MIRES provides multi-service recovery for applications that use more than one data store. We implemented MIRES for Android and for the Firebase cloud-based BaaS platform. We did experiments on 4 mobile applications which showed that MIRES can revert hundreds to thousands of operations in seconds, with an associated unavailability of the application also in the range of seconds.
View
... These remote services are executed on the cloud and allow storing the state of the application, sending notifications and authenticating users. To simplify the development of these features, a new cloud service model, named Backend-as-a-Service (BaaS) [7,11,21], has emerged, allowing developers to configure the backend of a Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. ...
... Backend-as-a-Service (BaaS) [7,11,21], also know as Mobile Backendas-a-Service (MBaaS), is a cloud service model that provides a set of ready to use application-logic services -via custom software development kits (SDK) and application programming interfaces (APIs) -that automates and speeds up the backend development process of web and mobile applications. In this paper, the focus is only on mobile applications. ...
MIRES: Recovering Mobile Applications based on Backend-as-a-Service from Cyber Attacks
Conference Paper
Full-text available
  • Dec 2020
Many popular mobile applications rely on the Backend-as-a-Service(BaaS) cloud computing model to simplify the development and management of services like data storage, user authentication and notifications. However, vulnerabilities and other issues may lead to malicious operations on the mobile application client-side and malicious requests being sent to the backend, corrupting the state of the application in the cloud. To deal with these attacks after they happen and are successful, it is necessary to remove the immediate effects created by the malicious requests and subsequent effects derived from later requests. In this paper, we present MIRES, an intrusion recovery service for mobile applications based on BaaS.MIRES uses a two-phase recovery process that restores the integrity of the mobile application and minimizes its unavailability. We implemented MIRES in Android and with the Firebase platform and made experiments with 3 mobile applications that showed results of1000 operations reverted in less than 1 minute and with the mobile application inaccessible only for less than 15 seconds.
View
... One of such services is the Mobile backend as a Service (MBaaS), sometimes and broadly referred to as backend as a Service (BaaS). This service offering affords Software Engineers cum Developers the luxury of overlooking backend operations such as manual database management, tasking server administration, technical load balancing, and daunting product scaling (Carter, 2016). David (2019) points out that it also provides authentication systems, push notification services, analytics, and ad management among others out-of-the-box for Engineers who then have ample time to concentrate on the logic of their applications as well as ensur-ing a nice and friendly user interface and experience. ...
Commercial Cloud Services for a Robust Mobile Application Backend Data Storage
Article
Full-text available
  • Apr 2021
Rapid advancements in the infrastructure of Information and Communication Technology (ICT) have led to radically new but ubiquitous technology; cloud computing. Cloud computing has gracefully emerged offering services that possess on-demand scalability, huge computing power, and a utility-like availability, all at a relatively low cost. It has unsurprisingly become a paradigm shift in ICT, gaining adoptions in all forms of application i.e., personal, academic, business, or government. Not only for its cost-effectiveness but also for its inherent ability to meet business goals and provide strategic ICT resources. More recently there have been advances in cloud computing leading to the evolution of newer commercial cloud services, one of which is the Mobile backend as a Service (MBaaS). The MBaaS is important and required for a robust mobile application back-end data storage and management. Its wide adoption and importance stem from its ability to simplify application development and deployment. Also, MBaaS is robust, with the ability to cope with errors by providing nifty tools and other features. These enable rapid scaffolding of mobile applications. This paper reviews Mobile backend as a Service (MBaaS) and provides required background knowledge on some cloud services and their providers to enable stakeholders to make informed decisions and appropriate choices.
View
... A BaaS enables to store data and couples a basic data store with expressive user provisioning and authentication tools, it is also based on the Representational State Transfer (REST) protocol which was originally introduced as an architectural style for building large-scale distributed hypermedia systems, to offer a NoSQL database on the cloud where access is ensured via a REST API. Cloud-based storage is only a part of a BAAS offering [17]. ...
A scalable mobile context-aware recommender system for a smart city administration
Article
  • Jun 2019
With the innovation of new Information and Communication Technologies and the needs of information and knowledge sharing among the city, a smart city system aims to improve it's citizens life quality by offering a set of public services. Within this context, this research work proposes a smart city approach for using these technologies in public services delivery to allow real-time interactions with citizens; we propose a service providing framework based on context-aware recommendation approach to improve the city's digital services according to citizen’s context and the backend as a service (BAAS) approach on cloud to enhance the scalability of the system in large workloads. In this study, we evaluated the scalability and interactivity of the proposed approach by measuring response time and exchanged data metrics. To estimate the scalability, we performed series of load tests where response time values increased with the addition of requests in different cases but remained acceptable. In terms of interactivity, the exchanged data between the citizen application and the city’s backend was measured at maximum by 117 Kb/s. The experiments revealed that context-aware recommendation approach optimised interactions by reducing the amount of exchanged data, and the BAAS approach improved the scalability of the system and allowed handling concurrent requests.
View
... It is like a NoSQL database in the cloud where access is ensured via API. Cloud-based storage is only a part of a BAAS offering [9]. ...
View
View
Estado actual de la educación inclusiva en Colombia y herramientas TIC de apoyo
Book
Full-text available
  • Jan 2020
El Secretario General de la ONU, Ban Ki-moon, destacó que los Objetivos de Desarrollo Sostenible (ODS) son un faro para el mundo con un mensaje en el cual las naciones se han comprometido a asegurar una vida digna para todos, así como la salud del planeta para las generaciones futuras. Es así que el mejoramiento del nivel y calidad de vida de la población discapacitada en el espacio geográfico local, regional y universal, ha motivado a la Organización Mundial de la Salud (OMS) a concertar con los gobiernos planes de desarrollo que garanticen la apropiación de los servicios de las TIC (tecnologías de la información y la comunicación) y las tecnologías emergentes, además de permitir la inclusión de esta población en el sector educativo, cultural y productivo. Colombia aceptó en el gobierno del presidente Santos las propuestas de la OMS y las incluyó en el conocido Plan Vive Digital, sobre el cual la universidad estructura un sólido trabajo investigativo que dimensiona la aceptación, apropiación y contextualización de las TIC en la población invidente, sordomuda y parapléjica. Es así como este libro pretende ser texto universitario y de consulta para todas aquellas personas que deseen tener pautas del proceso de educación inclusiva en Colombia. Este aborda el tema a través de cuatro capítulos detallados a continuación. En el análisis del índice de impacto de las TIC en la población con discapacidad, se estudiará el estado del arte de la educación inclusiva en Colombia y el uso de las herramientas TIC en las aulas de clases. Se analizarán las herramientas y metodologías que son utilizadas actualmente en la academia, las universidades y los colegios, y cómo ha sido la adaptación de estas personas con condiciones especiales a tales herramientas. También se abordará la normatividad que ha emitido el Ministerio de Educación Nacional buscando cubrir las necesidades de esta población en lo que respecta a la inclusión educativa. El estado actual de la inclusión educativa en Colombia y el uso de herramientas TIC se enmarca dentro de los ODS, ya que se habla de “Garantizar una educación inclusiva, equitativa y de calidad y promover oportunidades de aprendizaje durante toda la vida para todos” (ONU, s.f.), lo cual corresponde al objetivo de educación de calidad; al mismo tiempo, se tiene en cuenta la reducción de las desigualdades. En cuando al proyecto de investigación, se establece el “Diseño de un modelo de nuevas prácticas de aprendizaje para La educación inclusiva mediada por las TIC en la universidad colombiana para las personas con algún tipo de diversidad: Caso de estudio Universidad Libre, Sede Bosque Popular” (Universidad Libre de Colombia, 2018), el cual se presentó en la convocatoria 2018. En el desarrollo del software responsive de traducción de voz a texto E-APP, el eje central será la población con discapacidad auditiva; para ello, se ha desarrollado una solución tecnológica que permita la inclusión de dicha población dentro de las aulas de educación superior, lo cual da lugar a que las instituciones de educación superior puedan ofertarles todos sus programas académicos sin ninguna excepción. Esta solución de traducción de voz a texto incorpora nuevas técnicas de aprendizaje para la educación inclusiva mediada por las TIC en las instituciones educativas colombianas, ello para apoyar el ejercicio de los derechos de las personas con discapacidad a través de las TIC. Se indagará sobre la posibilidad de implementar un software para el apoyo del progreso cognitivo de niños diagnosticados con síndrome de Down, el cual se oriente a la educación especial que pueda servir de apoyo tanto a los educadores como a la población vulnerable. Gracias por el apoyo brindado invaluable en este proceso académico por parte de la Universidad Libre de Colombia, al Centro de Investigaciones (CIFI) como a las directivas de la Facultad de Ingeniería por su confianza. También a los investigadores del grupo DAVINCIS como a la colaboración del grupo IDEPI.
View
Estado actual de la educación inclusiva en Colombia y herramientas TIC de apoyo
Book
  • Jan 2020
El Secretario General de la ONU, Ban Ki-moon, destacó que los Objetivos de Desarrollo Sostenible (ODS) son un faro para el mundo con un mensaje en el cual las naciones se han comprometido a asegurar una vida digna para todos, así como la salud del planeta para las generaciones futuras. Es así que el mejoramiento del nivel y calidad de vida de la población discapacitada en el espacio geográfico local, regional y universal, ha motivado a la Organización Mundial de la Salud (OMS) a concertar con los gobiernos planes de desarrollo que garanticen la apropiación de los servicios de las TIC (tecnologías de la información y la comunicación) y las tecnologías emergentes, además de permitir la inclusión de esta población en el sector educativo, cultural y productivo. Colombia aceptó en el gobierno del presidente Santos las propuestas de la OMS y las incluyó en el conocido Plan Vive Digital, sobre el cual la universidad estructura un sólido trabajo investigativo que dimensiona la aceptación, apropiación y contextualización de las TIC en la población invidente, sordomuda y parapléjica. Es así como este libro pretende ser texto universitario y de consulta para todas aquellas personas que deseen tener pautas del proceso de educación inclusiva en Colombia. Este aborda el tema a través de cuatro capítulos detallados a continuación. En el análisis del índice de impacto de las TIC en la población con discapacidad, se estudiará el estado del arte de la educación inclusiva en Colombia y el uso de las herramientas TIC en las aulas de clases. Se analizarán las herramientas y metodologías que son utilizadas actualmente en la academia, las universidades y los colegios, y cómo ha sido la adaptación de estas personas con condiciones especiales a tales herramientas. También se abordará la normatividad que ha emitido el Ministerio de Educación Nacional buscando cubrir las necesidades de esta población en lo que respecta a la inclusión educativa. El estado actual de la inclusión educativa en Colombia y el uso de herramientas TIC se enmarca dentro de los ODS, ya que se habla de “Garantizar una educación inclusiva, equitativa y de calidad y promover oportunidades de aprendizaje durante toda la vida para todos” (ONU, s.f.), lo cual corresponde al objetivo de educación de calidad; al mismo tiempo, se tiene en cuenta la reducción de las desigualdades. En cuando al proyecto de investigación, se establece el “Diseño de un modelo de nuevas prácticas de aprendizaje para La educación inclusiva mediada por las TIC en la universidad colombiana para las personas con algún tipo de diversidad: Caso de estudio Universidad Libre, Sede Bosque Popular” (Universidad Libre de Colombia, 2018), el cual se presentó en la convocatoria 2018. En el desarrollo del software responsive de traducción de voz a texto E-APP, el eje central será la población con discapacidad auditiva; para ello, se ha desarrollado una solución tecnológica que permita la inclusión de dicha población dentro de las aulas de educación superior, lo cual da lugar a que las instituciones de educación superior puedan ofertarles todos sus programas académicos sin ninguna excepción. Esta solución de traducción de voz a texto incorpora nuevas técnicas de aprendizaje para la educación inclusiva mediada por las TIC en las instituciones educativas colombianas, ello para apoyar el ejercicio de los derechos de las personas con discapacidad a través de las TIC. Se indagará sobre la posibilidad de implementar un software para el apoyo del progreso cognitivo de niños diagnosticados con síndrome de Down, el cual se oriente a la educación especial que pueda servir de apoyo tanto a los educadores como a la población vulnerable. Gracias por el apoyo brindado invaluable en este proceso académico por parte de la Universidad Libre de Colombia, al Centro de Investigaciones (CIFI) como a las directivas de la Facultad de Ingeniería por su confianza. También a los investigadores del grupo DAVINCIS como a la colaboración del grupo IDEPI.
View
Growing Software Applications by Incremental Development of Heterogeneous Micro-Applications Using Cellular Regeneration Concepts
Conference Paper
Full-text available
  • Nov 2015
In this paper, the concepts of growing software applications by incremental development of heterogeneous micro-applications using cellular regeneration concepts are explored. The proposal is the move from homogeneous monolithic architectures to heterogeneous micro-architectures, to allow for application evolution. The focus is on growing legacy applications that will evolve to remain healthy. Cellular regeneration concepts are used to show that applications should always be regenerating, like cells living in an organism, to become resilient to events that cause disturbance and damage. Understanding regeneration can give insights into growing computational systems that are more resilient. A definition for micro-architectures and comparisons on how such an architecture differs from typical monolithic architectures are given. Concepts to allow applications to adapt to new and changing business and scientific computational needs are designed. Development and operation complexity is addressed to handle the increase in activity and tasks. We conclude with future states for micro-applications.
View
Retrieved from http://blog.parse.com/announcements/moving-on
  • Oct 2016
  • Moving On
Moving On. Retrieved from http://blog.parse.com/announcements/moving-on/. October, 2016.
Retrieved from https://github
  • Oct 2016
  • Pondwater
Pondwater. Retrieved from https://github.com/ChipSoftTech/pondwater. October, 2016.