SQL Server Compact 4.0 Lands on the Web

SQL Server

A decade has passed since I first started using SQL CE on my Compaq iPAQ.  What started as a great upgrade to Pocket Access turned into the ultimate embedded database for Windows CE, the Pocket PC, Windows Mobile and Windows Phones.  The one-two punch of Outlook Mobile synchronizing email with Exchange and SQL Server Compact synchronizing data with SQL Server helped set the mobile enterprise on fire.  In 2005, version 3.0 supported Windows Tablets and progressive enhancements to the code base led to full Windows support on both x86 and x64 platforms.  With the new version 4.0, the little-database-that-could has grown up into a powerful server database ready to take on the web.

We’ve come a long way and you’re probably wondering what qualifies this new embedded database to take on the Internet:

  • Native support for x64 Windows Servers
  • Virtual memory usage has been optimized to ensure the database can support up to 256 open connections – (Are you actually using 256 pooled connections with your “Big” database today?)
  • Supports databases up to 4 GB in size – (Feel free to implement your own data sharding schemeSQL Server Compact)
  • Developed, stress-tested, and tuned to support ASP.NET web applications
  • Avoids the interprocess communications performance hit by running in-process with your web application
  • Row-level locking to boost concurrency
  • Step up to Government + Military grade security SHA2 algorithm to secure data with FIPS compliance
  • Enhanced data reliability via true atomicity, consistency, isolation, and durability (ACID) support
  • Transaction support to commit and roll back grouped changes
  • Full referential integrity with cascading deletes and updates
  • Support ADO.NET Entity Framework 4 – (Do I hear WCF Data Services?)
  • Paging queries are supported via T-SQL syntax to only return the data you actually need

Wow, that’s quite a list!  SQL Server Compact 4.0 databases are easily developed using the new WebMatrix IDE or through Visual Studio 2010 SP1.  I’m loving the new ASP.NET Web Pages.  It reminds me of the good old days of building web applications with Classic ASP back in the 90’s with Visual InterDev and Homesite.

What about Mobility?

Since SQL Server Compact owes its heritage to mobile and embedded versions of Windows, you might be wanting to know what our story is there.  The good news is that you can build and deploy v4.0 databases on Windows XP, Windows Vista, and Windows 7.  If you want to implement an occasionally-connected solution that utilizes the Sync Framework, Remote Data Access (RDA), or Merge Replication, you’ll need to stick with SQL Server Compact 3.5 SP2.  Time and resource-constraints prevented the Compact team from enabling these features.  Luckily, single-user WPF/WinForms database applications running on Windows Slates, laptops and Windows Embedded Handheld devices will work just fine with the v3.5 SP2 runtime.  Get a jumpstart with this by pickup up “Enterprise Data Synchronization with Microsoft SQL Server 2008 and SQL Server Compact 3.5 Mobile Merge Replication” at   http://www.amazon.com/Enterprise-Synchronization-Microsoft-Compact-Replication/dp/0979891213/ref=sr_1_1?s=books&ie=UTF8&qid=1281715114&sr=1-1 to start building those MEAP solutions.

With the tidal wave of Windows Slates hitting the market, a secure, powerful mobile database that allows users to work offline and syncs with SQL Server is definitely going to be a hot item!

So run, don’t walk to the Microsoft Download site to download the Next-Gen database for the web:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=033cfb76-5382-44fb-bc7e-b3c8174832e2

If you need to support occasionally-connected mobile applications with sync capabilities on muliple Windows platforms, download SQL Server Compact 3.5 SP2:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e497988a-c93a-404c-b161-3a0b323dce24

Keep Syncing,

Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Reducing SQL Server I/O Contention during Sync :: Tip 2

Database Storage
Indexing Join Columns

In my last Sync/Contention post, I beat up on a select group of SAN administrators who aren’t willing to go the extra mile to optimize the very heart of their organization, SQL Server.  You guys know who you are.

This time, I want to look at something more basic, yet often overlooked.

All DBAs know that Joining tables on non-indexed columns is the most expensive operation SQL Server can perform.  Amazingly, I run into this problem over and over with many of my customers.  Sync technologies like the Sync Framework, RDA and Merge Replication allow for varying levels of server-side filtering.  This is a popular feature used to reduce the size of the tables and rows being downloaded to Silverlight Isolated Storage or SQL Server Compact.

It’s also a performance killer when tables and columns participating in a Join filter are not properly indexed.  Keeping rows locked longer than necessary creates undue blocking and deadlocking.  It also creates unhappy slate and smartphone users who have to wait longer for their sync to complete.

Do yourselft a favor and go take a look at all the filters you’ve created and makes sure that you have indexes on all those Joined columns.

Keep synching,

Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Don’t forget to Encrypt your Windows Phone 7 Data

Contoso Encryption

Encryption

Whether you’re targeting Mobile Line of Business apps for the Enterprise or B2C apps for consumers, ensuring that sensitive data is encrypted is a must.  These days, I can’t have a serious discussion with a CIO unless I can assure her that my mobile device can protect data-in-transit and data-at-rest.  You already know that Windows Phone 7 secures data-in-transit via SSL whether you’re using Internet Explorer or calling a Web Service from a Silverlight app.  What you may not know is how it covers the other bases.  A quick look over at http://msdn.microsoft.com/en-us/library/ff402533(v=VS.92).aspx lists the following cryptographic algorithms supported by Windows Phone OS 7.0:

  • AES
  • HMACSHA1
  • HMACSHA256
  • Rfc2898DeriveBytes
  • SHA1
  • SHA256

I thought I’d take some of these algorithms for a spin by building a sample app using Microsoft Visual Studio 2010 Express for Windows Phone.  All I really wanted to do is use the Advanced Encryption Standard (AES) for symmetric key encryption to encrypt and decrypt some data so I could save it to Isolated Storage.  Doing this would definitely check the security checkboxes of Microsoft’s customers and ISVs.

Above are screenshots of the simple app I created.  A TextBox is used to enter the data to be encrypted by AES.  Below that, a PasswordBox control is used to enter a password that works in conjunction with Rfc2898DeriveBytes and HMACSHA1 + a Salt value to create a key.  Keep in mind that you must enter more than 8 characters to create a valid Salt value.  I don’t necessarily expect you to understand PBKDF2 Password-Based Cryptography.  Tapping the Encrypt button calls the Encrypt() method which uses Silverlight’s AesManaged class to create a Key and an Initialization Vector (IV) to perform the crypto magic and display the resulting Base64 encrypted data in the Encrypted data TextBox.  Tapping the Decrypt button does the reverse by calling the Decrypt() method to unscramble the data and display the resulting data in the Decrypted data TextBox.

I also threw some buttons on there to save the newly encrypted data to Isolated Storage as an ApplicationSetting.  As shown in the screenshot above, tapping the Save to Isolated Storage button will save the encrypted data locally.  The best way to test the Retreive from Isolated Storage button is to first close the app, then restart it, and then tap the button.  It will place the saved information in the Encrypted data TextBox.  From there, just enter the password and salt you used before and the text you’re looking for will appear in the Decrypted data TextBox.

Let’s take a look at some code.

You’ll need to include the following using statements to get started:

using System.IO;
using System.IO.IsolatedStorage;
using System.Security.Cryptography;
using System.Text;

The Encrypt() method below takes the data you want to encrypt as well as a password and salt value as arguments.  It uses the AesManaged object with the default values of a 256-bit key size and 128-bit block size.  With the help of your supplied password, the encryption key is created using the Rfc2898DeriveBytes object with a dash of Salt.  When creating the pseudo-random number needed to derive a key, the default number of iterations specified by the Password-Based Cryptography Specification (RFC 2898) is 1,000.  On the advice of some of our top security experts, I bumped that value up to 10,000 to make this harder to crack.  The next thing to note is both the AES key and IV have their values assigned from the Rfc289DeriveBytes object containing the base key.  Keep in mind that you don’t want to use a static IV and that’s why it’s good to have it derived from your unique password, salt, plus 10,000 iterations to create pseudo-randomness.  One other thing to note is that the biggest performance hit you’ll experience in running this code  comes from when you call the GetBytes(int) method of the Rfc2898DeriveBytes object which initializes a new instance of HMAC each time.  If you need to encrypt multiple strings or other types of data, you should pull the Rfc2898DeriveBytes objects out of the Encrypt method and just pass in a pre-created Key and IV so that each call doesn’t have to perform this expensive initialization over and over again.  Finally, the MemoryStream and CryptoStream objects work with the AesManaged object to convert your supplied data into an encrypted array of Bytes.  I convert that array into a Base64 string that you can display on the screen, cache in memory, or save to Isolated Storage.

private void btnEncrypt_Click(object sender, RoutedEventArgs e)
{
    try
    {
        txtEncryptedData.Text = Encrypt(txtDataToEncrypt.Text, txtPassword.Password, txtSalt.Password);
    }
    catch (CryptographicException cryptEx)
    {
        MessageBox.Show(cryptEx.Message, "Encryption Error", MessageBoxButton.OK);
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "General Error", MessageBoxButton.OK);
    }
}

public string Encrypt(string dataToEncrypt, string password, string salt)
{
    AesManaged aes = null;
    MemoryStream memoryStream = null;
    CryptoStream cryptoStream = null;
    try
    {
        //Generate a Key based on a Password and HMACSHA1 pseudo-random number generator
        //Salt must be at least 8 bytes long
        //Use an iteration count of at least 1000
        Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(salt), 10000);

        //Create AES algorithm
        aes = new AesManaged();
        //Key derived from byte array with 32 pseudo-random key bytes
        aes.Key = rfc2898.GetBytes(32);
        //IV derived from byte array with 16 pseudo-random key bytes
        aes.IV = rfc2898.GetBytes(16);

        //Create Memory and Crypto Streams
        memoryStream = new MemoryStream();
        cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write);

        //Encrypt Data
        byte[] data = Encoding.UTF8.GetBytes(dataToEncrypt);
        cryptoStream.Write(data, 0, data.Length);
        cryptoStream.FlushFinalBlock();

        //Return Base 64 String
        return Convert.ToBase64String(memoryStream.ToArray());
    }
    finally
    {
        if (cryptoStream != null)
            cryptoStream.Close();

        if (memoryStream != null)
            memoryStream.Close();

        if (aes != null)
            aes.Clear();
    }
}

As you can see below, the Decrypt() method looks remarkably similar to the Encrypt() method except that it does just the opposite.  It accepts your AES-encrypted Base64 data plus a password and salt value as parameters to the method.  The big difference is in the CryptoStream where you have the AesManaged object call CreateDecryptor() instead of CreateEncryptor().  This does the trick and then I convert the unencrypted Byte array into a string.

private void btnDecrypt_Click(object sender, RoutedEventArgs e)
{
    try
    {
        txtDecryptedData.Text = "";
        txtDecryptedData.Text = Decrypt(txtEncryptedData.Text, txtPassword.Password, txtSalt.Password);
    }
    catch (CryptographicException cryptEx)
    {
        MessageBox.Show(cryptEx.Message, "Decryption Error", MessageBoxButton.OK);
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "General Error", MessageBoxButton.OK);
    }
}

public string Decrypt(string dataToDecrypt, string password, string salt)
{
    AesManaged aes = null;
    MemoryStream memoryStream = null;

    try
    {
        //Generate a Key based on a Password and HMACSHA1 pseudo-random number generator
        //Salt must be at least 8 bytes long
        //Use an iteration count of at least 1000
        Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(salt), 10000);

        //Create AES algorithm
        aes = new AesManaged();
        //Key derived from byte array with 32 pseudo-random key bytes
        aes.Key = rfc2898.GetBytes(32);
        //IV derived from byte array with 16 pseudo-random key bytes
        aes.IV = rfc2898.GetBytes(16);

        //Create Memory and Crypto Streams
        memoryStream = new MemoryStream();
        CryptoStream cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Write);

        //Decrypt Data
        byte[] data = Convert.FromBase64String(dataToDecrypt);
        cryptoStream.Write(data, 0, data.Length);
        cryptoStream.FlushFinalBlock();

        //Return Decrypted String
        byte[] decryptBytes = memoryStream.ToArray();

        //Dispose
        if (cryptoStream != null)
            cryptoStream.Dispose();

        //Retval
        return Encoding.UTF8.GetString(decryptBytes, 0, decryptBytes.Length);
    }
    finally
    {
        if (memoryStream != null)
            memoryStream.Dispose();

        if (aes != null)
            aes.Clear();
    }
}

Please keep a few things in mind when encrypting data on the Windows Phone 7 platform.  The OS Does Not include framework support for storing your passwords and salt values securely nor does it come with any kind of built-in key management.  This means the only way to ensure your encrypted data is actually secure is to  never store your password, salt value or keys on the phone.  As shown in my example, I require you to enter a password and a salt value each time you want to encrypt or decrypt data.  I do not attempt to save those cleartext values anywhere in the system because there is no secure way to store them.  One other thing to think about is that the cleartext password and salt value you entered on the screen can remain in memory at least until the next garbage collection.  If you see an app in the Windows Phone Marketplace that allows you to cache your credentials or keys locally for convenience, be aware that these are Not Secure solutions because everything a hacker needs to get at your data is right there in the code or in Isolated Storage.  The only place to store your password and salt is in your head.  It’s not that big a deal.  Your bank’s website makes you enter your credentials each time to ensure the security of your financial data, so this is something you’re already accustomed to.

Beyond the two Crypto methods above, I created a pair of methods to save and load your encrypted ApplicationSettings to Isolated Storage as shown below:

private void btnSave_Click(object sender, RoutedEventArgs e)
{
    try
    {
        SaveState("EncryptedValue", txtEncryptedData.Text);
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "Save Error", MessageBoxButton.OK);
    }
}

public void SaveState(string Name, string Value)
{
    if (Value != "")
    {
        if (IsolatedStorageSettings.ApplicationSettings.Contains(Name))
        {
            IsolatedStorageSettings.ApplicationSettings[Name] = Value;
        }
        else
        {
            IsolatedStorageSettings.ApplicationSettings.Add(Name, Value);
        }
    }
}

private void btnRetreive_Click(object sender, RoutedEventArgs e)
{
    try
    {
        txtEncryptedData.Text = LoadState("EncryptedValue");
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "Load Error", MessageBoxButton.OK);
    }
}

public string LoadState(string Name)
{
    if (IsolatedStorageSettings.ApplicationSettings.Contains(Name))
    {
        return IsolatedStorageSettings.ApplicationSettings[Name].ToString();
    }
    else
    {
        return "";
    }
}

As you can see from the code samples above, encrypting the sensitive data you use in your Windows Phone 7 apps is completely within your reach.  This is just one of many managed crypto examples to give you an idea on how to get started.  Many more are waiting for you on MSDN.  When you combine this with the following security elements:

  • Apps are tested, digitally signed and securely delivered via the Windows Phone Marketplace
  • No side-loading of potentially insecure apps
  • SSL for data in transit
  • Managed apps run inside secure sandbox
  • Apps have private, inaccessible Isolated Storage
  • Exchange Policies including PIN lock enforcement + Remote wipe

It’s clear that Windows Phone 7 has an excellent app security story that’s not only good for consumers, but also means that this mobile app platform is prime-time ready for the Secure Enterprise.

Keep coding,

Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Windows Phone 7 Series debuts at Barcelona!

Windows Phone

The home screen, or Start, on Windows® Phone 7 Series can be customized with “live tiles” that show the latest updates from the Web directly to customers.

For example, create a “live tile” of a friend and gain a readable, up-to-date view of that person’s latest pictures and posts, just by glancing at Start.

The People Hub is communication central, where customers can see all relevant content associated with a contact, including live feeds from social networks and photos. It also provides a single place from which customers can post updates to Facebook and Windows Live in one step.

The Pictures Hub brings together photos from the phone, the PC and online albums into one simple view. It’s easy to share pictures on the phone to social sites such as Facebook and Windows Live, and see up-to-date online albums that others are sharing.

The Office Hub provides fast access to Microsoft Office Mobile, Microsoft Office SharePoint and Microsoft Office OneNote on the same phone that offers Microsoft Office Outlook e-mail.

The Games Hub delivers the first and only official Xbox LIVE experience on a phone. It’s not just about games on the phone; it’s about playing games with friends.

The Music + Video Hub is the one place for media — from music to streaming radio to podcasts to video.

It’s all good!
-Rob

 

 

 

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Making Microsoft MEAP Real

MEAP Physical Diagram

After all the logical diagrams of Microsoft MEAP and spelling out how it meets Gartner’s critical capabilities, I thought I’d show you a picture that provides a more concrete view of what our MEAP offering looks like.

Hopefully, this will better crystallize how Microsoft lines up with those critical capabilities and how our reusable mobile application platform plugs into a customer’s enterprise. I think we have a great story here that shows customers how we can save them money on a platform that:

1. Works the same across laptops, tablets, Netbooks and phones.
2. Gives them reusable mobile middleware that can support multiple simultaneous applications rather than needing something different for each point solution
3. Lowers risk to their projects by reducing the amount of custom code needed to build any given solution.
4. Gives them adapters that plug into the existing enterprise packages they use to run their business.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Interview with Rob Tiffany at Tech Ed Europe

Microsoft TechEd

Check out the interview I did with David Goon at Tech Ed Europe 2009 in Berlin.

I discuss Microsoft’s Mobile Enterprise Application Platform and talk about how it aligns with Gartner’s MEAP critical capabilities and how it can save money for companies.

With the tidal wave of mobile and wireless technologies sweeping across both the consumer and enterprise landscapes, I believe MEAP offerings give us a glimpse of a new standard for designing all future infrastructures.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Yes, Microsoft does have a Mobile Enterprise Application Platform (MEAP)

MEAP

Gartner says that the Mobile Enterprise Application Platform (MEAP) market will top $1 Billion by the end of 2010 and that more than 95% of organizations will choose MEAP instead of point solutions through 2012.

The big takeaway here is that companies have been building tactical mobile application silos that support only one application and now they want to save money by going with a reusable platform capable of supporting multiple applications.  Oh and along the way it needs to support multiple device and OS platforms while providing security, device management, and a single IDE to build apps and logic to integrate with back end systems.

Gartner has a “rule of three” that states that a MEAP offers significant advantages in three situations:
  1. When there are 3 or more mobile applications
  2. When there are 3 or more targeted operating systems or platforms
  3. When they involve the integration of 3 or more back-end systems

Leaders in this space have included Sybase iAnywhere, Antenna, Dexterra, Syclo and Spring Wireless.  Microsoft goes from a large Mobile General Store with myriad solutions to a player in this space with a MEAP solution of our own:  Microsoft Mobile Enterprise Application PlatformVisual Studio is used to build the mobile logic and UI.  Merge Replication provides occasionally-connected data synchronization between SQL Server Compact on the mobile device and SQL Server in the data center.  SQL Server Business Intelligence Development Studio is used to visually create connections to back-end systems like SAP or databases like Oracle.  Data in transit is secured via SSL or VPN, data at rest is encrypted via device encryption, SQL Server Compact, BitLocker or programmatically through the Crypto API.  Integration packages that communicate with back-end systems are encrypted and digitally signed.

We already have the best mobile email, calendaring, and contacts product in the business where Exchange Active Sync keeps Outlook and Outlook Mobile always up to date with Exchange Server.  Server-to-device as well as peer-to-peer device notifications are facilitated through WCF Store and Forward on Exchange.  Software and patch distribution along with device settings and policy management is accompished via System Center Configuration Manager.  ISA Server provides both VPN and Reverse Proxy access to roaming applications on the Internet on any platform.

When you put this stack in place and resuse it for multiple mobile applications instead of going with point solutions, ROI savings increase as the need for POCs, Pilots and training are reduced and the need for extra client access licenses is eliminated.  That’s Gartner’s first requirement.  We hit Gartner’s second requirement by uniformly supporting 3 mobile operating systems in the form of Windows, Windows CE, and Windows Mobile.  Last but not least, our SQL Server Integration Services technology combined with dozens of connectors mean we can connect your mobile devices with almost any back-end package or database.

Yes, Microsoft does have a Mobile Enterprise Application Platform that’s already proven to scale to tens of thousands of devices and it will definitely save you time and money.

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Enterprise Data Synchronization with Microsoft SQL Server 2008 and SQL Server Compact 3.5 Mobile Merge Replication

Enterprise Data Synchronization with Microsoft SQL Server 2008 and SQL Server Compact 3.5 Mobile Merge Replication

I’m happy to say that my latest book is now available on Amazon.

With the world’s largest organizations rolling out tens of thousands of Windows® phones, laptops, tablets and Netbooks to empower their respective mobile workforces, the ability to create mobile line of business solutions that support large numbers of users is absolutely critical. In my fourth book on mobile infrastructure and development, I show you how to take the SQL Server data you use to run your organization and make it available to all of your mobile employees.

Step-by-step, I’ll walk you through the process of building a secure, performant, n-tier, mobile enterprise application platform architecture designed to scale to thousands of users. You’ll also learn how to create occasionally-connected .NET applications designed to thrive in unreliable wireless conditions.

Enterprise Data Synchronization with Microsoft SQL Server 2008 and SQL Server Compact=

  • Learn how to “Mobilize” your organization by making your enterprise data available to employees carrying Windows® phones, laptops, Netbooks and tablets in the field.
  • Learn how to build an N-Tier Mobile Sync infrastructure that will scale to thousands of users.
  • Learn how to create occasionally-connected .NET applications designed to thrive in unreliable wireless conditions.
  • Learn best practices in security, reliability, performance, load-balancing, reverse proxy and hardware configuration.
  • Learn how to implement this technology in real world scenarios like supply chain management, retail, sales force automation, healthcare and emergency management.

Keep in mind that the knowledge you gain from this book didn’t come from me dreaming this stuff up in an Ivory Tower.  It came from building some of the worlds largest and most complex data synchronization systems for the world’s largest companies.  In addition to the hands-on experience that went into this book, I’d also like to thank some of my colleagues for their invaluable contributions:

  • Liam Cavanagh is a Senior Lead Program Manager for Microsoft’s Sync Framework and Cloud Data Services and he wrote the forward.
  • Catherine Wyatt is the Managing Editor for Hood Canal Press who made the publishing of the book possible.
  • Darren Shaffer is the CEO of Handheld Logic and he wrote the Chapter on building the Mobile Subscriber.
  • Michael Jimenez is a Mobility Architect at Microsoft and he wrote the Appendix that shows you how to create an ISA Server 2006 Reverse Proxy to publish your sync infrastructure to the Internet.

It’s my sincere hope that this book will encourage you to un-tether your workforce from their desktop computers and boost your organization’s agility by pushing out critical business functions to the point of activity where employees are empowered to make timely decisions and perform tasks that best serve the interests of their customers and their company.

This repudiation of the traditional “connected” software application model increases customer satisfaction, boosts worker efficiency, reduces “missed opportunities” and results in cost savings as “un-wired” employees get their jobs done wherever they happen to be.

Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

The Windows Phones have arrived!

Windows Phone

I’m pleased to announce that today we’re launching a new line of Windows® phones around the world that are available in a broad range of styles and prices.

With a Windows phone, you can navigate easily with the touch of a finger and browse the Internet on a great mobile browser. You can also connect to two new services that allow you to back up and share data from your phone to the Web and buy a variety of useful applications from the Windows Marketplace for Mobile. Microsoft expects partners to deliver more than 30 new phones in more than 20 countries by the end of 2009.

Windows phone

One Phone for Work and Play

With a Windows phone, people can rely on their phone to balance their lives, from work to home to play. Whether it’s editing a document or sharing several vacation updates through a social networking application, Windows phones help people stay connected to the people and information they care about most. Because people’s phones often match their personality and unique needs, Microsoft now offers the Windows phone Custom Theme Creator. People can create personalized themes for their Windows phone by choosing the color and design that suits their style at http://www.windowsphone.com/theme.

With a Windows phone, people will have familiar work and play experiences right from their Start button, including these:

• A new enhanced Windows Live experience with What’s New feeds and improved Windows Live photo sharing across major social networking sites (such as Twitter, Facebook, MySpace and Flickr)

• A best-in-class e-mail experience and the ability to manage multiple accounts right from their phone with Outlook Mobile and Exchange Server synchronization not to mention Hotmail

• The ability to use PowerPoint and open and edit Word and Excel documents from their phone with Microsoft Office Mobile

• The power to sync files on the phone through Windows Live Media Manager and play media files seamlessly with Windows Media Player

• A redesigned Windows Internet Explorer mobile browser with Adobe Flash Lite that brings the mobile Web browsing experience closer to what people have come to expect from their PC

Powerful Mobile Services

With the launch of these new Windows phones, Microsoft debuts new services that bring added value to people.

My Phone is a free service that helps people manage and back up the invaluable information stored on their phone and provides peace of mind and an easy restore option in the event of a lost or damaged phone. My Phone automatically synchronizes the specific types of a phone’s content the user chooses — from contacts and appointments to texts, photos and more — to a password-protected Web site. People can also publish their photos from the My Phone Web site or their phone directly to Windows Live, Facebook, MySpace and Flickr. As part of the free service, people can go online and map the last known location of their phone from when it was last synchronized. In addition, a set of more advanced “lost phone” features are being offered as a premium package that people can activate as needed. The My Phone Premium package includes the ability to immediately locate the phone’s current location on a map (in the U.S. only); remotely lock a phone and post an “if found” message to its screen; loudly ring the phone even if it is set to vibrate or silent mode; and ultimately, if needed, completely erase the phone to protect personal data from falling into the wrong hands. People using My Phone on their phone running either Windows Mobile 6.0, 6.1 or 6.5 can access the premium package free of charge until Nov. 30, 2009. After that date, seven-day access to the premium package will be available for purchase for $4.99 in the U.S.

Also launching today is Windows Marketplace for Mobile, which offers people an easy way to find and purchase high-quality mobile applications for both work and play, while creating a new opportunity for developers to reach millions of people using Windows phones worldwide. Microsoft is pleased today to introduce 246 quality mobile applications initially in Windows Marketplace for work and play, with more than 753 ISVs worldwide on board to continue building out the catalog. People will have access to not only important line-of-business applications for work, but also popular mobile applications for play such as Facebook, MySpace, Netflix, Twikini, WunderRadio and ZAGAT, as well as leading game titles including Sudoku, “Guitar Hero World Tour” and the “PAC-MAN” series, all of which can be easily purchased and installed directly on a Windows phone. All purchased applications are certified by Microsoft to run on Windows phones and are backed by a simple return policy. Over the next few months, Microsoft will continue to evolve Windows Marketplace for Mobile to bring to market a fresh take on the app store that delivers strong value for developers and a great shopping experience for people.

Choice and Availability: A Phone for Everyone

Windows phones give people the power to choose the phone that best fits their style and budget by offering phones with a full physical QWERTY keyboard, others with just a large touch screen, and some with both touch screen and keyboard.

So what’s new for Developers?

Web developers can now target Internet Explorer Mobile for their applications.  Not only does this browser provide full desktop fidelity, but it also includes the fast IE8 Javascript engine to speed up code execution, DOM manipulation and Ajax calls.  Don’t take my word for it, test it out over at http://asp.net and watch it accurately render all the Ajax controls.

Both Native and Managed code developers get to take advantage of the new Gesture API to add panning and flicking to their apps.  The built-in physics engine allows developers to add smooth, finger-friendly scrolling.

For developers that are more at home with Cascading Style Sheets, HTML, Javascript and Ajax, Windows Mobile 6.5 introduces Widgets as an alternative to C++ or .NET.  These programs take advantage of the new Internet Explorer Mobile to render Rich Internet Applications that run outside the browser but take advantage of the power of the Web.

Any changes under the Hood?

Yes, since the launch of Windows Mobile 6, we’ve been progressively enhancing the Windows CE 5 kernel that powers the Windows Mobile platform.  You should expect better application stability, much more virtual memory available to running apps, and faster execution.

Have fun with your new phones!

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

The Hidden Message Queue on your Windows phone

The ability to be “offline” and “occasionally-connected” is a critical component of successful mobile apps.

Wireless data networks lack complete coverage and exhibit a level of unreliability that immediately disqualify permanently-connected apps like you might see on a corporate LAN.  For a mobile app to be successful, it must allow the user to keep working in the absence of a data network.  It must also be able to transparently sync data changes from the mobile client to the server whenever a wireless data network is detected.  The primary means of accomplishing that today is via one of Microsoft’s sync technologies that allows SQL Server Compact on the mobile client to replicate data to and from SQL Server in the data center or the cloud.  Since SQL Server Compact runs almost anywhere, your mobile client could be a Windows phone, a laptop, a desktop or even a Netbook.

Besides synchronizing the tables, rows and columns of a complete database between mobile clients and servers, the use of message queuing should be considered for many scenarios due to its high-reliability by ensuring that a critical message arrives at its destination.  Products like MSMQ, MQ Series, Tibco and JMS are used all over the world in the most mission-critical environments to ensure a high level of availability and reliability.  They’re asynchronous by nature and use store and forward mechanisms so that messages get from point A to B to C.  A typical queue message includes the Destination which tells the messge where to go, a Label which describes the message, a Body which contains the message, and a Body Length so the receiver can verify that it received everything.

So how does any of this relate to Windows phones?  A number of years ago, an MSMQ client was made available for download and installation on Windows phones.  Additionally, the .NET Compact Framework 2.0 included classes to work with MSMQ.  Unfortunately, the installation of MSMQ was far from seamless which inhibited its adoption by customers.  More recently, functionality was included in the .NET Compact Framework 3.5 that facilitated store and forward messaging using Exchange 2007 as a transport.  This is a good solution for customers running the newest version of Exchange, have an unlimited data plan for their phones, and don’t mind running line of business applications over their email infrastructure.

So what do we do for customers that have found the Windows Mobile MSMQ client too much of a hassle, don’t have Exchange 2007 or don’t want to use it as a mobile message queue server?  I think the answer has been under our noses all along.  Burned in the ROM of every Windows Mobile 6.x device is SQL Server Compact + a lightweight data sync solution called Remote Data Access (RDA).  For those of you running Windows Mobile 5, XP, Vista or 7, you can easily download these bits to your mobile client.  SQL Server Compact is you local queue, RDA is your transport and SQL Server in the cloud or data center is your message queue server.  So let’s break this down and see how it will work.

A mobile application that captures data in the field would want to drop that info in a local queue.  SQL Server Compact becomes that local queue and the message format is actually a table with the following structure:

Table name Message
MessageId Uniqueidentifier
Destination NVarchar(whatever)
Label NVarchar(whatever)
Body NVarchar(4000)
BodyLength int

This table would be created inside a MessgeQueue database in SQL Server and RDA would pull it down to SQL Server Compact.  In the Pull method you call from .NET on the client, you would add “WHERE 1=0” to the SQL statement.  This filter has the effect of pulling down an empty shell of the table without retrieving any data to the client since that’s all you want.  It also means that when you insert local data into the table and call the Push method, the data will be removed from the client at the completion of a successful sync.

So you’re probably wondering, what makes this so special and message queue-like vs. anything else?  The secret is that unlike other sync technologies, RDA can wrap the upload of data into a transaction.  As the data is being uploaded over wireless, if any of the INSERTs into SQL Server fail for whatever reason, everything gets rolled-back and the original data remains in the local SQL Server Compact queue.  This is the kind of guaranteed commit that you expect from a message queuing system.  It’s an “all or nothing” success or rollback.

It actually gets better.  A property of both RDA and Merge Replication is called ConnectionRetryTimeout.  This feature is designed to help you with unreliable wireless coverage where you have signal one minute and then lose it the next.  Let’s say you have this timeout value set to 2 minutes and you begin your Push upload of queued data.  Everything is working fine for the first few seconds but then you lose wireless coverage from your mobile operator.  If you regain coverage before the 2 minute time-out, the upload will resume where it left off.  Since both RDA and Merge send and receive data between the SQL Server Compact and IIS in tiny blocks, you never have to worry about running out of memory and you can pick up where you left off in case of a network dropout.

So the big takeaway here is that we do in fact have a Mobile Message Queue solution hidden on our Windows phones.  We have a message format that lets us drop text/xml/whatever data into the body, a label that a server process or SQL trigger can key off of to perform an action, and a transactional upload mechanism that ensures your critical data will cross the wireless chasm and make it to the other side intact.

So what’s next?  Now that you can capture data in a local queue and safely upload it, you might be wondering how queued messages from someone else can be pushed to your device.  Don’t worry, that will be in my next post.  Also, this isn’t just an article on how to solve a big problem in the mobile space, I’m actually building the necessary client and server pieces as well.  We’re all looking for a reliable and unified way to connect mobile devices to corporate assets and this just might be the simple answer we’re looking for.

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]