Taxonomy Icon

Mobile Development

Coding for a cause is an amazing opportunity to put your skills to work for good. There are so many ways to help make a difference — such as coding the next app that can get medical care more quickly to those injured in a disaster,B increasing the speed of claims to get faster financial assistance to help rebuild homes and lives,B or connecting survivors to critical supplies.B It’s all about using tech to solve problems in a way that they have never been able to be solved before, through innovation.B But there is a common thread in many of these applications: the requirement for speed, security, and reliability when it is needed most.

iOS apps are a good example of a technology that can be used in situations like these. However, an iOS app isn’t simply code that’s running on an iPhone or iPad. There is often a server-side component to it that needs to be equally secure. An app is only as secure as its weakest link, so you need to ensure that the back-end maintains the security of the front-end device. The MBaaS with IBM Hyper Protect Services Starter Kit helps ensure that your iOS applications and data are in a highly protected environment in IBM Cloud.

Learning objectives

In this piece, we’ll show you how to create an iOS app with full end-to-end security, leveraging the IBM Cloud Hyper Protect Services and using an iOS Starter Kit from IBM Cloud. Starter Kits allow you to get from zero to “hello world” quickly. In this case, an Xcode project will be created for you with one click, as well as a full pipeline for quick, iterative development. We’ll show you how to do this on a Mac.

As the back end of this app is potentially storing sensitive personal information, you’ll want to ensure that it is secure and resilient to attacks. You’ll build your iOS app using the MBaaS with IBM Hyper Protect Services to help achieve a secure iOS application from end to end. You can use IBM Cloud Hyper Protect Crypto’s API to securely store and retrieve keys used by the app, while IBM Cloud Hyper Protect DBaaS provides a secure, performant Mongo DB instance for data storage.

IBM Cloud Hyper Protect Services share the same goal of providing mandatory encryption at rest, as well as transport encryption. They do this by making use of Secure Service Containers, which have no shell access so attackers can’t use social engineering to obtain the root password. In addition, memory dumps are disabled and the memory itself is encrypted.

Prerequisites

The first thing to do is to create an IBM Cloud account. Then you’ll create your own instance of the Starter Kit to create an Xcode project. The two IBM Cloud Hyper Protect services that you’ll use provide API endpoints, so you can adjust the generated code to point there, and test it locally before deploying it to IBM Cloud. To achieve this, you’ll need to create instances of the IBM Cloud Hyper Protect Services, too.

You will need to ensure that your Mac is set up and configured with these pre-reqs for Swift app development:

Estimated time

It should take you about 30 minutes to complete this activity.

Steps

This how-to has four major steps to creating a secure iOS app:

  1. Set up a project in IBM Cloud.
  2. Choose the Starter Kit.
  3. Add IBM Cloud Hyper Protect Services.
  4. Integrate IBM Cloud Hyper Protect DBaaS.

Set up a project in IBM Cloud

When creating an IBM Cloud account, you’ll be asked to create an organization: Choose the US South region. Any name will suffice, but we’ve used HyperProtect with a space called dev. To interact with this from the command line, install the developer tools by running this command:

curl -sL https://ibm.biz/idt-installer | bash

Running the curl command

You can then log in to IBM Cloud using the following command from the terminal:

bx login -u <your email address> -a https://api.ng.bluemix.net

Choose the Starter Kit

Now you can check out the IBM Cloud Developer Console for Apple to create the Xcode project. Search for the Starter Kit MBaaS with IBM Hyper Protect Services in the catalog of Starter Kits. The kit’s overview shows that it includes Push Notification support, Hyper Protect Crypto Services, and Mobile Analytics. Click Create App.

Choosing the Starter Kit

Next, click Download Code to generate an archive of the initial project code, downloading it as a ZIP file. Extract the zip file, change into that directory in a terminal window, and run pod install to install and configure IBM Cloud Mobile services Dependency Management. Once it’s installed, go back to the Finder window and double-click on the file ending in .xcworkspace. This will launch Xcode. From the menu bar, click Run. The iOS simulator will open.

iOS simulator

Add IBM Cloud Hyper Protect Services

Let’s add IBM Cloud Hyper Protect Services to the app. In the Xcode window, open theB projectB folder on the left panel — for example, MBaaSwithIBMHyperProtectServicesDRJBC. Click to open the ViewController.swift file in the Xcode window. In that file, find the viewDidLoad()B function.

Now, from the Developer Console for Apple, search for and create Backend for IBM Hyper Protect Services. There are currently no IBM Cloud services with this starter kit, so you’ll need to click Add Resources to add them.

Create Backend for IBM Hyper Protect Services

Under Data, choose HyperSecure DBaaS. After the provisioning is complete, click Download Code to generate an archive of the project and download it. Extract this file, then run:

swift package generate-xcodeproj

to generate an Xcode project from the project source. To build the project, you’ll use Swift:

swift build -Xlinker -lc++

Then execute the binary that was just built. For example:

.build/debug/BackendforIBMHyperProtectServicesPWORC

This will start a Kitura web server listening on port 8080, and present a Swagger interface at localhost:8080/explorer, if you load that into a web browser.

Swagger interface

To test this, you can use the Swagger interface to create (by POSTing) some products. Or, from the command line:

curl -X POST --header 'Content-Type: text/plain' --header 'Accept: application/json' -d '{ \
   "name": "iPad" \
 }' 'http://localhost:8080/products'

To confirm that this data has been stored, you can issue a GET /products request, either using curl, or via the Swagger interface:

GET /products request

Note the correct (200) response code, and expected products of “iPhone” and “iPad.” The data you’re persisting is being stored in the IBM Cloud Hyper Protect DBaaS MongoDB instance, and the Starter Kit has been pre-configured with your credentials — easy!

Integrate IBM Cloud Hyper Protect DBaaS

Let’s integrate the HyperSecure DBaaS project with the iOS app. Open ViewController.swift in Xcode and then find the SDK ZIP file from the back-end project you just downloaded (named, for example, BackendforIBMHyperProtectServicesPWORC_iOS_SDK.zip). Extract this zip file and select all the files within the Source folder. Then drag and drop these files onto Xcode, in the folder in the left pane named MBaaSwithIBMHyperProtectServicesDRJBC (or something similar). A window will appear; ensure Create groups is selected. Repeat this with BackendforIBMHyperProtectServices_iOS_SDKConfig.plist in the assets folder, to sit next to Info.plist. Then inside the viewDidLoad() function of ViewController.swift, add the following code:

ProductsAPI.getAll() { (returnedData, response, error) in
guard error == nil else {
        print(error!)
        return
    }
    if let result = returnedData {
        print(result)
    }
    if let status = response?.statusCode {
        print(&ProductsAPI.getAll() finished with status code: \(status)&)
    }
}

(Note: You can find the above code for the getAll() API call in the README.html file in the SDK’s Docs folder.)

This has integrated the SDK — complete with connection details to talk to the locally-running Kitura server — and caused the /products API endpoint to be invoked when the iOS view loads. In the Xcode console, the objects holding data from the IBM Cloud Hyper Protect DBaaS instance will be printed. To simplify things, we’re using the local Kitura’s HTTP endpoint, given its localhost, by adding the following to Info.plist:

<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>
</plist>

If you click Run again from the menu bar, you can run the app again and see that it drives the IBM Cloud Hyper Protect DBaaS service.

Summary

In this how-to, you’ve seen how easy it is to get started writing an iOS app by using an IBM Cloud Starter Kit. IBM Cloud Hyper Protect Starter Kits allow you to easily integrate Hyper Protect Services — thereby enabling apps with speed, security, and reliability when it’s needed most.