Mobile secure gateway
Mobile secure gateway (MSG) is an industry term for the software or hardware appliance that provides secure communication between a mobile application and respective backend resources typically within a corporate network. It addresses challenges in the field of mobile security.
MSG is typically composed of two components - Client library and Gateway. The client is a library that is linked with the mobile application. It establishes secure connectivity to Gateway using cryptographic protocol typically SSL/TLS. This represents a secured channel used for communication between the mobile application and hosts. Gateway separates internal IT infrastructure from the Internet, allowing only an authorized client requests to reach a specific set of hosts inside restricted network.
Client library
The Client library is linked with the corresponding mobile application, and that provides secure access via the Gateway to the set of Hosts. The Client library exposes public API to the mobile application, mimicking platform default HTTP client library. The application uses this API to communicate with the desired hosts in a secure way.
Gateway
Gateway is a server or daemon typically installed onto physical or virtual appliance placed into DMZ. The Gateway's public interface is exposed to the Internet (or other untrusted network) and accepts TCP/IP connections from mobile applications. It operates on IPv4 and/or IPv6 networks. Incoming client connections typically use SSL/TLS to provide security for the network communication and a mutual trust of communicating peers. Communication protocol is typically based on HTTP.[1]
Host
Gateway forwards requests from connected apps to a collection of configured hosts. These are typically HTTP or HTTPS servers or services within an internal network. The response from a host is sent back to the respective mobile app.