Manage mobile cloud socket connections

How cloud providers manage the connections between a mobile app and the cloud

The cloud and mobile applications are hot topics for the enterprise. To use these technologies together effectively, the enterprise must know how to connect and manage the connections between a mobile app and the cloud. This article discusses what cloud providers hosting the infrastructure need to know to enable mobile socket connections, the types of sockets available for use (TCP, HTTP, and so on), why socket connections are lost, the inner workings of socket technologies, and the pros and cons of using any of those options.


Steven C. Markey, Principal, nControl

Author photoSteve Markey is a consultant, adjunct professor, and the current president of the Delaware Valley (Greater Philadelphia) chapter of the Cloud Security Alliance (CSA). He holds multiple certifications and degrees and has more than 11 years of experience in the technology sector. Steve frequently presents on information security, information privacy, cloud computing, project management, e-discovery, and information governance.

25 January 2013

Also available in Chinese Russian

Traditional client- and server-side software technologies connect using a software solution called a socket. As industry has moved from static, thick clients to mobile, thin clients, the use of sockets has not changed. However, sockets have morphed over the years and thus have grown in complexity. As a result, most struggle to understand the technology, let alone possess a thorough understanding of how sockets are used in the enterprise or how they are used when coupled with mobile and cloud technologies.

This article provides an understanding of what sockets are, what types of sockets are available for your application, the pros and cons of using sockets in mobile and cloud solutions, and how cloud service providers support sockets.

A socket primer

Sockets connect client-side software to server-side software using a combination of an Internet protocol (IP) address or a Domain Name System (DNS) address and port number. A prevalent example of this coupling is in web mail (for example,, where the colon (:) is the delimiter between the DNS address and the port number. Sockets allow a session-level connection for data transfer or executing transactions.

Types of sockets

Sockets are used to establish sessions between the client and server to execute transactions or data transfer. When enterprises deploy or consume sockets, they may use different types of sockets and different protocols predicated on the application type, security requirements, and the skill set of the development team. Socket types include Internet, stream, raw, and domain sockets. Internet and stream sockets are the most popular because of their ease of use, their architecture, and the prevalence of web and application servers in contemporary data centers.

As far as Internet sockets go, HTTP–based sockets are the first pick for thin client or web-based systems, particularly for those applications that do not require enhanced security through encryption. Note also that HTML version 5 (HTML5) introduces WebSockets to the equation, which is analogous to Internet sockets on steroids. (See Resources for a link to more information.) When additional security is required, the enterprise should choose a stream socket. Although Internet sockets are popular these days because of the proliferation of thin client applications, stream–based sockets are popular, as well.

The most prevalent stream–based socket is based on the Transmission Control Protocol (TCP) stack and is used often for thick client applications. (Note that TCP is occasionally used for thin client connections, as well.) When additional security is required for socket connections, a Secure Sockets Layer (SSL)/Transport Layer Security (TLS)–based solution set is also available. SSL/TLS is used in conjunction with HTTP over SSL (that is, HTTPS) via public key infrastructure (PKI) for securing data in motion. Note that SSL/TLS is often required when dealing with sensitive data, such as personally identifiable information, protected health information, cardholder data or payment, banking, or brokerage data. Those organizations that need more flexibility in their client–server connections should consider raw sockets.

Raw sockets do not rely on a specific transport mechanism; therefore, packets sent over a connection using raw sockets include a header as well as the "raw" packet itself. These sockets are often used by network appliances — namely, firewalls and routers — that leverage both the Internet Control Message Protocol and the Internet Group Management Protocol. Internal systems are occasionally coded while using raw sockets because of their versatility; therefore, these sockets can be used in the context of a private, internal cloud. Those enterprises that use UNIX® systems have another option for socket use: domain sockets.

Domain sockets include Interprocess Communication (IPC) protocols. IPC is a socket often used for legacy platforms like UNIX, and although some may consider the need to connect mainframe systems to mobile or cloud environments inconsequential, the need may arise and therefore requires a mention. Regardless of the socket used, all sockets have a basic structure to their development and use, which the next section covers.

The structure of a socket

The system architecture or platform, security requirements, and programming languages you used for that platform help drive what type of socket you should use. Furthermore, the choice of using application programming interfaces (APIs) versus internally developed sockets also drives the structure of the socket. Case in point, if an enterprise were to use a cloud-based Linux®, Apache, MySQL, and PHP (LAMP) stack for server-side processing on the Amazon Elastic Compute Cloud (Amazon EC2) platform, it would most likely employ Internet-based sockets. In contrast, if the developer wanted to find a socket–based API to use with mobile client-side sessions from an Apple iPad running Apple iOS 5, a logical choice would be the Twisted framework, which uses stream–based sockets (see Resources for a link).

Twisted uses a socket structure that reflects its stream- and event-based architecture; therefore, much like the Windows® TCP/stream–based sockets (that is, WinSock), a diagram of its structure would reflect its reliance on callbacks from the client (see Figure 1).

Figure 1. WinSock client-server interaction
Image showing WinSock client-server interaction

From a code standpoint, you can get a better understanding of the structure of a socket by reviewing domain sockets created using the C programming language for a UNIX mainframe platform. Listing 1 provides a visual interpretation of how domain–based sockets are structured using C on UNIX.

Listing 1. Domain-based sockets in C in UNIX
struct sockaddr_out  
          	short int               	sout_family;     
          	unsigned short int      	sout_port;   /*Remember firewall rules*/
          	struct out_addr          	sout_addr;   /*Router too*/
          	unsigned char           	sout_zero [8];

The pros and cons of using sockets

The type of socket you choose may affect the application's quality of service (QoS) from a positive or negative standpoint, as sockets maintain the session state from the client side and server side. Thus, many sockets assist in maintaining the transactional integrity of applications. However, sockets also maintain the confidentiality and integrity of a transaction when used in conjunction with PKI encryption.

Encryption assists organizations in protecting data, but it also adds overhead that can negatively affect the user experience through QoS. Sockets can also be difficult to develop or configure; therefore, the organization's development staff must have an enhanced skill set. Finally, different technologies dictate which sockets you can use, so the requirement to use sockets on a specific platform may limit your options.

There are pros and cons to using sockets, although each socket type brings specific strengths and weaknesses. Internet–based socket APIs are bundled within most of the popular application server stacks (for example, the Microsoft® .NET Framework, Apache Tomcat, IBM® WebSphere® Application Server), although these types of sockets bring limited security and transactional integrity to the equation. Session-based socket APIs introduce security and enhanced transactional integrity to the table, and they are included with most application servers. However, they are resource intensive and therefore may affect QoS. Raw sockets introduce versatility in exchange for an enhanced level of complexity and a lower level of security. Finally, domain–based socket APIs introduce extensibility for UNIX environments, though they are limited to certain platforms and therefore may see minimal support from service providers and API developers.

How cloud providers support sockets

Cloud computing is a rebranding, if you will, of the old application service provider (ASP) model. However, true cloud offerings have additional nuances from ASPs — namely, resource pooling, on-demand utilization, multitenancy, and rapid elasticity. Cloud service providers offer services based on different cloud service and deployment models.

Cloud service models are methods in which an organization can use the cloud predicated on business requirements, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). Cloud consumers have the greatest flexibility with IaaS and the least with SaaS. However, with the flexibility found in IaaS comes the cloud consumer's requirement to administer, monitor, and manage the environment. So, IaaS consumers build the (virtual) server starting at the operating system layer. For PaaS, the consumer builds the database, application, and business rules and loads the data. For SaaS, the consumer only has to load the data into the prebuilt application.

Cloud deployment models include public, private, hybrid, and community clouds. One example of a public cloud model is Google App Engine, in which the application and data are stored in one of Google's data centers. In this model, the consumer in essence has a floor in the Google "high-rise" apartment. Most large organizations will leverage the cloud internally as a private cloud. One example of a private cloud is an organization that uses cloud nuances (for example, resource pooling, on demand, multitenancy, or rapid elasticity) within its own data center for information processing. Organizations can have a private cloud within a provider's facility, as well. Examples include Terremark's customers as well as those who use Amazon Virtual Private Cloud (Amazon VPC). Examples of hybrid consumers include pharmaceutical companies like Pfizer, which uses a private model to store its research and development data, sends the data securely (via SSL/TLS) to a public cloud for computations, and then sends the data back to the private cloud. In essence, a hybrid model uses the best of both the public and private worlds. A community cloud leverages resource pooling to a large extent, one example being a number of schools in a school district that share server resources for information processing.

Based on the cloud service and deployment models chosen, cloud consumers have different socket types available to them. In general, Internet and stream–based sockets are supported by all major providers (Amazon Web Services, Rackspace, Windows Azure™, Google App Engine) as both PaaS and IaaS offerings. Consumers of SaaS solutions do not need to concern themselves with using sockets directly, although they may need to have third parties interact with their SaaS–based providers via sockets. However, providers do not support raw sockets organically, although by using and configuring an IaaS environment, an organization could theoretically accept and process raw sockets. Finally, few enterprises have found a business case to move their mainframe environments to a virtualized or private cloud platform; therefore, virtualization and private cloud technology providers such as OpenStack, Xen, Microsoft, and VMware have not explicitly mentioned their support for domain–based sockets. However, this may change over time as private cloud technologies are used with greater prevalence.


Sockets have been around a long time, and they're here to stay. The introduction of mobile and cloud technologies has meant that sockets have morphed and scaled to respond to these new markets. As more enterprises and technologies focus on mobile and cloud solutions, sockets developers will too. However, not all sockets are the same, and enterprises should carefully consider their strengths and weaknesses before deciding which sockets an application should use which provider to select for transactional processing.



Get products and technologies


  • Get involved in the developerWorks community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.


developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into Cloud computing on developerWorks

  • developerWorks Premium

    Exclusive tools to build your next great app. Learn more.

  • Cloud newsletter

    Crazy about Cloud? Sign up for our monthly newsletter and the latest cloud news.

  • Try SoftLayer Cloud

    Deploy public cloud instances in as few as 5 minutes. Try the SoftLayer public cloud instance for one month.

Zone=Cloud computing, Mobile development
ArticleTitle=Manage mobile cloud socket connections