1 / 38

APUG March 2010

APUG March 2010. Progress OpenEdge 10.2B. Noel Shannon Senior Solutions Consultant. Agenda. Flavour of the Month? Key 10.2B Features Your Call to Action. The CLOUD – duh daaaaah !. 7 Keys to Success: Software as a Service. OpenEdge 10.2B Key Goals . Security and Compliance

venus
Download Presentation

APUG March 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. APUG March 2010 Progress OpenEdge 10.2B Noel Shannon Senior Solutions Consultant

  2. Agenda • Flavour of the Month? • Key 10.2B Features • Your Call to Action

  3. The CLOUD – duh daaaaah!

  4. 7 Keys to Success:Software as a Service

  5. OpenEdge 10.2B Key Goals • Security and Compliance • Respond to customer demand for data privacy in the OpenEdge database with new product – Transparent Data Encryption (TDE) • Operational Excellence • Actional monitoring of OpenEdge resources • Alternate database buffer pool • Productivity • OpenEdge Architect enhancements • Improved 3rd party user interface controls • ProDataSets to/from JSON for Ajax UI development

  6. Security & Compliance:Data Encryption – Who Needs It? • Regulatory Requirement • Payment Card Industry (PCI) • Health Insurance Portability and Accountability Act (HIPAA) • etc. • “Must Have” Conformance to do Business • What’s Reality? • Maintaining data security across the entire data lifecycle (including backups and data dumps) is hard • Not everyone has added it to their applications yet • Lots of hand-coded cryptography in applications • Regulations change over time – not static

  7. OpenEdge Transparent Data Encryption • Protects Data in Database Tables & Indexes (block-level) • Type I storage areas in their entirety • Type II storage areas – on a per-table and per-index basis • Full Protection Throughout the Data Lifecycle • On disk, backups, binary dumps • Industry standard cipher algorithms • AES, DES, triple DES, etc. • Secure, Separate Encryption Key “Store” • Clear-Text Access for Authenticated Clients • No performance degradation for in-memory operations

  8. OpenEdge Transparent Data Encryption (TDE) How Does It Work? Database Storage Engine Write I/O Keys Encrypted Data Encrypt Shared Memory Buffer Pool (plain text block) & plain text Decrypt Policy Area Database Key store Read I/O Policies Product Install • Key store • Database Master Key (DMK) • DMK Admin/User Passphrase • Manual/Automatic Authentication • Encryption Policy Area • Encryption Policies - What (object) & how (cipher)

  9. OpenEdge Transparent Data Encryption (TDE) How Does It Work? Database Storage Engine Write I/O Keys Encrypted Data Encrypt Shared Memory Buffer Pool (plain text block) & plain text Decrypt Policy Area Database Key store Read I/O Policies Product Install • Key store • Database Master Key (DMK) • DMK Admin/User Passphrase • Manual/Automatic Authentication • Encryption Policy Area • Encryption Policies - What (object) & how (cipher)

  10. Why Use OpenEdge Transparent Data Encryption? • Gives You Control Over Who Can Access Private Data • Works regardless of who has a copy of the data or where the data resides • Easy To Implement • Low Cost Solution • Configurable • Transparent • No need to change your OpenEdge application, database design, or data

  11. Thing 3: Encryption Policies Describes What And How To Encrypt • Policy Contents • Object to encrypt • Table, Index, Lob (Type II storage areas) • Area (Type I storage area) • AI and BI recovery • Cipher – algorithm & key size • Secure (Key store administrator & DB administrator) • Stored in “Encryption Policy Area” • User prevented from direct record access • Policy Maintenance • Add, remove, alter (cipher, key) online • Epolicy tool, OpenEdge SQL, Data Admin tool

  12. DES-56/PBE DES3-168 AES-192 AES-128 RC4-128 AES-256 Performance Cost 0 – no encryption 10 DES-PBE DES-56 AES-192 AES-128 DES3-168 RC4-128 AES-256 Security Strength 0 – no encryption 10 Cipher Choice How do I decide? • Governance • Business rules • Your choice, your responsibility - balance strength & performance http://localhost:4041/lgagent *Graphical data is relative

  13. Policy Maintenance • Three ways to add policy • Proutil epolicy tool • Data Administration Tool • Disabled remotely • Type II “PUB” schema only • Type II “PUB” schema only • Multi select UI • Local access only • Admin Security Encryption Policies Edit Encryption Policies . . .

  14. Performance Considerations

  15. Performance Considerations Encryption • Maximize the buffer pool hit-rate • Increase -B • Consider using an Alternate Buffer Pool (-B2) • Normalize data to encrypt • Separate private and non private data • Read Codd • Isolate data to encrypt • Use Type II storage areas (object level) • Encrypt only necessary indexes • Carefully choose cipher (algorithm + key size) • Balance security and performance

  16. Operational Excellence in 10.2B Always available and scales to any size • Actional Interceptors for OpenEdge • Ensure the success of every important business transaction • Interceptors for AppServer, AppServer Internet Adapter, Sonic Adapters, WebSpeed, Web Services, Batch Client • No application changes required

  17. Productivity in 10.2B Provide a highly productive environment • JSON (Java Script Notation) Support • Similar to XML • Makes it easier to develop an Ajax UI, with built-in features for going to and from ProDataSets

  18. The Battleground? AJAX - asynchronousJavaScriptand XML

  19. {"dsCustOrd": {"ttCustomer": [{"CustNum":1,"Name":"Lift Tours","Balance":55000.0}, {"CustNum":3,"Name":"Hoops","Balance":23500.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}],"ttOrder": [{"OrderNum":100,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":101,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":250,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":251,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":500,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}]}}{"dsCustOrd": {"ttCustomer": [{"CustNum":1,"Name":"Lift Tours","Balance":55000.0}, {"CustNum":3,"Name":"Hoops","Balance":23500.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}],"ttOrder": [{"OrderNum":100,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":101,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":250,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":251,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":500,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}]}} <dsCustOrd><ttCustomer><Row><CustNum>1</CustNum><Name>Lift Tours</Name><Balance>55000.0</Balance></Row><Row><CustNum>3</CustNum><Name>Hoops</Name><Balance>23500.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row></ttCustomer><ttOrder><Row><OrderNum>100</OrderNum><CustNum>1</CustNum><OrderDate>2009―01―12</OrderDate></Row><Row><OrderNum>101</OrderNum><CustNum>1</CustNum><OrderDate>2009―01―12</OrderDate></Row><Row><OrderNum>250</OrderNum><CustNum>3</CustNum><OrderDate>2009―01―07</OrderDate></Row><Row><OrderNum>251</OrderNum><CustNum>3</CustNum><OrderDate>2009―01―07</OrderDate></Row><Row><OrderNum>500</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row></ttOrder></dsCustOrd> Data – XML vs. JSON

  20. WRITE-JSON() Method Syntax WRITE-JSON ( mode, { file | stream | stream-handle | memptr | longchar } [, formatted[,encoding[,omit-initial-values] ] ] ) WRITE-XML( mode, { file | stream | stream-handle | memptr} [, formatted[,encoding [, schema-location [, write-xmlschema [, min-xmlschema [, write-before-image [, omit-initial-values ..])

  21. WRITE-JSON() Method Syntax • Mode • Expression that specifies the target for the JSON string • Formatted(Default is FALSE) • If TRUE then formats JSON - Nicely • Encoding(Default is UTF-8) • "UTF-8", "UTF16", "UTF-16BE", "UTF-16LE", "UTF-32", "UTF-32BE", "UTF-32LE" • Omit-initial-values(Default is FALSE) • If TRUE then fields set to initial/default values are excluded WRITE-JSON ( mode, { file | stream | stream-handle | memptr | longchar } [, formatted[,encoding[,omit-initial-values] ] ] )

  22. Example WRITE-JSON MethodFor a Static Temp-table DEFINE VARIABLE cTargetType     AS CHARACTER NO-UNDO. DEFINE VARIABLE cFile           AS CHARACTER NO-UNDO. DEFINE VARIABLE lFormatted      AS LOGICAL   NO-UNDO. DEFINE VARIABLE retOK           AS LOGICAL   NO-UNDO. DEFINE TEMP-TABLE ttCust NO-UNDO LIKE Customer. ASSIGN cTargetType     = "file” cFile           = "ttCust.json” lFormatted      = TRUE. retOK = ttCust:WRITE-JSON(cTargetType, cFile, lFormatted). /* mode file formatted */ Result: { "ttcust": [ ]}

  23. Example of Temp-table Serialized into JSON DEFINE TEMP-TABLEttCustomerNO-UNDO     FIELD CustNum AS INTEGER SERIALIZE-NAME "ID" FIELDNameAS CHARACTER EXTENT 3 FIELDBalanceAS DECIMAL INDEX CustNumIdx IS UNIQUE PRIMARY CustNum. ttCustomer:WRITE-JSON(cTargetType, cFile, lFormatted). {"ttCustomer": [ {"ID":1,"Name":["L","Frank","Baum"],"Balance":55000.0}, {"ID": 3, "Name":["Alfred","E","Newman"], "Balance":23500.0} ]}

  24. WRITE-JSON/WRITE-XML Size and Speed – an unscientific guide * Time is the average for 100 iterations of the WRITE-* operation

  25. Read-JSON() method READ-JSON(source-type, { file | memptr | handle | longchar } [, read-mode] ) READ-XML(source-type, { file | memptr | handle | longchar } [, read-mode[, schema-location, override-default-mapping [, field-type-mapping [, verify-schema-mode ...])

  26. Operational Excellence in 10.2B Always available and scales to any size • Alternate Database Buffer Pool • Space in shared memory separate from the primary buffer pool • Increased performance- key data locked into memory, avoiding slower disk reads & writes (-B2) • Many Other New Features • Stop long-running processes programmatically • WebClient install without Admin privileges

  27. Productivity in 10.2B Provide a highly productive environment • OpenEdge Architect • More support to assist new users in getting started • Links to videos and tutorials • Manage Appservers within Architect • Change Properties • Start/Stop/ Check Status • OpenEdge GUI for .NET • Expand types of UI controls and features offered by the controls that can be used • Update of the Infragistics 9.2 controls (resold by Progress)

  28. 7 Keys to Success: Security & ComplianceBenefits for our Customer & Partners • Security: private data remains accessible by only authorized individuals. The encryption adheres to industry standards • Simplicity: virtually transparent to application developers • No changes to database schema, application code, or administrative processes • Scalability: balance security risk vs. cost of encrypting data • Embedded tools: DBA uses single set of OpenEdge tools

  29. 7 Keys to Success: Operational Excellence Benefits for our Customers & Partners • Better oversight of the application operation • Faster! Faster! Faster! • Reduce I/O for encrypted tables • Stop long-running operations • More robust applications • Ease of WebClient deployment

  30. 7 Keys to Success: Productivity Benefits for our Customers and Partners • Build high-quality applications faster • Increase developer productivity • AppServer, client development • Use OpenEdge in other Eclipse environments • Better language tools • Wider range of UI controls to use in my application • Access to more functionality in controls • Customizable controls • Produce data for Ajax web-based applications more easily, & quickly

  31. 10.2B Customer Feedback "10.2B support for JSON in ABL has drastically improved the performance of our Ajax applications. It allowed us to drastically reduce CPU usage and data traffic and enables native communication with our Ajax client“ Peter van Dam, Owner, Future Proof Software “As always what I love most about a new version, including beta’s, is you just change the executable and you’re up and running with existing code in a new OpenEdge version. You can use the new 10.2B features where needed without the need to rewrite you existing application – the migration is quick and easy”. Carl Verbiest, Product Manager for CCE Protools, CCE NV

  32. 10.2B Customer Feedback “T.V.H. Forklift Parts has a GUI client application connected to a stateless OpenEdge AppServer monitored by Actional. The OpenEdge AppServer is connected to several databases with contains our primary data. The Actional monitoring is providing the business visibility into our processes and applications exactly as it should. The Actional Monitoring of OpenEdge resources are going to be useful right away” Jan Keirse, Software quality & Systems: Software Engineer, TVH Forklift Parts NV

  33. 10.2B Beta Customer Feedback • How Fiserv Makes Progress - Case Study • Benefit • TDE will ensure data privacy across the entire lifecycle; maintain competitive advantage and ability to interface with third parties by adhering to PCI DSS; increased IT performance will save time and reduce costs. • Quote • “We always try to improve our performance and get things to run faster. We tested a fully encrypted database and there was only a 4% decrease in performance versus an unencrypted database. We tested that with alternative data pools, we actually gained back almost 2% of that initial performance degradation. We believe with additional fine tuning the performance will continue to improve.”

  34. Your Call to Action What can 10.2B do for you…. Solve your Security & Compliance issues? Increase your end-to-end visibility? Improve on your usability and performance?

More Related