Post on 23-Feb-2016
description
transcript
APUG March 2010
Progress OpenEdge 10.2B
Noel ShannonSenior Solutions Consultant
© 2009 Progress Software Corporation2
Agenda
Flavour of the Month?
Key 10.2B Features
Your Call to Action
© 2009 Progress Software Corporation
The CLOUD – duh daaaaah!
3
© 2009 Progress Software Corporation4
© 2009 Progress Software Corporation5
7 Keys to Success:Software as a Service
•Going from 1 to NMulti-tenancy
•Ensuring that data and applications are accessed only by those who need to know
Security & Compliance
•Being able to easily use the UI technologies that meet the needs of the customerUser Interface
Flexibility•Ensuring the application looks like the tenant and
end-user wantPersonalization
•Ability to easily integrate to any other application by supporting all relevant standards
Integration
•Always available and scales to any sizeOperational Excellence
•Provide a highly productive environment focused on OpenEdge and industry best practices
Productivity
© 2009 Progress Software Corporation6
OpenEdge 10.2B Key Goals
Security and Compliance• Respond to customer demand for data privacy in the OpenEdge
database with new product – Transparent Data Encryption (TDE)
Operational Excellence• Actional monitoring of OpenEdge resources• Alternate database buffer pool
Productivity• OpenEdge Architect enhancements• Improved 3rd party user interface controls• ProDataSets to/from JSON for Ajax UI development
© 2009 Progress Software Corporation
Security & Compliance:Data Encryption – Who Needs It?
Regulatory Requirement• Payment Card Industry (PCI)• Health Insurance Portability and Accountability Act (HIPAA)• etc.
“Must Have” Conformance to do Business What’s Reality?
• Maintaining data security across the entire data lifecycle (including backups and data dumps) is hard
• Not everyone has added it to their applications yet• Lots of hand-coded cryptography in applications• Regulations change over time – not static
© 2009 Progress Software Corporation
OpenEdge Transparent Data Encryption
Protects Data in Database Tables & Indexes (block-level)• Type I storage areas in their entirety • Type II storage areas – on a per-table and per-index basis
Full Protection Throughout the Data Lifecycle• On disk, backups, binary dumps
Industry standard cipher algorithms- AES, DES, triple DES, etc.
Secure, Separate Encryption Key “Store”
Clear-Text Access for Authenticated Clients• No performance degradation for
in-memory operations
© 2009 Progress Software Corporation
OpenEdge Transparent Data Encryption (TDE)
9
plain text
EncryptShared Memory
Buffer Pool(plain text block)
Database Storage Engine
Product Install Key store• Database Master Key (DMK)• DMK Admin/User Passphrase• Manual/Automatic Authentication
Encryption Policy Area• Encryption Policies - What (object) & how (cipher)
Read I/O
Write I/O
How Does It Work?
Key store
Database
Policies
Keys
Decrypt
&
PolicyArea
Encrypted Data
© 2009 Progress Software Corporation
OpenEdge Transparent Data Encryption (TDE)
How Does It Work?
10
plain text
EncryptShared Memory
Buffer Pool(plain text block)
Product InstallRead I/O
Write I/OKey store
PolicyArea
Database
Policies
Keys
Decrypt
&
Database Storage Engine
Key store• Database Master Key (DMK)• DMK Admin/User Passphrase• Manual/Automatic Authentication
Encryption Policy Area• Encryption Policies - What (object) & how (cipher)
Encrypted Data
© 2009 Progress Software Corporation
Why Use OpenEdge Transparent Data Encryption?
Gives You Control Over Who Can Access Private Data• Works regardless of who has a copy of the data or where the
data resides Easy To Implement Low Cost Solution Configurable Transparent
• No need to change your OpenEdge application, database design, or data
© 2009 Progress Software Corporation
Thing 3: Encryption Policies
Policy Contents• Object to encrypt
- Table, Index, Lob (Type II storage areas)- Area (Type I storage area)- AI and BI recovery
• Cipher – algorithm & key size Secure (Key store administrator & DB administrator)
• Stored in “Encryption Policy Area”• User prevented from direct record access
Policy Maintenance• Add, remove, alter (cipher, key) online• Epolicy tool, OpenEdge SQL, Data Admin tool
12
Describes What And How To Encrypt
© 2009 Progress Software Corporation
Cipher Choice
Governance Business rules Your choice, your responsibility - balance strength &
performance
13
RC4-128
AES-128
AES-192
AES-256
DES-56
DES3-168
Security Strength 0 – no encryption
DES-PBE
10
10
RC4-128
AES-128
AES-192
AES-256
DES-56/PBE
DES3-168
Performance Cost
0 – no encryption
*Graphical data is relative
How do I decide?
http://localhost:4041/lgagent
© 2009 Progress Software Corporation
Policy Maintenance
Three ways to add policy• Proutil epolicy tool• Data Administration Tool
- Disabled remotely
Type II “PUB” schema only• Type II “PUB” schema only• Multi select UI• Local access only• Admin Security
Encryption PoliciesEdit Encryption
Policies . . .
14
© 2009 Progress Software Corporation
Performance Considerations
15
© 2009 Progress Software Corporation
Performance Considerations Encryption
Maximize the buffer pool hit-rate• Increase -B• Consider using an Alternate Buffer Pool (-B2)
Normalize data to encrypt• Separate private and non private data• Read Codd
Isolate data to encrypt• Use Type II storage areas (object level)• Encrypt only necessary indexes
Carefully choose cipher (algorithm + key size)• Balance security and performance
16
© 2009 Progress Software Corporation
Operational Excellence in 10.2B
Actional Interceptors for OpenEdge • Ensure the success of every important business transaction• Interceptors for AppServer, AppServer Internet Adapter, Sonic
Adapters, WebSpeed, Web Services, Batch Client• No application changes required
17
Always available and scales to any size
© 2009 Progress Software Corporation18
© 2009 Progress Software Corporation19
© 2009 Progress Software Corporation
Productivity in 10.2B
JSON (Java Script Notation) Support• Similar to XML• Makes it easier to develop an Ajax UI, with built-in features for
going to and from ProDataSets
20
Provide a highly productive environment
© 2009 Progress Software Corporation
The Battleground? AJAX - asynchronous JavaScript and XML
© 2009 Progress Software Corporation22
{"dsCustOrd": {"ttCustomer": [{"CustNum":1,"Name":"Lift Tours","Balance":55000.0}, {"CustNum":3,"Name":"Hoops","Balance":23500.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}, {"CustNum":17,"Name":"Acme Sports Widgets","Balance":10.0}],"ttOrder": [{"OrderNum":100,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":101,"CustNum":1,"OrderDate":"2009―01―12"}, {"OrderNum":250,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":251,"CustNum":3,"OrderDate":"2009―01―07"}, {"OrderNum":500,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}, {"OrderNum":501,"CustNum":17,"OrderDate":"2009―06―23"}]}}
<dsCustOrd><ttCustomer><Row><CustNum>1</CustNum><Name>Lift Tours</Name><Balance>55000.0</Balance></Row><Row><CustNum>3</CustNum><Name>Hoops</Name><Balance>23500.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row><Row><CustNum>17</CustNum><Name>Acme Sports Widgets</Name><Balance>10.0</Balance></Row></ttCustomer><ttOrder><Row><OrderNum>100</OrderNum><CustNum>1</CustNum><OrderDate>2009―01―12</OrderDate></Row><Row><OrderNum>101</OrderNum><CustNum>1</CustNum><OrderDate>2009―01―12</OrderDate></Row><Row><OrderNum>250</OrderNum><CustNum>3</CustNum><OrderDate>2009―01―07</OrderDate></Row><Row><OrderNum>251</OrderNum><CustNum>3</CustNum><OrderDate>2009―01―07</OrderDate></Row><Row><OrderNum>500</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row><Row><OrderNum>501</OrderNum><CustNum>17</CustNum><OrderDate>2009―06―23</OrderDate></Row></ttOrder></dsCustOrd>
Data – XML vs. JSON
© 2009 Progress Software Corporation
WRITE-JSON() Method Syntax
WRITE-JSON ( mode, { file | stream | stream-handle | memptr | longchar } [, formatted [, encoding [, omit-initial-values ] ] ] )
WRITE-XML ( mode, { file | stream | stream-handle | memptr} [, formatted [, encoding [, schema-location [, write-xmlschema [, min-xmlschema [, write-before-image [, omit-initial-values ..])
© 2009 Progress Software Corporation
WRITE-JSON() Method Syntax
Mode Expression that specifies the target for the JSON string
Formatted (Default is FALSE)• If TRUE then formats JSON - Nicely
Encoding (Default is UTF-8) "UTF-8", "UTF16", "UTF-16BE", "UTF-16LE", "UTF-32",
"UTF-32BE", "UTF-32LE" Omit-initial-values (Default is FALSE)
If TRUE then fields set to initial/default values are excluded
WRITE-JSON ( mode, { file | stream | stream-handle | memptr | longchar } [, formatted [, encoding [, omit-initial-values ] ] ] )
© 2009 Progress Software Corporation
Example WRITE-JSON MethodFor a Static Temp-table
DEFINE VARIABLE cTargetType AS CHARACTER NO-UNDO.DEFINE VARIABLE cFile AS CHARACTER NO-UNDO.DEFINE VARIABLE lFormatted AS LOGICAL NO-UNDO.DEFINE VARIABLE retOK AS LOGICAL NO-UNDO.DEFINE TEMP-TABLE ttCust NO-UNDO LIKE Customer.
ASSIGN cTargetType = "file” cFile = "ttCust.json” lFormatted = TRUE.retOK = ttCust:WRITE-JSON(cTargetType, cFile, lFormatted). /* mode file formatted */Result: { "ttcust": [ ]}
© 2009 Progress Software Corporation
Example of Temp-table Serialized into JSON
DEFINE TEMP-TABLE ttCustomer NO-UNDO FIELD CustNum AS INTEGER SERIALIZE-NAME "ID" FIELD Name AS CHARACTER EXTENT 3 FIELD Balance AS DECIMAL INDEX CustNumIdx IS UNIQUE PRIMARY CustNum.
{"ttCustomer": [ {"ID": 1, "Name": ["L","Frank","Baum"], "Balance": 55000.0}, {"ID": 3, "Name": ["Alfred","E","Newman"], "Balance": 23500.0}]}
ttCustomer:WRITE-JSON(cTargetType, cFile, lFormatted).
© 2009 Progress Software Corporation
WRITE-JSON/WRITE-XML Size and Speed – an unscientific guide
FORMATTED ?
MODE JSON TIME*(ms)
XML TIME*(ms)
JSON SIZE
XML SIZE
% XMLTIME
%XML SIZE
TRUE FILE 2561 2766 189 213 92% 89%
FALSE FILE 2697 2830 115 172 95% 67%
TRUE Memptr 1298 1415 92%
FALSE Memptr 1356 1469 92%
* Time is the average for 100 iterations of the WRITE-* operation
© 2009 Progress Software Corporation
Read-JSON() method
READ-JSON ( source-type, { file | memptr | handle | longchar } [, read-mode ] )
READ-XML ( source-type, { file | memptr | handle | longchar } [, read-mode [, schema-location,
override-default-mapping [, field-type-mapping [, verify-schema-mode ...])
© 2009 Progress Software Corporation
Operational Excellence in 10.2B
Alternate Database Buffer Pool• Space in shared memory separate from the primary buffer pool• Increased performance- key data locked into memory, avoiding
slower disk reads & writes (-B2) Many Other New Features
• Stop long-running processes programmatically• WebClient install without Admin privileges
29
Always available and scales to any size
© 2009 Progress Software Corporation
Productivity in 10.2B
OpenEdge Architect• More support to assist new users in getting started
- Links to videos and tutorials• Manage Appservers within Architect
- Change Properties- Start/Stop/ Check Status
OpenEdge GUI for .NET• Expand types of UI controls and features offered by the controls
that can be used• Update of the Infragistics 9.2 controls (resold by Progress)
30
Provide a highly productive environment
© 2009 Progress Software Corporation31
7 Keys to Success: Security & ComplianceBenefits for our Customer & Partners
Security: private data remains accessible by only authorized individuals. The encryption adheres to industry standards
Simplicity: virtually transparent to application developers• No changes to database schema, application code, or
administrative processes
Scalability: balance security risk vs. cost of encrypting data
Embedded tools: DBA uses single set of OpenEdge tools
© 2009 Progress Software Corporation32
7 Keys to Success: Operational ExcellenceBenefits for our Customers & Partners
Better oversight of the application operation
Faster! Faster! Faster!• Reduce I/O for encrypted tables• Stop long-running operations
More robust applications
Ease of WebClient deployment
© 2009 Progress Software Corporation33
7 Keys to Success: ProductivityBenefits for our Customers and Partners
Build high-quality applications faster
Increase developer productivity• AppServer, client development• Use OpenEdge in other Eclipse environments• Better language tools
Wider range of UI controls to use in my application• Access to more functionality in controls• Customizable controls
Produce data for Ajax web-based applications more easily, & quickly
© 2009 Progress Software Corporation34
10.2B Customer Feedback
"10.2B support for JSON in ABL has drastically improved the performance of our Ajax applications. It allowed us to drastically reduce CPU usage and data traffic and enables native communication with our Ajax client“
Peter van Dam, Owner, Future Proof Software
“As always what I love most about a new version, including beta’s, is you just change the executable and you’re up and running with existing code in a new OpenEdge version. You can use the new 10.2B features where needed without the need to rewrite you existing application – the migration is quick and easy”.
Carl Verbiest, Product Manager for CCE Protools, CCE NV
© 2009 Progress Software Corporation35
10.2B Customer Feedback
“T.V.H. Forklift Parts has a GUI client application connected to a stateless OpenEdge AppServer monitored by Actional.
The OpenEdge AppServer is connected to several databases with contains our primary data. The Actional monitoring is providing the business visibility into our processes and applications exactly as it should.
The Actional Monitoring of OpenEdge resources are going to be useful right away”
Jan Keirse, Software quality & Systems: Software Engineer,
TVH Forklift Parts NV
© 2009 Progress Software Corporation36
10.2B Beta Customer Feedback
How Fiserv Makes Progress - Case Study
Benefit• TDE will ensure data privacy across the entire lifecycle; maintain
competitive advantage and ability to interface with third parties by adhering to PCI DSS; increased IT performance will save time and reduce costs.
Quote• “We always try to improve our performance and get things to run faster.
We tested a fully encrypted database and there was only a 4% decrease in performance versus an unencrypted database. We tested that with alternative data pools, we actually gained back almost 2% of that initial performance degradation. We believe with additional fine tuning the performance will continue to improve.”
© 2009 Progress Software Corporation37
Your Call to Action
What can 10.2B do for you….
Solve your Security & Compliance issues?
Increase your end-to-end visibility?
Improve on your usability and performance?
© 2009 Progress Software Corporation39