Why Do I Need To Pay For ODBC , JDBC, ADO.NET, OLE-DB Drivers?

Payment is a function of pain alleviation (opportunity cost) monetization.

This post is about highlighting the real pains associated with the $0.00 misconception associated with Data Access Drivers: ODBC, JDBC, ADO.NET, OLE-DB etc.

In the most basic sense, there are some fundament aspects of data access that are complex to implement and rarely implemented (if at all) by free drivers, the list includes:

  1. Escape Syntaxes for Dates and Functions
  2. Metadata Calls which enable smarter ODBC compliant applications (this feature is typically missing on Driver Side and abused on the Client side i.e., making clients DBMS specific by testing for specific DBMS names)
  3. Scrollable Cursors, this is how you deal with change sensitivity, and most drivers actually fake support and get away with it due to shortage of applications to test proper cursor types (Static, Forward-Only, Key-Set, Dynamic, and Mixed models).

Okay, so we're done with actual driver sophistication re. implementation of critical features. Let's Up the ante by veering into the area of security. At the most basic level, It's extremely important to understand that all data access driver types provide read-write access to your databases; thus, it's imperative that data access drivers address the following:

  1. Read-Only or Read-Write Access scoped to specific Users
  2. Ditto applied to specific User Groups
  3. Ditto applied to Database Names
  4. Ditto applied to specific ODBC compliant applications
  5. Ditto applied to specific ODBC host operating systems
  6. Ditto applied to specific IP addresses or Ranges on your Network
  7. Any combination of items 1-6 as part of a configurable data access rules/policy system.

Once you're done with security, you then have the thorny issue of data access and data flow management. In a nutshell, your driver needs to be able to handle:

  1. Protection against cartesian product network flooding (e.g., user clicks on Customer Table via an ODBC compliant application without comprehension of back-end implications)
  2. Enabling or Disabling of key DBMS engine data access optimization features (e.g. DBMS specific extensions exposed via Environment Variables of SQL commands based settings)
  3. Conditional Connection Pooling across User, User Groups, Applications, Host Operating System, IP Address dimensions.

Once you've dealt with Security and Data Flow, you then have to address the enforcement of these settings across a myriad of ODBC compliant host, which is where Zeroconfig and centralized data access administration comes into play i.e., configure once (locally) and enforce globally.

When OpenLink Software entered the ODBC Driver Market segment in 1992, the issues above where the fundamental basis of our Multi-Tier Drivers. Thus, although we distinguished ourselves via performance, stability, and specification adherence, our fundamental engineering focus has always been skewed towards security and configurability, alongside high-performance and scalability.

As we close 2009, the security issues that pervade Native DBMS Drives, ODBC, JDBC, ADO.NET, OLE-DB etc. Drivers have only increased, courtesy of ubiquitous computing, sadly though, there remains a fundamental illusion that Data Access Drivers simply connect you to DBMS back-ends, and since you can get these drivers at $0.00 from most DBMS vendors they can't be that important.

I hope that this post brings some clarity to a very serious security and general configuration management issues associated with Data Access Drivers. Free ODBC Drivers offer nothing, when it comes to the real issues of Open Data Access. If they did, they wouldn't be worth $0.00!

Note: wondering if this has anything to do with Linked Data (my current data access focal point)? Well, remember, the Linked Data meme is fundamentally about REST based Open Data Access & Integration via HTTP; thus, what applies to Relational Model databases naturally applies to their more granular Graph Model relatives. Basically, data access security never goes away, it just gets more granular, complex, and ultimately, mercurial.

Related

# PermaLink Comments [1]
02/05/2010 01:03 GMT-0500 Modified: 09/12/2010 19:07 GMT-0500
DataSpaces Bulletin: December issue now online!

The highly anticipated December 2008 issue of the DataSpaces Bulletin is now available!

This month's DataSpaces contains material of interest to the Virtuoso developer and UDA user community alike —

  1. Introduction to Virtuoso Universal Server (Cloud Edition).
  2. Links to Virtuoso and Linked Data mailing lists.
  3. UDA license management tips and tricks.
# PermaLink Comments [0]
12/09/2008 13:09 GMT-0500 Modified: 12/09/2008 15:06 GMT-0500
OpenLink Software Releases new Universal Data Access Driver Suite 6.1
OpenLink Software Releases new Universal Data Access Driver Suite 6.1
  New ODBC, JDBC, ADO.NET, and OLE DB Drivers for Major Databases

Burlington, MA. Tuesday, January 15, 2008 - OpenLink Software, Inc., technology leader in the development and deployment of secure,
high-performance universal data access middleware, announces the commercial availability of Release 6.1 of its high-performance and
secure Universal Data Access Drivers.

The updated components support new and older releases of Oracle, Microsoft SQL Server, Sybase, IBM DB2, IBM Informix, Ingres, Progress
Open Edge, MySQL, PostgreSQL, and Firebird, across Windows, Mac OS X, Linux, Solaris, HP-UX, and AIX.

New features across then entire suite include:

- XA-based two-phase commit across ODBC, JDBC, and ADO.NET

- Microsoft SQL Linked Server compatible ODBC provider for OLE DB (32 & 64 Bit)

- ODBC Bridge for JDBC accessible Databases (32 & 64 Bit)

- Ruby on Rails Adapter for ODBC- and JDBC-accessible databases

- Support for 64-bit Windows running on x86_64 (e.g., Opteron, Xeon) and IA64 (e.g., Itanium2) Processors across all Data Access APIs --
ODBC, JDBC, OLEDB, and ADO.NET

- Support in Mac OS X Universal binaries for PPC and Intel 32-bit mode on Tiger (10.4) and Leopard (10.5), plus Intel 64-bit mode on Leopard

- ADO.NET 2.0 Support (and an ADO.NET 3.0 Beta Provider on request)

- ADO.NET integration with Visual Studio 2005

"The new product release builds on our legacy as leading provider of quality, secure and high-performance data access drivers to all major
DBMS engines," said Kingsley Idehen, President & CEO.

"We are at a critical juncture within the enterprise and across the Web, where data access, portability, and unobtrusive integration require
the technological prowess and leadership qualities we've consistently demonstrated over the last 15 years. Standardized data access
middleware that enables the development and deployment of database and operating system independent applications remains a critical priority
for organizations worldwide," he added.

About OpenLink Software
=======================

OpenLink Software is a privately held software company with offices in the U.S.A., United Kingdom, Russia, and Bulgaria. It has been the
leading provider and technology innovator in the universal data access middleware market since 1993, with over 10,000+ companies currently
using its products worldwide.

Additional information on OpenLink Software can be obtained from the web site: http://www.openlinksw.com/.

Contact:
Helen Heward-Mills,
OpenLink Software, Inc.
Tel: 781 273 0900
Email: hmills@openlinksw.com


# PermaLink Comments [0]
01/20/2008 08:38 GMT-0500 Modified: 01/20/2008 09:48 GMT-0500
Announcing ODBC Data Adapter for Ruby on Rails, release 1.1
Announcing ODBC Data Adapter for Ruby on Rails, release 1.1

OpenLink Software are pleased to announce release 1.1 of the ODBC Adapter for Ruby on Rails (ActiveRecord).

This unifies data-access from a plethora of individual adapters to one common configuration in Rails; rather than having a multitude of DBMS-specific Rails Adaptors with inconsistent functionality and behaviour, you can now focus on a single data adapter with consistent behaviour across ODBC-accessible databases on all Ruby-supported platforms. This release adds support for DB2, MySQL, Sybase and SQL Server. The supported DBMSes now include: Oracle, Informix, Ingres, OpenLink Virtuoso, SQL Server, Sybase, MySQL and DB2.

The adapter can be downloaded from rubyforge:
http://rubyforge.org/projects/odbc-rails/

Technorati Tags: , , ,

# PermaLink Comments [0]
10/23/2006 13:03 GMT-0500
Why Web 2.0 clones are not innovative
Why Web 2.0 clones are not innovative

Why Web 2.0 clones are not innovative:

Richard MacManus at ZDNet writes his view on Web 2.0 clone applications. He observed that every country has its set of Web 2.0 clones — bookmarking sites that looks del.icio.us, photo sharing sites that like Flickr, social networking sites like MySpace, community news sites like digg, etc. He criticizes those Web 2.0 clones being non-innovative.

It’s true that most of the clone apps don’t come with innovative ideas, but it would be unwise to think that they totally have no values. Contrary to Richard’s point of view, I think clone apps are essential ingredients in helping the IT business in developing countries to become innovative.

Innovative ideas don’t usually born in the thin air. They requires extensive testings and experiments. The mature IT business in the US has extensive knowledge and experience in developing innovative ideas. People here have a general idea about what works and what doesn’t. In many developing countries, however, the settings are completely different.

Take China for an example. Its IT market is still in an infant stage comparing to that of the US. Chinese businesses that recently entered the market are still in the stage trying to figure out how to make profits and establish a sustainable business model. The need to be innovative now, perhaps, is not on the todo lists of the business executives.

Furthermore, the past generation of Chinese engineers and developers were not exactly trained to be innovative and think outside-the-box. They were trained with impressive memorization skills and obey orders from superiors. It’s unfair to expect this generation of Chinese IT workers to live and breath with innovations as their US counterparts do.

Given this type of harsh environment in many developing countries, it’s quite natural to act as copycats and repeat business ideas that have good track records. In fact, it’s a good business if being a copycat can bring profits.

We don’t criticize Yahoo! Maps being a copycat of Google Maps. We don’t criticize Google Notebook being a copycat of del.icio.us. Why should we criticize foreign Web 2.0 clones when their intention is to learn how to enter a global IT market and to become prosperous? Maybe in the cloning process, copycats will discover innovative ideas by accident.

Technorati Tags: ,

# PermaLink Comments [0]
10/23/2006 12:02 GMT-0500
What Problem Does Natural Language Search Solve?
What Problem Does Natural Language Search Solve?

What Problem Does Natural Language Search Solve?:
Matt Marshall recently posted a story about a new search engine looking to raise a lot of money at a very high valuation, which has created quite a bit of buzz as people argue over whether or not the company has a chance, or deserves such a high valuation. Matt followed up with more details on the company, though he still expresses some reasonable skepticism. Like many people, my first reaction on hearing about it was that I can't remember a year that's gone by without someone claiming to have come out with a revolution in natural language search. However, when it comes to search engine news, no one can go through the history and explain why something is a bad idea quite like Danny Sullivan can. He lists out all the attempts at natural language search, and shows how each one failed (in some cases, miserably). He also points out that the problem with natural language search is that it requires everyone to change their behavior. As with any startup, when you're looking at their chances, the big question to ask is pretty simple: what problem does it solve? Plenty of people have figured out how to search with keywords. In fact, many of us find it more natural and faster than trying to construct a natural language query. So, while all the natural language search engines that come along insist that searches suck because they can't understand the the searcher, it's not clear that's the real problem. When people want to use a search engine, they want to find what they want. That means being able to search quickly. Dumping two or three keywords into a box is always going to be a lot faster than figuring out the natural language equivalent. So, perhaps someone can enlighten us. What is the problem natural language search solves?

Technorati Tags:

(via Techdirt)

Technorati Tags: ,

# PermaLink Comments [0]
10/23/2006 12:02 GMT-0500
Planning the Software Industrial Revolution

Here is another timeless article by Brad Cox titled: Planning The Software Industrial Revolution.

Enjoy!

# PermaLink Comments [0]
05/13/2005 17:33 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
Social Construction of Reality

An interesting article by Brad Cox. (inventor of Objective-C) that's provides great foundation for a understanding number of issues that are relevant to social networking systems.

# PermaLink Comments [0]
05/13/2005 11:31 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
Standards Contempt Revisited

My entire time in the IT industry has been spent primarily trying to develop, architect, test, mentor, evangelize, and educate about one simple subject: Standards Appreciation!

The trouble with "Standards Appreciation" is that vendors see standards from the following perspectives primarily:

  1. Yet another opportunity to lock-in the customer
  2. If point 1. fails then undermine the standard vociferously (an activity that takes many covert forms; attack performance, security, and maturity)
  3. Developers don't like standards (the real reason for this is to-do lists and timeframes in most cases)

Korateng Ofusu-Amaah provides insightful perspective on the issues above, in a recent "must read" blog post about how this dysfunctionality plays out today in the realm of HTML Buttons and Forms. Here are some notebable excerpts:

"Instead my discourse devolved into a case of I told you so, a kind of Old Testament view of things instead of the softer New Age stylings that are in vogue these days. Sure there was a little concern for the users that had been hurt by lost data, but there was almost no empathy for the developers who had to lose their weekends furiously reworking their applications to do the right thing especially because it appeared that they would rather persist in trying to do the wrong thing.

The sentiment behind that mini tempest-in-a-teapot however was a recognition of the fact that those who have been quietly evangelizing the web style were talking about the wrong thing and to the wrong people."

...

"..As application developers we should ask for better forms, we should be demanding of browser makers things like XForms or Web Forms 2.0 to make sure that we can go beyond the kind of stilted usability that we currently have. Our users would appreciate our efforts in that vein but for now, they know what to expect. Until then application developers should push back when we are told to "do the wrong thing".

There is an unfortunate mindset trend at the current time that espouses: "Sloppiness" is good, and "Simple" justifies inadequacy at all times. Today, the real focus of most development endeavours is popularity first and coherance (backward compatibility, standards compliance, security, scalability etc.) a distant second, if you can simply make things popular then that justifies the sloppiness (acquisition, VC money, Blogosphere Juice etc.). Especially as someone else will ultimately have to deal with the predictable ramifications of the sloppiness.

Standards are critical to the success of IT investment within any enterprise, but standards are difficult to design, write, implement, and then comprehend; due to the inherent requirement for abstraction - it's a top down, as opposed to bottom up, process.

Vendors will never genuinely embrace standards, until IT decision makers demand standards compliance of them, by demonstrating a penchant for smelling out "leaky abstractions" embedded within product implementations. Naturally, this requires a fundamental change of mindset for most decision makers. It means moving away from the "this analyst said...", "I heard that company X is going to deliver....", "I read that .....", "I saw that demo..." approach to product evaluation, to a more knowledgeable evaluation process that seeks out the What, Why, and How of any prospective IT solution. 

Knowledge empowers all of the time. It's a gift that stands the test of time once you invest some time in its acquisition (unfortunately this gift isn't free!). Ignorance with all its superficial seduction (free and widely available!), is temporary bliss at best, and nothing but heartache over time.

# PermaLink Comments [0]
05/12/2005 15:11 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
A Collection of PHP and ODBC How-To Links

In 2005 I am somewhat surprised at the steady level of emails and commentary expressing confusion about the use of PHP and ODBC.

Here are a few links that resolve any confusion about this matter:

  1. OpenLink's PHP and iODBC HOWTO doc: http://www.iodbc.org/index.php?page=languages/php/odbc-phpHOWTO
  2. PHP Everywhere's guide: http://phplens.com/phpeverywhere/node/view/9
  3. Zili Zhang's piece from 1999 (time flies!): http://www.tldp.org/HOWTO/MSSQL6-Openlink-PHP-ODBC.html
  4. Zend's ODBC Tutorial: http://www.zend.com/zend/tut/odbc.php 

Or simple google on PHP and ODBC or PHP and iODBC ...

# PermaLink Comments [0]
05/01/2005 15:46 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
 <<     | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |     >>
Powered by OpenLink Virtuoso Universal Server
Running on Linux platform