Why Do I Need To Pay For ODBC, JDBC, ADO.NET, OLE-DB Drivers? (revisited)

Situation Analysis

It's the year 2015, and the fundamental issues associated with the utility of data access drivers remain confusing. Basically, we remain uncertain about the value-to-compensation alignment of ODBC (Open Database Connectivity), JDBC (Java Database Connectivity), and ADO.NET drivers/providers.

ODBC JDBC
Image Image
ADO.NET
Image

Why do we pay for anything?

After allowing for consumer irrationality [1], the basis of any payment is fundamentally tied to the monetization of opportunity costs. Essentially, we pay for one thing to alleviate the (usually higher) costs of something else.

The rest of this post focuses on highlighting the real pains associated with the $0.00 value misconception associated with Data Access Drivers: ODBC, JDBC, ADO.NET, OLE-DB, etc.

Real Costs of Data Access Drivers

In the most basic sense, there are some fundamental aspects of data access that are complex to implement and rarely implemented (if at all) by free drivers. The list includes:

  • Escape Syntaxes for Dates and Functions -- abstraction for dates and function signatures at the application level (i.e., the same abstraction works across all compliant databases)
  • Metadata Calls which enable smarter ODBC compliant applications -- this feature is typically missing in Drivers and abused by the Clients (consumers); i.e., clients are made DBMS specific by testing for specific DBMS names, rather than utilizing feature and functionality metadata returned by drivers
  • Scrollable Cursors -- this is how you deal with change sensitivity and paging through large datasets; some drivers actually fake support and get away with it due to shortage of applications to test proper cursor types (Static, Forward-Only, Key-Set, Dynamic, and Mixed models).

Beyond actual driver sophistication, in regards to key feature implementations, let's up the ante by veering into the area of data security. At the most basic level, It's extremely important to understand that all data access drivers provide read-write access to your databases; thus, it's imperative that data access drivers address the following:

  • Read-Only or Read-Write Access modalities scoped to specific
    • users
    • user groups
    • target databases
    • data access standards (e.g., ODBC, JDBC, ADO.NET)
    • client applications
    • client host operating systems
    • client host IP addresses
  • Any combination of the above as part of a configurable collection of data access rules (or policies).

Once you're done with security, you then have the thorny issue of data access and data flow management. In a nutshell, your driver needs to be able to handle:

  • Protection against Cartesian-product-based network flooding (e.g., user queries an enormous table without knowing or understanding back-end implications)
  • Enabling or Disabling of key DBMS engine data access optimization features (e.g. SQL RDBMS-specific extensions exposed via Environment Variables or SQL-command-based settings)
  • Conditional Connection Pooling across various dimensions such as Users, User Groups, Applications, Host Operating Systems, IP Addresses
  • Encryption of Data in Transit

Once you've dealt with Security and Data Flow, you then have to address the enforcement of these settings across a myriad of ODBC compliant host, which is where Zeroconfig and centralized data access administration comes into play i.e., configure once (locally) and enforce globally.

OpenLink Universal Data Access (UDA) Drivers

When OpenLink Software entered the ODBC Driver Market segment (circa 1992), the issues above were the fundamental basis of our Multi-Tier Drivers. Although the marketplace highlighted our drivers for high performance, stability, and specification adherence -- to all of which we remain committed -- our fundamental engineering focus has always been skewed towards configurable data security, platform independence, and scalability.

Every item of concern outlined in the section above is addressed by security features built into our Multi-Tier Drivers [2][3][4]. These features all leverage the fact that our multi-tier drivers include a sophisticated DB session rules book that enables construction and enforcement of user attribute (user name, application, client operating system, IP address, target database etc.) based rules which are applied to all database sessions (single or pooled).

Image

Today, in the year 2015, the security issues that pervade Data Access, whether via Native SQL RDBMS Drivers, or ODBC, JDBC, and ADO.NET Drivers/Providers, have only increased, courtesy of ubiquitous computing -- facilitated by the Internet & Web, across desktop and mobile device dimensions. Paradoxically, there remains a fundamental illusion that all Data Access Drivers are made the same; i.e., they simply provide you with the ability to connect to SQL RDBMS back-ends, for the industry standard price of $0.00, without consequence -- thereby skewing the very nature of SQL RDBMS data access and its security and privacy implications.

I hope that this post brings some clarity to a very serious security and general configuration management issues associated with Data Access Drivers. Free ODBC Drivers offer nothing; that's why they cost $0.00. When dealing with real issues associated with Open Data Access, you must have a handle on the inevitable issues of data security and privacy.

Links

  1. The Irrational Consumer: Why Economics Is Dead Wrong About How We Make Choices
  2. OpenLink Multi-Tier ODBC Drivers
  3. OpenLink Multi-Tier JDBC Drivers
  4. OpenLink Multi-Tier ADO.NET Providers

Related

# PermaLink Comments [0]
06/11/2015 17:18 GMT-0500 Modified: 07/17/2015 14:00 GMT-0500
DataSpaces Bulletin: December issue now online!

The highly anticipated December 2008 issue of the DataSpaces Bulletin is now available!

This month's DataSpaces contains material of interest to the Virtuoso developer and UDA user community alike —

  1. Introduction to Virtuoso Universal Server (Cloud Edition).
  2. Links to Virtuoso and Linked Data mailing lists.
  3. UDA license management tips and tricks.
# PermaLink Comments [0]
12/09/2008 13:09 GMT-0500 Modified: 12/09/2008 15:06 GMT-0500
IBM Flexes XML Muscle

Here is another article titled "IBM Flexes XML Muscle" that covers the same general theme: IBM's appreciation of Unified Storage.

As indicated in an earlier post: IBM is clearly validating what we have done with Virtuoso (as was the case initially with their Virtual / Federated DBMS initiative ala DB2 Integrator). Here is an excerpt from today's eWeek article supporting this position:

To achieve maximum XML performance, bolstered indexing attributes in the technology will enable advanced search functions and a higher degree of filtering. IBM is also adding support for XPath and XQuery data models. This will allow users to create views that involve SQL and XQuery by sending the protocol through DB2's query optimizer for a unified query plan.

Read on..

Virtuoso has been doing this since 2000; unfortunately a lot of

# PermaLink Comments [1]
01/04/2005 12:19 GMT-0500 Modified: 09/30/2006 04:38 GMT-0500
Preventable SQL DBMS Vulnerabilities

Here are some excerpts (inlined) with my comments (outlined)

# PermaLink Comments [0]
05/17/2004 20:41 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
Creating RSS Using SQLX

Here is a practical example of how to create RSS on the fly from SQL data sources leveraging Virtuoso 3.2's SQLX implementation.

This is further illuminates the content of my earlier post on this subject.

# PermaLink Comments [0]
11/11/2003 18:33 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
XML Development Hindered by Lack of Conformity to Data Connectivity Standards ?

I've just read an

# PermaLink Comments [0]
11/11/2003 18:14 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
HOWTO: Apache-PHP-ODBC on Mac OS X

There is a new HOWTO document that addresses an area of frequent confusion on Mac OS X, which is how do you build PHP with an ODBC data access layer binding ( iODBC variant) using Mac OS X Frameworks as opposed to Darwin Shared Libraries.

# PermaLink Comments [0]
10/24/2003 11:39 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
A Virtuoso of a Server

NETWORK WORLD NEWSLETTER: MARK GIBBS ON WEB APPLICATIONS

Today's focus: A Virtuoso of a server

By Mark Gibbs

One of the bigger drags of Web applications development is that building a system of even modest complexity is a lot like herding cats - you need a database, an applications server, an XML engine, etc., etc. And as they all come from different vendors you are faced with solving the constellation of integration issues that inevitably arise.

If you are lucky, your integration results in a smoothly functioning system. If not, you have a lot of spare parts flying in loose formation with the risk of a crash and burn at any moment.

An alternative is to look for all of these features and services in a single package but you'll find few choices in this arena.

One that is available and looks very promising is OpenLink's Virtuoso (see links below).

Virtuoso is described as a cross platform (runs on Windows, all Unix flavors, Linux, and Mac OS X) universal server that provides databases, XML services, a Web application server and supporting services all in a single package.

OpenLink's list of supported standards is impressive and includes .Net, Mono, J2EE, XML Web Services (Simple Object Application Protocol, Web Services Description Language, WS-Security, Universal Description, Discovery and Integration), XML, XPath, XQuery, XSL-T, WebDav, HTTP, SMTP, LDAP, POP3, SQL-92, ODBC, JDBC and OLE-DB.

Virtuoso provides an HTTP-compliant Web Server; native XML document creation, storage and management; a Web services platform for creation, hosting and consumption of Web services; content replication and synchronization services; free text index server, mail delivery and storage and an NNTP server.

Another interesting feature is that with Virtuoso you can create Web services from existing SQL Stored Procedures, Java classes,

C++ classes, and 'C' functions as well as create dynamic XML

documents from ODBC and JDBC data sources.

This is an enormous product and implies a serious commitment on the part of adopters due to its scope and range of services.

Virtuoso is enormous by virtue of its architectural ambitions, but actual disk requirements are

# PermaLink Comments [0]
10/23/2003 17:58 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
Universal Data Access and Security

There is an old adage that states, "there are no free lunches".

This cannot be more true than in the case of universal data access (ODBC, JDBC, ADO.NET, and OLE-DB) and security. There is a recently published article on our web site that sheds light on how we have engineered our data access technology to enable our customers enjoy secure and high-performance database connectivity when utilizing any of our Multi-Tier Database Connectivity drivers.

It is no secret that technologies such as ODBC, and to a fair degree JDBC, have generated a good share of undeserved criticism over the years in relation to their fundamental value propositions (providing transparent access from compliant applications to backend databases via seperation of application and database connectivity APIs), and that one of the unfortunate offshoots of this negative press is the contradictory perception that these components are valueless (i.e. they are worth $0.00). Thus, the emergence of the "free is good enough" syndrome which is predicated on the misconception that data access drivers (data source connectivity API implementations) simply provide connectivity and that's it.

If you want to open up your organization (whatever your variation internal, external, internet, extranet, intranet etc.) for the worst of all worlds (deliberate or inadvertent attacks on your data) the FREE is GOOD. Otherwise, when dealing with data access drivers you have to bear the following in mind (covered in detail in the data access security article):

    • Can I control
# PermaLink Comments [0]
10/01/2003 11:39 GMT-0500 Modified: 06/22/2006 08:56 GMT-0500
         
Powered by OpenLink Virtuoso Universal Server
Running on Linux platform