Some of the mentionings about centura, that we haven't yet published here:
> Centura Software: SQLBase Suite
> Page: 3030
> Issue Date: 03/29/99
> Category: Server Environments
> SQLBase was launched in 1988, and provided the first RDBMS specifically
> designed for PC networks. Given that the product's chief architect was
> Bruce Scott, co-author of the original Oracle database engine, the
> technical strengths of SQLBase should not be so surprising: the product
> was designed as a scaleable, robust database for multiple development
> environments. And the financial turmoil at Centura Software - then Gupta
> Corporation - some four or five years ago, should not distract from the
> basic facts: over a million copies of SQLBase are in use, making SQLBase
> one of the most successful DBMSs in the industry.
> Centura Software's products include SQLBase in a number of forms,
> deployment infrastructure components, and development tools. Although
> designed to work in concert, each of these is designed to work with
> components from other vendors. Thus, SQLBase can be accessed via Visual
> Basic or Delphi, Centura Team Developer can be used to address a variety
> of non-Centura databases, and applications built using Centura products
> can target a variety of operating systems. As with all enlightened vendors
> in the client-server space, the goal is to offer any-to-any connectivity.
> Centura's target markets include both ISVs developing packaged application
> products, and corporate application developers who deploy distributed
> applications to single departments or as mobile applications. Centura's
> revenue model is deployment-based. In both this respect, and in its
> balance between tools and low-maintenance deployment technologies, Centura
> resembles Progress Software. The difference is in Centura's focus on
> PC-based products, which means that the two companies do not normally
> compete for the same customers.
> At the time of writing this report, Centura announced that it has acquired
> Raima Corporation. This is a significant announcement, as it gives Centura
> a database engine for Windows CE, Solaris, AIX, HP-UX, UnixWare, and
> BSD/OS and Linux.
> PRODUCTS
> Centura Software offers three major products sets:
> * SQLBase - an embedded database which has a small footprint, and can
> publish data to intranets. It supports client connectivity via Type 4 JDBC
> and ODBC 3.0. SQLBase is suited for applications used in small and
> medium-sized businesses or single departments, and does not require a
> Database Administrator.
> * Centura net.db - a querying and publishing tool, designed to make
> relational data accessible on the Web. It provides dynamic content on
> intranets, or on the Internet. Centura net.db's browser-based designer
> allows a collection of Web pages to be created quickly. Users can access
> data via any JavaScript-enabled browser.
> * Centura Team Developer - an object-oriented application development
> toolset, Team Developer provides direct database connectivity to
> databases, including DB2, Oracle, and Sybase. Developers can write one set
> of client logic that can execute as either a Web client, or as a Windows
> 95, Windows NT or Novell client.
> Other products - including SQLHost - provide extended connectivity to the
> familiar enterprise platforms and processing environments.
> With the launch of SQLBase 7.5, the database product is now available with
> three levels of security. Centura is now majoring on security for its
> embedded database products, in what can only be seen as a brilliant piece
> of lateral thinking: the applications built using Centura products tend to
> live in relatively insecure environments. Such applications are frequently
> deployed outside of the firewall, and may be on portable devices. For
> these systems, meeting security threats may in fact be a bigger issue than
> for the core enterprise applications, which are protected in other ways.
> * SQLBase - this is the 'vanilla' flavour of the product. Its database
> engine, connectivity and basic security features are shared with the other
> versions.
> * SQLBase SafeGarde - This combines the basic security features with
> 56-bit DES encryption for all database files and traffic. Thus, SQLBase
> SafeGarde data can remain in encrypted form at all times.
> * SQLBase SafeGarde Max - This version includes the option of 56-bit DES
> encryption, and 128-bit triple-DES encryption.
> As with previous releases of SQLBase, all versions share a code base which
> is common to all operating systems. Both Centura and its customers gain
> from this approach, since both the core products and the applications can
> easily be ported from one platform to another.
> SQLBASE 7.5
> SQLBase was specifically designed to operate on minimal hardware platforms
> - its original target was what would now be considered very
> low-specification PCs, and the product has held true to this approach: a
> 16-bit version is still available. At the same time, SQLBase supports a
> number of features common to high-end database systems: it was built from
> the ground up to operate with a SQL interface and supports multiple
> transactions, complete with a reliable commit mechanism. Centura claims
> that the database will support up to 200 concurrent users.
> Functionality
> An important selling point of SQLBase is its ability to operate without a
> database administrator. This is not a unique selling point - again,
> Progress Software is concerned with the same issue - however, it is
> unusual in a multi-user database, and should be an absolute requirement
> for any embedded software product. To a significant extent, the
> minimisation of the administration task is a driver in the basic design
> choices for the database engine. Further to this, three types of function
> aid in maintaining the integrity of the deployed database:
> * Automated functions include elimination of redundant connections and
> disk file extension. System failure logs can also be used to automate
> recovery after low-level failures.
> * All database functions can be accessed via the SQLBase SQL/API. This
> makes it relatively easy to build application-specific user interfaces to
> help in maintaining the database.
> SQLBase's open programmatic interface provides a fully documented SQL API
> - the company states that it has not reserved any features for exclusive
> use by its own products. Aside from its own database-specific interface,
> Centura also provides a level 3 ODBC driver, and a type 4 JDBC driver, for
> use with third-party tools. Features which are specific to SQLBase
> include:
> * Declarative referential integrity specification.
> * Stored procedures and database triggers.
> * An extended Data Definition Language (DDL), with support for rollback of
> DDL statements.
> * Support for forward and backward scrolling cursors.
> * Multiple independent transactions in the same client application, each
> with multiple cursors.
> External functions are supported using DLLs: external DLLs can be called
> from regular stored procedures, triggers, or directly from client
> applications. Using external functions, external devices can be controlled
> directly into the database. Likewise, centralised server resources can be
> accessed by network clients, since all external functions run on the
> server.
> For enterprise-scale applications, this type of arrangement has been
> superseded by middle-tier application servers, which offer greater
> expressivity for the developer and more flexible runtime support. However,
> in the types of applications in which SQLBase is intended to be employed,
> an external function should prove to be a useful technique.
> Architecture
> SQLBase versions for Windows and NetWare operating systems share a common
> code line. Likewise, they share the same program interfaces. SQLBase
> provides four different means of access to data, stored procedures and
> server operations. These are:
> * SQL/API - This provides total control of both data access and
> manipulation, as well as server operations. The SQL/API enables all the
> functionality provided through SQLBase's own sophisticated tools to be
> used by applications.
> * ODBC - ODBC 3.0 drivers for SQLBase are provided as standard with the
> product. The drivers were developed by Intersolv, and are supplied in both
> 16-and 32-bit versions.
> * JDBC - SQLBase enables Java client access with a pure Java ('Level 4')
> JDBC driver. This is in contrast to the highly unsatisfactory JDBC-ODBC
> bridge technology employed by some RDBMS vendors.
> * OLE DB - Centura's OLE DB Data Provider supports universal data access
> by providing high performance access to all information for Microsoft-land
> clients, from any data source.
> Some difference does exist between NetWare and Windows platforms, in order
> to integrate with the native environment: on Windows NT, SQLBase can run
> as a true NT Service; on NetWare, SQLBase can make use of the NetWare
> Directory Services (NDS).
> Centura states that it has 'not ruled out CORBA' as a model for data
> access and stored procedure integration. Clearly, there is no technical
> reason why such a route should not be followed. Against this, however,
> CORBA has made the greatest penetration where Centura is least likely to
> be found, so a CORBA offering is likely to be a long way off at best.
> Although the company is in many respects a platform-neutral vendor,
> Centura is continuing to pursue COM: its development toolset will shortly
> support server-side components.
> Rather than grow to consume the increasingly powerful desktop hardware
> resources, SQLBase remains a small footprint product. Obviously, some
> potential is lost in making this choice, but other important advantages
> are gained. In particular, SQLBase has the potential to run on a number of
> different PDA operating systems, though this advantage is yet to be
> exploited by Centura.
> SQLBASE SAFEGARDE AND SAFEGARDE MAX
> SQLBase SafeGarde and SafeGarde Max are alternate versions of SQLBase 7.5,
> containing support for encrypted database files. SQLBase SafeGarde was the
> result of one specific project undertaken by Centura for Deutsche Bank.
> The project - now known as DB Direct - placed banking resources inside
> Deutsche Bank's most important customers. The project required thorough
> security, and because DB Direct customers' servers were outside the
> physical protection of the bank, there was no option other than encrypting
> all data. For Centura, DB Direct represented a trend by which data
> continues to move out from the enterprise servers.
> Unfortunately, the need for two versions of SQLBase SafeGarde is a
> political one: outside of North America, a number of complex licence
> restrictions exist on the application of the triple Data Encryption
> Standard (DES) used by SafeGarde Max. At the same time, there are
> increasing doubts about the security offered by the 56-bit DES encryption
> of the base SafeGarde version. It should be understood however that 56-bit
> encryption is not useless: applied properly, it defeats all casual
> attempts at unauthorised access to data. Even to a skilled and determined
> attacker, 56-bit encryption is costly and expensive to break. However, it
> demonstrably can be broken. So whether 56-bit encryption is applicable
> depends on the nature of the application: for a commercial customer list
> it may be suitable; for a large-scale financial application it may not be.
>
> Currently, the United States Government is issuing licences for the use of
> high-grade encryption products for specific industry sectors. Centura has
> adapted to this regime very quickly, and has gained licence export
> exception for finance and banking sectors; it aims to gain health care and
> e-commerce exception also. This contrasts with vendors such as Network
> Associates, who acquired encryption products outside of the US in order to
> achieve a similar result.
> Functionality
> Rather than simply encrypting communications, SQLBase SafeGarde and
> SafeGarde Max encrypt the whole thing:
> * All communications on the network between clients and the database.
> * The database itself.
> * The log files.
> * The backup files.
> For reasons that might not have been obvious until we look at this list,
> portable - or any physically unprotected - computing devices are not
> secure unless all of the above is in place. In its normal mode of
> operation, the SQLBase database files should only be accessed through the
> database engine. However, because SQLBase uses the file system of whatever
> platform it is installed on, an attacker has the option of accessing the
> files directly. However, two aspects of the database make such an attack
> immensely difficult:
> * File structure - the database file is effectively a semi-binary file,
> whose structure is difficult to parse without intimate knowledge of the
> proprietary database engine. It is therefore extremely tricky to automate
> a test for a successful decryption.
> * File size - A typical database file is very large. This is important
> because the whole file must be present for a code cracking process to run.
> Clearly, the large file will consume considerable resource from the code
> cracking process, making it unwieldy. There are no publicly-known examples
> of successful multi-kilobyte - let alone multi-megabyte - code cracking
> attempts for 56-bit DES.
> The above holds where the purpose of the attack is to read existing data.
> A more valuable form of attack is one in which an update also takes place.
> For example, the value in reading some particular bank account details is
> much less than the value in being able to alter these. All versions of
> SQLBase 7.5 protect against this by using a data page checksum in the form
> of a Cyclic Redundancy Check (CRC) or Secure Hash Algorithm (SHA), to
> confirm that only the database engine itself has altered the database
> file. The CRC is implemented using a conventional one-way hashing
> algorithm, which though replicatable in certain situations, is itself
> effectively unbreakable. The SHA provides a digital signature, which
> provides substantially higher protection than CRC.
> In many situations, SQLBase is used to hold data which is replicated from
> a central enterprise server. Obviously, this replication process must
> support data encryption also. Centura supports this via two products:
> * SQLBase Exchange - provides encrypted discrete replication from around
> 100 DBMS and flatfile types.
> * SQLHost - provides connectivity with IBM OS/390 DB2 data and CICS, and
> makes use of OS/390 security functionality.
> All versions of SQLBase 7.5 provide an extra level of login security, in
> which a validation delay occurs where a name / password pair are not
> accepted. This will also avoid 'denial-of-service' attacks.
> PLATFORMS
> * APIs: Native (16-bit and 32-bit). In-line compilation of both 16-bit and
> 32-bit clients is supported on all platforms with the following
> exceptions: Windows 3.1 is 16-bit only, NetWare 4.x and 5.0 are 32-bit
> only. ODBC: 16-bit (2.5) and 32-bit (3.11). JDBC: Level 4 (pure Java
> client).
> * Communication Protocols: TCP/IP, IPX/SPX, NetBIOS, Anonymous Pipes
> (Windows NT and Windows 95 only).
> * Operating Systems: Windows NT 4.0, Windows 98, Windows 95, Windows 3.1x,
> NetWare 4x and 5x.
> PRICING
> SQLBase standard pricing starts at $395 (£240) for a single user,
> one-copy. The price per seat decreases with multiples of the desktop, and
> for multi-user server-based pricing.
> OPINION
> STRENGTHS
> * Doing encryption for the whole thing - client-server communications,
> replication, database files and backups - is a decisive factor for many
> types of embedded database application. Or should be. How are your
> applications protected?
> * Because Centura has skills and products covering application
> development, infrastructure and databases, it is able to offer excellent
> tools and infrastructure integration for security. Such integration is
> vital in security matters, where complex integration problems can result
> in serious security holes.
> * The fact that Centura has already resolved US governmental licensing
> issues for many types of user will be an important selling point. The
> complexities involved in such licensing procedures for individual users
> should not be underestimated.
> WEAKNESSES
> * At the moment, Centura does not offer a PDA solution, and it really does
> need one. However, the SQLBase architecture lends itself to platform
> mobility, so the company's SNAPP programme - which would deliver this -
> really ought to succeed.
> * SQLBase SafeGarde is a brand new product, and is therefore not
> thoroughly tested in actual use. Particularly where security is concerned,
> this may be a concern for some. But then again, considering its target
> users, what is the alternative?
> CONCLUSIONS
> A mobile worker for a utility company accidentally leaves his palmtop in
> the pub, and suddenly the names, addresses and telephone numbers of
> everyone in the local area have been exposed. Embarrassing, isn't it? And
> it gets worse: laptop computers disappear all the time. And password
> protection for each machine is of precious little use if the thief can
> lift the hard drive out of the machine and plug it in elsewhere. The
> reality is that, as it becomes technically easier to build highly
> distributed applications, the organisation's data is becoming increasingly
> open to attack, usually without a commensurate increase in protection.
> Stated in its simplest form, the response should be as follows: data
> should be protected according to its value, and not according to its
> location. Surprisingly - in fact horrifyingly - the traditional approach
> contradicts this principle: in many respects, data which has least
> exposure to unauthorised access - for example, the corporate database -
> has gathered the greatest level of security. At the same time, the data
> with the greatest exposure - for example palmtop devices - often carries
> the least security.
> To some extent, this security hole has come into existence because of a
> lack of good technologies with which to plug it. The vast majority of
> client-server applications developers are not security experts, and must
> live with the tools which are available to them, and which integrate with
> their familiar development environment.
> In the case of applications which make use of embedded databases, the
> problem is particularly acute. These applications may be installed on
> platforms - such as palmtops - which have the highest exposure to
> unauthorised access. Embedded database applications also tend to be used
> in small and medium sized businesses, which have neither database
> administrators nor IT security staff. Again, these workers can in practice
> only make use of the tools and functions which are made directly available
> to them.
> Centura has put these issues amongst its chief concerns, and SQLBase 7.5
> is its first attempt at addressing them. This is just the first step along
> the road: SQLBase 7.5 is still limited to deployment on the heavyweight,
> traditional workgroup and personal server operating systems. However, the
> company sees a continuum of computing which looks like this:
> * Mainframe back office systems.
> * Front office conventional client-server.
> * Mobile, on/offline computing.
> * Web-based computing, supporting corporate extranets.
> * Information appliances, including 'interface-less' embedded controllers.
> The last category is particularly important to Centura. Its response is a
> new programme called SNAPP, for SQL Network for Appliances. This is
> intended to unify data management for Palm operating systems, Windows CE,
> and embedded devices. The company has stated that it will demonstrate
> SNAPP technology shortly.
> With SQLBase SafeGarde, Centura has a technically very important product.
> SafeGarde addresses a very real set of problems, which other vendors seem
> to have missed. If SNAPP is delivered satisfactorily, the company will
> have something of a technical triumph on its hands. But Centura has always
> been a technology company, rather than a marketing company. To succeed
> now, it will have to bring in - or bring back - a great many developers.
> To do that, it will have to create the right alliances, and integrate with
> the right external technologies. And it will have to do so quickly, before
> its competitors catch up.
> Company Profile
> Today, Centura Software Corporation's mission is to provide secure
> embedded, e-commerce and micro database solutions, and the connectivity to
> integrate these solutions into business systems.
> The company was founded - as the Gupta Corporation - in 1984 when the VP
> of Oracle's microcomputer division, Umang Gupta, left to set up his own
> rival business, accompanied by Bruce Scott, co-author of the original
> Oracle database engine. As it turned out, Gupta's market anticipation was
> spot on. Although demand for RDBMS was booming, the world was on the brink
> of the even more amazing PC phenomenon. By the early 1990s Gupta's SQLBase
> had established a technology lead in the PC RDBMS market, with features
> like referential integrity, hashed clustered indexes, data compression and
> scrollable cursors long before the competition.
> In 1993, Gupta gained 35 percent market share, and Gupta's application
> development tools were used by more than half of the US Fortune 500
> companies. However, in 1994 things went sour. There was talk of a takeover
> bid by Oracle, but this came to nothing. Although revenues rose by 15
> percent to $64.5 million, the company registered a resounding $23.9
> million loss. 1995 was not much better, with losses totalling over $8
> million in the first three quarters, in spite of sharply reduced operating
> expenses, which Gupta executives attributed to the success of cost
> reduction programmes.
> That year, Umang Gupta announced the appointment of Sam Inman, a 21-year
> IBM veteran, as president and chief operating officer. In January 1996 the
> company announced Umang Gupta's retirement, leaving Inman in full control.
> The continuing transformation of Gupta involved renaming it 'Centura
> Software Corporation'.
> The financial year ended December 1998 showed encouraging results: Centura
> Software recorded operating income of $3.9 million in 1998, as compared to
> operating income of $1.2 million in 1997. The company recorded net income
> of $2.1 million in 1998, compared with net loss of $0.6 million. The
> fourth quarter ended December 31, 1998 was Centura's seventh consecutive
> profitable quarter with net income of $0.3 million, compared to $1.0
> million in the fourth quarter of 1997. Net revenue was $13.6 million and
> $53.5 million for the fourth quarter and year respectively, compared with
> $14.5 million and $57.9 million for the previous year.
> Centura sells its products through a combination of a direct sales force,
> partners and distributors. Sales in the US are primarily direct and
> through partners. Sales in Europe are primarily through distributors.
> Centura has 19 offices around the world in North America, Latin America,
> Asia/Pacific, Europe, the Middle East and Africa.
> At the time of writing this report, Centura announced that it has acquired
> Raima Corporation. This move gives Centura a database engine for Windows
> CE, Solaris, AIX, HP-UX, UnixWare, and BSD/OS and Linux.
>
> **************************************************************************
> ****************
> April 1999
>
> Security Toolbox
> Noteworthy security products
> by Roger Smith
>
> Harder to Steal Home
>
> Created for banking, insurance, financial, and other institutions that
> need to protect their sensitive data or financial transactions, Centura's
> new SQLBase 7.5 is one of the first zero administration relational
> databases with full database encryption. SQLBase 7.5 uses Triple DES
> encryption to protect data not only on traditional servers, but also on
> laptops, wireless, and handheld devices. Other security features include
> letting database administrators (and applications) specify how data being
> transferred on the network is encrypted, independent of network protocols.
> To protect against "trial-and-error" login attacks to a database, the
> database server can also be configured to impose increasingly long delays
> in responding to the user or to alert other users. Single-user SQLBase 7.5
> costs $395.
>
> sdmagazine.com |
