Data Security

New Improvements to Security and Performance in Actian Vector

Emma McGrattan

June 12, 2018

We are pleased to announce the availability of Actian Vector 5.1. This release includes enhancements across the product, but the primary focus is on security, performance, and new customer enablement.

This post provides an overview of some features added to this release.

Security

With the advent of GDPR we’ve seen heightened focus on security. Earlier Actian Vector releases included all the capabilities required to support a GDPR-compliant deployment, but we added features in Vector 5.1 to ease the administration and development of secure solutions.

Data Masking

Actian Vector 5.1 enables database administrators or security administrators to mask individual columns within a table so that only authorized users can see the underlying data. Unauthorized users will see an obfuscated version of the data.

For example, when dealing with credit card numbers, unauthorized users may see only the last four digits of the card number and an X representing all preceding digits, while authorized users will see the full credit card number.

Encryption

The latest addition for data encryption is function-based encryption, which enables applications to encrypt and decrypt sensitive data stored in Vector tables through the AES_ENCRYPT_VARCHAR and AES_DECRYPT_VARCHAR SQL functions.  As with prior Vector releases, Vector 5.1 also supports column-level data at rest encryption as well as data in motion encryption.

Stored Procedures and Security

The introduction of stored procedures in Actian Vector 5.1 gives database administrators greater control over database access. This means DBAs can grant permission to execute a stored procedure even if the user has no direct access to the underlying tables referenced in the procedure.

Stored procedures can be used to guard against SQL injection attacks since their input parameters are treated as literal values and not as executable code.

Finally, stored procedures may be used together with security alarms to enhance the Actian Vector security-auditing features.

Performance Enhancements

As with all Vector releases, we’ve made a number of enhancements that improve performance. Some of these are internal to the X100 engine and include improved foreign-key checks for appends, insert-only update propagation improvements, and parallel build of shared hash tables. Enhancements also were made in view performance specifically when dealing with large and complex views as well as predicate-pushing through views.

External Tables

External tables let you read from and write to data sources stored outside Vector. Data sources must be those that Apache Spark can read from and write to, such as files stored in formats like CSV or tables in external database systems. After defining the external table with the CREATE EXTERNAL TABLE syntax, you can run queries directly against the external data, and the external data may be joined with native Vector data.

Stored Procedures

I’m not a huge fan of stored procedures, as they typically impose vendor lock-in, but we’ve added them to Actian Vector 5.1 because customers often request them when migrating from other technologies to Actian Vector. Stored procedures also can be beneficial from a security perspective, as outlined in the security section above.

Platform Support

Actian Vector is available in the Amazon AWS and the Microsoft Azure marketplaces. Our marketplace offerings are designed to make it easy to get started and include single-click deployment.

We’ve seen increased adoption of Ubuntu in enterprises, so Actian Vector 5.1 has officially been certified for Ubuntu. We continue to support other popular Linux distributions including RHEL/CentOS, SUSE, and Debian.

Additional Information

For details about the features listed here, see the Actian Vector 5.1 Documentation Set, which is available for download in PDF format from https://esd.actian.com/product/docs and in searchable online format at https://docs.actian.com.

Emma McGrattan

About Emma McGrattan

As SVP of Engineering at Actian, Emma leads research and development for the Actian Vector, Actian Vector in Hadoop, Actian X and Ingres teams. A recognized authority in DBMS and Big Data technologies, Emma is a sought-after speaker at industry conferences. Emma has recently celebrated over 25 years in Ingres and Actian Engineering. Educated in Ireland, Emma holds a Bachelors of Electrical Engineering degree from Dublin City University.