Synopse Open Source

2016-07-30

Bloom Filter and Big Data

By AB4327-GANDI, 2016-07-30. Open Source › mORMot Framework

Especially if you are dealing with a lot of data, you often need a way to identify if a value is available in a value set.
A typical use case is if you have data sharded among several nodes, and you want to avoid asking each node for each incoming request.

A naive approach could be to store all data in a memory list.
But here we are really talking about a lot of data, and it would simply not fit into a memory list.

We may say that it is the purpose of a database to maintain such a list.
So you start a good CREATE TABLE on your RDBMS with a single indexed primary key column, fill it with your data, and run a proper SELECT.
But it takes a lot of storage, insertion is slow, and this database becomes a bottleneck.

Then you consider using some NoSQL database like Redis.
It is faster than a RDBMS, but it tends to use a lot of memory, and it is still resource consuming to update the values.

No comes Bloom Filter magic.
It allows to store the presence of high-number of values with a small memory space, with a predefined ratio of potential false positives.

We just introduced a TSynBloomFilter class in our Open Source mORMot framework trunk, which features an optimized and self-tuning Bloom Filter storage, with potential low-bandwidth synchronization over the wire.

2016-05-30

SOA and stub/mock working on Linux x86, x64, arm32 and aarch64

By AB4327-GANDI, 2016-05-30. Open Source › mORMot Framework

Some patches, provided by ALFred, did introduce some new platforms under Linux: Linux x86 (aka Intel 32-bit) Linux x64 (aka Intel 64-bit) Linux AARCH32 (aka ARM 32-bit) Linux AARCH64 (aka ARM 64-bit) It needs the latest trunk version of the FPC compiler, and the "Interface Enhanced RTTI" […]

2016-05-14

Anti-forensic, safe storage of private keys

By AB4327-GANDI, 2016-05-14. Open Source › mORMot Framework

In any modern application, especially on Client/Server nTier architecture as our little mORMot offers, we often have to persist some private keys in a safe way.
Problem with such keys is that they consist in small amount of bytes (typically 16 or 32 bytes), easy to be left somewhere in disk or memory.
Given the abilities of recent forensic data recovery methods, data can't be destroyed on magnetic or flash storage media reliably.

We have just added to our SynCrypto OpenSource library the Anti-forensic Information Splitter algorithm, as proposed in TKS1, and implemented in the LUKS standard.
LUKS is the de-facto standard of platform-independent standard on-disk format for use in various tools.

2016-04-22

Support of Delphi 10.1 Berlin

By AB4327-GANDI, 2016-04-22. Open Source

You should have noticed that Delphi 10.1 Berlin has been released. Our Open Source projects, including mORMot and SynPDF and their associated documentation have been updated to support this new revision. Any additional feedback is welcome, as usual!

2016-04-09

AES-256 based Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)

By AB4327-GANDI, 2016-04-09. Open Source › mORMot Framework

Everyone knows about the pascal random() function.
It returns some numbers, using a linear congruential generator, with a multiplier of 134775813, in its Delphi implementation.
It is fast, but not really secure. Output is very predictable, especially if you forgot to execute the RandSeed() procedure.

In real world scenarios, safety always requires random numbers, e.g. for key/nonce/IV/salt/challenge generation.
The less predictable, the better.
We just included a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) into our SynCrypto.pas unit.
The TAESPRNG class would use real system entropy to generate a sequence of pseudorandom bytes, using AES-256, so returning highly unpredictable content.

2016-02-08

Linux support for Delphi to be available end of 2016

By AB4327-GANDI, 2016-02-08. Pascal Programming

Marco Cantu, product manager of Delphi/RAD Studio, did publish the official RAD Studio 2016 Product Approach and Roadmap.
The upcoming release has a codename known as "BigBen", and should be called Delphi 10.1 Berlin, as far as I understand.

After this summer, another release, which codename is "Godzilla", will support Linux as a compiler target, in its Delphi 10.2 Tokyo release.
This is a very good news, and some details are given.
I've included those official names to mORMot's internal compiler version detection.
Thanks Marco for the information, and pushing in this direction!

My only concern is that it would be "ARC-enabled"...

2016-01-09

Safe locks for multi-thread applications

By AB4327-GANDI, 2016-01-09. Open Source › mORMot Framework

Once your application is multi-threaded, concurrent data access should be protected. We already wrote about how debugging multi-thread applications may be hard.
Otherwise, a "race condition" issue may appear: for instance, if two threads modify a variable at the same time (e.g. decrease a counter), values may become incoherent and unsafe to use. Another symptom of broken logic is the "deadlock", by which the whole application appears to be blocked and unresponsive, when two threads have a wrong use of the lock, so are blocking each-others.
On a server system, which is expected to run 24/7 with no maintenance, such issues are to be avoided.

In Delphi, protection of a resource (which may be an object, or any variable) is usually done via Critical Sections.
A critical section is an object used to make sure, that some part of the code is executed only by one thread at a time. A critical section needs to be created/initialized before it can be used and be released when it is not needed anymore. Then, some code is protected using Enter/Leave methods, which would lock its execution: in practice, only a single thread would own the critical section, so only a single thread would be able to execute this code section, and other threads would wait until the lock is released. For best performance, the protected sections should be as small as possible - otherwise the benefit of using threads may be voided, since any other thread would wait for the thread owning the critical section to release the lock.

We will now see that Delphi's TCriticalSection may have potential issues, and what our framework proposes to ease critical section use in your applications.

2015-12-11

Audit Trail for Services

By AB4327-GANDI, 2015-12-11. Open Source › mORMot Framework

We have seen previously how the ORM part of the framework is able to provide an Audit Trail for change tracking.
It is a very convenient way of storing the change of state of the data.

On the other side, in any modern SOA solution, data is not at the center any more, but services.
Sometimes, the data is not stored within your server, but in a third-party Service-Oriented Architecture (SOA).
Being able to monitor the service execution of the whole system becomes sooner or later mandatory.

Our framework allows to create an Audit Trail of any incoming or outgoing service operation, in a secure, efficient and automated way.