FIS Releases Major Upgrade to GT.M - the Leading Open Source "NoSQL" Platform in Healthcare
FIS has just released a major upgrade to GT.M. GT.M is the database of record and “NoSQL” application development & deployment platform at some of the largest real-time core-banking and electronic health record systems deployments around the world. With its source code available under a free / open source software (FOSS) license, GT.M has been downloaded over 135,000 times from its primary site, is bundled with selected applications, and can be installed on contemporary Debian/Ubuntu systems with sudo apt-get install fis-gtm.
V6.3-000 brings significant enhancements to GT.M's use of encryption. One defensive technique is to reduce the "surface" available to an attacker, which V6.3-000 accomplishes in several ways.
An attacker with the wherewithal for a brute-force attack on encryption can in theory benefit from the voluminous, long-lived and structurally similar data in a typical application database, such as financial transaction and medical records. One component of a traditional layered defense-in-depth is to change encryption keys regularly. By enabling encryption keys for database files to be changed "on the fly," while a database is in use, V6.3-000 makes changing database keys both operationally simpler as well as less error prone. The prior technique required database regions to be extracted and loaded into newly created database files with keys different from those of their predecessors. Context-sensitive initialization vectors (IVs) in database, journal, extract and bytestream backup files (GTM-8117) further reduce the surface for a brute-force attack.
A properly configured Transport Layer Security (TLS, formerly known as SSL) session is required to secure a TCP connection. However, an attacker who can record a TCP session, and who has the wherewithal for a brute force attack, or with more affordable future computing power, can in theory retroactively break into and eavesdrop on the recorded session. Periodically renegotiating the session key (GTM-8302) means that an attacker who succeeds in breaking a key can only eavesdrop on that part of the session. Every renegotiation generates a new key that must be separately broken.
Note that GT.M continues to include no cryptographic software; cryptographic functionality is provided by your choice of independent, non-GT.M, cryptographic software that GT.M accesses through a plugin.
Distributions of GT.M since the introduction of database encryption have included the source code for reference implementations of the plugin as tested by FIS in the GT.M development environment against versions of popular encryption packages (noted in the release notes for each GT.M release). In V6.3-000, GT.M includes the source code of the encryption plugin, but not pre-compiled binaries, because the wide range of versions of cryptographic software across supported platforms made it unfeasible for us to provide a single binary that was guaranteed to run with the robustness we require of GT.M (GTM-8361).
V6.3-000 brings a number of useful enhancements, as well as other improvements. For example:
- Parallelization speeds MUPIP JOURNAL RECOVER/ROLLBACK operations (GTM-5007).
- For a replicated database even for an application that does not use transaction processing, MUPIP JOURNAL ROLLBACK FORWARD applies updates from a set of journal files to the restored backup of a multi-region database. This brings it to the same state that MUPIP JOURNAL ROLLBACK BACKWARD would when performed on the original database, providing the same consistency across regions that the MUPIP JOURNAL ROLLBACK provides (GTM-7291).
- Faster database exit, especially with large numbers of processes and databases with many regions (GTM-6301)
- Evaluation of certain string literal operations during compilation rather than execution (GTM-7762 and GTM-8404)
- Enabling concurrent access by more than 32K processes to a database file (GTM-8137)
- Significant performance improvements for certain UTF-8 mode use cases (GTM-8352)
With the release of V6.3-000, we are changing the organization of core information in the release notes for each GT.M version. Instead of M - Database Access, M - Other than Database Access, Utilities - MUPIP, and Utilities - Other than MUPIP, we have the following sections:
- Database – the core of GT.M; items we believe are of interest to all users
- Language – language features; primarily of interest to programmers
- System Administration – MUPIP and GDE; primarily of interest to administration and operations staff
- Other – DSE, LKE, and changes potentially of interest to a smaller subset of users than the sections above
As always, the release brings numerous smaller enhancements and fixes. These, and the enhancements referred to above with their change tracking numbers, are discussed further in the Release Notes.
GT.M – Rock solid. Lightning fast. Secure. Pick any three.
- Tags:
- brute-force attack on encryption
- Context-sensitive initialization vectors (IVs)
- cryptographic functionality
- Debian/Ubuntu systems
- Electronic Health Record (EHR) systems
- encryption
- FIS Global
- free/open source software (FOSS) license
- GT.M
- Health IT
- Linux OS
- medical records
- MUMPS database
- NoSQL
- open health
- open source NoSQL platform
- Transport Layer Security (TLS)
- VistA EHR
- Login to post comments