When building cloud native applications, you need a reliable and efficient data platform. Reliable microservices need a way to store state, whether it’s a NoSQL key / value system or a large-scale scalable SQL database. Azure is no different, and over the past few years Microsoft has built a cloud data service that combines its own data platform with an open source data platform to provide to developers.
At the Build 2021 developer event, Microsoft aims to announce major changes to its data platform to make it more attractive to developers and provide features that will help build a new generation of apps. ..
Azure SQL adds immutable registry
One of the most compelling things, the release of the Azure SQL Ledger feature, better understands Microsoft’s announcement to shut down the blockchain platform as a service in Azure. Much of the development of the enterprise blockchain is focused on its role as an immutable source of transactional data, and systems and processes need a reliable record of what has been done by whom.
This is where the latest ledgers come in to create blockchain-like validation models. However, here the registry is another table in a familiar database that can provide that point of trust without the need for a complete overhaul or redesign of the application. If you just want to add a new cryptographically secure ledger table to your existing database to manage your data, there’s no need to replace your existing database with a complex and relatively slow blockchain.
It’s all part of the familiar SQL Server that runs in Azure, so you don’t have to learn new skills or implement new tools. You can update your existing application to add registers without needing a new code. All of them can be managed in the database by developers and database administrators using existing database management tools.
Use Azure SQL Ledger in your application
You can include such a registry in your Azure SQL database to ensure that the data in the database has not changed. This tool helps you comply with regulations (especially if an audit is required) and reduce the risk of malicious modification of your data to cover up fraud and other financial crimes. The general ledger table contains the encrypted hash of the transaction. The hash itself can be stored outside of the database in Azure’s existing tamper-proof storage service for additional protection.
Azure SQL ledger tables support both updateable ledgers and complementary ledgers. An editable register shows how the data in the database has changed. For example, you can track changes to your bank account or your product inventory. The updatable register displays the delete and insert operations used to update the managed table, along with the associated transaction ID. Add-only registers block update and delete operations and support insert-only templates. This reduces the complexity of the general ledger structure, but limits the use cases to blockchain-like behavior.
With additional dedicated ledgers in SQL Azure, you can build blockchain applications of the type provided by Azure Blockchain Services and work with trusted partners to capture Electronic Data Interchange (EDI) or similar business transactions. You can manage the data structure. However, by removing the overhead associated with distributed data structures, you achieve much better performance while enjoying the security benefits of blockchain (and reducing the energy demands associated with proof-of-work blockchain). can do.
Azure SQL Ledger is similar in concept to the Linux Foundation Hyperledger project, but with an emphasis on improving transactional integrity and security in a pure SQL environment. With SQL Azure Ledger, you should be able to go back on each transaction, identify errors, and provide a level of confidence that is currently unavailable.
Azure SQL General Ledger Operations
Due to the emphasis on using monolithic stores, there are still issues with the Azure SQL Ledger model. It can be used with databases that scale in a single region using SQL Hyperscale, but if you want to flexibly split the database geographically, each partition will need its own registry to support them. local transactions. I go. It is not currently designed to work with distributed transactions. If you plan to build a system that uses this approach, it’s a good idea to use something like Cosmos DB to build your own general ledger system as part of your application.
The data associated with a particular partition resides in a particular register, and as new partitions are deployed new registers can be added, so having several separate registers is not a problem for them. distributed applications. You need to keep track of your ledger, which should be possible in Azure SQL tools and the Azure portal.
Protect open source databases in Azure
Security is also required for the trusted platform, and Azure extends the capabilities of Azure Defender, an active cloud workload protection tool. Build has confirmed that it adds more database support than current Azure SQL support. The latest version adds a public preview of Azure’s PostgreSQL and MySQL services. Azure Defender runs outside of your app and provides a flow of security data to your Azure Security Center dashboard. This dashboard allows you to monitor your application for the first signs of an attack.
Azure Defender, based on Microsoft’s Security Graph platform, not only identifies known attacks, but also highlights anomalies that may indicate an attack in progress. Adding security to your database reduces the risk of breaches and data breaches, indicates where your database is vulnerable, and advises you on appropriate mitigation measures.
Update Cosmos DB for secure data
Microsoft hasn’t skipped core services in this Azure update. Its Cosmos distributed database still supports encrypted data, so you can encrypt data and lock sensitive data before saving it to a JSON document. Combined with the general availability of the role-based access control tools of Cosmos DB, it allows the right users to access your data, and even if an intruder or malware obtains unauthorized access, you don’t have not the correct encryption key. The data will not be available. ..
In addition to the new security, Cosmos DB has supported a built-in in-memory cache that can reduce calls to the underlying production Cosmos DB instance. It works like a Redis cache and is billed at a fixed hourly rate, which helps keep costs down.
In addition to secure access to your data, Azure’s Synapse analytics tools get uncoded links to Dataverse in Dynamics 365 and Power Platform. Dataverse and Synapse integration for business analysts and developers to host business system operational data (and connect to third-party open data-enabled platforms such as SAP and Adobe Marketing Cloud). Other opportunities will be opened. You can combine cloud and enterprise data sources for use on the Azure development platform. This includes training new machine learning systems and providing large, labeled data sets to customize the built-in Azure Cognitive Services model.
The combination of data platform features Microsoft added to Azure in version 2021 should help developers deliver reliable cloud-scale applications. There’s a lot to look forward to here, especially in combination with other new Azure features, such as improved API management, additional machine learning services, new free and inexpensive hierarchies for many services and more. application services. There is. The whole platform is more attractive for developing and running business critical applications.
Copyright Â© 2021 IDG Communications, Inc.