Diasoft Digital Q.Database

Main article: Database Management System (DMS)

2024

Compatible with Secret Cloud Enterprise

The company "Sickret Technologies" has completed the compatibility check of the Secret Cloud Enterprise system and the import-independent DBMS Digital Q.DataBase from Diasoft, which was last reported on September 10, 2024.

Test tests confirmed the compatibility of vendor solutions, high performance and reliability indicators when integrating the Secret Cloud Enterprise system and the Digital Q.DataBase DBMS.

FSTEC 4 Level of Trust Certification

The company Diasoft"" completed the certification process database management systems () DBMS Digital Q.DataBase and received a certificate on FSTEC level 4 of trust No. 4843 of 27.08.2024. The company announced this on September 4, 2024.

Obtaining the FSTEC certificate in level 4 of trust confirms that the Digital Q.DataBase DBMS has passed thorough checks and meets the strict information security requirements established by the Federal Service for Technical and Export Control.

The use of DBMS certified in level 4 of FSTEC trust is important for a number of organizations:

• Government agencies. The use of certified solutions is mandatory to protect state secrets and ensure the security of information systems.
• Financial institutions. Banks, insurance companies and other financial institutions can be confident in protecting their data and complying with regulatory requirements.
• Critical Information Infrastructure Facilities. Companies in the power, transportation, communications and other industries can use the Digital Q.DataBase DBMS to protect their critical information systems.
• Organizations that process personal data. Organizations working with a large amount of personal data can be confident in their safety and protection from unauthorized access.
• High level of security of Digital Q.DataBase DBMS

To ensure compliance with the FSTEC requirements, the following key improvements were implemented in the Digital Q.DataBase DBMS:

• Protection against unauthorized access. Mechanisms for authentication, authorization and audit of user actions are implemented, which minimizes the risk of unauthorized access to data.
• Cryptographic data protection. Use certified cryptographic algorithms to encrypt data and ensure its integrity.
• Access control and power sharing. A flexible access control system allows you to define rights and roles for different categories of users, providing separation of powers and minimizing the risks of internal threats.
• Ensure integrity and fault tolerance. Backup, recovery, and protection mechanisms for data loss and corruption.
• Audit and security monitoring. The system maintains a detailed log of all security-related activities and events, which allows you to quickly respond to incidents and analyze them.
• Monitoring the integrity of DBMS configuration, databases, stored procedures during DBMS startup and operation.
• Deletes database access objects used by the DBMS without recovery by overwriting modified portions of file system objects.

Digital Q.DataBase is designed to work with large amounts of data in multi-user environments and provides high performance, scalability and security. Digital Q.DataBase supports transactional processing and meets all modern data management requirements.

Adding a Security Pack

The company Diasoft"" improved the capabilities DBMS of Digital Q.DataBase by implementing the "Security Package." DBMS and all improvements meet the requirements FSTEC information security DBMS of the fourth level of trust. The company announced this on July 31, 2024.

The modern database management system (DMS) must meet the requirements for protection against unauthorized access to information, have built-in control of its integrity. Compliance with these requirements is an important criterion when selecting DBMS.

Key updates to Digital Q.DataBase due to the release of the "Security Pack": Enhanced protection against unauthorized access to information through SUID/SGID verification . Special permission bits allow users to run programs with the rights of another user or group. Identifying potential points of change in access rights to file system objects helps ensure system security.

 The mechanism for timely response to security violations has been finalized. Now safety events are registered in a special safety event log in accordance with GOST 59548-2022. For each security function, the DBMS defines the list of events required for logging.

Removing database access objects has become easier. Now, the changed portions of the file system objects  are overwritten by  random bit sequences without the possibility of recovery.

The mechanism of DBMS operation in the failover cluster has been improved. Added the ability to alternately update DBMS or individual components in the cluster while maintaining availability to DBMS. If the upgrade fails, you can revert to the previous state without interrupting the cluster.

The ability to control the integrity of the distribution kit, configurations, executable files and stored procedures has been improved - now the frequency of verification can be set manually. Digital Q.DataBase is part of the digital transformation ecosystem Digital Q and is a safe and fault-tolerant alternative to DBMS of foreign vendors.

Compatibility of PostgreDB DBMS with SearchInform CIB

The company SearchInform"" conducted a compatibility check of the certified in-system with FSTEC of Russia DLP SearchInform CIB the independent and certified in FSTEC Russia DBMS PostgreDB (Digital Q.DataBase platform), developed by the company "," Diasoft which announced this on March 25, 2024. More. here

2023

Release of IT custom code translation service with MS SQL

Diasoft on December 13, 2023 released a service for translating the custom code of the IT system from MS SQL to Digital Q.DataBase.

Diasoft offers a service for translating custom code in software products included in the development platforms Digital Q.FinancialMarkets, Digital Q.Consumer, Digital Q.Corporate and Digital Q.Payments (formerly products of the Diasoft FA# line), with MS SQL DBMS on Digital Q.DataBase. The service has been tested and tested in real projects.

Digital Q.DataBase is an import-independent hybrid DBMS developed by Diasoft. It includes three components: PostgreDB, TarantoolDB and ClickHouseDB, optimized for the requirements of software products for comprehensive bank automation.

The client receives instructions on preparing the source code on MS SQL for conversion. After preparing the code, the client transfers his company "Diasoft" through a secure resource. The Diasoft service automatically converts the code into the syntax of the PostgreDB component. As a result, the client receives successfully converted code and a protocol on problem areas of the code that have not passed automatic conversion.

Up to 95% of the code is converted successfully in one day. This reduces the financial and resource costs of conversion.

Code auto-conversion can be reused. This allows you to get two versions simultaneously with a single source code: in the MS SQL syntax and in the syntax of the PostgreDB component. Retraining of employees will not be required - developers will be able to write code, as before, on MS SQL.

The code generated by the converter stores all business logic of operation in the MS SQL syntax. Taking into account the improvements of PostgreDB for the requirements of software products, this allows you to reach the target performance of high-load systems. Optionally, Diasoft specialists can help with preparing the code for conversion, migrating the database and conducting all types of testing, including load testing and integration testing.

First stage of load testing of products for integrated bank automation

Diasoft specialists conducted the first stage of load testing of versions of products that are part of the development platforms Digital Q.FinancialMarkets, Digital Q.Consumer, Digital Q.Corporate and Digital Q.Payments (formerly Diasoft FA#) and support work on the import-dependent DBMS Digital Q.DataBase software requirements. Thanks to the optimization of their DBMS. Diasoft announced this on October 4, 2023.

Along with constant automated functional testing, both versions of products for comprehensive bank automation - running MS SQL Server and Digital Q.DataBase - are undergoing load testing. During testing, both transactional (multi-user, several users perform the same operations) and analytical (mass, one user processes a large amount of data) operations of the products "Deposit Service," "Settlement and Cash Service," "Financial Markets" and "Money Markets."

Load testing showed: 82% of operations work on PostgreDB (the main component of the Digital Q.DataBase DBMS) in the same way as on MS SQL Server or better:

• 16 test cases (47% of the total) showed the operating time on PostreDB corresponds to or less than on MS SQL.
• 12 test cases (35% of the total) showed the operating time on PostreDB uncritically higher than on MS SQL.
• 6 test cases (18% of the total) showed a higher operating time on PostreDB than on MS SQL Server.

High test results were obtained thanks to improvements and optimization of the Digital Q.DataBase DBMS, aimed at supporting the correct and effective operation of software products for comprehensive automation of banks (formerly Diasoft FA#).

Thanks to the use of our own developed DBMS, we got the opportunity that we did not have before - to optimize the DBMS for the needs of products. The synergy of DBMS refinements and product releases using automatic code conversion built into pipeline has borne fruit. Now these products work in PostreSQL syntax on Digital Q.DataBase stably and with high performance, - said Ilya Vissarionov, Director of the Hardware and System Platform Department at Diasoft.

Diasoft specialists continue to work on further optimizing the performance of development platform products and prepare the following tests with an expanded set of products and a higher load level.

Testing repeats the typical settings of only distribution functionality and does not take into account individual product settings and integration with other systems. Diasoft recommends including in the import substitution projects core systems that have a large amount of data and daily document management, work on manual or automated load testing of products on PostgreDB.

The ability to quickly respond to security violations in PostgreDB

Diasoft on July 31, 2023 announced the implementation of the latest FSTEC requirements in the Digital Q.DataBase DBMS.

The larger your organization's data warehouse, the more protection it needs. Regulators pay great attention to data security issues to minimize the risks of loss and leakage of information.

Diasoft has expanded the capabilities of PostgreDB, one of the components of the Digital Q.DataBase import-independent hybrid DBMS.

In addition to registering security events, PostgreDB has the ability to promptly respond to security violations. The system is able to counteract violations by blocking subnets, users, switching between cluster nodes, isolating data and closing ports.

For maximum data protection, Diasoft specialists have developed mechanisms for backup of incremental data, DBMS configuration, and also provided the ability to raise new cluster nodes in automated mode.

To ensure memory cleanup without the possibility of data recovery, DBMS integration with a certified operating system is required. In PostgreDB, such integration is possible. Now, after overwriting the deleted objects, the file length is additionally zeroed, and a more complex mechanism for overwriting a sequence of bytes on the hard disk is supported.

PostgreDB has improved mechanisms for checking the quality of user passwords and their compliance with security requirements, as well as the ability to force a password change and lock the user by the administrator. These improvements ensure compliance with FSTEC requirements in terms of user identification and authentication.

To monitor data integrity, PostgreDB has enhanced the ability to verify database configuration changes each time stored procedures are started and changed. If discrepancies are detected, the database or server will stop working.

These updates and a number of other improvements ensure that PostgreDB meets the fourth level of trust in accordance with the security requirements of FSTEC.

The Digital Q.DataBase infrastructure platform, which includes Diasoft-controlled fork of the relational database, PostgreDB, is a secure, high-performance and fault-tolerant alternative to the DBMS of foreign vendors. The high performance of PostgreDB is confirmed by load tests.

2022

Inclusion in the register of domestic software

The infrastructure platform Digital Q.Database is registered Unified Register of Russian Programs for COMPUTER and (DB registry entry No. 15561 of 18.11.2022).

Digital Q.Database Finalization

On July 20, 2022, Diasoft announced the completion of the development of the Digital Q.Database infrastructure platform, a hybrid DBMS, on the basis of which all the company's software products will operate.

Digital Q.Database is designed for large IT systems that require a high level of information security, eliminating sanctions risks, increasing development efficiency and performance. Testing of Diasoft products on the Digital Q.Database platform showed a significant increase in their performance.

The platform for July 2022 includes the following components:

• PostgreSQL is a fully controlled secure fork of the relational database by Diasoft.
• Tarantool is a high-performance in memory DBMS competing with SAP HANA. Allows online access to data, is also used as precache queries to PostgreSQL.
• ClickHouse is a generational database that allows you to very quickly perform operations on result-sets, provides effective construction of analytical reporting.

Diasoft took over the responsible ownership of PostrgeSQL, finalized and optimized it for efficient and correct operation as part of all its software products. Thus, Diasoft customers do not need to independently deal with the maintenance and update of PostgreSQL versions or spend time checking the source code for threats and vulnerabilities. After switching to Digital Q.Database, we provide comprehensive single window support, said Dmitry Grebenshchikov, director of import substitution technologies at Diasoft.

In the course of work on the Digital Q.Database infrastructure platform, a large list of improvements was implemented to support all Diasoft product lines: support for a 64-bit transaction counter, control of the request execution plan, work with the @ @ NestLevel global variable, support for convenient JSON, mandate access delimitation and many others.

The standard PostreSQL has been expanded with fault tolerance and monitoring tools, the possibility of incremental backup has been supported, database integrity control and other capabilities have been introduced.

In the near future, the Digital Q.Database platform will be registered Unified Register of Russian Software for Computers and Databases certification in and in, FSTEC which guarantees it. The information security platform uses algorithms enciphering similar in functionality to the most common DBMS of Western developers.

As part of the project to replace existing DBMS with Digital Q.Database, Diasoft specialists conduct a survey and, together with the client, form a target solution architecture. Next, the infrastructure is prepared, the database structure is created on Digital Q.Database. The Digital Q.Renovation technology platform allows you to migrate stored procedures and all the contents of the source DBMS. After data preparation, configuration and testing, the commissioning takes place. To ensure a seamless migration time transition, the ability to work in parallel with the old system and synchronize data is supported.

In order to support and develop software products that will work for Digital Q.Database, Diasoft has created a competence center. It includes the C and C++ development team, specialists in product setup, testing and administration. Active work is also underway to interact with the Postrges community.