Cybernetica’s Data Exchange Technologies team is glad to announce the next version of our main product: UXP Core. UXP Core 1.11 is mainly a maintenance release with no major changes to the architecture. This blog post outlines the major changes introduced with this release.
UXP 1.11 includes full support for IPv6. Although it was possible to enter IPv6 addresses in the user interfaces before, this version features official and fully tested support for both IPv4 and IPv6 protocols in various configurations.
The new UXP version restricts the character set of identifiers used in messages. The new character set consists of Latin characters as well as underscore (_) and minus (-). This change applies to instance identifiers, member class names, member codes, subsystem codes, group codes and server codes. For service codes, the previous requirement (must be a valid XML element name) still stands.
The main reason for this change is to avoid various problems stemming from supporting the full Unicode character set. For example, all the substitutions of the IDN homograph attack (see for details) were previously possible with the UXP identifiers. In addition, there existed no reasonable human-readable string representations of the full identifiers (apart from the full XML encodings). Typical approaches such as INSTANCE/MEMBERCLASS/MEMBERCODE did not really work because the codes themselves could contain slashes and/or spaces. With the restricted syntax, there exists a unique string representation for UXP identifiers that can be parsed back to the data structure format.
The migration to new identifier format is done in a stepwise manner. As a first step, the user interfaces restrict the entry of new codes. Therefore, all the newly created entities will use the restricted character set. However, any existing entities will still be displayed correctly and the protocol supports all characters. This allows us to support the current state while ensuring that the new installations and new entries use the new syntax.
UXP version 1.11 brings further improvements to the Hardware Security Module (HSM) support. First of all, we add AWS CloudHSM to the list of officially supported HSMs. AWS CloudHSM is a convenient way to implement strong (FIPS 140-2 Level 3 certified) key protection without the costly initial investment that is associated with installing a physical HSM. In addition, the systems administrator is now able to configure a wide array of HSM parameters meaning that it is now possible to support variety of HSM devices.
In addition, UXP 1.11 introduces some technical changes, aimed at simplifying the development and deployment of the product.
- The UXP Core packaging is now more modular. We have split the previously monolithic uxp-common package to several smaller packages. This simplifies installation and avoids installation of unnecessary components.
- As usual, we upgraded the versions of third-party libraries used by the UXP components. This ensures that we have access to the latest functionality as well as have the latest security fixes.
- We implemented numerous smaller improvements and bug fixes. We also improved documentation to improve ease of understanding.
Bundled with the UXP 1.11 release is the next release of our monitoring solution. UXP Monitoring 2.1 is a maintenance release containing mainly minor enhancements and fixes as well as updated versions of third-party components.
Cybernetica continually improves UXP according to current and future customer needs. Improvements are based on the latest research and address security, performance, stability and usability.