Cybernetica

Menu

Product Timeline

If you would like to learn about our technology roadmap, please reach out to us at
uxp-advisory@cyber.ee.

Release notes

December 2020

For more details of the December 2020 release, see the blog post.

UXP Core 1.14.0

  • Service providers can now add access rights to REST APIs on a more granular level. See UXPUG-SS Section “Dividing a REST API into Endpoints”.

    • Security server supports defining specific endpoints for REST APIs, including dynamic endpoints like /posts/{id}.

    • Service administrators can control access rights on an API endpoint level.

    • Service administrators can control which HTTP operations (GET, DELETE, etc.) can each service client perform on an endpoint.

  • Service providers can add HTTP headers for both REST and SOAP services. Headers can be used to configure authentication between the security server and the API.

  • Security servers do not accept REST requests that include client and service identifiers in URL. The identifiers must be placed in HTTP headers. For the accepted format, see UXP-UG-SS Section “REST Request Format”.

  • Security servers now have a status info service that can be used by third-party load balancers to choose a healthy target security server in a cluster setup.

  • Security server can be configured to use its status information to decide whether to accept incoming requests (by default disabled). If enabled, a security server with status DOWN stops responding to HTTP(S) requests so other servers in the cluster with status UP can serve the request. This improves the reliability of a security server cluster.

  • To help security server administrators with keeping all security servers in a cluster synchronized, we have added functionality to export relevant client and service information in a file. Configuration files can be imported to other security servers.

  • New user guide Security Server: Configuring High Availability and Load Balancing. See UXPUG-SSHA.

  • Registry server has now a new global group for all subsystems found in the global configuration. This subsystem can be used to make services available to all instance members.

  • UXP metainfo services that can be used to discover service providers and their services are now available over REST requests. See UXP-PR-META.

  • Added scripts that help UXP server administrators gather relevant information about current state of a server.

  • Security servers and registry servers are now incompatible with UXP Monitoring server versions 1.x. Security servers will not forward monitoring information to old monitoring server.

  • UXP 1.14 is incompatible with UXP Directory version 2.2 and below. Before upgrading the registry and security servers, UXP Directory must be upgraded to version 2.3 or above.

  • Performance improvements on high message load.

  • UI layout was changed in security server client dialog.

  • Upgraded versions of third-party libraries and components to ensure security of the system.

  • Multiple minor fixes and improvements.


September 2020

For more details of the September 2020 release, see the blog post.

UXP Monitoring 2.3.0

  • Added support for EC keys and longer (3072 and 4096 bit) RSA keys for the monitoring server TLS certificate.

  • Added support for TLS 1.3 (now a default protocol) between the monitoring server and security server. TLS 1.2 is still supported for backward compatibility.

  • Ubuntu 20.04 LTS is now a supported (and recommended) platform. See Ubuntu upgrade guide UXP-UPG-UB20.

  • Upgraded versions of third-party libraries and components to ensure security of the system.

  • Multiple minor fixes and improvements.


August 2020

For more details of the August 2020 release, see the blog post.

UXP Core 1.13.0

  • Added support for elliptic curve (EC) keys for software token and hardware tokens (EC keys as security server encryption keys are currently not supported).

  • Added support for EC keys for nginx and internal TLS certificates.

  • Added support for longer (3072 and 4096 bit) RSA keys.

  • Improved TLS communication.

    • Added support for TLS 1.3 (now a default protocol). TLS 1.2 is still supported by default for backward compatibility.

    • Added stronger default enabled TLS cipher suites.

    • It is now possible to configure enabled cipher suites for TLS communication between security server and information system.

  • Improved procedure for changing the security server internal TLS certificate.

    • It is now possible to change the certificate smoothly.

    • It is now possible to import a certificate (generated by an external certificate authority) and the corresponding private key as a PKCS#12 keystore.

  • Server side listening port between security servers is now distributed together with security server address via global configuration. It enables to change the listening port of the security server without breaking connections with other security servers. This functionality can be used only after all the registry servers and security servers of the UXP instance are upgraded to current version.

  • Security server owner connection type for servers in service consumer role are now fixed to HTTPS to improve security.

  • Ubuntu 20.04 LTS is now a supported (and recommended) platform. See Ubuntu upgrade guide UXP-UPG-UB20.

  • Multiple minor fixes and improvements.


April 2020

For more details of the April 2020 release, see the blog post.

UXP Connector 1.6

  • UXP Connector keeps now an audit log. The audit log events are generated by the user interface when the user changes system state or configuration. The audit log is located at /var/log/uxp-connector/uxp-connector-audit.log. The audit log events are described in the document “UXP Connector: Audit Log Events”.

  • The connection security between the UXP Connector and the UXP Security Server has been redesigned. It can be configured via the Connection Security page. This includes the following functionality:

    • Connector certificate can be downloaded from the user interface.

    • Connection security mode (whether the client system must be authenticated or not) can be checked from the user interface.

    • Connection security mode can be turned on and off through the command line interface.

    • Client system internal certificates are now called trusted certificates and are detached from a subsystem code.

    • A keystore with a private key and a certificate can be generated for a client system other than security server directly in UXP Connector user interface.

    • Read more in user guide section “Connection Security”.


  • While running test queries through UXP Connector the query is now rolled back by default so the query has no effect on the database state. The user can choose to commit the query to keep the changes.

  • Internal test queries run through Connector are now logged to query log.

  • Service created using Connector must now be assigned to a WSDL file in order to be published.

  • Connector users are now managed as UNIX users who belong to a special user group. Similarly to UXP Core components. Read more in user guide section “Managing Connector Administrator Accounts”.

  • Connector uses now c3p0 library for connection pooling between Connector and database.

  • Updated versions of JDBC drivers included with Connector.

    • Reminder for MariaDB driver users: Float comparison has to be done now using the LIKE keyword instead of equals sign (=).


  • Various smaller improvements and bug fixes.



March 2020

For more details of the March 2020 release, see the blog post.

UXP Core 1.12

  • There is a new component UXP Verifier. It can be used to view the contents of the message log stored in the security server as well as download and verify individual signed messages.

  • There is new HTTP header Uxp-Transaction-ID. It is automatically generated by the security server to contain a unique value for every message mediated by the security server. The transaction ID is also saved to the message log and can be used to uniquely identify UXP messages.

  • There is a new configuration option to disable saving the technical messages (monitoring and metainfo services) to message log. This can help to save disk space if there is no need create proof value for exchanges that do not involve business data.

  • Java Runtime Environment is upgraded to version 11. The other third-party libraries and components are upgraded as well to ensure security and good performance of the system.

  • Version 7.x of Elasticsearch and Kibana tools is now supported for local monitoring. Elasticsearch clusters are now supported.

  • The old Request Statistics Document (the old format for UXP statistics) is no longer supported in local monitoring.

  • Ubuntu 18.04 is now the oldest supported platform.


UXP Directory 2.1

  • It is possible to visualize the data exchange between organizations (who has communicated with who) using either a graph or a heat map.

  • It is possible to download subset of the data exchange statistics as open data.

  • The UXP Directory can now be installed in a cluster.

  • It is now possible to customize the user interface.

  • Java Runtime Environment was upgraded to version 11.


UXP Monitoring 2.2

  • Java Runtime Environment is upgraded to version 11. The other third-party libraries and components are upgraded as well to ensure security and good performance of the system.

  • Version 7.x of Elasticsearch and Kibana tools is now supported. Elasticsearch clusters are now supported.

  • Added monitoring server cluster support. Multiple monitoring servers can be configured to use the same Elasticsearch cluster.

  • Added email notification support. The Monitoring Server can now send e-mail when collecting monitoring data from security servers fails.

  • Ubuntu 18.04 LTS is now the oldest supported platform.



December 2019

Find detailed overview of the release in our Blog.

Directory 2.0

UXP Directory 2.0 is a rewrite of the previous UXP Service Directory product. The new version is no longer focused only on services but provides a good overview of the whole UXP installation. The main changes are the following.


  • The user interface is redesigned to be more user friendly. The UI also supports localization.

  • The Directory provides information about members, subsystems and services. The UI provides visualization of the input and output parameters of the service.

  • It is possible to upload additional information to directory, such as contact information for members or human-readable documentation for services.

  • The front page shows a dashboard providing the overview of the most important statistics of the UXP installation.

  • For every directory entry (member, subsystem, service), the Directory displays statistical information - how many requests are associated with the entry.


August 2019

Find detailed overview of the release in our Blog.

UXP Core 1.11

Full support for IPv6.

Improved Hardware Security Module (HSM) support.

More modular packaging.

Restricted charset of UXP identifiers.

Upgraded versions of third-party libraries.

Implemented various improvements and bug fixes, updated documentation.

UXP Monitoring Server 2.1

UXP Monitoring 2.1 is a maintenance release containing mainly minor enhancements and fixes as well as updated versions of third-party components.

December 2018

UXP Core 1.10

Added support for new monitoring server (version 2.0).

  It is now possible to get detailed statistics for central Monitoring Server.

Ubuntu 18.04 is now a supported (and recommended) platform.

Improved SOAP fault handling.

Bug fixes and minor improvements.

UXP Monitoring Server 2.0

Rewrite of the monitoring server.

Support for new monitoring protocol and detailed statistics.

Support for ElasticSearch version series 6.x and Kibana version series 6.x.

UXP Connector 1.5

Ubuntu 18.04 is now a supported (and recommended) platform.

Bug fixes and minor improvements.

UXP Portal 1.4

Ubuntu 18.04 is now a supported (and recommended) platform.

Bug fixes and minor improvements.

August 2018

UXP Core 1.9

Licence management system is improved.

  It is now possible to delegate license signing to another entity.

  Different products installed on the same machine can use separate licenses.

  Licenses can be viewed and managed in the user interface.

Monitoring system supports version 6 Elasticsearch and Kibana tools.

Local monitoring provides more detailed transaction statistics.

Ubuntu 14.04 is no longer a supported platform.

User guides and installation guides contain more detailed information and are restructured for better readability.

User guide can also be accessed from the user interface as online help.

Third party libraries and frameworks are updated.

Several smaller usability, performance and security enhancements.

UXP Connector 1.4

UXP Connector supports the updated UXP license system.

Licenses can be viewed and managed in the user interface.

User guides and installation guides contain more detailed information and are restructured for better readability.

Third party libraries and frameworks are updated.

UXP Portal 1.3

UXP Portal supports the updated UXP license system.

Licenses can be viewed and managed in the user interface.

User guides and installation guides contain more detailed information and are restructured for better readability.

Third party libraries and frameworks are updated.

October 2017

UXP Core 1.8

UXP now has Azure Key Vault support

UXP has support for additional message encryption (can use encryption algorithms that are not supported by TLS)


UXP Connector 1.3

It is now possible to configure content-type header used for sending attachments

Added output parameter type FILE. FILE parameters point to files in the file system that are returned as attachments

UXP Portal 1.2

Added support for authentication plugins

Added support for attachments

Improved multilanguage support

June 2017

UXP Core 1.7

REST APIs can now be provided and consumed over UXP infrastructures

WSDLs containing import statements are now supported

UXP Service Directory 1.0

Initial version of the UXP Service Directory

May 2017

UXP Core 1.6

Upgraded to new version of Elasticsearch for collecting monitoring analytics

Security and performance improvements

Improved Registry Server high availability solution

April 2017

UXP Trust Services 1.1

Fixes and improvements added

March 2017

UXP Core 1.5

UXP can now be installed on Ubuntu 16.04 LTS

WSDLs that do not describe response message (push services) are now supported.

February 2017

UXP Connector 1.2

UXP Connector can be installed on Ubuntu 16.04 LTS

JDBC drivers for popular databases (PostgreSQL, MySQL/MariaDB, MS SQL, HSQLDB) are packaged with UXP Connector

Updated documentation

January 2017

UXP Portal 1.1

UXP Portal can be installed on Ubuntu 16.04 LTS

December 2016

UXP Portal 1.0

First release of UXP Portal.

October 2016

UXP Core 1.4

UXP now supports SOAP 1.2 messages

UXP WSDL handling now supports services without UXP/X-Road headers. This allows providing existing SOAP services via UXP without any modification.

August 2016

UXP Trust Services 1.0

Initial version of UXP Certiciation Registration Authority.

July 2016

UXP Core 1.3

UXP supports translation of user interfaces.

Several security improvements.

June 2016

UXP Connector 1.1

SOAP attachments are supported.

User interface can be translated to other languages.

Connections with security server are secured using mutually authenticated TLS.

April 2016

UXP Core 1.2

UXP Monitoring Server is introduced.

March 2016

UXP Core 1.1

UXP supports multihomed mode of operation.

Added system status view in security server.

Several bugfixes and enhancements.

January 2016

UXP Connector 1.0

First version of UXP Connector.

December 2015

UXP Core 1.0

First release of UXP Core components.

About

Cybernetica continually improves UXP product according to current and future customer needs. Improvements are based on the latest research and address security, performance, stability and usability improvements.

Cybernetica provides full set of necessary software to establish secure data exchange between organisations and information systems. Here are the details about stable releases by different components.