Saturday, July 22, 2017

From a conversation on Facebook...

Due to IT being so new, the entire industry overlooked their own design principles and security measures. In 1999 or so, we knew software was going to be easy to write in the future. In fact, we thought that by 2010, most software would be complete with software developers being very specialized.
Andrew Brown Unfortunately, hacking culture took root on the internet and 'hacking principles' were taught throughout the corporate world. Many of the design principles in corporate America are based on hacking. The above software design returns the IT industry to safe practices.
Andrew Brown We, as the IT industry, must return to good programming principles of separating data from application and push SQL back into the database, where it belongs. I'm proposing a standard of Load/Store/Delete. That can be secured and monitored, eliminating nearly all hacks.

Wednesday, July 19, 2017

Proposal for a new Data Access Standard: Load/Store/Delete (sent to NIST yesterday)

Adopting a new standard will force a re-write of all Federal software.  Push SQL back into the database where it belongs.
  • All software is built to textbook standards.
  • Load/Store/Delete follows proper architectural n-tier design
  • Most systems can be re-written side-by-side with no downtime.
  • Supports surveillance and law enforcement while providing accountability.
  • Sufficient savings can follow through on Congress' 'borrow and pay from savings' plan.
  • Allows control into the, otherwise opaque, 'cloud'.
  • Fits into NIST's Cybersecurity Framework
  • Encourages distributed responsibility.
  • Easier to write, faster, with fewer bugs.  

All databases must expose an interface:  Load, Store, & Delete.  NIST reviews each vendors' implementation and decides if the interface is sufficient to meet the standard.

With a standard set, all Federal software would have to meet that spec.

Chris Liddell of the Office of American Innovation can assist in defining timelines for re-writing all Federal software.

Since "Load, Store, & Delete" creates enormous efficiency and accelerates the development cycle, this could be finished in months, including a re-write of a all IRS' software.

Proof-of-concept: System.Persistence

Designed for SQL Server/.NET has been in use for over 15 years.  ORB is supported.  ORM is supported.  See attached for how easy software is to write today.  Software is not rocket-science any more and this approach brings software development to the 'power user'.

Someone please forward this to Chris Liddell, as I do not have his contact information.

Please contact me for further information.  This can be done today.

Andrew B. Brown
4706 Elon Crescent
Lakeland, Florida 33810

Github: System.Persistence for .NET

Proof of concept using the Load/Store/Delete interface.

Friday, July 14, 2017

This would have been known and caught had System.Persistence been the standard.