<< WCF works in mysterious ways | Home | Connection Pooling: Implemention >>

NHibernate – Get Thou Out Of My Database

image There are evil people in this world, and some of them want access to my database. Unfortunately, they are often part of that nasty integration team and they try to integrate directly into my database. I tried beating them with clubs and lobbing arguments about letting other people mess with my implementation details, but they have been persistent. That is when I reached out to a technological solution for the problem.

I want to emphasize that this is the nuclear option and  you want to really consider it before going that route.

We are going to use NHibernate to do that, naturally. Here is how:

image

Which results in the following schema:

create table [tbl_-1434067361] (
   [col_287061521] INT IDENTITY NOT NULL,
   [col_4699698] INT not null,
   [col_-1966747349] NVARCHAR(255) null,
   [col_-649855325] NVARCHAR(255) null,
   [col_-649855326] NVARCHAR(255) null,
   [col_775690683] NVARCHAR(255) null,
   [col_-2127361396] NVARCHAR(255) null,
   [col_-1334581412] NVARCHAR(255) null,
   primary key ([col_287061521])
)

To make sure that we follow procedure, we are even using the naming convention of the organization! Lovely, isn’t it? It is obvious that this is my people table, right?

All arguments against this schema can be answered using: “It is more secured”.

It might be the nuclear option, but it tend to work :-)

Nitpicker corner: No, I don’t suggest you would do this, that is why the code is an image. This is just an example of how to programmatically modify the configuration and mapping. I only used it once, during a demo to the integration people, to get them to leave my DB alone. If you push something like that for production you should probably be shot.

Print | posted on Saturday, June 06, 2009 3:13 PM

Feedback

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/6/2009 5:35 PM Sebastian Markbåge

Any NHibernate/DDD introduction tutorial should come with this naming convention by default. THEN if you REALLY need to, you opt out.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/6/2009 9:00 PM SHODAN

Looks more or less as intelligible as the table/column names of a certain Swedish ERP system I've had the misfortune to work with..

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/6/2009 10:17 PM Marc Brooks

Oh dear, wouldn't a simple ROT13 be safer and still get the point across?

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 1:01 AM Ayende Rahien

Marc,
Why, this is _following the naming convention_ as laid out. :-)

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 3:01 AM PandaWood

nitpicker corner is a great idea btw - it's so often necessary

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 5:09 AM configurator

Did you steal the nitpicker's corner from The Old New Thing?

Also, this would return different results in 32-bit and 64-bit. Watch out!

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 6:39 AM Ayende Rahien

Configurator,
Yes, I did.
And I am absolutely shocked(!) that you even considered the possible implications of using this

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 3:10 PM Duckie

SHODAN -> I simply have to guess... Visma?

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 3:16 PM configurator

Ayende, once you've been bitten by string.GetHashCode() once, you never forget it. Trust me.

I don't use GetHashCode() for any purpose other than getting the hash code. *Any* purpose.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 4:38 PM FH

Ayende, I have a scenario where I need to do something like you did here. i.e.
1) Make table name and its columns un-understandable
2) Make data of few fields of few tables encrypted (preferably) or make it again difficult to understand with options like ORing or ANDing the data.

I am using NHibernate2.

What do you suggest?

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 4:49 PM FH

And still HSQL should work for operators = and like etc.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 9:35 PM Gunnar Liljas

This kind of schema obfuscation is used by several large ERPs, CRMs etc. Some even say "Want to work directly with our database? Sure thing. Just buy this document containing a translation to unobfuscated table and column names, and we wont mind."

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/7/2009 10:16 PM Ayende Rahien

FH,
You have the first part here.
The second is just setting up UserType with encryption

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 1:49 AM Jeremiah Peschka

I'm curious about why you would have to resort to even threatening something like this. What was the rationale? What were the implementation people planning on doing that you disagreed with?

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 2:18 AM Ayende Rahien

They wanted to touch my database

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 4:35 AM Mark

If you were using Hibernate - http://www.jasypt.org/

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 4:43 AM Mark

Jeremiah,
The "Domain" layer should not be bypassed by anything. It can and should be done by messaging. I am currently having to integrate with two systems that contain much of the same data but all so I have to create a MDM. Unfortunately the are not "enterprise" systems and thus the only way to integrate is at the DB. If they had system messaging (and a domain layer), I would probably be done in a few days.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 10:12 AM Onur BIYIK

I think this will NOT protect you from a really really nasty integration team.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 3:29 PM A. Nony. Mouse.

That looks very much like the AS400/DB2 tables I have to get data from every day. I feal right at home.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/8/2009 10:39 PM ORM Messiah

Dear Ayende,

If your database is so unusable tha tno one can understand it no one can query it except you, that is an unusable database.

A database should be able to be accessed by other people if necessary and should be well designed and descriptive just like writing good and readable code. What if you declared all your methods and fields in your class as Method_x123 and Field_x2342 ? (Btw, I have seen people do that!)

You are missing the boat here on what databases are all about and what data access layers should be doing ... surely not dictating database design!

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 12:22 AM Jeremiah Peschka

Mark,

Many folks in the database architecture field would disagree and say that the data access layer should be contained in the database because you can never guarantee where data access will come from nor can you guarantee the life cycle of your application language of choice. Which is neither here nor there, I was simply curious what Ayende was worried about the implementation team doing. Personally, as a database developer, I was curious as to why he was concerned about them touching the DB.

Now I know and I can happily go back to writing stored procedures.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 1:40 AM Ayende Rahien

ORM Messiah,
I guess you missed the nitpicker corner.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 4:26 AM Mark

Jeremiah,
Oh, i know they do disagree. That is why they are database architects and not system/solution architects. Even if you have the data access layer in the db, you save very little in the application coding wise, They still have to have their own DAL.

I was just further explaining the "why" and trying to help Ayende explain it to you

In applications, the database is part of the application (system). If it isn't then it belongs to another application and should be treated as such. I've done plenty of systems both ways in many languages, databases and platforms. I am not just an "app" developer. That is why I have the skill and ability to see it from all perspectives and make the best decision.

Enjoy the store procs! I'll go back to coding loosely coupled systems.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 4:29 AM Mark

ORM Messiah,
It is called code obfuscation and there are tools to do it pre-deployment. It is a valid concern. Sadly, there is not a good way to do it with the database. Using an ORM makes it much easier though. Using Stored procs is a form of obfuscation too.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 5:38 PM ORM Messiah

Mark : He didn't mean after deployment, he was talking about other people within the project! Ayende Said: 'Unfortunately, they are often part of that nasty integration team and they try to integrate directly into my database. '

Obfuscating the database so the integration team cannot use is definitely vile. If you have to obfuscate your database so that no one can integrate to it, I repeat you have a useless database. You completely missed the boat on what databases are for.

Objects can present an integration point too, but for reporting and warehousing and other database related purposes other people should be able to use your database.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 5:44 PM Ayende Rahien

And you are _still_ missing the nitpicker corner, amazing.

And that wasn't in _my_ team, it was _another_ team totally unrelated to me.

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/9/2009 6:26 PM ORM Messiah

Its interesting that the ORM and loose coupling debate always sparks up whenever nhibernate is mentioned.

Mark says : ' I'll go back to coding loosely coupled systems. '

Jeremiah says: 'Many folks in the database architecture field would disagree and say that the data access layer should be contained in the database'

If Nhibernate and ORMS solved the dataaccess and loose coupling problem elegantly it would not be popping up all the time. Seems like there is still a lot missing and people keep going back to stored procs and straight data access.!

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/11/2009 10:29 AM FH

Ayende,
Can you please shed some lights and explain how setting up UserType with encryption is going to enable HQL or criteria queries involving 'like' operator for string based columns?

Gravatar

# re: NHibernate – Get Thou Out Of My Database 6/13/2009 6:15 PM Ayende Rahien

It should just work, I believe

Gravatar

# re: NHibernate – Get Thou Out Of My Database 8/2/2009 6:43 PM basmin

thanks for example to programmatically modify the configuration and mapping.
i'm a beginners and your post very useful for me.

thanks.

Comments have been closed on this topic.