AsterionDB Zero Trust Architecture

Frequently Asked Questions

Table of Contents

AsterionDB – A ZeroTrust Data Security Platform

What is AsterionDB?

AsterionDB is a comprehensive solution that merges all data types (structured & unstructured) and all business logic in the Oracle Database.  AsterionDB provides a complete environment within which to build, develop and test fully integrated applications and software systems.

Unlike other design paradigms that rely upon separate systems to manage structured data, unstructured data and business logic, AsterionDB merges these critical components within a common architecture. The results are increased data availability, security, efficiency, ease of use and development.

AsterionDB moves beyond ‘zero-trust’ by implementing a security model that enforces granular security for all data access and modification operations.  AsterionDB ensures that only your audited, secure business logic is allowed to access your data.

AsterionDB includes components that turn the middle-tier into an elastic, security isolation layer.  With no business logic or data resources, the middle-tier’s sole responsibility is to act as a protocol transformation layer between the client and data layers.

Moving my files into a database seems scary, is it?

You already have your files in a database.  The legacy file system is in fact a database!  It was also the first successful mission critical application.  But the file system is saddled by an archaic design paradigm that AsterionDB helps you to move beyond.

What does the AsterionDB architecture look like?

The AsterionDB system architecture is fairly straightforward.  We have components in the database and on a compute node.

In the database, we have all of the schema objects such as tables, packages, users etc.

On the compute node we have four framework components:

  • DbTwig – this is a Node-JS / Express based middle-tier application that handles the protocol transformation between HTTP and SQL
  • DbPluginServer – this framework component adds intelligence to the database
  • DbObscura – this framework component provides file system gateway capabilities
  • DbStreamer – this framework component enables direct HTTP streaming of unstructured content from the database


What programming languages are used in AsterionDB?

The AsterionDB components are written in C, PL/SQL and JavaScript primarily.  We use SQLDeveloper to write, test and debug all of our data-layer code written in PL/SQL.  We use VisualCode to write our JavaScript based Web application and DbTwig, the middle-tier adapter.

Is AsterionDB only available for the Oracle Database?

Yes.  The Oracle Database is the only RDBMS with the advanced capabilities that are required by AsterionDB.  

You can still use AsterionDB, however, in other environments through our HTTP based RestAPI.  In this case, AsterionDB looks just like another service that you utilize over the network.

Is AsterionDB an alternative to NoSQL?

Yes, most definitely.  We are the preferred alternative to NoSQL when it comes to managing unstructured data.  NoSQL is crippled by the extensive data transformation required to store, retrieve and work with binary documents.  In contrast AsterionDB, coupled with the Oracle Database, treats unstructured data as LOBs that are stored in BLOB or CLOB columns.  We also allow existing file-based programs to continue accessing data as a file when needed and  directly integrate HTTP streaming capabilities into the database.

In contrast, NoSQL will never be able to match the integrated and converged nature of the AsterionDB / Oracle combination, especially when it comes to managing business logic.  NoSQL is crippled again by its inability to directly express business logic within the data layer.

NoSQL is also unable to provide the baseline security capabilities required by AsterionDB.

Finally, the Oracle Database supports JSON as a data-type stored in a table/column.  AsterionDB, in fact, uses this capability throughout its architecture for both data storage and as a transmission format.

Is AsterionDB an alternative to Amazon S3 and Object Storage?

Yes.  AsterionDB can manage objects of any size and allow you to deeply integrate unstructured data into your application architecture.  S3. in comparison, is an entirely separate system that you must manage and integrate into your application architecture.

In on premises situations where database storage costs are largely mitigated, you may choose to keep all of your objects online and available.  In cloud based situations where database storage costs are of concern, AsterionDB can manage the off-loading of objects into various states of ‘cold storage’.

Is AsterionDB an alternative to DBFS?

Yes.  DBFS is technology from Oracle that simulates a POSIX compliant file system in the database.  Given that DBFS maintains POSIX compliance, it is subject to many of the same security and organizational deficiencies as the legacy file system itself.

DBFS only handles file based access to unstructured data.  In contrast, AsterionDB provides built in support for streaming.

Finally, AsterionDB is a comprehensive platform that converges many aspects within the database.  This gives you a single point-of-view when developing and operating software systems.  DBFS only provides one aspect of what AsterionDB can do.

Oracle has a Converged Database – what’s the difference?

Oracle’s converged database provides the basic underlying facilities and features that The AsterionDB Converged Computing Platform relies upon.  You can think of us as the ‘Icing on the Cake’!!!

What can I build with AsterionDB?

You can build any type of application or system that utilizes unstructured data with AsterionDB.  You can treat AsterionDB as a service that just handles unstructured data for you or you can do a deeper integration where your entire application stack is implemented using AsterionDB.

Applications written to the AsterionDB standard inherit all of the advanced security and operational benefits incorporated into AsterionDB.

AsterionDB’s extensible architecture guarantees that you can incorporate complex logic directly at the data-layer.  This is a critical capability that facilitates the migration of business logic out of the middle-tier.  AsterionDB’s extensibility is used to directly incorporate complex logic that enable integrated features such as image processing, OAuth verification, SMTP transmission, DICOM object processing and OCR analysis.

What is the easiest way to get started?

AsterionDB is available and free to use for development and evaluation purposes when using Oracle’s Always Free products (e.g. database, compute instance, load balancer) in the cloud.  See the ‘Getting Started’ section below.

Is it a big leap or can I go step-by-step?

You can bring AsterionDB into your organization in a step-by-step manner.  In many circumstances, it can be relatively easy and straightforward to migrate your unstructured data into AsterionDB.  This gives you your biggest bang for the buck.  Here’s the three ways you can begin using AsterionDB:

  • Migrate your unstructured data.  Just by taking this step you will immediately reduce your cybersecurity risk profile and gain many of the operational benefits brought by AsterionDB.  This step could be as simple as moving the data, correlating object-ids with the old file locations and modifying existing SELECT statements.
  • If you have an existing application that already has a lot of business logic at the data layer in stored pacakges, AsterionDB can assist you in transforming your middle-tier code down to the data layer.  This activity usually concerns the migration of SELECT statements and can be done in phases.
  • You may choose to use AsterionDB for projects that are building entirely new software systems.  In this instance, we are an excellent option to consider during the POC phase.

What is AsterionDB’s mission statement?

AsterionDB’s mission is to replace the legacy file system paradigm – and reinvent computer science along the way.

What is AsterionDB’s  prior history?

AsterionDB has an extensive prior history.  The central architectural concept of converged computing where all assets are located in the database was first embodied in a product created by Steve Guilford, AsterionDB’s CEO in 1992.  SQL*VOX was a telecommunications application development environment where all of the resources were located in the database – including the voice data required by the interactive voice response applications.

In 2007, SQL*VOX was revamped.  This process led to the discovery of the techniques that directly extend the logical capabilities of the database.  SQL*VOX was eventually withdrawn from the market.  Over the course of 10 years, a number of significant technologies were created, all leading to AsterionDB today:

  • In 2011, the first AsterionDB framework component was created, The Database Plugin Server.  This component makes it easy to extend the logical capability of the database
  • In 2012, DbStreamer, the AsterionDB component which enables direct HTTP streaming of unstructured content was created
  • In 2013, DbObscura, the AsterionDB component which enabled direct file system gateway capabilities in the database was created
  • DbTwig, AsterionDB middle-tier technology was created in 2020
  • The AsterionDB web application has been under development and refinement since 2018
  • AsterionDB has been running in the Oracle Cloud Infrastructure since 2017

Benefits & Efficiencies

What does AsterionDB do for me operationally?

AsterionDB extends policies and procedures that you already have in place for structured data stored in the Oracle Database to all of your unstructured data.  You will streamline your policies and maintenance procedures.  You will also simplify your architecture, making it easier to maintain system availability.  Here’s some examples of our operational benefits:

  • System Backups – With AsterionDB, one activity will now backup all of your structured and unstructured data.  This has an enormous operational benefit by  entirely eliminating any risk of your structured and unstructured data being out of sync.  Another consideration is the impact of backing up millions of files in a file system.  This can be a critical bottleneck due to the transaction like nature of accessing and copying millions of files.  In contract, backing up a million objects in the database is directly akin to backing up a table with a million rows in it (i.e. there is no transaction penalty).  Finally, if you have all of your business logic at the data layer, you will also keep that in sync with the data.
  • System Restore – Following upon the system backup benefit, when you restore an AsterionDB backup, you will use one operation for both the structured and unstructured data – and possibly your business logic too.  There will be no doubt your data sets are in sync nor will you wait for multiple actions to complete.  One activity could possibly restore 80% of your architecture.
  • System Replication – If you have to maintain a replicated system to guarantee availability you will benefit from the same factors that enhance your backup and restore activities.  One replication process will potentially handle all of your data (structured & unstructured) as well as your business logic.  Again, one activity has the potential of replicating up to 80% of your apparatus.
  • System Audit & Compliance – Many organizations face regular audits of data and logic to maintain certifications and compliance.

What does AsterionDB replace?

AsterionDB replaces the legacy, hierarchical file system and all of the policies and procedures that concern managing unstructured data with a unified approach centered around the Oracle database. We move file based user assets into the database and replace the rigid file naming convention with a dynamic, flexible keyword/tagging mechanism.

AsterionDB’s elastic security isolation layer replaces the typical middle-tier. By moving all data and logic resources out of the middle-tier, AsterionDB transform this layer into a generic, easily replaced component that merely serves as a translation agent between the network and the database.

In relatively simple terms, it is more efficient to add storage to your database and thus retire legacy technologies, techniques and hardware.

When viewed at data-center scale AsterionDB delivers an across the board reduction in resources including things like energy consumption, insurance and compliance costs, certification policies, manpower allocation and so-forth.

I have a lot of duplicated content, does AsterionDB help with this?

Yes, AsterionDB, coupled with Oracle’s BLOB de-duplication features, is an ideal solution to this problem.  You may have a situation where the same content is stored by multiple users, each with their own unique filename and path.  With AsterionDB, multiple users of the system are able to keep content that resolves down to the same bits while still maintaining their own ‘pathway’ to the data as expressed by keywords and tags.

How does AsterionDB help me maximize my investment?

By leveraging your already existing Oracle investment we are able to weave in all of the unstructured data and business logic that your applications and systems rely upon. For a small increment in cost, we eliminate redundant operational tasks, hardware and associated expenses.

Now, your investment will include a direct impact upon your security exposure and potentially reduce your cybersecurity insurance costs.

Licensing & Pricing

What are your license terms?

AsterionDB’s license terms are available on a yearly bassis for on premise and cloud installations.  We charge based upon the number of OCPU’s utilized for the database that hosts the AsterionDB installation.  In addition, we offer monthly terms in the cloud.

Cloud based installations utilize the ‘Bring Your Own License’ model.

How much does AsterionDB cost?

Our yearly base price starts at $40,000.00 (USD) per year per OCPU, support included.  Flexible pricing is available for $4,000.00 (USD) per month per OCPU, support included. 

Proof-of-Concept licensing is available, with full support, for $25,000.00 (USD).  This license allows you to build POC and initial systems without restrictions as to the number of OCPUs utilized.  AsterionDB provides complete support, training and 40 hours of consulting.  The POC license term is for 6 months.

Cloud and on premise pricing are equivalent.

Please contact us for a specific price quote:

AsterionDB is available at no-charge when used with Oracle’s Always Free database and associated technologies. 

AsterionDB’s pricing is expensive, are discounts available?

AsterionDB is mission critical, enterprise grade software and priced accordingly.  AsterionDB is a ‘land and expand’ solution.  Finding additional uses for AsterionDB will deliver increased value and efficiency.

Support Terms

Support by phone and email is included in all fully licensed installations.  Support is available during normal business hours unless other specific arrangements are made.  Complimentary email support is available during the initial installation process when using Always Free AsterionDB.

System Requirements, Provisioning, Installation And Configuration

What are the basic requirements for AsterionDB?

The basic requirements for AsterionDB are:

  • An Oracle Database – version 19c and above
  • An OracleLinux compute instance

Which versions of the Oracle Database do you support?

  • Oracle Database versions 19c and above
  • Cloud and on premises database installations
  • Oracle Autonomous Database – (Transaction Processing and Data Warehouse)
  • Exadata
  • Container databases
  • Oracle’s Always-Free Autonomous database
  • OracleXE
  • Oracle VM based database installations

Which version of the Autonomous Database should I choose?

AsterionDB is compatible with both the Data Warehouse and the Transaction Processing versions of the Automous Database.  Choosing which one to use is based largely upon whether the content stored within is primarily accessed by applications using an index value or by end users through a web application.

Here’s two examples to explain the difference:

  • You have an application that integrates images (millions of them) and it has to display the appropriate ones based on the context.  Think of an insurance claims application.  In this case, the insurance claims database has a ‘pointer’ to the images associated with a specific insurance claim.  This pointer also serves as an index into AsterionDB.  Here, we will want to use a Transaction Processing database because the majority of our data access operations will be through index values.
  • You are a investigator for a law firm that must curate a large number of email messages looking for references to individuals and evidence.  Here you will use AsterionDB’s keyword tagging and data mining mechanism to build a knowledge base that you can query and continually refine.  In this instance, most of your data access will be through the meta-data matrix maintained in AsterionDB’s keyword tagging mechanism.  You will want to use the Data Warehouse in this scenario.

What are the minimum hardware requirements?

AsterionDB is a very compact and efficient architecture. AsterionDB can run comfortably within the limitations of Oracle’s FreeTier offerings, which gives us a basic guideline:

  • An Oracle database supported by 1 OCPU
  • An OracleLinux 7.9 based compute node with 1Gb of memory

This configuration also serves as a basic starting point for a development system as well.

What are the optimal requirements for a Cloud implementation?

For cloud based implementations of AsterionDB, you will need to place the compute node behind a load balancer. How you size and provision the load balancer will be determined by your predicted network bandwidth requirements.

Your load balancer will also need an SSL certificate. We provide a script that will perform a basic load balancer configuration and install an SSL certificate using Certbot and LetsEncrypt.

You will also probably want to use a more robust compute node and create a second compute node to fill out your load balancer’s backend set.

Can I use a GPU enabled compute node?

Yes! If your use-case requirements call for advanced GPU processing, you can provision an appropriate compute node and configure it to connect to your AsterionDB installation. This is commonly seen in use-cases that utilize advanced capabilities provided by the DbPluginServer such as media analysis, AI/ML processing and so forth.

How hard is it to install AsterionDB?

It is very easy to install AsterionDB.  Experienced users can have a complete system consisting of a load balancer, SSL certificates, a compute node and an Autonomous Database running within 20 minutes.  Automated deployment is available as well.

AsterionDB can be used in the cloud and on premises.  For cloud based installations we have an Oracle Marketplace image that you will use to create a compute instance. We also have scripts that help you with the cloud installation process. You will need a basic understanding of the Oracle Cloud Infrastructure and know how to copy OCIDs, create a database and so forth.

For on premises installations against your database, you will use an OracleLinux based compute instance. We have a docker image that provides scripts which automate the software setup, download and installation process. You will be responsible for creating appropriate network components and making the needed database connections.

For those that planning an on premises installation, we suggest starting with a cloud based Always Free installation to learn the basic process and then apply that knowledge to your situation.

What does a typical installation look like?

Our typical installation consists of:

  • A load balancer
  • One or more AsterionDB compute instances
  • An Oracle Database

Which Cloud Infrastructures Does AsterionDB Support

AsterionDB can be used any cloud infrastructure that supports the Oracle Database. This includes not only the Oracle Cloud Infrastructure but other major cloud vendors as well.

Can AsterionDB run on a laptop?

Yes. We officially support OracleLinux. AsterionDB is known to run on Fedora but that platform is not officially supported by Oracle or AsterionDB.

Can I use AsterionDB on premises?

Yes.  AsterionDB has the same basic footprint on premises as it does in the cloud.  You can also configure local compute instances that connect to cloud based installations.  This is typically used to ingest content through AsterionDB’s integrated file-system gateway.

System Updates

How often are system updates issued?

Security patches aside, AsterionDB observes a bi-annual production software update release cycle.  Our major version release comes out in March and an interim upgrade issues in September. 

It is recommended that users upgrade their system at least once a year.

What does the update process look like?

Because of the converged nature of the AsterionDB platform, our update process is very simple and straightforward.

Your activity will center around updating the database (schema, logic) and the compute node(s) (web application, framework services).  You will use a docker command to download the software release.  Updating the database entails running an update script.  For this step you will need your DBA password.  Updating the web application and framework services is accomplished by restarting the system components.

Is AsterionDB capable of being hot patched?

Yes.  Because of the converged and condensed nature of AsterionDB, updating the schema and business logic in the database will take care of most of your update requirements. 

DbTwig, our middle-tier adapter, does not have to be restarted after changes to the data-layer.  By design, DbTwig does not hold any application resources or business logic.  There may be some specialized ‘gateway’ logic to handle transformations at the network layer (e.g. OAuth handling) but that logic typically evolves slowly after initial implementation.  Regardless, updating DbTwig and any integrated middle-tier logic is usually confined to recompiling/building the JavaScript application and restarting the service.

Our JavaScript based web application distributes as a pre-built tarball that is merely unpacked over the previous version.

Please see the discussion in the Programming and Integration section regarding the software development lifecycle.

System Operations and Management

How do I guarantee high-availability and perform disaster recovery?

Given that all of AsterionDB’s resources are contained within the database, what you do to maintain the availability and recovery of the database feeds directly into how you will accomplish the same for AsterionDB. It can be simply said that if your database is up and running, you have a very significant portion of your apparatus in place.

Decisions such as using Oracle DataGuard for data replication, database redundancy and multiple availability domains will be specific to your unique requirements. In the end, these decisions will be guided by the availability and recovery requirements of your database.

How are system backups accomplished?

AsterionDB is backed up when you backup your database.  There is no other action required.  Your AsterionDB installation can also be exported using Oracle Data Pump.

Is there a centralized management console?  

Yes.  The system administrator has access to centralized logging, error reporting and user login activity.  The system administrator also has the ability to fine tune the installation for specific operation requirements such as new user enrollment, user session timeout, etc. 

Is AsterionDB capable of sending out alerts?

Yes.  AsterionDB can be configured to send alerts by SMTP.  See this link for more information on outbound email support – Email Support

Do I need special tablespaces?

In non-autonomous scenarios, you will want to create a dedicated tablespace for AsterionDB and enable an unlimited quota for the AsterionDB user.  Here is an example of the SQL statements to use:

					create tablespace lob_data
  datafile '/your/database/data/directory/lobData01.dbf'
  size 5G reuse online nologging 
  default storage (maxextents unlimited);
alter user asteriondb_objvault quota unlimited on lob_data;

How do I monitor database space utilization?

You can monitor basic tablespace space utilization using standard DBA tools such as Oracle Enterprise Manager.  AsterionDB also allows you to see space utilization by user and by object.

Do you provide logging of all object access operations?

Yes, all access operations, whether by HTTP streaming or file based I/O is logged.

Performance and Elasticity

I’ve heard that storing and working with BLOBs in the database is slow, is it?

It was, long ago, but not anymore.  AsterionDB is a highly refined system that is designed specifically to maximize unstructured data I/O in the database.  Furthermore, we utilize Oracle SecureFiles technology which was specifically built into the database to provide maximum efficiency when working with BLOB data.

Can I put millions of objects in AsterionDB?

Of course.  The database is built to manage millions of rows.  Storing millions of objects is not that much different that having a table with a large number of rows.

What kind of performance can I expect

AsterionDB will be publishing benchmark figures in the future.  For now we can rely our observations from testing and initial internal benchmarking. 

We have created databases on Oracle’s shared infrastructure  using both Data Warehouse and OLTP versions of the Autonomous Database coupled with a standard Flex-shape compute instance.  The test database was populated with ‘snowball’ images (a 64×64 image of random pixels, 180K in size) using two concurrent generation/ingestion processes on the compute instance.

The database sustained transactions rates of approximately 750 images per minutes.  Over two million images were ingested in 48 hours.  AsterionDB is able to retrieve, by object-id, an index value, a specific object with sub-second response times.

We regularly see sustained data ingestion speeds for large user-data files ranging from 50 to 80 Megabytes per second.

Is AsterionDB Elastic?

Yes, AsterionDB’s cloud elasticity is a model of simplicity.  We scale along four dimensions:

  1. The database.  When you scale the number of OCPUs you are directly impacting the raw performance of AsterionDB.
  2. Database storage.  Scaling your database storage gives you a simple, single point of implementation when you need to increase the amount of unstructured data you can store.
  3. Compute instances.  You can scale the compute instances hooked up to your AsterionDB database to suit your needs.  Depending on the type of processing required, you may choose a compute instance with HPC capabilities or increased network bandwidth.  You can also increase the number of compute nodes in your load balancer sets in response to increased network traffic.  It is also important to note that your compute instance will derive from a published image that makes system generation quick and easy.
  4. The load balancer.  If you are experiencing or expect increased network traffic, the OCI provides flexible load balancer shapes that make the process of scaling your incoming network bandwidth easy.


How does AsterionDB stop ransomware, viruses and hackers?

We do this in several ways but the easiest thing to remember is:

We migrate all user data files out of the file system and into the database. This means that when ransomware, viruses and hacker scan the file system, they do not find any assets. Since these cybersecurity threats rely on discovering assets in the file system, they are cut-off and have no where to go.

For further information on how we stop ransomware, viruses and hacker, see our Security section on the website.

Is AsterionDB FedRAMP or FIPS certified?

No, AsterionDB has not achieved FedRAMP or FIPS certification presently.  We do have plans to achieve these certifications.

A majority of AsterionDB’s infrastructure is based upon the Oracle Database and the Oracle Cloud Infrastructure.  This will make the process of attaining these certifications very straightforward.  The converged nature of the AsterionDB architecture will also make this process easier than most.

It is also important to note that any application you write to the AsterionDB standard will be more easily certified for FedRAMP and FIPS compliance due to your choice to build upon the Oracle and AsterionDB platforms. 

How does AsterionDB implement ‘zero-trust’?

AsterionDB implements a zero-trust architecture by applying a granular access mechanism for all unstructured data.  Unlike the common, legacy file system where a user or a hacker can view all assets in a directory, AsterionDB limits access to objects based upon a ‘WHERE’ clause in a ‘SELECT’ statement.  Therefore, only the exact objects requested by the client are returned and visible at any given time.

Does AsterionDB limit network discovery?

Yes, AsterionDB greatly limits network discovery.  We do this by moving all assets (data and logic) to the data-layer.  We then limit middle-tier (network) access to a generic RestAPI that exposes a single entry point.

As a result, when a hacker accesses a middle-tier component, they find no resources and an API that only describes a single function.

What does ‘Granular Security’ mean?

Granular security, essentially, means that your business logic brokers every access and manipulation of your data.  Applications built to the AsterionDB standard, by design, ensure that some aspect of your business logic is in between the user and your data.

Granular security can be thought of as the opposite of ad-hoc, insecure data access, which what happens when a hacker, ransomware or a virus attacks your data in the file system.

Is AsterionDB RASP capable?

RASP is an acronym coined by Gartner that means Runtime Application Self Protection.

Yes.  AsterionDB is a RASP capable system and allows you to build applications that are RASP capable as well.  See the next question for an example of how we implement RASP capabilities.

Does AsterionDB reduce the time between intrusion and detection?

Yes, AsterionDB can significantly reduce the  time between a cybersecurity intrusion and it’s detection.  This is also related to how we implement RASP capabilities.  Here is an example:

One of the first things ransomware, hackers and viruses will do is scan local and networked directories looking for assets to compromise.  In AsterionDB, it is now an anti-pattern to scan directories looking for assets.  AsterionDB can detect this activity and trigger alerts or progressively reduce system availability in response to an attack.

What is an AsterionDB Secure Weblink?

An AsterionDB Secure Weblink is a weblink generated by the AsterionDB API that can be used to securely deliver content.  Here is an example:
You want to email a link for sensitive content to a colleague but you also want to ensure that if the email gets accidentally forwarded, or stolen by hackers, that the content can not be inappropriately accessed.  To do this, you will generate a weblink that requires a password and expires after the content is successfully downloaded.
Secure Weblinks are governed by several security parameters:
  • Expiration date – A weblink can be made to expire after a specified date
  • Access limit – A weblink can be made to expire after a specified number of access operations
  • IP Address – A weblink can only be accessed by a client from a specific IP address

Using AsterionDB

Do I have to be a computer expert to use AsterionDB?

You do not have to be a computer expert to use AsterionDB. If you are familiar with the file system and are comfortable working with the file browser (explorer) the transition to AsterionDB will be straightforward. Your main interaction with AsterionDB will be through an integrated Web Application which is our replacement for the file browser.

What kind of files can I store in AsterionDB?

You can store any kind of user data file in AsterionDB.  AsterionDB has built-in capabilities that allow you to define the types of objects that will be stored.

You have full control over how traditional file name extensions map to a corresponding object type.

How do I migrate my files into AsterionDB?

There are two methods of ingesting content into AsterionDB – through the web application and by using a file system gateway.

The web application allows for online ingestion of content using a browser interface.  This is appropriate for ad-hoc ingestion of content but it is not suitable for high speed, large data ingestion.

AsterionDB has an integrated technology component, DbObscura, that allows us to implement a file system gateway.  Using the AsterionDB RestAPI, a file name can be created that can be used by a program or the ‘copy’ command to write content into AsterionDB.  In addition, a drop-directory can be created in the file system which allows for the dropping of content into AsterionDB.

See the section Filesystem Gateway for more information.

If my files are in the database, how do I find them?

AsterionDB replaces the rigid file naming convention with a dynamic, flexible keyword/tagging mechanism. AsterionDB includes an integrated web application that is our replacement for the file browser. Using the web application, you can search for assets based on object type, keywords, date of use, etc.

How is streaming of unstructured data accomplished?

AsterionDB has a built-in framework component, DbStreamer which enables the direct streaming of unstructured content from the database.  The AsterionDB RestAPI has functions that generate a weblink that can be used to stream an object.

AsterionDB is capable of determining if an object can be streamed straight to the browser of if the object must be streamed for ‘download’ only.  This feature allows you to stream displayable content to a browser, for example, but cause the browser to download content that can not be displayed (e.g. an archive file).

Can keywords and tags be generated automatically?

Yes.  AsterionDB has a built-in path parser that will turn an object’s original file location into usable keywords and tags.

AsterionDB also allows you to build advanced keyword tagging algorithms as well.

Can I build a knowledge base with AsterionDB?

Yes, AsterionDB is an excellent choice for a knowledge base.  AsterionDB’s built-in keyword tagging mechanism gives you a means to richly describe and discover the insight that you derive and harvest from unstructured data.  In addition, complex logic can be implemented directly at the data layer (see Plugins & Extensibility for more info) that allows you to extract valuable information from complex data types such as images, video and audio.

Does AsterionDB support multiple users?

Yes.  AsterionDB provides support for multiple users of the system.  Based upon system configuration options a new user can access a signup page or be enrolled/invited by the system administrator.

Can I share objects with other users?

Yes.  AsterionDB allows you to share objects with all users or with specific users.

Can I share objects with non-users of AsterionDB?

Yes.  You can send a third-party a link to an object in AsterionDB.  This link can be a permanent link or a secure weblink.

Can I keep versions of objects?

Yes.  Versioning can be enabled for an object.  Versioned objects can be restricted to the same source file name and limited to a set number of versions. It is important to note that when you distribute a weblink to a versioned object, the weblink will always reference the most recent version.

Can I make my objects immutable?

Yes.  Objects can be made immutable.  This prevents changes to and the deletion of the object.

File System Gateway

Does AsterionDB support file-based programs?

AsterionDB has an integrated framework component, DbObscura, which allows us to easily support file based programs.  DbObscura allows us to create file names on-the-fly, dynamically.  These file names are comprised of random characters and carry no identifying information whatsoever.  Unlike the traditional, legacy, file system AsterionDB was specifically designed to not reveal any metadata information in the file names that are utilized by the system.

We can generate a file name with read, read-write or write-only permissions and limit the number of times a file can be accessed and cause the file name to expire after a specified period of time.

File names are generated and passed to file based programs for them to use.

Do most file-based programs work with AsterionDB?

Most file-based programs work.  A majority of the programs we use are designed to accept a file name on the command line.  In most cases, this is sufficient to allow the program to work with AsterionDB.  You may have to fine-tune the number of times the file name can be opened depending on the requirements of a specific program.

How are file names generated?

The AsterionDB RestAPI provides functions that allow the client to generate file names and create a group of file names.  A group of file names is useful when a program will read a directory and open all of the files found within.

The AsterionDB Web Application allows a user to generate a file name on-demand for existing files. 

The Web Application also allows a user to generate a file name for a new object.  This file name can be used by a program to write to a ‘new file’.

I have a program that opens files with a modal, what do I do?

Many custom written applications use an operating system or development-library provided  function that presents a ‘file open screen’.  This screen allows us to navigate through the file system to find the file we want to open.

If you have a custom application that utilizes this type of functionality, at this time you have two choices:

  1. Generate a file name and call the program with the file name specified on the command line.
  2. Generate a file name within a specific sub-directory managed by AsterionDB and use your program’s existing functionality to navigate to the AsterionDB sub-directory and then open the file.

What is a ‘drop directory’?

The AsterionDB file system gateway has the ability to create a ‘drop directory’ that you can use to directly ingest content into AsterionDB.  The drop directory appears as a subdirectory within your file system.  You can copy content into the drop directory with the command line or a using a file-browser to drag-and-drop or copy-paste.

Programming and Integration

Can I integrate AsterionDB into my existing applications?

Yes. AsterionDB can be integrated in two ways:

  • Through a RestAPI that is called using standard HTTP/JSON mechanisms
  • Through a RestAPI that is called by other database applications/services

What is the best approach to integrating AsterionDB into my applications?

Please see the page that details our React and Integration Demonstration Application for more information.

Can I write new applications with AsterionDB?

Yes.  AsterionDB is a comprehensive platform that allows for the development of highly secure, integrated applications that merge all logic and data in the database.

We have a companion technology product, DbTwig, which enables the creation of applications (a.k.a. services) within the database.

DbTwig comes with an integrated example application that shows you how to program with DbTwig.  The example program also shows you how to migrate an existing application that references unstructured assets in the file-system to the database.

My programs need to be certified for compliance, can AsterionDB help?

Yes, AsterionDB can help you achieve regulatory compliance.  Because of the converged nature of AsterionDB, much of your compliance tasks will be satisfied by the underlying capabilities of the platforms it is built upon – AsterionDB and Oracle.

AsterionDB has plans to achieve FedRAMP and FIPS compliance as well as other certifications as market forces dictate.  Please see this answer for more information.

What kind of programming skills do I need?

If you are using the HTTP/JSON RestAPI you can program in any language or low-code environment of your choice. In this instance AsterionDB looks like a black-box that just answers the API request posted over HTTP.

If you are using DbTwig and/or the RestAPI from another database application or service then you will already know about Oracle, PL/SQL and the SQL language.  In this instance you will be making a straightforward call to a database package.

Is PL/SQL the only choice for developing business logic?

No. PL/SQL is certainly a preferred language but by no means is it the only choice. The key concept to keep in mind here is, we want the business logic to be in the database so that it benefits from all of the security and management features that AsterionDB extends to your unstructured data.

Let’s take an AI/ML workflow as an example. In this scenario we often have code written in Python that interfaces to an AI/ML library. In addition, you may have ML models expressed in JSON or XML that drive your AI engine. These components, Python, JSON & XML are all expressions of your business logic and they too can reside in AsterionDB.

AsterionDB has the ability to run Python scripts directly from the database. This is an example of how we can move business logic, regardless of the language, and run the code from the database.

What is the software development lifecycle?

Developing software applications with AsterionDB is highly optimized and efficient.  Taking from our experience building AsterionDB, you will probably be focusing on logic in two areas:
  • the database where all of your business logic lives
  • your client layer where you build the required UI components and applications

The DbTwig middle-tier component is adaptive and resilient to changes in the data layer.  This allows you to make changes to a package in the database, for instance, recompile the code and immediately test the modification.

In many circumstances, much of your data-layer development will not surface out to the middle-tier until the underlying logic is in place.  This is also due to the architectural orientation of AsterionDB.  Specifically, we implement an API package in the database that is ‘wired’ into DbTwig.  When we are developing, we are directly calling and working with packages that sit a layer below our API package.  Then, when the code is ready, we write a delegation function/procedure in our API package that gets wired into DbTwig. Finally, we centralize all of our UI development in a JavaScript based web application.  The web application talks JSON through DbTwig to interact with the data-layer business logic.  This allows us to isolate changes between the two layers in part because of the self-describing nature of JSON. Essentially, what this means is that the UI programmer can use ‘temporary’ values to build the interface components while the data-layer programmer works on the API technology.  Then, when the two components are ready, they can be wired together as a complete unit.

We have some tables with BLOBs, what’s the difference?

Putting your unstructured data directly into your own tables locks it deeply within your application’s architecture. This makes it difficult to share and work with this information across applications. It also makes the interface to file based applications troublesome. In contrast, by replacing the file system and all that we use it for, AsterionDB provides a better fabric from which to share, manipulate and secure unstructured data.

Is AsterionDB compatible with low-code tools?

Yes, low-code tools are an excellent choice for building the User-Interface components for new applications.  Just remember to put all of your business logic in AsterionDB.  It is then an easy process to make a call via a database connection or HTTP to the AsterionDB RestAPI. We are also just as applicable to already existing low-code applications that utilize unstructured data.

How is AsterionDB able to move all of its logic and data to the data-layer?

There are three key innovations that enable this transformation:
  1. AsterionDB is able to extend the logical capability of the database
  2. AsterionDB leverages JSON in the database as a data transfer format to the  client-layer.
  3. AsterionDB has a companion open source project that we call DbTwig.  DbTwig is the middle-tier magic that allows us to turn the middle-tier into an elastic security isolation layer.  You can find out more about DbTwig here (opens in a new window) –

Is AsterionDB getting rid of the middle-tier entirely?

No, not at all.  The middle-tier plays a vital role as a security isolation layer and as our gateway to service oriented capabilities over the network.  AsterionDB uses the middle-tier to connect to OAuth and SMTP servers as an example. The significant thing to remember here is, that with all of the business logic at the data layer, your middle-tier logic is primarily centered around handling the transformation between different realms – namely HTTP and SQL.  Your custom middle-tier logic will collect parameters and values from either side of a pipe (HTTP <–> SQL) and transforming the values before sending them to the other end of the pipe. Another concept to remember is that we are utilizing all of the capabilities of the database to manage your critical logic and data while still retaining the flexibility provided by the middle-tier.

The middle-tier gives me flexibility, are you taking that away?

No, see the previous answer and the information regarding Plugins and Extensions.

Can I build micro-services with AsterionDB?

Yes, it is very easy and logical to build a micro-service. Our middle-tier technology, DbTwig, is designed around a service based architecture. This means that access to resources is through a service–>method mechanism where a service implements one or more methods. From a data-layer perspective, you can think of a micro-service as an isolated set of objects (e.g. tables, packages, logic, etc) within a schema that is exposed through DbTwig. The advantage here is the ability to easily expose a service as a REST API through DbTwig while also being making it accessible through appropriate synonyms and grants at the data-layer. To see an example of this, have a look at our integration/migration demo located here:

Plugins and Extensions

What is ‘logical extensibility’?

In simple terms logical extensibility means that AsterionDB can make the database smarter.

Logical extensibility is a key feature.  One of the ways we use it is to allow the database to understand any unstructured data type.  AsterionDB has a built-in technology component, The Database Plugin Server, that allows us to easily extend the capabilities of the database.  We use this to allow the database to understand any multimedia type and implement other core features.

Why is ‘logical extensibility’ important?

The answer is simple.  If you are going to move all of your unstructured data to the database, it’s not good enough to just store the data, the database has to be able to understand the data in order to work with it.  So, that’s the first thing; you’ve got to be able to understand any data-type that you will work with.

The second factor is that we have to ensure that any type of complex or esoteric logic can be incorporated at the data-layer.  AsterionDB’s integrated database plugin server gives us an easy pathway to integrate third-party logic directly into the database.  This is what makes the database smarter!

What extensions come with AsterionDB?

The following extensions are built into AsterionDB and available in the standard installation:

  • FFMPEG – This extension allows us to recognize any multimedia type.
  • OAuth – This extension allows us to interact with OAuth servers.
  • SMTP – This extension allows us to interact with SMTP servers to enable outbound emails.

Other extensions are currently under development.

Can custom extensions be created?

Yes, contact us to discuss any customized extensions that you envision.

How is advanced data analysis accomplished?

One of the key features that can be enabled by AsterionDB’s plugin and extensibility mechanism is the advanced analysis of unstructured data.  If you have a specific data type that needs advanced logic for processing, that logic can be incorporated into a plugin and exposed directly as a function or procedure that can be called by PL/SQL.

Typically, advanced logic is implemented in a library that can be called by external programs.  With AsterionDB, a common pattern is to create a read-only file name to access the data, pass the file name to the library and allow the library to open the file and process the data, sending the results back to the caller.