database systems: design, implementation, and management eighth edition chapter 15 database...
TRANSCRIPT
![Page 1: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/1.jpg)
Database Systems: Design, Implementation, and
ManagementEighth Edition
Chapter 15Database Administration and Security
![Page 2: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/2.jpg)
Database Systems, 8th Edition 2
Objectives• In this chapter, you will learn:
– Data are a valuable business asset requiring careful management
– How a database plays a critical role in an organization
– Introduction of a DBMS has technological, managerial, and cultural organizational consequences
– Database administrator’s managerial and technical roles
– Data security, database security, and the information security framework
– Several database administration tools and strategies
– Various database administration technical tasks
![Page 3: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/3.jpg)
Database Systems, 8th Edition 3
Data as a Corporate Asset
• Data are a valuable asset that require careful management
• Data are a valuable resource that translate into information
• Accurate, timely information triggers actions that enhance company’s position and generate wealth
![Page 4: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/4.jpg)
Database Systems, 8th Edition 4
![Page 5: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/5.jpg)
Database Systems, 8th Edition 5
The Need for and Role of Databasesin an Organization
• Database’s predominant role is to support managerial decision making at all levels
• DBMS facilitates:– Interpretation and presentation of data– Distribution of data and information– Preservation and monitoring of data– Control over data duplication and use
• DBMS must provide tools that give each level of management different view of data and support required level of decision making
![Page 6: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/6.jpg)
Database Systems, 8th Edition 6
Introduction of a Database: Special Considerations
• Introduction of a DBMS is likely to have a profound impact– Might be positive or negative, depending on how it is
administered
• Three aspects to DBMS introduction:– Technological-DBMS software and hardware
• includes selecting, installing, configuring, and monitoring the DBMS
– Managerial-Administrative functions• planning for proper people to be DBAs, monitoring, controlling.
– Cultural-Corporate resistance to change
• One role of DBA department is to educate end users about system uses and benefits
![Page 7: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/7.jpg)
Database Systems, 8th Edition 7
The Evolution of the Database Administration Function
• Data administration has its roots in the old, decentralized world of the file system
• Advent of DBMS and its shared view of data produced new level of data management sophistication and led DP department to evolve into information systems (IS) department
• Data management became increasingly complex job, thus leading to development of database administration function
![Page 8: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/8.jpg)
The Evolution of the Database Administration Function
![Page 9: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/9.jpg)
Tue 16-7 The Evolution of the Database Administration Function
![Page 10: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/10.jpg)
Database Systems, 8th Edition 10
The Database Environment’s Human Component
• Even most carefully crafted database system cannot operate without human component
• Effective data administration requires both technical and managerial skills
• DA must set data administration goals• DBA is focal point for data/user interaction• Need for diverse mix of skills
![Page 11: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/11.jpg)
Database Systems, 8th Edition 11
![Page 12: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/12.jpg)
The Database Environment’s Human Component
![Page 13: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/13.jpg)
Database Systems, 8th Edition 13
The DBA’s Managerial Role
• DBA responsible for:– Coordinating, monitoring, allocating resources
• Resources include people and data– Defining goals and formulating strategic plans
• Interacts with end user by providing data and information
• Enforces policies, standards, procedures• Manages security, privacy, integrity• Ensures data can be fully recovered• Ensures data distributed appropriately
![Page 14: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/14.jpg)
Database Systems, 8th Edition 14
The DBA’s Technical Role
• Evaluates, selects, and installs DBMS and related utilities
• Designs and implements databases and applications
• Tests and evaluates databases and applications
• Operates DBMS, utilities, and applications• Trains and supports users• Maintains DBMS, utilities, and applications
![Page 15: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/15.jpg)
Database Systems, 8th Edition 15
Security
• Securing data entails securing overall information system architecture
• Confidentiality: data protected against unauthorized access
• Integrity: keep data consistent and free of errors or anomalies
• Availability: accessibility of data by authorized users for authorized purposes
![Page 16: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/16.jpg)
Database Systems, 8th Edition 16
Security Policies
• Database security officer secures the system and the data– Works with the database administrator
• Security policy: collection of standards, policies, procedures to guarantee security– Ensures auditing and compliance
• Security audit process identifies security vulnerabilities– Identifies measures to protect the system
![Page 17: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/17.jpg)
Policies, standards, and procedures• Policies
– All users must have passwords.– Passwords must be changed every six months.
• Standards– A password must have a minimum of five characters.– A password must have a maximum of 12 characters.– Social Security numbers, names, and birth dates cannot be used as
passwords.• Procedures
– To create a password, • (1) the end user sends to the DBA a written request for the creation of an
account; • (2) the DBA approves the request and forwards it to the computer
operator;• (3) the computer operator creates the account, assigns a temporary
password, and sends the account information to the end user; • (4) a copy of the account information is sent to the DBA; and • (5) the user changes the temporary password to a permanent one.
![Page 18: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/18.jpg)
Database Systems, 8th Edition 18
Security Vulnerabilities
• Security vulnerability: weakness in a system component– Could allow unauthorized access or cause service
disruptions
• Security threat: imminent security violation– Could occur at any time due to unchecked security
vulnerability.
• Security breach yields a database whose integrity is:• Preserved: unauthorized and unnoticed access, does not disrupt the
database, Action is required to avoid the repetition of similar security problems
• Corrupted: access by computer viruses and by hackers whose actions are intended to destroy or alter data
![Page 19: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/19.jpg)
Wed 17-7 Security vulnerability
• technical (such as a flaw in the operating system or Web browser),
• managerial (for example, not educating users about critical security issues),
• cultural (hiding passwords under the keyboard or not shredding confidential reports),
• procedural (not requiring complex passwords or not checking user IDs)
![Page 20: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/20.jpg)
Database Systems, 8th Edition 20
![Page 21: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/21.jpg)
Database Systems, 8th Edition 21
In general, cross-site scripting refers to that hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim.
![Page 22: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/22.jpg)
Database Systems, 8th Edition 22
Sun 21-7 Database Security
• Refers to the use of DBMS features and other measures to comply with security requirements
• DBA secures DBMS from installation through operation and maintenance
• Authorization management:– User access management
– View definition
– DBMS access control :restrict query and reports
– DBMS usage monitoring: audit trial logs
![Page 23: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/23.jpg)
Database Systems, 8th Edition 23
Database Administration Tools
• Two main types of data dictionaries:– Integrated: included in DBMS (built in)– Standalone: third party
• Active data dictionary automatically updated by the DBMS with every database access
• Passive data dictionary requires running a batch process
• Main function: store description of all objects that interact with database, and for query optimization.
![Page 24: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/24.jpg)
Database Systems, 8th Edition 24
Database Administration Tools
• Data dictionary that includes data external to DBMS becomes flexible tool– Enables use and allocation of all organization’s
information
• Metadata often the basis for monitoring database use– Also for assigning access rights to users
• DBA uses data dictionary to support data analysis and design
![Page 25: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/25.jpg)
Database Administration Tools• SYSTABLES stores one row for each table or view.• SYSCOLUMNS stores one row for each column of each
table or view.
• Example 1List the names and creation dates of all tables created by the user ALI in the current database.
SELECT NAME, CTIMEFROM SYSTABLESWHERE CREATOR = ‘ALI';
• Example 2List the names of the columns for all tables created by ALI in the current database.
SELECT NAMEFROM SYSCOLUMNSWHERE TBCREATOR = “ALI';
![Page 26: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/26.jpg)
Database Systems, 8th Edition 26
CASE Tools• Computer-aided systems engineering
– Automated framework for SDLC– Structured methodologies and powerful
graphical interfaces• Front-end CASE tools provide support for
planning, analysis, and design phases• Back-end CASE tools provide support for
coding and implementation phases• Typical CASE tool has five components
– Graphics designed to produce structured diagrams (like DFD)– Screen painters and report generators– comprehensive data dictionary.– A program documentation generator– analysis segment: check on system consistency, syntax, and
completeness
![Page 27: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/27.jpg)
Database Systems, 8th Edition 27
![Page 28: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/28.jpg)
Developing a Data Administration Strategy
• Critical step for any organization is to ensure its information system supports strategic plans for each of the company’s business areas
• Several methodologies are available to ensure the compatibility of data administration and information systems plans and to guide the strategic plan development
• Information engineering (IE) translates strategic goals into data and applications. placing the emphasis on data, IE helps decrease the impact on systems when processes change.
• Information systems architecture (ISA) is the output of IE process. serves as the basis for planning, development, and control of future information systems.
![Page 29: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/29.jpg)
Developing a Database Administration Strategy
![Page 30: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/30.jpg)
Database Systems, 8th Edition 30
The DBA at Work: Using Specific DBMS for Database Administration
• Technical tasks handled by the DBA in a specific DBMS:– Creating and expanding database storage structures
– Managing database objects like tables and indexes
– Managing end-user database environment like type of DB access.
– Customizing database initialization parameters
• All DBMS vendors provide programs to perform database administrative tasks
![Page 31: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/31.jpg)
Database Systems, 8th Edition 31
Creating Tablespaces and Datafiles
• Database composed of one or more tablespaces• Tablespace is a logical storage space
– Physically stored in one or more datafiles
• Datafile physically stores the database’s data– Each datafile can reside in a different directory on
the hard disk
• Database has 1:M relationship with tablespaces• Tablespace has 1:M relationship with datafiles
![Page 32: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/32.jpg)
Database Systems, 8th Edition 32
Managing the Database Objects
• Database object: any object created by end users• Schema: logical section of the database that
belongs to a given user– Schema identified by a username
– Within the schema, users create their own tables and other objects
• Normally, users authorized to access only the objects that belong to their own schemas
• Database instance: separate location in memory reserved to run the database
- May have several databases running in memory at the same time
![Page 33: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/33.jpg)
Database Systems, 8th Edition 33
Managing Users and Establishing Security
• User: uniquely identifiable object– Allows a given person to log on to the database
• Role: a named collection of database access privileges– Authorizes a user to connect to the database
and use system resources
• Profile: named collection of settings– Controls how much of a resource a given user
can use
![Page 34: Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security](https://reader035.vdocuments.mx/reader035/viewer/2022062515/56649f585503460f94c7e31e/html5/thumbnails/34.jpg)
Database Systems, 8th Edition 34
Customizing the Database Initialization Parameters
• Fine-tuning requires modification of database configuration parameters– Some are changed in real time using SQL
– Some affect database instance
– Others affect entire RDBMS and all instances
• Initialization parameters reserve resources used by the database at run time
• After modifying parameters, may need to restart the database