Data security data administration and database administration l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 57

Data Security, Data Administration and Database Administration PowerPoint PPT Presentation


  • 123 Views
  • Uploaded on
  • Presentation posted in: General

Data Security, Data Administration and Database Administration. University of California, Berkeley School of Information IS 257: Database Management. Midterm Project Report Requirements Review Database Administration: Security Database Administration: Disasters, Backup and Recovery

Download Presentation

Data Security, Data Administration and Database Administration

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Data security data administration and database administration l.jpg

Data Security, Data Administration and Database Administration

University of California, Berkeley

School of Information

IS 257: Database Management


Lecture outline l.jpg

Midterm Project Report Requirements

Review

Database Administration: Security

Database Administration: Disasters, Backup and Recovery

Database Administration: Roles

Lecture Outline


Lecture outline3 l.jpg

Midterm Project Report Requirements

Review

Database Administration: Security

Database Administration: Disasters, Backup and Recovery

Database Administration: Roles

Lecture Outline


Midterm project requirements l.jpg

Midterm Project Requirements

  • See WWW site:

    • http://courses.ischool.berkeley.edu/i257/f08/assignments.php

  • Report on personal/group database including:

    • Expanded and Updated Database description and purpose

    • Updated Data Dictionary

    • Updated Relationships Diagram

    • Plans or prototype examples for interface applications using the database


Lecture outline5 l.jpg

Midterm Project Report Requirements

Review

Database Administration: Data Integrity and Security

Database Administration: Disasters, Backup and Recovery

Database Administration: Roles

Lecture Outline


Data integrity l.jpg

Data Integrity

  • Intrarecord integrity (enforcing constraints on contents of fields, etc.)

  • Referential Integrity (enforcing the validity of references between records in the database)

  • Concurrency control (ensuring the validity of database updates in a shared multiuser environment)


Integrity constraints review l.jpg

Integrity Constraints (review)

  • The constraints we wish to impose in order to protect the database from becoming inconsistent.

  • Five types

    • Required data

    • attribute domain constraints

    • entity integrity

    • referential integrity

    • enterprise constraints


Referential integrity l.jpg

Referential Integrity

  • Ensures that dependent relationships in the data are maintained. In Oracle, for example:

  • CREATE TABLE table-name (

    attr1 attr-type PRIMARY KEY,

    attr2 attr-type NOT NULL,

    …, attrM attr-type REFERENCES owner.tablename(attrname) ON DELETE CASCADE, …


Concurrency control l.jpg

Concurrency Control

  • The goal is to support access by multiple users to the same data, at the same time

  • It must assure that the transactions are serializable and that they are isolated

  • It is intended to handle several problems in an uncontrolled system

  • Specifically:

    • Lost updates

    • Inconsistent data states during access

    • Uncompleted (or committed) changes to data


Concurrency control locking l.jpg

Concurrency Control: Locking

  • Locking levels

    • Database

    • Table

    • Block or page

    • Record

    • Field

  • Types

    • Shared (S locks)

    • Exclusive (X locks)


Transaction control in oracle l.jpg

Transaction Control in ORACLE

  • Transactions are sequences of SQL statements that ORACLE treats as a unit

    • From the user’s point of view a private copy of the database is created for the duration of the transaction

  • Transactions are started with SET TRANSACTION, followed by the SQL statements

  • Any changes made by the SQL are made permanent by COMMIT

  • Part or all of a transaction can be undone using ROLLBACK


Transactions in oracle l.jpg

Transactions in ORACLE

  • COMMIT; (I.e., confirm previous transaction)

  • SET TRANSACTION READ ONLY;

  • SELECT NAME, ADDRESS FROM WORKERS;

  • SELECT MANAGER, ADDRESS FROM PLACES;

  • COMMIT;

  • Freezes the data for the user in both tables before either select retrieves any rows, so that changes that occur concurrently will not show up

  • Commits before and after ensure any uncompleted transactions are finish, and then release the frozen data when done


Transactions in oracle13 l.jpg

Transactions in ORACLE

  • Savepoints are places in a transaction that you may ROLLBACK to (called checkpoints in other DBMS)

    • SET TRANACTION…;

    • SAVEPOINT ALPHA;

    • SQL STATEMENTS…

    • IF (CONDITION) THEN ROLLBACK TO SAVEPOINT ALPHA;

    • SAVEPOINT BETA;

    • SQL STATEMENTS…

    • IF …;

    • COMMIT;


Security and integrity functions in database administration l.jpg

Security and Integrity Functions in Database Administration

  • Data Integrity

  • Security Management

  • Backup and Recovery


Database security l.jpg

Database Security

  • Views or restricted subschemas

  • Authorization rules to identify users and the actions they can perform

  • User-defined procedures (with rule systems or triggers) to define additional constraints or limitations in using the database

  • Encryption to encode sensitive data

  • Authentication schemes to positively identify a person attempting to gain access to the database


Views l.jpg

Views

  • A subset of the database presented to some set of users

    • SQL:

      CREATE VIEW viewname AS SELECT field1, field2, field3,…, FROM table1, table2 WHERE <where clause>;

    • Note: “queries” in Access function as views


Restricted views l.jpg

Restricted Views

  • Main relation has the form:

U = unclassified : S = Secret : TS = Top Secret


Restricted views18 l.jpg

Restricted Views

S-view of the data

U-view of the data


Authorization rules l.jpg

Authorization Rules

  • Most current DBMS permit the DBA to define “access permissions” on a table by table basis (at least) using the GRANT and REVOKE SQL commands

  • Some systems permit finer grained authorization (most use GRANT and REVOKE on variant views


Lecture outline20 l.jpg

Midterm Project Report Requirements

Review

Database Administration: Security

Database Administration: Disasters, Backup and Recovery

Database Administration: Roles and Functions

Lecture Outline


Database backup and recovery l.jpg

Database Backup and Recovery

  • Backup

  • Journaling (audit trail)

  • Checkpoint facility

  • Recovery manager


Backup and offsite backup l.jpg

Backup and Offsite Backup

Found on the Web…

This is typical

of services that provide offsite backup for computers or DP centers


Disaster recovery planning l.jpg

Disaster Recovery Planning

Risk

Analysis

Recovery

Strategies

Plan

Maintenance

Testing and

Training

Budget &

Implement

Procedures

Development

From Toigo “Disaster Recovery Planning”


Slide25 l.jpg

La Crosse, Wisc 2001


Katrina l.jpg

Katrina


Katrina27 l.jpg

Katrina


Katrina28 l.jpg

Katrina


Katrina29 l.jpg

Katrina


Katrina30 l.jpg

Katrina


Katrina31 l.jpg

Katrina


Threats to assets and functions l.jpg

Threats to Assets and Functions

  • Water

  • Fire

  • Power Failure

  • Mechanical breakdown or software failure

  • Accidental or deliberate destruction of hardware or software

    • By hackers, disgruntled employees, industrial saboteurs, terrorists, or others


Threats l.jpg

Threats

  • Between 1967 and 1978 fire and water damage accounted for 62% of all data processing disasters in the U.S.

  • The water damage was sometimes caused by fighting fires

  • More recently improvements in fire suppression (e.g., Halon) for DP centers has meant that water is the primary danger to DP centers


Kinds of records l.jpg

Kinds of Records

  • Class I: VITAL

    • Essential, irreplaceable or necessary to recovery

  • Class II: IMPORTANT

    • Essential or important, but reproducible with difficulty or at extra expense

  • Class III: USEFUL

    • Records whose loss would be inconvenient, but which are replaceable

  • Class IV: NONESSENTIAL

    • Records which upon examination are found to be no longer necessary


Offsite storage of data l.jpg

Offsite Storage of Data

  • Early offsite storage facilities were often intended to survive atomic explosions

  • PRISM International directory

    • PRISM = Professional Records and Information Services Management

    • http://www.prismintl.org/

  • Mirror sites (Hot sites)

Agility “Hotsuite”


Offsite storage providers l.jpg

Offsite Storage Providers

Iron Mountain


Offsite backup providers l.jpg

Offsite backup providers

Verio


Lecture outline38 l.jpg

Midterm Project Report Requirements

Review

Database Administration: Security

Database Administration: Disasters, Backup and Recovery

Database Administration: Roles

Lecture Outline


Today l.jpg

Today

  • Traditional and Current Data Administration

  • Traditional and Current Database Administration

  • Review of Security, Integrity, etc.


Changes in traditional roles l.jpg

Changes in Traditional Roles

  • This is being driven by rapid changes in

    • Technology

    • Platforms (e.g., Micro vs. Mainframe vs. Server)

    • Organizational Structure

  • We will focus on the core functions and tasks of these roles (traditional or current)


Terms and concepts trad l.jpg

Terms and Concepts (trad)

  • Data Administration

    • Responsibility for the overall management of data resources within an organization

  • Database Administration

    • Responsibility for physical database design and technical issues in database management

  • These roles are often combined or overlapping in some organizations


Terms and concepts trad42 l.jpg

Terms and Concepts (trad)

  • DA

    • Data adminstrator - person responsible for the Data Administration function in an organization

    • Sometimes may be the CIO -- Chief Information Officer

  • DBA

    • Database Administrator - person responsible for the Database Administration Function


Database system life cycle l.jpg

Database System Life Cycle

Database

Planning

Database

Analysis

Growth &

Change

Operation &

Maintenance

Database

Design

Database

Implementation

Note: this is a different version of this

life cycle than discussed previously


Database planning l.jpg

Database Planning

  • Development of a strategic plan for database development that supports the overall organization’s business plan

  • DA supports top management in development of this plan

  • The result of this stage is an enterprise data model


Database planning da dba functions l.jpg

Database Planning: DA & DBA functions

  • Develop corporate database strategy (DA)

  • Develop enterprise model (DA)

  • Develop cost/benefit models (DA)

  • Design database environment (DA)

  • Develop data administration plan (DA)


Database analysis l.jpg

Database Analysis

  • This is the process (discussed previously) of identifying data entities currently used by the organization, precisely defining those entities and their relationships, and documenting the results in a form that can support the follow-on design phase

  • Must also identify new data elements or changes to data elements that will be required in the future

  • The result of this phase is the Conceptual Data Model -- usually represented as an ER diagram


Database analysis da dba functions l.jpg

Database Analysis: DA & DBA functions

  • Define and model data requirements (DA)

  • Define and model business rules (DA)

  • Define operational requirements (DA)

  • Maintain corporate Data Dictionary (DA)


Database design l.jpg

Database Design

  • Purpose of the design phase is the development of the logical database design that will serve the needs of the organization and the physical design implementing the logical design

  • In relational systems the outcome is normalized relations, and the data definition for a particular database systems (including indexes, etc.)


Design 2 physical creation l.jpg

Design 2: Physical Creation

  • Development of the Physical Model of the Database

    • data formats and types

    • determination of indexes, etc.

  • Load a prototype database and test

  • Determine and implement security, privacy and access controls

  • Determine and implement integrity constraints


Database design da dba functions l.jpg

Database Design: DA &DBA functions

  • Perform logical database design (DA)

  • Design external models (subschemas) (DBA)

  • Design internal model (Physical design) (DBA)

  • Design integrity controls (DBA)


Database implementation l.jpg

Database Implementation

  • Database design gives you an empty database

  • Load data into the database structure

  • Convert existing data sets and applications to use the new database

    • May need programs, conversion utilities to convert old data to new formats.

  • Outcome is the actual database with its data


Database implementation da dba functions l.jpg

Database Implementation DA & DBA functions

  • Specify database access policies (DA & DBA)

  • Establish Security controls (DBA)

  • Supervise Database loading (DBA)

  • Specify test procedures (DBA)

  • Develop application programming standards (DBA)

  • Establish procedures for backup and recovery (DBA)

  • Conduct User training (DA & DBA)


Operation and maintenance 1 operations l.jpg

Operation and Maintenance 1: Operations

  • Users are responsible for updating the database, DA and DBA are responsible for developing procedures that ensure the integrity and security of the database during the update process.

  • Specific responsibility for data collection, editing and verification must be assigned

  • Quality assurance must be practiced to protect and audit the database quality.


Operation and maintenance 2 maintenance l.jpg

Operation and Maintenance 2: Maintenance

  • The ongoing process of updating the database to keep it current

    • adding new records

    • deleting obsolete records

    • changing data values in particular records

    • modifying relation structures (e.g. adding new fields)

  • Privacy, security, access control must be in place.

  • Recovery and Backup procedures must be established and used


Operation and maintenance da dba functions l.jpg

Operation and Maintenance: DA & DBA functions

  • Monitor database performance (DBA)

  • Tune and reorganize databases (DBA)

  • Enforce standards and procedures (DBA)

  • Support users (DA & DBA)


Growth change l.jpg

Growth & Change

  • Change is a way of life

    • Applications, data requirements, reports, etc. will all change as new needs and requirements are found

    • The Database and applications and will need to be modified to meet the needs of changes to the organization and the environment

    • Database performance should be monitored to maintain a high level of system performance


Growth change da dba functions l.jpg

Growth & Change: DA & DBA functions

  • Implement change control procedures (DA & DBA)

  • Plan for growth and change (DA & DBA)

  • Evaluate new technology (DA & DBA)


  • Login