© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 1 IT 390 Business Database Administration Unit 8:

Slides:



Advertisements
Similar presentations
Indra Budi Transaction Indra Budi
Advertisements

Chapter 16 Concurrency. Topics in this Chapter Three Concurrency Problems Locking Deadlock Serializability Isolation Levels Intent Locking Dropping ACID.
TRANSACTION PROCESSING SYSTEM ROHIT KHOKHER. TRANSACTION RECOVERY TRANSACTION RECOVERY TRANSACTION STATES SERIALIZABILITY CONFLICT SERIALIZABILITY VIEW.
Database Administration Chapter Six DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 4 th Edition.
Data and Database Administration Chapter 12. Outline What is Concurrency Control? Background Serializability  Locking mechanisms.
Database Administration Chapter Six DAVID M. KROENKE’S DATABASE CONCEPTS, 2 nd Edition.
Transaction Management and Concurrency Control
Prentice Hall © COS 346 Day Agenda Questions? Assignment 8 Due Assignment 9 posted –Due April 2:05 PM Quiz 2 Today –SQL Chaps 2-19.
10 1 Chapter 10 Transaction Management and Concurrency Control Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
Transaction Management and Concurrency Control
Transaction Management and Concurrency Control
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 4-1 David M. Kroenke Database Processing Chapter 9 Managing Multi- User.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 10 Transaction Management and Concurrency Control.
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 9-1 COS 346 Day 19.
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 8-1 COS 346 Day 18.
Chapter 9 Transaction Management and Concurrency Control
Database Administration
Database Administration Chapter Six DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 6 th Edition.
9 Chapter 9 Transaction Management and Concurrency Control Hachim Haddouti.
Database Administration Part 1 Chapter Six CSCI260 Database Applications.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 10 Transaction Management and Concurrency Control.
Transaction Management and Concurrency Control
Transaction. A transaction is an event which occurs on the database. Generally a transaction reads a value from the database or writes a value to the.
Managing Transaction and Lock Vu Tuyet Trinh Hanoi University of Technology 1.
1 IT420: Database Management and Organization Transactions 31 March 2006 Adina Crăiniceanu
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.
Database Administration
DBSQL 7-1 Copyright © Genetic Computer School 2009 Chapter 7 Transaction Management, Database Security and Recovery.
Multi-user Database Processing Architectures Architectures Transactions Transactions Security Security Administration Administration.
DAVID M. KROENKE’S DATABASE PROCESSING, 10th Edition © 2006 Pearson Prentice Hall 9-1 Managing Multiuser Databases.
Recovery & Concurrency Control. What is a Transaction?  A transaction is a logical unit of work that must be either entirely completed or aborted. 
BIS Database Systems School of Management, Business Information Systems, Assumption University A.Thanop Somprasong Chapter # 10 Transaction Management.
ITEC 3220M Using and Designing Database Systems Instructor: Prof. Z. Yang Course Website: 3220m.htm
David M. Kroenke and David J. Auer Database Processing Fundamentals, Design, and Implementation Chapter Nine: Managing Multiuser Databases 9-1 KROENKE.
1 IT420: Database Management and Organization Session Control Managing Multi-user Databases 24 March 2006 Adina Crăiniceanu
11/7/2012ISC329 Isabelle Bichindaritz1 Transaction Management & Concurrency Control.
Database Processing: Fundamentals, Design, and Implementation, 9/e by David M. KroenkeChapter 9/1 Copyright © 2004 Please……. No Food Or Drink in the class.
© 2002 by Prentice Hall 1 Database Administration David M. Kroenke Database Concepts 1e Chapter 6 6.
Fundamentals, Design, and Implementation, 9/e Chapter 9 Managing Multi-User Databases.
1 IT420: Database Management and Organization Managing Multi-user Databases 29 March 2006 Adina Crăiniceanu
Module 6: Data Protection. Overview What does Data Protection include? Protecting data from unauthorized users and authorized users who are trying to.
KROENKE and AUER - DATABASE CONCEPTS (3 rd Edition) © 2008 Pearson Prentice Hall 6-1 Chapter Objectives Understand the need for and importance of database.
David M. Kroenke and David J. Auer Database Processing: F undamentals, Design, and Implementation Chapter Nine: Managing Multiuser Databases 9-1 KROENKE.
Transaction Processing Concepts
Module 11: Managing Transactions and Locks
9 1 Chapter 9_B Concurrency Control Database Systems: Design, Implementation, and Management, Rob and Coronel.
10 1 Chapter 10_B Concurrency Control Database Systems: Design, Implementation, and Management, Rob and Coronel.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 10 Transaction Management and Concurrency Control.
10 Transaction Management and Concurrency Control MIS 304 Winter 2005.
©Bob Godfrey, 2002, 2005 Lecture 17: Transaction Integrity and Concurrency BSA206 Database Management Systems.
3 Database Systems: Design, Implementation, and Management CHAPTER 9 Transaction Management and Concurrency Control.
Module 14: Managing Transactions and Locks. Overview Introducing Transactions and Locks Managing Transactions Understanding SQL Server Locking Architecture.
David M. Kroenke and David J. Auer Database Processing Fundamentals, Design, and Implementation Chapter Nine: Managing Multiuser Databases.
18 September 2008CIS 340 # 1 Last Covered (almost)(almost) Variety of middleware mechanisms Gain? Enable n-tier architectures while not necessarily using.
Chapter 5 Managing Multi-user Databases 1. Multi-User Issues Database Administration Concurrency Control Database Security Database Recovery Page 307.
Chapter 13 Managing Transactions and Concurrency Database Principles: Fundamentals of Design, Implementation, and Management Tenth Edition.
Locks, Blocks & Isolation Oh My!. About Me Keith Tate Data Professional for over 14 Years MCITP in both DBA and Dev tracks
SYSTEMS IMPLEMENTATION TECHNIQUES TRANSACTION PROCESSING DATABASE RECOVERY DATABASE SECURITY CONCURRENCY CONTROL.
Copyright © 2016 Pearson Education, Inc. CHAPTER 12: DATA AND DATABASE ADMINISTRATION Modern Database Management 12 th Edition Jeff Hoffer, Ramesh Venkataraman,
David M. Kroenke and David J
Transaction Management and Concurrency Control
Managing Multi-user Databases
Chapter 9 Managing Multi-User Databases
Multi-User Databases Chapter 9.
Database Processing: David M. Kroenke’s Chapter Nine: Part One
Database Processing: David M. Kroenke’s Chapter Nine: Part Two
Chapter 10 Transaction Management and Concurrency Control
Introduction of Week 13 Return assignment 11-1 and 3-1-5
Database Administration
Database Processing: David M. Kroenke’s Chapter Nine: Part Two
Presentation transcript:

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 1 IT 390 Business Database Administration Unit 8: Security Management and the Multi-user Environment

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 2 Objectives Explain the importance of security in SQL Server Identify basic database security features and roles. Describe the SQL Server 2000 security models. Plan and monitor security in SQL Server Implement Authentication on a Microsoft SQL Server Database. Explain authentication modes and mechanisms in SQL Server 2000.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 3 Security controls access the system resources, such as computer systems and databases. SQL Server 2000 provides a reliable interface by authorizing users to use the system resources. Provide SQL Server 2000 security at the following levels:  Physical  Manual Security in SQL Server 2000

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 4 Provides protection from the hackers and safeguards the database against unauthorized access. Ensure security through the following:  Roles  Permissions  Authentication mechanisms  Authentication modes SQL Server 2000 Security Model

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 5 The SQL Server 2000 logins let you authorize users to access the database by specifying valid usernames and passwords. Groups are a collection of database members who are given permissions to use the SQL Server 2000 database. Roles group users according to their database use. User Logins, Groups, and Roles

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 6 Thomas, the DBA of a company wants to differentiate authorized users into readers, writers, and modifiers of the SQL Server 2000 database. Which part of the security model would enable him to do this task? Activity

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 7 Thomas, the DBA of a company wants to differentiate authorized users into readers, writers, and modifiers of the SQL Server 2000 database. Which part of the security model would enable him to do this task? A Role Solution

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 8 ACID Transactions Acronym ACID transaction is one that is Atomic, Consistent, Isolated, and Durable Atomic means either all or none of the database actions occur Durable means database committed changes are permanent

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 9 ACID Transactions Consistency means either statement level or transaction level consistency.  Statement level consistency: each statement independently processes rows consistently  Transaction level consistency: all rows impacted by either of the SQL statements are protected from changes during the entire transaction. With transaction level consistency, a transaction may not see its own changes.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 10 ACID Transactions Isolation means application programmers are able to declare the type of isolation level and to have the DBMS manage locks so as to achieve that level of isolation SQL-92 defines four transaction isolation levels:  Read uncommitted  Read committed  Repeatable read  Serializable

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 11 Transaction Isolation Level

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 12 Concurrency Control Concurrency control ensures that one user’s work does not inappropriately influence another user’s work  No single concurrency control technique is ideal for all circumstances  Trade-offs need to be made between level of protection and throughput

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 13 Atomic Transactions A transaction, or logical unit of work (LUW), is a series of actions taken against the database that occurs as an atomic unit  Either all actions in a transaction occur or do none of them

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 14 Errors Introduced Without Atomic Transaction

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 15 Errors Prevented With Atomic Transaction

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 16 Concurrent Transaction Concurrent transactions refer to two or more transactions that appear to users as they are being processed against a database at the same time. In reality, CPU can execute only one instruction at a time.  Transactions are interleaved meaning that the operating system quickly switches CPU services among tasks so that some portion of each of them is carried out in a given interval. Concurrency problems: lost update and inconsistent reads.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 17 Concurrent Transaction Processing

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 18 Lost-Update Problem

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 19 Resource Locking Resource locking prevents multiple applications from obtaining copies of the same record when the record is about to be changed

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 20 Lock Terminology Implicit locks are locks placed by the DBMS Explicit locks are issued by the application program Lock granularity refers to size of a locked resource  Rows, page, table, and database level Large granularity is easy to manage but frequently causes conflicts Types of lock  An exclusive lock prohibits other users from reading the locked resource  A shared lock allows other users to read the locked resource, but they cannot update it

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 21 Concurrent Processing with Explicit Locks

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 22 Serializable Transactions Serializable transactions refer to two transactions that run concurrently and generate results that are consistent with the results that would have occurred if they had run separately. Two-phased locking is one of the techniques used to achieve serializability.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 23 Two-phased Locking Two-phased locking  Transactions are allowed to obtain locks as necessary (growing phase).  Once the first lock is released (shrinking phase), no other lock can be obtained. A special case of two-phased locking.  Locks are obtained throughout the transaction.  No lock is released until the COMMIT or ROLLBACK command is issued.  This strategy is more restrictive but easier to implement than two-phased locking.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 24 Deadlock Deadlock, or the deadly embrace, occurs when two transactions are each waiting on a resource that the other transaction holds. Preventing deadlock  Allows users to issue all lock requests at one time.  Requires all application programs to lock resources in the same order. Breaking deadlock  Almost every DBMS has algorithms for detecting deadlock.  When deadlock occurs, DBMS aborts one of the transactions and rollbacks partially completed work.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 25 Deadlock

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 26 Optimistic versus Pessimistic Locking Optimistic locking assumes that no transaction conflict will occur:  DBMS processes a transaction; checks whether conflict occurred: If not, the transaction is finished If so, the transaction is repeated until there is no conflict Pessimistic locking assumes that conflict will occur:  Locks are issued before a transaction is processed, and then the locks are released Optimistic locking is preferred for the Internet and for many intranet applications

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 27 Optimistic Locking

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 28 Pessimistic Locking

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 29 Declaring Lock Characteristics Most application programs do not explicitly declare locks due to its complication Instead, they mark transaction boundaries and declare locking behavior they want the DBMS to use  Transaction boundary markers: BEGIN, COMMIT, and ROLLBACK TRANSACTION Advantage  If the locking behavior needs to be changed, only the lock declaration need be changed, not the application program

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 30 Marking Transaction Boundaries

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 31 Can you… ? Differentiate between the Windows NT/2000 authentication mode and Mixed security mode.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 32 Authentication in SQL Server 2000 The process of validation of the SQL Server 2000 database users file by these two modes of authentication:  Windows NT/2000 authentication mode  Mixed security mode

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 33 Planning and Monitoring Security Security planning deals with the decisions by which the users are permitted to access a part of the database. SQL Server 2000 provides two types of permissions:  Statement permissions  Object permissions

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 34 Planning and Monitoring Security (cont.) The SQL Server 2000 permissions can exist in any of the following modes:  Grant  Deny  Revoke

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 35 You can implement a security scheme using the following SQL statements: GRANT: You specify the following options in a GRANT statement:  The list of privileges to be granted  The name of the table or views to which the privileges apply  The User ID to which the privileges are granted REVOKE: Similar to granting privileges, you can revoke all privileges on a table from a user. The cascading effect of the REVOKE statement varies with the kind of privilege you are working. Establishing a Security Scheme

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 36 System-level privileges: System-level privileges are applied to a particular user account and may include commands to create a table or a view, alter, drop, and modify a table, or to select specific data from a table. Object-level privileges: Object-level privileges are granted on a table or a view that the user must be allowed to access. In SQL, the following privileges can be specified for each table or view Object: SELECT, INSERT, DELETE, and UPDATE. Types of Privileges

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 37

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 38

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 39 Activity Are the following SQL syntax correct?  Syntax 1:  Syntax 2: GRANT CONNECTION TO Joe REVOKE CONNECT FROM Matthew

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 40 Solution  Syntax 1: The syntax is wrong and the correct form is:  Syntax 2: The syntax is correct. GRANT CONNECT TO Joe

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 41 In a nested transaction, the outer most transaction needs to be committed so that the complete structure is saved. Save Points are last good known committed flags in the transaction log, to which a transaction can be rolled back. State Whether True or False

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 42 Solutions Statement 1 is True. Statement 2 is True.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 43 Concurrency Concurrency involves using the most updated data in a networked environment.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 44 Activity Identify the concurrency issue.  The business unit of Ethnic Blends Inc. in Tokyo sells the last remaining stock of a famous designer. Due to a technical flaw in the network, the unit at Paris could not update the same transaction. It receives a request for the same product and processes the new transaction. Which concurrency issue has taken place?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 45 Solution The lost update concurrency issue.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 46 Activity Identify the concurrency issue.  The Finance department is updating the annual packages of the employees of Ethnic Blends Inc. The appraisal is part of the annual bonus agreement. At the same time the MIS department tries to retrieve the average annual package of all the departments. This is done to prepare the annual reports. Which concurrency issue takes place?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 47 Solution The incorrect summary problem.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 48 Activity Identify the concurrency issue.  The finance department of Ethnic Blends have finally updated the salary structure of employees of all departments. By mistake, the Sales department updating does not get committed. The Tax department is now calculating the return taxes and the Sales department figures are giving contradictory results. Which concurrency issue has taken place?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 49 Solution The uncommitted dependency problem.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 50 Concurrency Control Technique The methods used for eradication of concurrency issues are known as concurrency control techniques.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 51 Activity Identify the concurrency control technique used.  The EmployeeID details is unique for each employee. In cases where employee join or leave Ethnic Blends, the database modifications are performed with respect to the EmployeeID. For addition or removing an Employee record, exclusive rights need to be assigned to a transaction. Which concurrency control technique should be used?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 52 Solution Lock-based protocols.

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 53 Activity Identify the type of failure.  During a commit process for an online transaction, the billing department system fails to bill the customer’s account. Due to this, the purchasing process does not complete successfully. What could be the type of failure if given that the network and peripherals were error-free?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 54 Solution Transaction failure

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 55 Activity Harry, the DBA of a company wants to deny a Windows 2000 group to connect to SQL Server 2000 and grant a user account, on the current database, for an SQL Server 2000 login. Which system stored procedures should he use?

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 56 Solution Harry, the DBA of a company wants to deny a Windows 2000 group to connect to SQL Server 2000 and grant a user account, on the current database, for an SQL Server 2000 login. Which system stored procedures should he use? sp_grantdbaccess sp_denylogin

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 57  Understanding and maintaining security on a database requires a wide variety of skills.  A DBA should have a good grasp on basic transaction and security guidelines and what kinds of things can go wrong without that understanding and implementation.  Some of the commands an Administrator must be familiar with in-depth are GRANT, DENY and REVOKE. Summary

© 2006 ITT Educational Services Inc. Course Name: IT390 Business Database Administration Unit 8 Slide 58  Did you understand the key points from the Lesson?  Do you have any questions? Summary