Presentation is loading. Please wait.

Presentation is loading. Please wait.

DATABASE ADMINISTRATION AND SECURITY

Published byDana Lamb Modified over 9 years ago

Similar presentations

Presentation on theme: "DATABASE ADMINISTRATION AND SECURITY"— Presentation transcript:

1 DATABASE ADMINISTRATION AND SECURITY
CHAPTER 8

2 CONTENTS Data as a corporate assets Roles of database administrator
The roles of a database in an organizations Backup and recovery

3 Data as a Corporate Asset
Data are accepted as a valuable asset requiring careful management Data are now well understood as a valuable resource to be translated into information If information is accurate and timely, its use is likely to enhance company’s competitive position and generate wealth

4 Fig 15.1 The Data-Information-Decision-Making Cycle
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

5 The Need for and Role of Databases in an Organization
Database’s predominant role is to support managerial decision making at all levels in the organization DBMS must provide tools that give each level of management a different view of the data and support required level of decision making Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

6 Introduction of a Database: Special Considerations
Having a computerized database management system does not guarantee that the data will be properly used to provide best solutions required by managers Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

7 Introduction of a Database: Special Considerations (continued)
Introduction of a DBMS is likely to have a profound impact, which might be positive or negative, depending on how it is administered Three important aspects Technological: DBMS software and hardware Managerial: Administrative functions Cultural: Corporate resistance to change Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

8 The Evolution of the Database Administration Function
Data administration has its roots in the old, decentralized world of the file system Advent of the DBMS and its shared view of data produced a new level of data management sophistication and led the DP department to evolve into an information systems (IS) department Data management became an increasingly complex job, thus leading to development of the database administration function Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

9 The IS Department Internal Organization
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

10 The Placement of the DBA Function
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

11 A DBA Functional Organization
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

12 Multiple Database Administrators in an Organization
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

13 The Database Environment’s Human Component
Even the most carefully crafted database system cannot operate without a human component Effective data administration requires both technical and managerial skills DA must set data administration goals DBA is the focal point for data/user interaction Need for diverse mix of skills Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

14 Contrasting DA and DBA Activities and Characteristics
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

15 A Summary of DBA Activities
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

16 Desired DBA Skills Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

17 DBA Activities and Services
Database Systems: Design, Implementation, & Management, 6th Edition, Rob & Coronel

18 Database Security Data is a valuable resource that must be strictly controlled and managed, as with any corporate resource. Part or all of the corporate data may have strategic importance and therefore needs to be kept secure and confidential. © Pearson Education Limited 1995, 2005

19 Database Security Mechanisms that protect the database against intentional or accidental threats. Security considerations do not only apply to the data held in a database. Breaches of security may affect other parts of the system, which may in turn affect the database. © Pearson Education Limited 1995, 2005

20 Database Security Involves measures to avoid: Theft and fraud
Loss of confidentiality (secrecy) Loss of privacy Loss of integrity Loss of availability © Pearson Education Limited 1995, 2005

21 Database Security Threat
Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. © Pearson Education Limited 1995, 2005

22 Summary of Threats to Computer Systems
© Pearson Education Limited 1995, 2005

23 Typical Multi-user Computer Environment
© Pearson Education Limited 1995, 2005

24 Countermeasures – Computer-Based Controls
Concerned with physical controls to administrative procedures and includes: Authorization Access controls Views Backup and recovery Integrity Encryption RAID technology © Pearson Education Limited 1995, 2005

25 Countermeasures – Computer-Based Controls
Authorization The granting of a right or privilege, which enables a subject to legitimately have access to a system or a system’s object. Authorization is a mechanism that determines whether a user is, who he or she claims to be. © Pearson Education Limited 1995, 2005

26 Countermeasures – Computer-Based Controls
Access control Based on the granting and revoking of privileges. A privilege allows a user to create or access (that is read, write, or modify) some database object (such as a relation, view, and index) or to run certain DBMS utilities. Privileges are granted to users to accomplish the tasks required for their jobs. © Pearson Education Limited 1995, 2005

27 Countermeasures – Computer-Based Controls
Most DBMS provide an approach called Discretionary Access Control (DAC). SQL standard supports DAC through the GRANT and REVOKE commands. The GRANT command gives privileges to users, and the REVOKE command takes away privileges. © Pearson Education Limited 1995, 2005

28 Countermeasures – Computer-Based Controls
DAC while effective has certain weaknesses. In particular an unauthorized user can trick an authorized user into disclosing sensitive data. An additional approach is required called Mandatory Access Control (MAC). © Pearson Education Limited 1995, 2005

29 Countermeasures – Computer-Based Controls
DAC based on system-wide policies that cannot be changed by individual users. Each database object is assigned a security class and each user is assigned a clearance for a security class, and rules are imposed on reading and writing of database objects by users. © Pearson Education Limited 1995, 2005

30 Countermeasures – Computer-Based Controls
DAC determines whether a user can read or write an object based on rules that involve the security level of the object and the clearance of the user. These rules ensure that sensitive data can never be ‘passed on’ to another user without the necessary clearance. The SQL standard does not include support for MAC. © Pearson Education Limited 1995, 2005

31 Popular Model for MAC called Bell-LaPudula
Insert Figure 19.3(a) © Pearson Education Limited 1995, 2005

32 Popular Model for MAC called Bell-LaPudula
© Pearson Education Limited 1995, 2005

33 Countermeasures – Computer-Based Controls
View Is the dynamic result of one or more relational operations operating on the base relations to produce another relation. A view is a virtual relation that does not actually exist in the database, but is produced upon request by a particular user, at the time of request. © Pearson Education Limited 1995, 2005

34 Countermeasures – Computer-Based Controls
Backup Process of periodically taking a copy of the database and log file (and possibly programs) to offline storage media. Journaling Process of keeping and maintaining a log file (or journal) of all changes made to database to enable effective recovery in event of failure. © Pearson Education Limited 1995, 2005

35 Countermeasures – Computer-Based Controls
Integrity Prevents data from becoming invalid, and hence giving misleading or incorrect results. Encryption The encoding of the data by a special algorithm that renders the data unreadable by any program without the decryption key. © Pearson Education Limited 1995, 2005

36 RAID (Redundant Array of Independent Disks) Technology
Hardware that the DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fails. Suggests having redundant components that can be seamlessly integrated into the working system whenever there is one or more component failures. © Pearson Education Limited 1995, 2005

37 RAID (Redundant Array of Independent Disks) Technology
The main hardware components that should be fault-tolerant include disk drives, disk controllers, CPU, power supplies, and cooling fans. Disk drives are the most vulnerable components with the shortest times between failure of any of the hardware components. © Pearson Education Limited 1995, 2005

38 RAID (Redundant Array of Independent Disks) Technology
One solution is to provide a large disk array comprising an arrangement of several independent disks that are organized to improve reliability and at the same time increase performance. © Pearson Education Limited 1995, 2005

39 RAID (Redundant Array of Independent Disks) Technology
Performance is increased through data striping: the data is segmented into equal-size partitions (the striping unit), which are transparently distributed across multiple disks. Reliability is improved through storing redundant information across the disks using a parity scheme or an error-correcting scheme. © Pearson Education Limited 1995, 2005

40 RAID (Redundant Array of Independent Disks) Technology
There are a number of different disk configurations called RAID levels. RAID 0 Nonredundant RAID 1 Mirrored RAID 0+1 Nonredundant and Mirrored RAID 2 Memory-Style Error-Correcting Codes RAID 3 Bit-Interleaved Parity RAID 4 Block-Interleaved Parity RAID 5 Block-Interleaved Distributed Parity RAID 6 P+Q Redundancy © Pearson Education Limited 1995, 2005

41 RAID 0 and RAID 1 © Pearson Education Limited 1995, 2005

42 RAID 2 and RAID 3 © Pearson Education Limited 1995, 2005

43 RAID 4 and RAID 5 © Pearson Education Limited 1995, 2005

Download ppt "DATABASE ADMINISTRATION AND SECURITY"

Similar presentations

Database Administration

Database Administration
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Database Management System

Database Management System
Database Systems Chapter 1

Database Systems Chapter 1
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security.

Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Database Administration

Database Administration
Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.

Manajemen Basis Data Pertemuan 1 Matakuliah: M0264/Manajemen Basis Data Tahun: 2008.
Chapter 9 Database Design

Chapter 9 Database Design
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Chapter 19 Security.

Chapter 19 Security.
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
Chapter 1 Introduction to Databases

Chapter 1 Introduction to Databases
CSC 351 FUNDAMENTALS OF DATABASE SYSTEMS

CSC 351 FUNDAMENTALS OF DATABASE SYSTEMS
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Similar presentations

Ads by Google