Database Lecture10
Database Lecture10
Database
Administration and
Security
1
Chapter Objectives
By the end of this chapter, you should be able to:
1. Describe the impact of data quality on a company’s assets and competitive position
2. Describe the role of the database in supporting operational, tactical, and strategic decision-
making
3. Describe the impact that the introduction of a DBMS has on technological, managerial, and
cultural aspects of an organization
5. Describe the processes and systems in the information security framework that support the
three database security goals
7. Describe the impact that cloud-based data services have on the role of the DBA
2
Data as a Corporate Asset (1 of 3)
3
Data as a Corporate Asset (2 of 3)
4
Data as a Corporate Asset (3 of 3)
• Master data management (MDM) helps prevent dirty data by coordinating common
data across multiple systems
5
The Need for a Database and Its Role in an
Organization (1 of 3)
• The DBMS must give each organizational level of management a useful view of data
and support the required level of decision making
6
The Need for a Database and Its Role in an
Organization (2 of 3)
• At the middle management level, the database must be able to:
− Deliver the data required for tactical decisions and planning
− Monitor the allocation and use of resources
− Provide a framework for enforcing and ensuring the security and privacy of data in
the database
§ Security means protecting the data against accidental or intentional use by
unauthorized users
§ Privacy is the extent to which individuals and organizations have the right to
determine the details of data usage
7
The Need for a Database and Its Role in an
Organization (3 of 3)
• At the operational management level, the database must be able to:
− Represent and support company operations
− Produce query results within specified performance levels
− Enhance the company’s short-term operations by providing timely information for
customer support and for application development and computer operations
• The enterprise database might be defined as the company’s data representation that
provides support for all present and expected future operations
8
Introduction of a Database: Special
Considerations
• The introduction of a DBMS has been described as a process that includes three
aspects:
− The technological aspect includes selecting, installing, configuring, and monitoring
the DBMS to ensure that it operates efficiently
− The managerial aspect includes careful planning to create an appropriate
organizational structure
− The cultural aspect includes listening to people’s concerns about the system and
explaining its uses and benefits
9
The Evolution of Database Administration
(1 of 2)
• The information systems (IS) department provides end users with data management
support and solutions for information needs
10
The Evolution of Database Administration
(2 of 2)
11
The Database Environment’s Human
Component (1 of 3)
• Even the most carefully crafted database system cannot operate without human
assistance
− Effective data administration requires both technical and managerial skills
• The DA must set administration goals that are defined by issues such as:
− Data “sharability” and time availability
− Data consistency and integrity
− Data security and privacy
− Data quality standards
− Extent and type of use
12
The Database Environment’s Human
Component (2 of 3)
Table 16.1 Contrasting DA and DBA Activities and Characteristics
Data Administrator (DA) Database Administrator (DBA)
Performs strategic planning Controls and supervises
Focuses on the long term Focuses on the short term (daily operations)
Is DBMS-independent Is DBMS-specific
13
The Database Environment’s Human
Component (3 of 3)
Table 16.2 Desired DBA Skills
Managerial Technical
Broad business Broad data-processing background and up-to-date knowledge of database technologies
understanding
Coordination skills Understanding of Systems Development Life Cycle
14
The DBA’s Managerial Role (1 of 2)
15
The DBA’s Managerial Role (2 of 2)
• Backup and recovery measures must include at least:
− Periodic data and application backups
− Proper backup identification
− Convenient and safe backup storage
− Physical protection of both hardware and software
− Personal access control to the software of a database installation
− Insurance coverage for the data in the database
• Data recovery and contingency plans must be tested, evaluated, and practiced
frequently
• A backup and recovery plan is not likely to cover all information system components
16
The DBA’s Technical Role
• The technical aspects of the DBA’s job are rooted in the following areas of operation:
− Evaluating, selecting, and installing DBMS and related utilities
− Designing and implementing databases and applications
− Testing and evaluating databases and applications
− Operating the DBMS, utilities, and applications
− Training and supporting users
− Maintaining the DBMS, utilities, and applications
17
Security
18
Security Policies
19
Security Vulnerabilities
• A security breach occurs when a security threat is exploited to endanger the integrity,
confidentiality, or availability of a system
20
Database Security (1 of 2)
• Database security refers to DBMS features and other related measures that comply
with the organization’s security requirements
• The following are some security safeguards that can be implemented to protect the
DBMS:
− Change default system passwords
− Change default installation paths
− Apply the latest patches
− Secure installation folders with proper access rights
− Make sure that only required services are running
− Set up auditing logs and session logging
21
Database Security (2 of 2)
22
Database Administration Tools
• There are many sophisticated data administration tools that can be used for the
following:
− Database monitoring
− Database load testing
− Database performance tuning
− SQL code optimization
− Database bottleneck identification and remediation
− Database modeling and design
− Database data extraction, transformation, and loading
23
The Data Dictionary (1 of 2)
• Two main types of data dictionaries exist:
− Integrated – included with the DBMS
− Standalone – third-party systems
• The data dictionary’s main function is to store the description of all objects that
interact with the database
− It provides database designers and end users with an improved ability to
communicate
24
The Data Dictionary (2 of 2)
• Some managers consider the data dictionary to be a key element of information
resource management
− Which is why the data dictionary can be described as the information resource
dictionary
• Metadata is the basis for monitoring database use and for assigning access rights to
users
− Information stored in the data dictionary is usually based on a relational table
format, thus enabling the DBA to query the database with SQL commands
• The DBA can use the data dictionary to support data analysis and design
25
Developing a Data Administration Strategy
• Information engineering (IE) allows for the translation of strategic goals into data and
applications
• The output of the IE process is an information systems architecture (ISA) that serves
as the basis for planning, development, and control of future information systems
26
The DBA’s Role in the Cloud
• The use of cloud-based data services does have a significant impact on the role of
DBAs
− Tasks are now split between the internal DBA and the cloud service provider
27
Customizing the Database Initialization
Parameters (1 of 2)
• Fine-tuning a database is an important task that usually requires the modification of
parameters
− Initialization parameters reserve resources used by the database at run-time
− Once you modify the initialization parameters, you may be required to restart the
database
28
Summary (1 of 2)
Now that the lesson has ended, you should be able to:
1. Describe the impact of data quality on a company’s assets and competitive position
2. Describe the role of the database in supporting operational, tactical, and strategic
decision-making
5. Describe the processes and systems in the information security framework that
support the three database security goals
29
Summary (2 of 2)
Now that the lesson has ended, you should be able to (continued):
7. Describe the impact that cloud-based data services have on the role of the DBA
30