1

Database Administration and

Management

CIT- 503 4(3-1)

Major & Compulsory

Database Administration and
Management

 This Week Contents

 Integrity and Security
 Integrity and Security
Intro:
Ensuring the integrity and security
of a database involves a combination
of practices, technologies, and policies
to protect data from corruption,
unauthorized access, and breaches.
Here's an overview:
 Integrity and Security
Data Integrity:
Data integrity ensures that data is accurate,
consistent, and reliable across its lifecycle.
Types of Integrity:
Entity Integrity: Each table should have a
primary key to uniquely identify records.
Referential Integrity: Relationships between
tables should be maintained using foreign keys.
Domain Integrity: Enforce valid data types,
formats, and constraints (e.g., check constraints).
User-Defined Integrity: Apply specific business
rules via triggers, stored procedures, or validations.
 Integrity and Security
Best Practices:
Use constraints (e.g., PRIMARY KEY, FOREIGN KEY,
NOT NULL, UNIQUE, and CHECK).
Implement transaction management using ACID
properties:
◦ Atomicity: Ensure that transactions are all-or-nothing.
◦ Consistency: Maintain data integrity before and after
transactions.
◦ Isolation: Prevent concurrent transactions from interfering.
◦ Durability: Ensure data is preserved after a transaction is
committed.
Regularly validate and clean data to ensure accuracy.
 Integrity and Security
How can database administrator
maintain the integrity of a sensitive
system?
 Maintaining the integrity of a sensitive
system requires a database administrator
(DBA) to implement rigorous controls,
monitoring, and practices that ensure
data accuracy, consistency, and
protection from unauthorized access.
Here's a detailed guide:
 Integrity and Security
How can database administrator maintain the
integrity of a sensitive system? ...
Implement Robust Access Controls
 Role-Based Access Control (RBAC):
◦ Assign roles with specific permissions based on job functions.
◦ Follow the Principle of Least Privilege (grant the
minimum access necessary).
 Authentication:
◦ Enforce strong password policies.
◦ Implement multi-factor authentication (MFA).
◦ Use secure protocols for database access (e.g., TLS/SSL).
 User Audits:
◦ Regularly review and update user roles and permissions.
◦ Deactivate unused accounts promptly.
 Integrity and Security
How can database administrator maintain the
integrity of a sensitive system? ...
Enforce Data Integrity Constraints
 Primary and Foreign Keys:
◦ Ensure every table has a primary key for unique identification.
◦ Maintain relationships between tables using foreign keys.
 Constraints and Validation:
◦ Use constraints like NOT NULL, CHECK, and UNIQUE to enforce
rules.
◦ Validate data at the application and database levels.
 Transactions:
◦ Use transactions to maintain ACID properties (Atomicity,
Consistency, Isolation, Durability).
◦ Rollback transactions on errors to prevent partial data
changes.
 Integrity and Security
How can database administrator maintain
the integrity of a sensitive system? ...
Encrypt Sensitive Data
At Rest:
◦ Use disk-level or file-level encryption (e.g.,
Transparent Data Encryption, TDE).
◦ Encrypt specific columns containing sensitive data
(e.g., social security numbers, credit card details).
In Transit:
◦ Secure all connections to the database using
encryption protocols like SSL/TLS.
 Integrity and Security
How can database administrator maintain the
integrity of a sensitive system? ...
Regular Monitoring and Auditing
 Activity Logs:
◦ Enable logging for all critical operations (e.g., data access,
modifications).
◦ Monitor access logs for unusual patterns or unauthorized
attempts.
 Auditing:
◦ Perform regular audits of user actions and system changes.
◦ Use database-native tools (e.g., Oracle Audit Vault, SQL Server
Audit) or third-party monitoring tools.
 Alerts:
◦ Set up alerts for suspicious activities like failed login attempts
or unauthorized data access.
 Integrity and Security
How can database administrator maintain the
integrity of a sensitive system? ...
Secure Backup and Recovery Processes
Regular Backups:
◦ Automate backups to ensure they are up-to-date.
◦ Store backups in a secure, offsite location.
Encryption:
◦ Encrypt backup files to protect sensitive data.
Testing:
◦ Regularly test backups to verify they can be restored.
Immutable Backups:
◦ Use technologies like write-once-read-many (WORM)
storage to prevent tampering.
 Integrity and Security
How can database administrator maintain the
integrity of a sensitive system? ...
Protect Against Security Threats
SQL Injection:
◦ Use parameterized queries or stored procedures.
◦ Sanitize and validate all user inputs.
Database Hardening:
◦ Disable unused database features, ports, and services.
◦ Restrict direct access to the database (e.g., through
firewall rules).
Patch Management:
◦ Regularly update the database system to fix vulnerabilities.
◦ Apply security patches as soon as they are released.
 Integrity and Security
How can database administrator maintain
the integrity of a sensitive system? ...
Maintain Data Governance
Policies and Procedures:
◦ Define and enforce data handling policies for sensitive
data.
◦ Educate users on security best practices.
Compliance:
◦ Ensure the system complies with relevant laws and
standards (e.g., GDPR, HIPAA, PCI DSS).
Data Masking:
◦ Mask sensitive data in non-production environments
to prevent misuse.
 Integrity and Security
How can database administrator maintain
the integrity of a sensitive system? ...
Implement Redundancy and High
Availability
Redundant Systems:
◦ Use replication or clustering to maintain availability
during failures.
Failover Mechanisms:
◦ Implement automatic failover to ensure continuous
operations.
Data Synchronization:
◦ Ensure replicas are synchronized to maintain data
integrity.
 Integrity and Security
How can database administrator
maintain the integrity of a sensitive
system? ...
Conduct Regular Training
Train team members on the importance
of data integrity and security.
Stay updated with the latest security
threats and mitigation strategies.
 Integrity and Security
How can database administrator
maintain the integrity of a sensitive
system? ...
By combining these practices, a
database administrator can maintain
the integrity of a sensitive system,
ensuring its resilience against errors,
breaches, and other threats. Let me
know if you'd like guidance on
implementing any specific measure!
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
To maintain the security of a sensitive
system, a Database Administrator
(DBA) must implement robust
strategies and tools that safeguard the
system from unauthorized access,
breaches, and other threats.
Here's a comprehensive guide:
 Integrity and Security
How can database administrator maintain the
security of a sensitive system? ...
Enforce Strong Access Controls
Authentication:
◦ Implement strong password policies (e.g., complexity
requirements, expiration).
◦ Enforce Multi-Factor Authentication (MFA) for added security.
◦ Use secure authentication protocols (e.g., Kerberos, LDAP).
Authorization:
◦ Adopt Role-Based Access Control (RBAC) to assign
permissions based on job roles.
◦ Apply the Principle of Least Privilege, granting users
only the access they need.
◦ Regularly audit user accounts and deactivate inactive ones.
 Integrity and Security
How can database administrator maintain
the security of a sensitive system? ...
Encrypt Data
Data at Rest:
◦ Use disk-level encryption or database-native tools
like Transparent Data Encryption (TDE).
◦ Encrypt sensitive fields (e.g., credit card numbers,
PII) at the column level.
Data in Transit:
◦ Secure connections to the database using TLS/SSL.
◦ Use encrypted communication channels for
backups and replication.
 Integrity and Security
How can database administrator maintain
the security of a sensitive system? ...
Secure Database Connections
Limit database connections to trusted
networks and applications.
Restrict direct database access by using
application-level APIs.
Use firewalls and Virtual Private Networks
(VPNs) to secure remote connections.
Set up IP whitelisting to allow connections
only from authorized sources.
 Integrity and Security
How can database administrator maintain the
security of a sensitive system? ...
Implement Monitoring and Auditing
 Activity Logging:
◦ Log all access attempts, queries, and system changes.
◦ Monitor administrative activities for unusual behavior.
 Auditing:
◦ Enable native database auditing features (e.g., Oracle
Audit Vault, SQL Server Audit).
◦ Use third-party tools for advanced monitoring (e.g.,
Splunk, SolarWinds).
 Real-Time Alerts:
◦ Configure alerts for suspicious activities, such as multiple
failed login attempts or unexpected privilege escalations.
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
Regularly Patch and Update
Database Software:
◦ Apply security patches and updates as soon as
they are released.
◦ Stay updated on vendor-recommended practices
and configurations.
Dependencies:
◦ Update underlying operating systems,
middleware, and applications.
 Integrity and Security
How can database administrator maintain the
security of a sensitive system? ...
Protect Against Security Threats
SQL Injection:
◦ Use parameterized queries or stored procedures.
◦ Validate and sanitize user inputs at the application level.
DDoS and Brute Force Attacks:
◦ Implement rate limiting and CAPTCHA for front-end
systems.
◦ Monitor for unusual query patterns and resource usage.
Privilege Escalation:
◦ Regularly review and update role-based permissions.
◦ Monitor logs for unauthorized privilege changes.
 Integrity and Security
How can database administrator maintain the
security of a sensitive system? ...
Secure Backups
Encryption:
◦ Encrypt backup files to protect data confidentiality.
Access Control:
◦ Store backups in a secure location with restricted access.
Testing:
◦ Regularly test the restoration process to ensure
reliability in case of data loss.
Immutable Backups:
◦ Use write-once-read-many (WORM) storage to prevent
backup tampering.
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
Harden the Database System
Configuration:
◦ Disable unused features, ports, and services.
◦ Limit the use of default accounts and change
default passwords immediately.
Isolation:
◦ Deploy databases on dedicated servers or virtual
machines.
◦ Isolate sensitive databases from public networks.
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
Disaster Recovery and Incident
Response
Disaster Recovery Plan:
◦ Maintain an up-to-date disaster recovery plan to
handle data loss or breaches.
Incident Response Plan:
◦ Develop a clear protocol for identifying,
containing, and mitigating breaches.
◦ Train teams on incident response procedures.
 Integrity and Security
How can database administrator maintain
the security of a sensitive system? ...
Compliance with Regulations
Data Protection Standards:
◦ Comply with industry-specific regulations like
GDPR, HIPAA, PCI DSS, or SOX.
Data Masking:
◦ Mask sensitive data in non-production
environments to prevent exposure.
Retention Policies:
◦ Implement data retention and deletion policies to
minimize security risks.
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
Employee Training
Educate employees on database
security best practices.
Conduct regular training sessions on
recognizing phishing, social
engineering, and other threats.
 Integrity and Security
How can database administrator maintain
the security of a sensitive system? ...
Leverage Security Tools
Database Security Solutions:
◦ Use tools like IBM Guardium, McAfee Database
Security, or Oracle Data Safe for advanced protection.
Intrusion Detection Systems (IDS):
◦ Deploy IDS/IPS to detect and respond to potential
attacks.
Cloud-Specific Security:
◦ Use cloud-native tools like AWS Key Management
Service (KMS), Azure Security Center, or Google Cloud
IAM for managing sensitive data.
 Integrity and Security
How can database administrator
maintain the security of a sensitive
system? ...
 By following these steps, a DBA can
effectively secure a sensitive system
and reduce the risk of data breaches,
ensuring the confidentiality, integrity,
and availability of critical information.
Integrity and Security

Topic 09

Completed
32
Database Administration and
Management
Course Contents Course Contents
Completed Completed
 Introduction to  Recovery
advance data models techniques
such as object,
 Query processing
relational
 object oriented and optimization
 File organizations  Database
concepts Programming
 Transactional  Integrity and
processing and security
Concurrency control
techniques 33
Database Administration and
Management
Course Contents Course Contents
Completed Completed
 Database  Emerging
Administration research trends
 Physical database in database
design and tuning systems.
 Distributed
database systems

34
Database Administration and
Management
Total No of Per Week
Topics Topics
Coverage
Rate
12
0.75
35
Database Administration and
Management
Marks %Age
Division 5%
 Attendance 5%
 Assignments 5%
 Quiz 5%
 Presentation 30%
 Mid Term Exam 50%
 Final Term Exam

36
37