University of Chakwal

Faculty of Technology/Sciences
Department of Computer Science
Bachelor of sciences in computer science

Course Code: CS_223

Course Name: Advance Database Management System
Instructor Name: Sir Bilal Shabeer
Semester: 4th

Group Members:

Name Registration no Signature

Rimsha Minhas UOC_BSCS_F2023_016

Ayesha Ikram UOC_BSCS_F2023-037

Contents
1. Introduction to Database Management Systems (DBMS) ............................................................................................ 2
1.1 Importance of Data in Modern Organizations ........................................................................................................ 2
1.2 Role of DBMS in Data Management ...................................................................................................................... 2
2. Database Recovery and backup .................................................................................................................................... 2
2.1 Definition and Significance .................................................................................................................................... 2
2.2 Types of Failures..................................................................................................................................................... 3
2.3 Recovery Techniques .............................................................................................................................................. 3
2.3.1 Transaction Properties (ACID) ........................................................................................................................ 3
2.3.2 Logging ............................................................................................................................................................ 4
2.3.3 Checkpointing .................................................................................................................................................. 4
2.3.5 Deferred and Immediate Update ...................................................................................................................... 4
2.3.6 Concurrency Control and Recovery Interaction............................................................................................... 4
2.4 Backup and Restore Strategies ................................................................................................................................ 4
2.5 Case Studies/Examples of Recovery Scenarios ...................................................................................................... 5
3. Database Security.......................................................................................................................................................... 5
3.1 Types of Database Security..................................................................................................................................... 5
3.2 Security Threats to Databases ................................................................................................................................. 6
3.3 Security Mechanisms and Best Practices ................................................................................................................ 6
3.4 Compliance and Regulations .................................................................................................................................. 7
3.5 Emerging Trends in Database Security ................................................................................................................... 7
3.6 Case Studies/Examples of Security Breaches and Their Impact ............................................................................. 7
4. Interplay Between Recovery and Security .................................................................................................................... 7
4.1 How Security Breaches Can Impact Recovery Efforts ........................................................................................... 7
4.2 How Robust Recovery Mechanisms Enhance Security Posture ............................................................................. 7
4.3 Holistic Approach to Data Protection ..................................................................................................................... 7
5. Conclusion .................................................................................................................................................................... 7
5.1 Recap of Key Concepts ........................................................................................................................................... 7
5.2 Importance of Proactive Measures .......................................................................................................................... 7
5.3 Future Outlook for Database Protection ................................................................................................................. 8
6. References: .................................................................................................................................................................... 8
 Database Recovery and Security
1. Introduction to Database Management Systems (DBMS)
1.1 Importance of Data in Modern Organizations
In today's data-driven world, organizations rely significantly on data to inform decisions, streamline
operations, and enhance customer experiences. Data
serves as a critical asset that provides actionable
insights and competitive advantages. Beyond these
benefits, data is fundamental for understanding market
trends, predicting future outcomes, and personalizing
services to meet individual customer needs. Its
pervasive influence means that effective data
management and protection are no longer merely
technical considerations but strategic imperatives for
business continuity and success. The sheer volume and
velocity of data generated daily underscore its increasing value as a cornerstone of innovation and growth in
virtually every industry.

1.2 Role of DBMS in Data Management

Database Management Systems (DBMS) facilitate the creation, manipulation, and administration of
databases. They enable efficient data storage, retrieval, and management, allowing organizations to maintain
the integrity and security of their data.

1.3 Challenges: Data Loss and Unauthorized Access

Organizations face significant challenges regarding data loss due to failures or breaches, which can lead to
irreparable damages. Unauthorized access can result in data theft, compromising sensitive information and
leading to regulatory penalties.

2. Database Recovery and Backup

2.1 Definition and Significance
Database recovery refers to the methods employed to restore a database to a correct state after a failure.
Effective recovery mechanisms are crucial for
maintaining data integrity and minimizing downtime.
Complementing recovery, database backup is the process
of creating copies of data that can be used to restore the
original in case of data loss or corruption. These backups
serve as foundational components of any robust recovery
strategy, ensuring that there are consistent points from which a database can be brought back online following
various types of disruptions.

2.2 Types of Failures

Types of Failure Description

Transaction Failures Logical or system errors during transactions.

System Crashes Hardware or software failures that halt operations.

Media Failures Physical failures such as disk or head crashes.

Catastrophic Failures Disasters like natural calamities or power outages.

2.3 Recovery Techniques

Database recovery ensures data integrity after failures, primarily through ACID
properties for reliable transactions. Techniques like those that Write-Ahead
Logging, Check pointing, and Shadow Paging are used to manage changes and
restore the database. The choice between Deferred and Immediate Update
strategies also contributes to a robust recovery plan, ensuring data consistency
amidst concurrent operations.

2.3.1 Transaction Properties (ACID)

2.3.2 Logging
Write-Ahead Logging (WAL) ensures changes are recorded before they are applied.

 Undo Logs: Used for rolling back transactions.

 Redo Logs: Used for reapplying transactions.

2.3.3 Check pointing

A checkpoint is a snapshot of the database at a particular time, facilitating faster recovery by limiting how
far back the system needs to go to recover.

2.3.4 Shadow Paging

Shadow paging maintains a copy of the database, allowing it to revert to a previous state without affecting
the current database.

2.3.5 Deferred and Immediate Update

 Deferred Update: Changes are only applied after committed.
 Immediate Update: Changes are applied immediately, which may demand recovery mechanisms to
revert.

2.3.6 Concurrency Control and Recovery Interaction

In multi-user database environments, concurrency control mechanisms are vital "traffic rules" that manage
simultaneous data access, ensuring consistency and smooth recovery. Two key methods are:

Locking: Transactions acquire "locks" on data—shared locks for reading (allowing multiple concurrent
reads) and exclusive locks for writing (preventing any other access until released). This prevents conflicting
modifications, aiding recovery by defining transaction states.

Timestamps: Each transaction is assigned a unique timestamp, and conflicts are resolved by comparing these
times, often rolling back older transactions if they try to access data modified by newer ones. This orderly
processing ensures data consistency, simplifying recovery by providing a clear sequence of operations.

Both techniques are crucial for upholding ACID properties, ensuring data integrity and making database
recovery reliable.

2.4 Backup and Restore Strategies

Effective backup and restore strategies are vital for
database recovery, ensuring data availability and
minimizing loss after failures. These strategies include
Full Backups, which create a complete copy of the
database at a specific point in time. Incremental Backups
only save changes made since the last backup, whether
it was a full or incremental one. In contrast, Differential Backups record all changes made since the last full
backup. For precise recovery, Point-in-Time Recovery allows restoration of the database to a specific moment,
crucial for handling data corruption or accidental deletions. Comprehensive Disaster Recovery Planning is also
essential, outlining strategies to recover from major disruptions like natural calamities or widespread system
failures.

2.5 Case Studies/Examples of Recovery Scenarios

Case studies demonstrate the real-world application of recovery techniques, detailing how organizations
successfully recovered from various failures. The recovery which I told you before that Point-in-Time Recovery
allows restoration of the database to a specific moment, crucial for handling data corruption or accidental
deletions. Comprehensive Disaster Recovery Planning is also essential, outlining strategies to recover from
major disruptions like natural calamities or widespread system failures.

3. Database Security
Database security involves the measures taken to protect databases from unauthorized access, misuse, and
corruption. Its primary goal is to ensure the confidentiality, integrity, and availability of data. This protection
is crucial to prevent issues like data theft, compromised sensitive information, and potential regulatory
penalties. Threats range from SQL injection and brute-force attacks to insider threats and malware. Effective
security relies on mechanisms such as access control, authentication, encryption, and regular auditing.

3.1 Types of Database Security

Physical Security: Protects the physical location of the database servers and hardware from unauthorized
access or damage.

Network Security: Secures the network connections that access the database, preventing unauthorized
network-based intrusions.

Access Control: Defines and manages who can access specific data within the database and what actions they
are permitted to perform.

Data Encryption: Scrambles data to prevent

unauthorized understanding, making it
unreadable without the correct decryption
key.
Auditing and Logging: Monitors and records database activities and user actions, providing a trail for security
analysis and compliance.

3.2 Security Threats to Databases

Threat Type Description

SQL Injection Attacks exploiting vulnerabilities in SQL queries.

Brute-Force Attacks Attempting to gain access through repeated attempts.

Denial of Service (DoS) Overloading systems to make them unavailable.

Insider Threats Risks from malicious actions by employees.

Malware and Ransomware Software designed to damage or ransom data.

Data Exfiltration Unauthorized transfer of data outside the organization.

Unpatched Vulnerabilities Weaknesses in software due to not applying updates.

Weak Insufficient mechanisms to protect access.

Authentication/Authorization

3.3 Security Mechanisms and Best Practices

Mechanism Description

Access Control Defining who can access data and what they can do.

Authentication Verifying user identity through various means.

Encryption Scrambling data to prevent unauthorized access.

Auditing and Logging Monitoring and recording database activities.

 Database Patch Management Regularly updating database systems to fix vulnerabilities.

Network Security Protecting data during transmission.

Data Masking and Tokenization Hiding sensitive data to prevent exposure.

Secure Application Development Practices that prevent security vulnerabilities.

Security Audits and Penetration Regular assessments to identify weaknesses.

Testing

3.4 Compliance and Regulations

Organizations must comply with various data protection regulations like GDPR, HIPAA, and PCI DSS to
avoid legal and financial penalties.

3.5 Emerging Trends in Database Security

Innovations such as AI/ML for anomaly detection and blockchain for data integrity are reshaping database
security landscapes.

3.6 Case Studies/Examples of Security Breaches and Their Impact

Examining real-world breaches provides insight into the vulnerabilities present in database systems and their
consequences.

4. Interplay Between Recovery and Security

4.1 How Security Breaches Can Impact Recovery Efforts
Security incidents can corrupt data, complicating recovery efforts and extending downtime.

4.2 How Robust Recovery Mechanisms Enhance Security Posture

Effective recovery strategies can restore data integrity after breaches, reducing vulnerability risks.

4.3 Holistic Approach to Data Protection

Combining recovery and security practices creates a comprehensive data protection strategy that safeguards
against loss and breaches.

5. Conclusion
5.1 Recap of Key Concepts
The interplay of database recovery and security is essential in today's digital landscape, requiring
organizations to adopt effective measures.

5.2 Importance of Proactive Measures

Proactive strategies in recovery and security help mitigate risks and safeguard data assets.
5.3 Future Outlook for Database Protection
Emerging technologies and practices will continue to evolve, shaping the future of database protection and
management.

6. References:
There are some references according to database recovery and security.

Books:

 Elmasri, R., & Navathe, S. B. (2022). Fundamentals of Database Systems (8th ed.). Pearson. (While
books don't have direct URLs like online articles, if there was an official publisher's page or an e-
book version you consulted, you could link to that, e.g., https://www.pearson.com/
 Silberschatz, A., Korth, H. F., & Sudarshan, S. (2020). Database System Concepts (7th ed.).
McGraw-Hill Education. (Similarly, you could link to the publisher's page if available, e.g.,
https://www.mheducation.com/

Online Resources/White Papers:

 Oracle. (n.d.). Oracle Database Security Guide. Retrieved from [Insert actual Oracle
documentation URL here, e.g., https://docs.oracle.com/en/database/oracle/oracle-
database/23/dbseg/index.html
 National Institute of Standards and Technology (NIST). (2017). NIST Special Publication 800-53,
Revision 5: Security and Privacy Controls for Information Systems and Organizations. U.S.
Department of Commerce. Retrieved from [Insert actual NIST URL here, e.g.,
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final]
 IBM. (n.d.). IBM Db2 Database Recovery and High Availability Guide. Retrieved from [Insert
actual IBM documentation URL here, e.g.,
https://www.ibm.com/docs/en/db2/11.5?topic=overview-data-recovery-high-availability

Journal Articles/Conference Papers:

 Kumar, S., & Devi, S. (2019). A Survey on Database Security Threats and Countermeasures.
International Journal of Computer Applications, 179(44), 31-36. [Insert actual journal article URL
here, e.g., https://www.ijcaonline.org/archives/volume179/number44/kumar2019/31411-kumar.pdf
 Smith, J. A., & Brown, L. M. (2021). Advanced Recovery Techniques for Cloud Databases.
Proceedings of the ACM SIGMOD International Conference on Management of Data, 123-134.
[Insert actual conference paper URL here, e.g.,
https://dl.acm.org/doi/abs/10.1145/XXXXXX.YYYYYY
 Rubrik security cloud (with ruby ai)
Introduction:
RUBRIK SECURITY CLOUD IS A UNIFIED PLATFORM DESIGNED FOR DATA SECURITY, DATA GOVERNANCE, AND
DATA RECOVERY. IT FOCUSES ON ACHIEVING CYBER RESILIENCE BY PROTECTING DATA ACROSS VARIOUS
ENVIRONMENTS (ON-PREMISES, CLOUD, SAAS APPLICATIONS) AND ENSURING RAPID RECOVERY FROM
CYBERATTACKS, INCLUDING RANSOMWARE. RUBY IS RUBRIK'S IN-PRODUCT GENERATIVE AI COMPANION
THAT ENHANCES THE PLATFORM'S CAPABILITIES BY SIMPLIFYING USER INTERACTIONS AND ACCELERATING
CYBER DETECTION, RESPONSE, AND RECOVERY.

Purpose:
The primary purpose of Rubrik Security Cloud, augmented by Ruby, is to provide an intelligent, automated,
and proactive approach to data security and recovery. It aims to:

Secure Data: Protect sensitive data from a wide range

of cyber threats, including ransomware, malicious
insiders, and accidental deletion.

Accelerate Recovery: Enable swift and efficient

recovery of data and systems after a cyberattack or
disaster, minimizing downtime and business disruption.

Simplify Operations: Leverage AI to automate routine

tasks, provide actionable insights, and guide users
through complex security and recovery workflows, even for those with limited cybersecurity expertise.

Enhance Cyber Resilience: Build a strong data security posture that allows organizations to withstand, respond
to, and recover from cyber incidents effectively.

Advantages:
AI-Driven Anomaly Detection: Rubrik Security Cloud uses machine learning to continuously monitor data
activity and identify anomalous patterns that may indicate a cyberattack (e.g., unusual data access, encryption
attempts, mass deletions). Ruby can then provide immediate insights into these anomalies.

Generative AI for Guided Recovery: Ruby acts as a smart assistant, offering interactive guidance and
recommendations for remediating cyber incidents. This includes suggesting steps for data isolation, sensitive
data monitoring, threat containment, and orchestrating recovery workflows. This significantly reduces the
time and expertise required for recovery.
Zero Trust Data Security: The platform is built on a Zero Trust architecture, ensuring that data is inherently
secure and immutable. Backups are protected from unauthorized access or modification, making them reliable
recovery points.

Automated Policy Management: It allows for policy-driven automation of data protection, ensuring consistent
application of security and backup policies across the entire data estate.

Sensitive Data Monitoring: Rubrik can identify and classify sensitive data, helping organizations understand
their data exposure and prioritize protection efforts.

Rapid Recovery Capabilities: Beyond just backup, it offers instant recovery options, allowing businesses to
quickly bring applications and data back online, often in minutes.

Simplified User Experience: Ruby's conversational interface and guided workflows make complex
cybersecurity and recovery tasks more accessible to users of all expertise levels.

Integration with Microsoft Azure OpenAI: Leveraging Azure OpenAI for its AI capabilities ensures a secure
and private entry point into generative AI, with customer data remaining private and not used for training base
models.

Disadvantages:
Cost: As a comprehensive, enterprise-grade solution, Rubrik Security Cloud can be a significant investment,
potentially making it less accessible for smaller businesses with limited budgets.

Complexity of Initial Setup: While AI simplifies ongoing operations, the initial deployment and configuration
of a robust data security and recovery platform across a large, diverse environment can still be complex and
require expertise.

Dependency on Cloud Ecosystem: While it supports hybrid environments, its full potential and advanced
features often leverage cloud capabilities, which might be a consideration for organizations with strict on-
premises requirements.

Learning Curve for Advanced Features: While Ruby simplifies many tasks, leveraging the full breadth of the
platform's advanced security and governance features might still require some training for IT and security
teams.

Applications:
Rubrik Security Cloud with Ruby is applicable across various industries and scenarios where data integrity,
availability, and security are critical:

Ransomware Recovery: Its core strength lies in rapidly detecting ransomware attacks and enabling fast, clean
recovery of affected data, minimizing ransom payments and business disruption.
Disaster Recovery: Automating disaster recovery plans and providing quick restoration of systems and data
in the event of natural disasters, hardware failures, or other catastrophic events.

Cybersecurity Incident Response: Assisting security teams in understanding the scope of a breach, identifying
compromised data, and executing targeted recovery efforts.

While other tools like Veeam, Cohesity, Darktrace, and Microsoft Security Copilot also leverage AI for
various aspects of security and recovery, Rubrik's explicit integration of a generative AI companion like Ruby
for guided recovery and simplified operations makes it a particularly strong contender for comprehensive
database recovery and security. The choice of the "best" tool ultimately depends on the specific needs, existing
infrastructure, and budget of an organization.