11e Database Systems

Design, Implementation, and Management

Coronel |
Morris

Chapter 15
Database Administration and Security

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
 Learning Objectives
 In this chapter, students will learn:
 That data are a valuable business asset requiring careful
management
 How a database plays a critical role in an organization
 That the introduction of a DBMS has important
technological, managerial, and cultural consequences
for an organization

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 2
 Learning Objectives
 In this chapter, students will learn:
 About the database administrator’s managerial and
technical roles
 About data security, database security, and the
information security framework
 About several database administration tools and
strategies
 How various technical tasks of database administration
are performed with Oracle

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 3
 Data

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 4
 Figure 15.1 - The Data-Information-
Decision Making Cycle

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5
 Need for and Role of Databases
in an Organization

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 6
 Introduction of a Database:
Special Considerations

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 7
 Evolution of the Database
Administration Function

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 8
Figure 15.2 - The IS Department’s
Internal Organization

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 9
Figure 15.3 - The Placement of the
DBA Function

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 10
 Figure 15.4 - A DBA Functional
Organization

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 11
Table 15.1 - Contrasting DA and DBA
Activities and Characteristics

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 12
 Table 15.2 - Desired DBA Skills

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 13
 DBA’s Managerial Role
 Provide end-user support
 Enforce policies, procedures, and standards for
correct data creation, usage, and distribution within
the database
 Manage data security, privacy, and integrity
 Manage data backup and recovery
 Fully recover data in case of data loss
 Database security officer (DSO): Ensures database
security and integrity

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 14
 DBA’s Managerial Role
 Disaster management: Planning, organizing, and
testing of database contingency plans and recovery
procedures
 Full backup or database dump: Produces a complete
copy of the entire database
 Incremental backup: Produces a backup of all data
since the last backup date
 Concurrent backup: Takes place while the user is
working on the database
 Manage data distribution and use

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 15
 DBA’s Technical Role
 Evaluate, select, and install DBMS and related
utilities
 Design and implement databases and applications
 Test and evaluate databases and applications
 Operate the DBMS, utilities, and applications
 Train and support users
 Maintain the DBMS, utilities, and applications

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 16
 DBA’s Role in the Cloud
 Reduced role in installing and maintaining the DBMS
as cloud services provide:
 DBMS installation and updates
 Server/network management
 Backup and recovery operations

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 17
 Security Goals
 Confidentiality: Protecting data against unauthorized
access
 Compliance: Activities that meet data privacy and
security reporting guidelines
 Integrity: Keeping data consistent and free of errors
or anomalies
 Availability: Accessibility of data whenever required
by authorized users and for authorized purposes

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 18
 Security Policy
 Collection of standards, policies, and procedures
created to guarantee security
 Ensures auditing and compliance
 Security audit process
 Identifies security vulnerabilities
 Identifies measures to protect the system

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 19
 Security Vulnerability
 Weakness in a system component that could allow
unauthorized access or cause service disruptions
 Categories - Technical, managerial, cultural, and
procedural
 Security threat: Imminent security violation
 Security breach: Occurs when a security threat is
exploited and could lead to a database whose
integrity is preserved or corrupted

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 20
Table 15.4 - Sample Security Vulnerabilities and
Related Protective Measures

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 21
Table 15.4 - Sample Security Vulnerabilities and
Related Protective Measures

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 22
 Database Security
 DBMS features and related measures that comply
with the security requirements
 Authorization management: Procedures to protect
database security and integrity
 User access management
 View definition
 DBMS access control
 DBMS usage monitoring
 Audit log: Automatically records description of database
operations performed by all users
©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 23
 Data Dictionary
 Types
 Integrated - Included with the DBMS
 Standalone - Third-party systems
 Active data dictionary: Automatically updated by
the DBMS with every database access
 Passive data dictionary: Requires running a batch
process
 Main function - Store description of all objects that
interact with the database

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 24
 Data Dictionary or Information
Resource Dictionary
 Metadata is the basis for monitoring database use and
for assigning access rights to users
 DBA uses data dictionary to support data analysis and
design

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 25
 Computer-Aided Systems Engineering
(CASE) Tools
 Automated framework for the Systems Development
Life Cycle (SDLC)
 Use structured methodologies and powerful graphical
interfaces
 Front-end CASE tools: Provide support for the
planning, analysis, and design phases
 Back-end CASE tools: Provide support for the
coding and implementation phases

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 26
 Components of a CASE Tool

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 27
Developing a Data Administration Strategy
 Information engineering (IE): Translates strategic
goals into data and applications
 Information systems architecture (ISA): Helps
plan, develop, and control future information systems
 Critical success factors
 Management commitment and defined standards
 Thorough analysis of the company situation
 End-user involvement, training, and a small pilot
project

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 28
 Using Oracle for Database
Administration
 Ensure that the RDBMS starts automatically
 Create tablespaces and datafiles
 Tablespace: Logical storage space
 Datafile: Physically stores the database’s data
 Manage users and establish security
 User: Allows a given person to log on to the database
 Role: Authorize a user to connect to the database and
use its system resources
 Profile: Control how much database resource a user
can use
©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 29
 Using Oracle for Database
Administration
 Customize the database initialization parameters
 Initialization parameters reserve resources used by the
database at run time
 After modifying parameters, database may be required
to restart

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 30
 Types of Tablespace

©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 31