Database System Administration


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Database System Administration

  1. 1. Chapter 10 DB System Administration Based on G. Post, DBMS: Designing & Building Business Applications University of Manitoba Asper School of Business 3500 DBMS Bob Travica Updated 2010
  2. 2. Outline <ul><li>Data Administrator/Analyst (DA) </li></ul><ul><li>Database Administrator (DBA) </li></ul><ul><li>DBA’s duties </li></ul><ul><li>DB system backup & recovery </li></ul><ul><li>DB system security </li></ul> of 22
  3. 3. Data Administration <ul><li>Data are valuable assets. </li></ul><ul><li>Data are used at many business levels </li></ul><ul><li>There are many databases and database systems in an organization. </li></ul><ul><li>Responsibility for managing data - Data Administrator (DA) or Data Analyst </li></ul> of 22 TPS=Transaction Processing Sys. RS=Reporting Sys MIS=Management Info. Sys. DSS=Decisions Support Sys. EIS=Executive Info. Sys. Business Operations Tactical Management Strategic Management EIS RS/MIS DSS TPS
  4. 4. Data Administration/Administrator (DA) <ul><li>DA (sometimes called data architect or even business analyst) is a type of professional that resides in the IS function or in a unit interafcing with the IS function. </li></ul><ul><li>Focus on data/information and users (reports, output forms, queries) rather than IT </li></ul><ul><ul><li>Data definition and integration (e.g., Customer entity in CRM systems). </li></ul></ul><ul><ul><li>Decision support. </li></ul></ul><ul><ul><li>Ideas for application design and involvement in systems development. </li></ul></ul><ul><ul><li>Information security. </li></ul></ul> of 22
  5. 5. Database Administration/Administrator (DBA) <ul><li>Focus on technology. </li></ul><ul><li>Actively participates in DB system development (plan, develop, install, upgrade…). </li></ul><ul><li>Creates user accounts and monitors security. </li></ul><ul><li>Manages backup and recovery of databases. </li></ul><ul><li>Monitors and tunes the database performance. </li></ul><ul><li>Coordinates with DBMS vendors and plans for changes. </li></ul> of 22
  6. 6. DBA Tools: Performance Monitors of 22
  7. 7. SQL Server Query Analyzer of 22
  8. 8. DB System Planning & Design <ul><li>Estimation & Design (logical, physical) </li></ul><ul><ul><li>Data storage requirements, forms & reports needed (costs of development), hardware needs, matching organizational needs with DBMS products </li></ul></ul><ul><ul><li>Time, labor & cost to develop </li></ul></ul><ul><ul><li>Data modeling – coordinates with Data Analyst in the domain of logical design (e.g., class diagrams, user interface). Also DA and DBA cooperate on schemas. </li></ul></ul><ul><ul><li>In charge of physical design (types of files, access structures, DBMS product, hardware) </li></ul></ul> of 22
  9. 9. DB System Development & Implementation <ul><li>Standards for application programming. </li></ul><ul><ul><li>User interface. </li></ul></ul><ul><ul><li>Programming standards. </li></ul></ul><ul><ul><ul><li>Layout and techniques. </li></ul></ul></ul><ul><ul><ul><li>Variable & object definition. </li></ul></ul></ul><ul><ul><li>Test procedures. </li></ul></ul><ul><li>Data access and ownership. </li></ul><ul><li>Loading databases. </li></ul><ul><li>Backup and recovery plans. </li></ul><ul><li>User and operator training. </li></ul> of 22
  10. 10. DB System Operation and Maintenance <ul><li>Monitoring usage </li></ul><ul><ul><li>Size and growth </li></ul></ul><ul><ul><li>Performance / delays (cooperates with DA) </li></ul></ul><ul><ul><li>Security logs </li></ul></ul><ul><ul><li>User problems </li></ul></ul><ul><li>Backup and recovery </li></ul><ul><li>User support (Help desk, Training); cooperates with other system and business professionals </li></ul> of 22
  11. 11. DB System Growth and Change <ul><li>Determines need for change </li></ul><ul><ul><li>Size and speed </li></ul></ul><ul><ul><li>Structures / design </li></ul></ul><ul><ul><ul><li>Requests for additional data. </li></ul></ul></ul><ul><ul><ul><li>Difficulties with queries -- analysis tools (coop. with DA and other business analysts) </li></ul></ul></ul><ul><ul><li>Usage patterns </li></ul></ul><ul><ul><li>Forecasts </li></ul></ul> of 22
  12. 12. Database Backup <ul><li>Backups are crucial! </li></ul><ul><li>Offsite storage needed </li></ul><ul><li>Types of backup </li></ul><ul><ul><li>Full – in longer intervals (e.g., once a week); a copy of all tables made </li></ul></ul><ul><ul><li>Partial (Differential) – in shorter intervals; just new data is copied; </li></ul></ul><ul><ul><li>Alternative: No partial backup but changes made after the last backup of Op DB copied into Bkp DB. </li></ul></ul> of 22 Backup Manager (part of DBMS) 1 2 3 4 Operational Database (Op DB) copies Backup Database Bkp DB) copied to copies new data Partial backup copies new data Partial backup updates Backup database
  13. 13. Database Recovery <ul><li>Recovery needed if problems with software, hardware, incorrect user input, viruses, natural causes </li></ul><ul><li>Recovery = getting databases to consistent state (all integrity supported) </li></ul><ul><li>Key facilities: Recovery Manager (part of DBMS), Transactions log file, ROLLBACK procedure </li></ul><ul><li>Alternative: User works with operational DB, and TL engaged only if former fails. </li></ul> of 22 Transaction Log (TL) (managed by Backup Manager) Recovery Manager Transactions … Savepoint Operational database Transaction unfinished uses recovers copied to System crash- Unsaved data lost! Backup database uses
  14. 14. Transaction Log of 22 Transaction Log ID Transaction ID Pointer to previous transaction Pointer to next transaction Key Table Attribute Old value New value Database task Checkpoint (Savepoint) is when results of all new transactions are copied into Operational Database. Just the first transaction is permanently saved.
  15. 15. Database Security and Privacy <ul><li>Physical security </li></ul><ul><ul><li>Protecting hardware </li></ul></ul><ul><ul><li>Protecting software and data. </li></ul></ul><ul><li>Logical security </li></ul><ul><ul><li>Unauthorized disclosure </li></ul></ul><ul><ul><li>Unauthorized modification </li></ul></ul><ul><ul><li>Unauthorized withholding </li></ul></ul><ul><li>Security Threats </li></ul><ul><ul><li>Employees (!) </li></ul></ul><ul><ul><li>Programmers </li></ul></ul><ul><ul><li>Visitors </li></ul></ul><ul><ul><li>Consultants </li></ul></ul><ul><ul><li>Business partnerships </li></ul></ul><ul><ul><ul><li>Strategic sharing </li></ul></ul></ul><ul><ul><ul><li>EDI (Electronic Data Interchange & other inter-org. networks) </li></ul></ul></ul><ul><ul><li>Hackers--Internet </li></ul></ul> of 22
  16. 16. Data Privacy of 22 <ul><li>A security issue </li></ul><ul><li>Who owns data? </li></ul><ul><li>Customer rights </li></ul><ul><li>International issues (e.g., strict privacy regulations in West </li></ul><ul><li>Europe; Canada vs. US) </li></ul>
  17. 17. Physical Security <ul><li>Hardware-related </li></ul><ul><ul><li>Preventing problems </li></ul></ul><ul><ul><li>(fire, water…) </li></ul></ul><ul><ul><li>Hardware backup facilities (“Hot sites” etc.) </li></ul></ul><ul><ul><li>Telecommunication systems for backup </li></ul></ul><ul><ul><li>Personal computers challenge (use file servers for backup) </li></ul></ul><ul><li>Data and software </li></ul><ul><ul><li>Backups, Off-site backups (!) </li></ul></ul><ul><li>Disaster planning </li></ul><ul><ul><li>Plans, training & testing </li></ul></ul> of 22
  18. 18. Managerial Controls <ul><li>Insiders </li></ul><ul><ul><li>Hiring </li></ul></ul><ul><ul><li>Job termination </li></ul></ul><ul><ul><li>Monitoring behavior </li></ul></ul><ul><ul><li>Job segmentation </li></ul></ul><ul><ul><li>Physical & Logical access limitations </li></ul></ul><ul><li>Outsiders </li></ul><ul><ul><li>Physical access limitations </li></ul></ul><ul><ul><li>“ Shadowing” </li></ul></ul> of 22
  19. 19. Logical Security <ul><li>Unauthorized disclosure (e.g., letting a competitor see the strategic marketing plans) </li></ul><ul><li>Unauthorized modification (e.g., letting employees change their salary figures) </li></ul><ul><li>Unauthorized withholding (e.g., preventing a finance officer from retrieving data needed to get a bank loan) </li></ul> of 22
  20. 20. User Identification <ul><li>User identification </li></ul><ul><li>Accounts </li></ul><ul><ul><li>Individual </li></ul></ul><ul><ul><li>Groups </li></ul></ul><ul><li>Passwords </li></ul><ul><li>Alternative identification </li></ul><ul><ul><li>Finger & hand print readers </li></ul></ul><ul><ul><li>Voice… </li></ul></ul><ul><li>Disposable passwords </li></ul> of 22
  21. 21. Access Controls <ul><li>Data owners and DBA. </li></ul><ul><li>Operating system </li></ul><ul><ul><li>Access to directories </li></ul></ul><ul><ul><li>Access to files </li></ul></ul><ul><ul><li>Assigned to individuals or groups. </li></ul></ul><ul><li>DBMS access controls </li></ul><ul><ul><li>(Read, write, modify… data; Administer system)  </li></ul></ul> of 22
  22. 22. SQL Security Commands <ul><li>GRANT privileges </li></ul><ul><li>REVOKE privileges </li></ul><ul><li>Privileges include </li></ul><ul><ul><li>SELECT </li></ul></ul><ul><ul><li>DELETE </li></ul></ul><ul><ul><li>INSERT </li></ul></ul><ul><ul><li>UPDATE </li></ul></ul><ul><li>Objects include </li></ul><ul><ul><li>Table </li></ul></ul><ul><ul><li>Table columns (SQL 92+) </li></ul></ul><ul><ul><li>Query </li></ul></ul><ul><li>Users include </li></ul><ul><ul><li>Name/Group </li></ul></ul><ul><ul><li>PUBLIC </li></ul></ul> of 22 GRANT INSERT ON Bicycle TO OrderClerks REVOKE DELETE ON Customer FROM Assemblers