Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB design & ► dealing with technical issues such as  Database performance (integrity) Database performance (integrity)  Backup & recovery Backup & recovery  security security

Dr. Mohamed Osman Hegaz2 Database performance (integrity)

Monday, 08 June 2015Dr. Mohamed Osman3 Integrity Data integrity is to ensure that, as far as possible, the data in the database is accurate at all times Integrity here refers to the CORRECTNESS & CONSISTENCY of the data stored in the database

Monday, 08 June 2015Dr. Mohamed Osman4 Integrity of Data Sharing (1) One of the objectives of the Database approach is that different users are allowed (forced) to share the same data. This implies that DBMS must allow several users to access database at the same time. This in turn can result in the problem of loss of updates if adequate concurrency control measures are not implemented ► Only a problem if some users are updating the database ► no problem if ALL users are reading only

Monday, 08 June 2015Dr. Mohamed Osman5 Integrity of Data Sharing (2) Locking Mechanisms Locking mechanisms are the most common type of concurrency control mechanism. ► Locks may be applied at various levels – Database - used mainly during backup of entire Database. Table- rarely used but useful if nearly every record in table is to be updated e.g. giving each employee a 5% rise. Block or Page- lock on physical storage unit Record ► only the required record or row is locked ► most common type of lock & allows access to all other records. Field ► only required field is locked ► not common because of overheads required.

Monday, 08 June 2015Dr. Mohamed Osman6 Integrity - CONSISTENCY Implies that the data held in the tables of the database is consistent in terms of the Relational Data Model ► Entity integrity Entity integrity ► Referential Integrity Referential Integrity

Monday, 08 June 2015Dr. Mohamed Osman7 Entity integrity ► Each row in the table Represents a single instance of the entity type modelled by the table Has a UNIQUE and NON-NULL primary key value ► Each column in the table Represents the occurrences of a single attribute type Has entries of the appropriate data type

Monday, 08 June 2015Dr. Mohamed Osman8 Referential Integrity ► Concerned with relationships between tables in the database i.e. that the data in 1 table does not contradict the data in another e.g. every FOREIGN KEY value in a table must have a matching PRIMARY KEY value in the corresponding table

Monday, 08 June 2015Dr. Mohamed Osman9 Data Validation integrity ► Database Management System (DBMS) provides features to help ensure data validation integrity Usually implemented using Database Constraints ► Specified in data dictionary table definition (Usually specified on creation of table)

Monday, 08 June 2015Dr. Mohamed Osman10 Constraints ► Column Constraints e.g. Not Null Default ► Table Constraints e.g. Primary Key specifies that when a new row is inserted the value of this column must be NOT NULL & UNIQUE DBMS creates an INDEX on primary key columns Foreign Key specifies that when a new row is inserted the value of this column MUST match VALUE of the corresponding PRIMARY KEY in the master table

Monday, 08 June 2015Dr. Mohamed Osman11 Creating Tables ► each column has a column-type indicating the size of the column and the datatype of values that are acceptable e.g Create Table Customer ( CustomerNo Varchar2(5) NOT NULL, Name Varchar2(20) NOT NULL, Address Varchar2(60) NOT NULL, TelNo Varchar2(15) NOT NULL, Varchar2(30), Constraint Customer_pk Primary Key (CustomerNo))

Dr. Mohamed Osman Hegaz12 Recovery

Monday, 08 June 2015Dr. Mohamed Osman13 Recovery ► Database Recovery name given to the set of procedures used to restore the data in the database quickly & accurately to some previous known correct position after loss or damage ► Reasons for loss or damage: could be one of/combination of – ► human error ► hardware failure ► incorrect/invalid data ► software errors ► virus ► other disasters

Monday, 08 June 2015Dr. Mohamed Osman14 Recovery :Basic Recovery Facilities ► DBMS should provide 4 basic facilities for backup & recovery of data in database - 1. Backup facilities provide periodic backup copies of some or all of the database 2. Journal facilities to maintain an audit trail of transactions & DB change 3. Checkpoint facility DBMS temporarily suspends all processing & synchronises files/journals 4. Recovery Manager allows DBMS to restore the DB to a correct condition & restart processing transactions

Dr. Mohamed Osman Hegaz15 Database Security

Threats to databases - Loss of integrity - Loss of availability - Loss of confidentiality To protect databases against these types of threats four kinds of countermeasures can be implemented : ► access control. ► inference control (controlling the access to a statistical database)- statistical queries ► flow control (prevents information from flowing in such a way that it reaches unauthorized users) ► encryption.

Access control Examples GRANT CREATE TABLE TO A1; GRANT INSERT, DELETE ON EMPLOYEE, DEPARTMENT TO A2; GRANT SELECT ON EMPLOYEE, DEPARTMENT TO A3 WITH GRANT OPTION; REVOKE SELECT ON EMPLOYEE FROM A3;

Inference control (Statistical Database Security) ► Statistical databases are used mainly to produce statistics on various populations. ► The database may contain confidential data on individuals, which should be protected from user access. ► Users are permitted to retrieve statistical information on the populations, such as averages, sums, counts, maximums, minimums, and standard deviations. ► Statistical queries involve applying statistical functions to a population of tuples. ► It is DBMS’s responsibility to ensure confidentiality of information about individuals, while still providing useful statistical summaries of data about those individuals to users.

Flow Control ► Flow control regulates the distribution or flow of information among accessible objects. A flow between object X and object Y occurs when a program reads values from X and writes values into Y. ► Flow controls check that information contained in some objects does not flow explicitly or implicitly into less protected objects. ► A flow policy specifies the channels along which information is allowed to move. The simplest flow policy specifies just two classes of information: confidential (C) and nonconfidential (N), and allows all flows except those from class C to class N. ► A covert channel allows information to pass from a higher classification level to a lower classification level through improper means.

Encryption ► Encryption is a means of maintaining secure data in an insecure environment. ► Encryption consists of applying an encryption algorithm to data using some prespecified encryption key. the resulting data has to be decrypted using a decryption key to recover the original data. ► The Data Encryption Standard (DES) is a system developed by the U.S. government for use by the general public. It has been widely accepted as a cryptographic standard both in the United States and abroad. ► DES can provide end-to-end encryption on the channel between the sender A and receiver B ► Public key algorithms are based on mathematical functions rather than operations on bit patterns.