Database Administration Part 2 Chapter Six CSCI260 Database Applications

2 Chapter Objectives Understand the need for and importance of database administration Understand the need for and importance of database administration Learn different ways of processing a database Learn different ways of processing a database Understand the need for concurrency control, security, and backup and recovery Understand the need for concurrency control, security, and backup and recovery Learn typical problems that can occur when multiple users process a database concurrently Learn typical problems that can occur when multiple users process a database concurrently Understand the use of locking and the problem of deadlock Understand the use of locking and the problem of deadlock Understand the use of locking and the problem of deadlock Understand the use of locking and the problem of deadlock

3 Chapter Objectives (continued) Learn the difference between optimistic and pessimistic locking Learn the difference between optimistic and pessimistic locking Know the meaning of ACID transaction Know the meaning of ACID transaction Learn the four 1992 ANSI standard isolation levels Learn the four 1992 ANSI standard isolation levels Understand the need for security and learn a generalized model of database security Understand the need for security and learn a generalized model of database security Know the difference between DBMS and application security Know the difference between DBMS and application security Know the difference between recovery via reprocessing and recovery via rollback/rollforward Know the difference between recovery via reprocessing and recovery via rollback/rollforward

4 Chapter Objectives (continued) Understand the nature of the tasks required for recovery using rollback/rollforward Understand the nature of the tasks required for recovery using rollback/rollforward Know basic administrative and managerial DBA functions Know basic administrative and managerial DBA functions

5 Database Security Database Security strives to ensure: Database Security strives to ensure: –Only authorized users –Perform authorized activities –At authorized times

6 Admin Asst: Read, Insert and change data in all tables. ONLY delete from SEMINAR-CUSTOMER (un-enroll customer from seminar) and LINE-ITEM (take item off order). Management: Take all actions except delete customers. Never want to delete a customer. Sys Admin: Only define permissions. No other rights. Not a user, no need to change data.

7 Database Security Guidelines Run the DBMS behind a firewall Run the DBMS behind a firewall –No access outside of organization –Problem with e-commerce applications –Still protect all non-e-commerce activities Apply the latest operating system and DBMS service packs and patches Apply the latest operating system and DBMS service packs and patches –Spring 2003 Slammer worm exploited security hole in SQL Server –MS published patch eliminating hole, for those who applied it

8 Database Security Guidelines Limit DBMS functionality to needed features Limit DBMS functionality to needed features –Remove extra communication protocols –Remove pre-packaged stored procedures Protect the computer that runs the DBMS Protect the computer that runs the DBMS –No one should use or access this computer –Keep behind locked and logged doors Manage accounts and passwords Manage accounts and passwords

9 Processing Rights and Responsibilities Processing rights define who is permitted to do what, when Processing rights define who is permitted to do what, when The individuals performing these activities have full responsibility for the implications of their actions The individuals performing these activities have full responsibility for the implications of their actions Individuals are identified by a username and a password Individuals are identified by a username and a password

10 DBMS Security (Granting Permissions) Database users are known as an individual and as a member of one or more role Database users are known as an individual and as a member of one or more role Granting access and processing rights/privileges may be granted to an individual and/or a role Granting access and processing rights/privileges may be granted to an individual and/or a role Users possess the compilation of rights granted to the individual and all the roles for which they are members Users possess the compilation of rights granted to the individual and all the roles for which they are members

11 Application Security Beyond providing generic access limitations to users, an application may introduce specific access rights for particular users. Beyond providing generic access limitations to users, an application may introduce specific access rights for particular users.

12 A Model of DBMS Security

13 Database Backup and Recovery Common causes of database failures… Common causes of database failures… –Hardware failures –Programming bugs –Human errors/mistakes –Malicious actions Since these issues are impossible to completely avoid, recovery procedures are essential Since these issues are impossible to completely avoid, recovery procedures are essential

14 Database Backup and Recovery First – business functions must continue. First – business functions must continue. –Customer orders, financial transactions, packing lists – all completed manually Second – system must be restored to usable stage ASAP and as close as possible to what it was when it crashed Second – system must be restored to usable stage ASAP and as close as possible to what it was when it crashed Third – users must be notified when system back online Third – users must be notified when system back online –Some data may need to be re-entered

15 Recovery via Reprocessing In reprocessing, all activities since the backup was performed are redone In reprocessing, all activities since the backup was performed are redone This is a brut-force technique This is a brut-force technique This procedure is costly in the effort involved in re-entering the data This procedure is costly in the effort involved in re-entering the data This procedure is risky in that human error is likely and in that paper record-keeping may not be accurate This procedure is risky in that human error is likely and in that paper record-keeping may not be accurate

16 Recovery via Rollback and Rollforward Most database management systems provide a mechanism to record activities into a log file Most database management systems provide a mechanism to record activities into a log file

17 Rollforward Activities recorded in the log files may be replayed. In doing so, all activities are re- applied to the database Activities recorded in the log files may be replayed. In doing so, all activities are re- applied to the database This procedure is used to resynchronize restored database data This procedure is used to resynchronize restored database data This procedure is termed a Rollforward This procedure is termed a Rollforward

18 Rollback Since log files save activities in sequence order, it is possible to undo activities in reverse order that they were originally executed Since log files save activities in sequence order, it is possible to undo activities in reverse order that they were originally executed This is performed to correct/undo erroneous or malicious transaction(s) This is performed to correct/undo erroneous or malicious transaction(s) This procedure is known as a Rollback This procedure is known as a Rollback

Database Administration End of Presentation on Chapter Six

Due Monday December 11 9am, in the classroom Be ready to demo your entire database! Final Project for CSCI260