Kroenke-DBC-e02-PP

Download Report

Transcript Kroenke-DBC-e02-PP

CSCI260 Database Applications
Chapter Six
Database Administration
Part 2
Chapter Objectives
• Understand the need for and importance of
•
•
•
•
database administration
Learn different ways of processing a database
Understand the need for concurrency control,
security, and backup and recovery
Learn typical problems that can occur when
multiple users process a database concurrently
Understand the use of locking and the problem of
deadlock Understand the use of locking and the
problem of deadlock
2
Chapter Objectives (continued)
• Learn the difference between optimistic and
•
•
•
•
•
pessimistic locking
Know the meaning of ACID transaction
Learn the four 1992 ANSI standard isolation
levels
Understand the need for security and learn a
generalized model of database security
Know the difference between DBMS and
application security
Know the difference between recovery via
reprocessing and recovery via
rollback/rollforward
3
Chapter Objectives (continued)
• Understand the nature of the tasks required for
•
recovery using rollback/rollforward
Know basic administrative and managerial DBA
functions
4
Database Security
• Database Security strives to ensure:
– Only authorized users
– Perform authorized activities
– At authorized times
5
Admin Asst: Read,
Insert and change data
in all tables.
ONLY delete from
SEMINAR-CUSTOMER
(un-enroll customer
from seminar) and
LINE-ITEM (take item
off order).
Management: Take all
actions except delete
customers.
Never want to delete a
customer.
Sys Admin: Only
define permissions. No
other rights. Not a user,
no need to change data.
6
Database Security Guidelines
• Run the DBMS behind a firewall
– No access outside of organization
– Problem with e-commerce applications
– Still protect all non-e-commerce activities
• Apply the latest operating system and DBMS
service packs and patches
– Spring 2003 Slammer worm exploited security hole in
SQL Server
– MS published patch eliminating hole, for those who
applied it
7
Database Security Guidelines
• Limit DBMS functionality to needed
features
– Remove extra communication protocols
– Remove pre-packaged stored procedures
• Protect the computer that runs the DBMS
– No one should use or access this computer
– Keep behind locked and logged doors
• Manage accounts and passwords
8
Processing Rights and
Responsibilities
• Processing rights define who is permitted
to do what, when
• The individuals performing these activities
have full responsibility for the implications
of their actions
• Individuals are identified by a username
and a password
9
DBMS Security
(Granting Permissions)
• Database users are known as an individual and
•
•
as a member of one or more role
Granting access and processing rights/privileges
may be granted to an individual and/or a role
Users possess the compilation of rights granted
to the individual and all the roles for which they
are members
10
Application Security
• Beyond providing generic access
limitations to users, an application
may introduce specific access rights
for particular users.
11
A Model of DBMS Security
12
Database Backup and Recovery
• Common causes of database failures…
– Hardware failures
– Programming bugs
– Human errors/mistakes
– Malicious actions
• Since these issues are impossible to completely
avoid, recovery procedures are essential
13
Database Backup and Recovery
• First – business functions must continue.
– Customer orders, financial transactions, packing lists
– all completed manually
• Second – system must be restored to usable
•
stage ASAP and as close as possible to what it
was when it crashed
Third – users must be notified when system
back online
– Some data may need to be re-entered
14
Recovery via Reprocessing
• In reprocessing, all activities since the
backup was performed are redone
• This is a brut-force technique
• This procedure is costly in the effort
involved in re-entering the data
• This procedure is risky in that human error
is likely and in that paper record-keeping
may not be accurate
15
Recovery via
Rollback and Rollforward
• Most database management systems
provide a mechanism to record activities
into a log file
16
Rollforward
• Activities recorded in the log files may be
replayed. In doing so, all activities are reapplied to the database
• This procedure is used to resynchronize
restored database data
• This procedure is termed a Rollforward
17
Rollback
• Since log files save activities in sequence
order, it is possible to undo activities in
reverse order that they were originally
executed
• This is performed to correct/undo
erroneous or malicious transaction(s)
• This procedure is known as a Rollback
18
End of Presentation on Chapter Six
Database Administration
Final Project for CSCI260
Due Monday December 11
9am, in the classroom
Be ready to demo your entire
database!