Lecture11 - Data Administration

Download Report

Transcript Lecture11 - Data Administration

COIS20026 Database
Development & Management
Week 10 – Data Administration
Prepared by: Angelika Schlotzer
Updated by: Satish Balmuri
Updated by: Tony Dobele
This week - Data Administration

Readings for this week:
Study guide module 10
 Text book readings as directed in
study guide

2
Data Administration

Objectives:




discuss the difference between data
administration and database
administration
describe the areas of responsibility of
the data administrator within an
organisation
describe the areas of responsibility of a
database administrator
define the term ‘data steward’
3
Objectives (cont’d)




Describe the distinction between a Data
Dictionary, CASE tool & Information
Repository
list & describe threats to data security
explain what is meant by ‘data security
plan’)
list & briefly describe the most
important security features of data
management software (eg views,
encryption, authentication etc)
4
The Importance of Data

Most of us will by now have
recognised the importance of data to
any organisation 



asset and resource
needs to be competently & carefully
managed
technology has made effective data
management achievable
effective data administration can assist
enormously in decision making
5
Ineffective Data Administration

Poor data administration is
characterised by:(see text p 496)




multiple definitions of the same data
entity and/or inconsistent
representations of same data elements
in separate databases
missing key data elements
low data quality levels
inadequate familiarity with existing
data
6
Effective Data Administration

The following functions must be
addressed:



establishment of data policies,
procedures & standards
planning information architecture that
will meet an organisation’s diverse
information needs
resolution of data ownership conflicts
7
Effective Data Administration
(cont’d)





internal marketing of importance of
adherence to procedures & policies
management of the information
repositories
selection of hardware & software
management of data security, privacy &
integrity
procedures for data backup & recovery
8
Data Administration

The functions of data administration
include:





database planning
analysis, design, implementation
maintenance & protection
improving database performance
education, training & support for end
users
9
Data Administrator

The data administrator is generally
responsible for data administration



responsible for overall management of
data resources
develops procedures to protect &
control data resources
resolve disputes about ownership of
data when it is centralised & shared
10
Data Administrator (cont’d)




Plays significant role in decisions about
where data will be stored & managed, &
implementing standards & procedures
interacts with top level management,
users & computing specialists
must be highly skilled manager with
good negotiation, conflict resolution
and persuasion skills
must also have high level of technical
skills
11
Database Administration

Database administration involves
more physical engagement with
management of database(s); ie
technical function involving:


physical database design &
implementation
enforcement of standards & procedures
established by data administrator for
security, programming standards, etc
12
Database Administrator

Database administrator also needs to
have a wide variety of skills 



understanding of database development
lifecycle
project management skills
strong technical background with
understanding of current architectures,
capabilities & limitations
thorough understanding of data
processing
13
Database Administrator (cont’d)




strong design & data modelling skills
strong managerial skills since the DBA
must manage other IS personnel
very good interpersonal &
communication skills to interact with all
levels of management & end users
provide high-quality systems in a timely
manner
14
DA versus DBA

The roles of DA and DBA are not
necessarily as distinct as stated
earlier 

essentially it could be said that the role
of DA is more management oriented &
role of DBA is more technically oriented
many organisations may not be able to
employ both a DA and a DBA in which
case, the DBA is usually responsible for
all the activities
15
DA versus DBA (cont’d)

Organisations will also differ in
allocations of responsibilities between
DA & DBA
today’s environment requires more rapid
development & deployment of databases
 new databases more likely to be
departmental & client/server
 prototyping often used in development
 blending of data administration &
database administration


(see figure 12-1 life-cycle phase functions & functions typically
performed by DA & DBA)
16
DBA’s Future Role

Role of DBA will continue to evolve &
is likely to become more specialised 



distributed database/network capacity
planning
server programming
warehousing
off-the-shelf customising
17
Database Security

Hoffer et al (2007,p 495) define
database security as:


‘protection of the data against
accidental or intentional loss,
destruction or misuse’
Since data is vital to any
organisation, it is important to
ensure that it is protected
18
Data Security Threats


Security policies & procedures need
to be established, implemented &
enforced to deal with possible data
security threats
Threats to data security can include

accidental losses including human error,
software & hardware breaches
theft & fraud - usually by electronic
access
19
Data Security Threats (cont’d)




loss of privacy or confidentiality
loss of data integrity
loss of availability
Data management software
(incorporated in DBMS) provides
security features that assist in
reducing/minimising threats
20
Data Management Software Security Features

Features include:






views or subschemas
authorisation rules to identify users &
restrict actions that can be taken
user-defined procedures - provide
additional constraints or limitations
encryption
authentication schemes
backup, journaling & checkpointing
capabilities (covered in week 9)
21
Views

Views can provide some security by 


presenting only data which user
requires
user can be granted right to access view
but not underlying base table
not really considered to be a truly
adequate security measure since
unauthorised users may gain access
to the view & experimentation may
provide access to data
22
Authorisation Rules

Authorisation rules 



incorporated in data management
system
can restrict access to data and actions
that can be taken by user
figure 12-5 of the text illustrates the
ways in which most current DBMS
implement authorisation rules
Does MS Access have this feature?
23
User-defined Procedures

Provision for creation of user-defined
security procedures by system
designers/user


in addition to authorisation rules
not offered by all DBMS products
24
Encryption



The process of encoding data so that
it cannot be read
a routine provided by the DBMS
(some allow user defined routines)
needs to be complemented by a
decoding routine - care must be
taken to secure this also
25
Authentication Schemes

Used to positively identify a person
attempting to gain access to
computer or resources:


passwords have been used for quite a
long time - not really good at identifying
the individual person
biometric devices are showing some
promise of specifically identifying the
individual attempting access (eg. Acer has
released a laptop computer that uses
fingerprint identification)
26
Data Quality

Data quality refers to data that is:







accurate
consistent
current
relevant
complete
available in a timely fashion
Data quality impacts on
organisational decision making
27
Data Quality (cont’d)

Business information advisory
committee can contribute to
establishment of high quality data

members often referred to as ‘data
stewards’
28
Data Stewards

Data stewards will:






liaise with IT & their business units
consider enterprise-wide data needs
have strong interest in managing
information
have good negotiation skills
in-depth understanding of the business
try to ensure that captured data is
accurate and consistent
29
Data Quality Standards

Policies need to be established to
deal with issues such as:






data sharing and the potential problems
that can arise from this
security policy & disaster recovery
personnel controls
physical access controls
maintenance controls
data protection & privacy
30
Data Dictionaries

Data dictionary generally part of the
database system catalog




documents database data elements
active data dictionary is maintained by
DBMS (most common now)
passive data dictionary maintained by
users
System catalog generated for each
database

documents & describes all database
objects
31
Information Repository

Stores metadata describing
organisation’s data & data
processing resources



essential element of both development
& production environments
information needs to be readily
accessible & current
information repository dictionary
system can be used to manage
information repository
32
Information Repository
Dictionary System

Software tool that provides facilities
for recording, storing & processing
descriptions of significant
organisational data & processing
resources


compliant systems can transfer data
definitions among data dictionaries
generated by variety of products
(see figure 12-16 of text for repository system architecture)
33
Information Repository
Dictionary System (cont’d)

Repository engine as defined in
Bernstein’s 1996 model supports
five functions:





object management
dynamic extensibility
relationship management
version management
configuration management
34
Summary

Today we have:



distinguished between data
administration and database
administration
explored the areas of responsibility of
the data administrator versus the
database administrator
defined the term ‘data steward’
35
Summary (cont’d)




looked at the differences between a
Data Dictionary & Information
Repository
explored possible threats to data
security
explained what is meant by the term
‘data security plan’
identified the most important security
features of data management software
36