* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Chapter 15
Entity–attribute–value model wikipedia , lookup
Extensible Storage Engine wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Relational model wikipedia , lookup
Concurrency control wikipedia , lookup
Functional Database Model wikipedia , lookup
Clusterpoint wikipedia , lookup
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 15 Database Administration and Security Objectives • In this chapter, you will learn: – Data are a valuable business asset requiring careful management – How a database plays a critical role in an organization – Introduction of a DBMS has technological, managerial, and cultural organizational consequences Database Systems, 8th Edition 2 Objectives (continued) • In this chapter, you will learn: (continued) – Database administrator’s managerial and technical roles – Data security, database security, and the information security framework – Several database administration tools and strategies – How various database administration technical tasks are performed with SQL Server 2005 Database Systems, 8th Edition 3 15.1 Data as a Corporate Asset • Data are a valuable asset that require careful management – How many opportunities are lost if data about customers, suppliers, inventories, operations are missing? – What is the actual cost of data loss? • Data are a valuable resource that translate into information – The data user applies intelligence to data to produce information • Accurate, timely information triggers actions that enhance company’s position and generate wealth Database Systems, 8th Edition 4 Data form the basis for decision making, strategic planning, control, and operation monitoring Database Systems, 8th Edition 5 15.2 The Need for and Role of Databases in an Organization • Database’s predominant role is to support managerial decision making at all levels while preserving data privacy and security • DBMS facilitates: – – – – Interpretation and presentation of data Distribution of data and information Data Preservation and monitoring of data usage Control over data duplication and use • Three levels to organization management: – Top, strategic decision – middle, tactical decision – Operational, daily operational decision Database Systems, 8th Edition SKIP 15.3 6 • Database at top management level – Provide information necessary for strategic decision making, strategic planning, policy formulation, and goals definition – Provide access to data to identify growth opportunities and to chart the direction of such growth – Provide a framework for defining and enforcing organizational policies – Improve the likelihood of a positive ROI by searching for new ways to reduce costs and/or by boosting productivity – Provide feedback to monitor whether the company is achieving its goals 7 • Database at middle management level – Deliver the data necessary for tactical decisions and planning – Monitor and control the allocation and use of company resources and evaluate departments’ performances – Provide a framework for enforcing and ensuring the security and privacy of data in the database • Database at operational management level – Represent and support the company operations as closely as possible with a flexible data model – Produce query results within specified performance levels – Enhance the company’s short-term operational ability by providing timely information for customer support and for application development and computer operations 8 15.4 The Evolution of the Database Administration Function • Data administration has its roots in the old, decentralized world of the file system • Advent of DBMS and its shared view of data produced new level of data management sophistication – Data processing (DP) department evolved into information systems (IS) department • Data management became increasingly complex – Development of database administration function Database Systems, 8th Edition 9 After the DP department evolved into the IS department, the responsibility of the IS department were broadened to include: • A service function to provide end users with active data management support • A production function to provide end users with specific solutions for their information needs through integrated application or management information systems • The application development segment was in charge of gathering DB requirements and logical DB design • The DB operations segment took charge of implementing, monitoring, and controlling the DBMS operations 10 To plan, define, implement, and enforce the policies, standards, and procedures in the data administration activity consulting 11 • No standard for how the DBA function fits in an organization’s structure, especially for the fast-paced technology changes: – Distributed databases impose new and complex coordinating activities on the system DBA – Internet-accessible data and growing data warehousing applications add to the DBA’s data modeling and design activities – PC-based DBMS packages invite data duplication and poor DB design 12 • DBA operations according to DBLC phases: – DB planning, including defining standards, procedures, and enforcement – DB requirement gathering and concept design – DB logical and transaction design – DB physical design and implementation – DB testing and debugging – DB operations and maintenance, including installation, conversion, and migration – DB training and support 13 14 coordinator of all DBAs Data Administrator (DA): reports directly to top management, and is given higher responsibility and authority than DBA. DA is responsible for controlling the overall corporate data resources, both computerized and manual 15 15.5 The Database Environment’s Human Component • Even most carefully crafted database system cannot operate without human component • Effective data administration requires both technical and managerial skills • DA’s job has a strong managerial orientation with company-wide scope. DBA is focal point for data/user interaction – Both need diverse mix of skills Database Systems, 8th Edition 16 Contrasting DA and DBA Activities and Characteristics • DA must set data administration goals – – – – Data “sharability” and time availability Data consistency and integrity Data security and privacy Extent and type of data use 17 A Summary of DBA Activities Database Systems, 8th Edition Used as a general title that encompasses all appropriate data administration functions 18 19 The DBA’s Managerial Role • DBA responsible for: – Coordinating, monitoring, allocating DB administration resources: people and data – Defining goals and formulating strategic plans for the DBA function Database Systems, 8th Edition 20 • End-User Support – Interacts with end user by providing data and information support services • • • • • • Gathering user requirements, Building end-user confidence, Resolving conflicts and problems, Finding solutions to information needs, Ensuring quality and integrity of data and applications, managing the training and support of DBMS users 21 • Policies, standards, procedures – Policies are general statements of direction or action that communicate and support DBA goals – Standards describe the minimum requirements of a given DBA activity – Procedures are written instructions that describe a series of steps to be followed during the performance of a given activity • • • • • • • • • End-user DB requirement gathering; DB design and modeling; Documentation and naming conventions; Design , coding, and testing of DB application programs; DB software selection; DB security and integrity; DB backup and recovery; DB maintenance and operation; End-user training 22 • Data security, privacy, integrity – Distribution of data makes it difficult to maintain data control, security, and integrity – DBAs must team up with internet security experts to build security mechanisms handling attacks or unauthorized access • Data Backup and Recovery – Ensures data can be fully recovered – Disaster management • Includes all planning, organizing, and testing of DB contingency plans and recovery procedures – – – – – – Periodic data and application backups Proper backup identifications Convenient and safe backup storage Physical protection of hardware and software Personal access control to the software of a DB installation Insurance coverage for the data in the DB 23 • Data backup and recovery – Data recovery and contingency plans must be thoroughly tested and evaluated, and they must be practiced frequently – Establish priorities concerning the nature and extent of the data recovery process • Data Distribution and Use – DBA is responsible for ensuring that the data are distributed to the right people, at the right time, and in the right format – Enabling end users to become self-sufficient in the acquisition and use of data can lead to more efficient use of data in the decision process. – Letting end users micromanage their data subsets could inadvertently sever the connection between those users and the data administration function. 24 The DBA’s Technical Role • Evaluates, selects, and installs DBMS and related utilities (p.621) • Designs and implements databases and applications (p.622) • Tests and evaluates databases and applications (p.623) • Operates DBMS, utilities, and applications (p.623-624) • Trains and supports users (p.625) • Maintains DBMS, utilities, and applications (p.625) 細節請自己看課本,期末不考 Database Systems, 8th Edition 25 15.6 Security • Security refers to activities and measures to ensure the confidentiality, integrity, and availability of an information system and its data – Securing data entails securing overall information system architecture – Confidentiality: data protected against unauthorized access – Integrity: keep data consistent and free of errors or anomalies – Availability: accessibility of data by authorized users for authorized purposes Database Systems, 8th Edition 26 Security Policies • Database security officer secures the information system and the data – Works with the database administrator • Security policy: collection of standards, policies, procedures to guarantee security – Ensures auditing and compliance • Security audit process identifies security vulnerabilities – A weakness in a system component that could be exploited to allow unauthorized access or cause service disruptions – Identifies measures to protect the system Database Systems, 8th Edition 27 Security Vulnerabilities • Security threat: imminent security violation – Could occur at any time • Security breach yields a database whose integrity is: – Preserved • Action is required to avoid the repetition of similar security problems, but data recovery may not be necessary. Like unauthorized or unnoticed access for information purposes – Corrupted • Action is required to avoid the repetition of similar security problems, and the database must be recovered to a consistent state. Like virus or hacker. Database Systems, 8th Edition 28 Sample Security Vulnerabilities and Related Measures Database Systems, 8th Edition 29 Sample Security Vulnerabilities and Related Measures 30 Database Security • Database Security refers to the use of DBMS features and other measures to comply with security requirements • DBA secures DBMS from installation through operation and maintenance • Authorization management: – User access management • Define each DB user; Assign password to each user; Define user groups; Assign access privileges; Control physical access – View definition – DBMS access control – DBMS usage monitoring • auditing Database Systems, 8th Edition 31 15.6 Database Administration Tools • Two main types of data dictionaries: – Integrated: built-in – Standalone: third-party, for older type DBMS • Active data dictionary automatically updated by the DBMS with every database access • Passive data dictionary requires running a batch process • Main function: store description of all objects that interact with database Database Systems, 8th Edition 32 • Data dictionary that includes data external to DBMS becomes flexible tool – Enables use and allocation of all organization’s information • Data dictionary typically includes: – – – – – – – – Data elements that are defined in all tables of all databases Tables defined in all databases Indexes defined for each database table Defined databases End users and administrators of the database Programs that access the database Access authorizations for all users of all databases Relationship among data elements • Metadata often the basis for monitoring database use – Also for assigning access rights to users • DBA uses data dictionary to support data analysis and design Database Systems, 8th Edition 33 CASE Tools • Computer-Aided Systems Engineering – Automated framework for SDLC – Structured methodologies and powerful graphical interfaces • Front-end CASE tools provide support for planning, analysis, and design phases • Back-end CASE tools provide support for coding and implementation phases • Benefits associated with CASE tools – – – – Reduction in development time and costs Automation of the SDLC Standardization of system development methodologies Easier maintenance of developed application Database Systems, 8th Edition 34 • Typical CASE tool has five components – Graphics designed to produce structured diagrams, such as DFD, ERD, class diagrams, and object diagrams – Screen painters and report generators – Integrated repository for storing and crossreferencing the system design data – An analysis segment to provide a fully automated check on system consistency, syntax, and completeness – A program documentation generator 35 An Example of a CASE tool: Visio Database Systems, 8th Edition 36 CASE Tools COMPANY PRODUCT Computer Associates ERWin Microsoft Visio Oracle Designer Sybase Power Designer Skip 15.8, 15.9 37 Summary • Data management is a critical activity for any organization – Data should be treated as a corporate asset • DBMS is the most commonly used electronic tool for corporate data management • DBMS has impact on organization’s managerial, technological, and cultural framework • Data administration function evolved from centralized electronic data processing – Applications began to share common repository Database Systems, 8th Edition 38 Summary (continued) • Database administrator (DBA) is responsible for managing corporate database • Broader data management activity is handled by data administrator (DA) • DA is more managerially oriented than more technically oriented DBA – DA function is DBMS-independent – DBA function is more DBMS-dependent • When there is no DA, DBA executes all DA functions Database Systems, 8th Edition 39 Summary (continued) • Managerial services of DBA function: – Supporting end-user community – Defining and enforcing policies, procedures, and standards for database function – Ensuring data security, privacy, and integrity – Providing data backup and recovery services – Monitoring distribution and use of data in database Database Systems, 8th Edition 40 Summary (continued) • Technical role of DBA: – Evaluating, selecting, and installing DBMS – Designing and implementing databases and applications – Testing and evaluating databases and applications – Operating DBMS, utilities, and applications – Training and supporting users – Maintaining DBMS, utilities, and applications Database Systems, 8th Edition 41 Summary (continued) • Security ensures confidentiality, integrity, availability of information system and data • Security policy is a collection of standards, policies, and practices • Security vulnerability is a weakness in system component • Information engineering guides development of data administration strategy • CASE tools and data dictionaries translate strategic plans to operational plans Database Systems, 8th Edition 42