Chapter 10
DB System Administration
1
Based on G. Post, DBMS: Designing & Building Business Applications
University of ManitobaAsper School of Business
3500 DBMSBob Travica
Updated 2010
DDBB
SSYYSSTTEEMMSS
2 of 22
Outline
Data Administrator/Analyst (DA) Database Administrator (DBA) DBA’s duties DB system backup & recovery DB system security
DDBB
SSYYSSTTEEMMSS
3 of 22
Data Administration
Data are valuable assets.
Data are used at many business levels
There are many databases and database systems in an organization.
Responsibility for managing data - Data Administrator (DA) or Data Analyst
Business Operations
TacticalManagement
Strategic
Management
EIS
RS/
MIS
DSS
TPS
TPS=Transaction Processing Sys.RS=Reporting SysMIS=Management Info. Sys.DSS=Decisions Support Sys.EIS=Executive Info. Sys.
DDBB
SSYYSSTTEEMMSS
4 of 22
Data Administration/Administrator (DA)
DA (sometimes called data architect or even business analyst) is a type of professional that resides in the IS function or in a unit interafcing with the IS function.
Focus on data/information and users (reports, output forms, queries) rather than IT Data definition and integration (e.g., Customer entity in CRM
systems).
Decision support.
Ideas for application design and involvement in systems development.
Information security.
DDBB
SSYYSSTTEEMMSS
5 of 22
Database Administration/Administrator (DBA)
Focus on technology.
Actively participates in DB system development (plan,
develop, install, upgrade…).
Creates user accounts and monitors security.
Manages backup and recovery of databases.
Monitors and tunes the database performance.
Coordinates with DBMS vendors and plans for changes.
DDBB
SSYYSSTTEEMMSS
6 of 22
DBA Tools: Performance Monitors
DDBB
SSYYSSTTEEMMSS
7 of 22
SQL Server Query Analyzer
DDBB
SSYYSSTTEEMMSS
8 of 22
DB System Planning & Design
Estimation & Design (logical, physical)Data storage requirements, forms & reports needed
(costs of development), hardware needs, matching
organizational needs with DBMS products
Time, labor & cost to develop
Data modeling – coordinates with Data Analyst in the domain of logical design (e.g., class diagrams, user interface). Also DA and DBA cooperate on schemas.
In charge of physical design (types of files, access structures, DBMS product, hardware)
DDBB
SSYYSSTTEEMMSS
9 of 22
DB System Development & Implementation
Standards for application programming.User interface.Programming standards.
Layout and techniques.Variable & object definition.
Test procedures.
Data access and ownership. Loading databases. Backup and recovery plans. User and operator training.
DDBB
SSYYSSTTEEMMSS
10 of 22
DB System Operation and Maintenance
Monitoring usageSize and growthPerformance / delays (cooperates with DA)
Security logsUser problems
Backup and recovery
User support (Help desk, Training); cooperates with other system and business professionals
DDBB
SSYYSSTTEEMMSS
11 of 22
DB System Growth and Change
Determines need for changeSize and speed
Structures / designRequests for additional data.
Difficulties with queries -- analysis tools (coop.
with DA and other business analysts)
Usage patterns
Forecasts
DDBB
SSYYSSTTEEMMSS
12 of 22
Database Backup
Backups are crucial! Offsite storage needed Types of backup
Full – in longer intervals (e.g., once a week); a copy of all tables made
Partial (Differential) – in shorter intervals; just new data is copied;
Alternative: No partial backup but changes made after the last backup of Op DB copied into Bkp DB.
BackupManager
(part of DBMS)
OperationalDatabase(Op DB)
copies BackupDatabaseBkp DB)
copied to
copies new dataPartial backup
copies new dataPartial backup
updatesBackup
database
1
2
3
4
DDBB
SSYYSSTTEEMMSS
13 of 22
Database Recovery
Recovery needed if problems with software, hardware, incorrect user input, viruses, natural causes
Recovery = getting databases to consistent state (all integrity supported)
Key facilities: Recovery Manager (part of DBMS), Transactions log file, ROLLBACK procedure
Alternative: User works with operational DB, and TL engaged only if former fails.
TransactionLog (TL)
(managed by Backup
Manager)
Recovery Manager
Transactions…Savepoint
Operationaldatabasecopied to
Transactionunfinished
System crash-
Unsaved data lost!
uses
Backupdatabase
uses
recovers
DDBB
SSYYSSTTEEMMSS
14 of 22
Transaction Log
Transaction Log ID
Transaction ID
Pointer to previous
transaction
Pointer to next
transaction
Key Table AttributeOld
valueNewvalue
Databasetask
Checkpoint (Savepoint) is when results of all new transactions are copied into Operational Database. Just the first transaction is permanently saved.
DDBB
SSYYSSTTEEMMSS
15 of 22
Database Security and Privacy
Physical security Protecting hardware Protecting software and
data.
Logical security Unauthorized disclosure Unauthorized modification Unauthorized withholding
Security Threats Employees (!) Programmers Visitors Consultants Business partnerships
Strategic sharing EDI (Electronic Data
Interchange & other inter-org. networks)
Hackers--Internet
DDBB
SSYYSSTTEEMMSS
16 of 22
Data Privacy
• A security issue
• Who owns data?
• Customer rights
• International issues (e.g., strict privacy regulations in West
Europe; Canada vs. US)
DDBB
SSYYSSTTEEMMSS
17 of 22
Physical Security
Hardware-relatedPreventing problems
(fire, water…)
Hardware backup
facilities (“Hot sites” etc.)
Telecommunication
systems for backup
Personal computers
challenge (use file servers
for backup)
Data and softwareBackups, Off-site
backups (!)
Disaster planningPlans, training & testing
DDBB
SSYYSSTTEEMMSS
18 of 22
Managerial Controls
Insiders Hiring
Job termination
Monitoring behavior
Job segmentation
Physical & Logical access limitations
Outsiders Physical access limitations
“Shadowing”
DDBB
SSYYSSTTEEMMSS
19 of 22
Logical Security
Unauthorized disclosure (e.g., letting a competitor see the strategic marketing plans)
Unauthorized modification (e.g., letting employees change their salary figures)
Unauthorized withholding (e.g., preventing a finance officer from retrieving data needed to get a bank loan)
DDBB
SSYYSSTTEEMMSS
20 of 22
User Identification
User identification
Accounts
Individual
Groups
Passwords
Alternative identification
Finger & hand print readers
Voice…
Disposable passwords
DDBB
SSYYSSTTEEMMSS
21 of 22
Access Controls
Data owners and DBA.
Operating systemAccess to directoriesAccess to filesAssigned to individuals or groups.
DBMS access controls(Read, write, modify… data; Administer system)
DDBB
SSYYSSTTEEMMSS
22 of 22
SQL Security Commands
GRANT privileges REVOKE privileges Privileges include
SELECT DELETE INSERT UPDATE
Objects include Table Table columns (SQL 92+) Query
Users include Name/Group PUBLIC
GRANT INSERTON BicycleTO OrderClerks
REVOKE DELETEON CustomerFROM Assemblers