This document provides an overview of database creation, granting user rights, threats and security, and backup. It discusses creating a database, defining tables and fields, granting users access to tables, common database threats and how to manage security, and the importance of backups. Physical database design involves translating the logical data model into technical specifications for storing and retrieving data efficiently while maintaining integrity, security, and recoverability.
2. INTRODUCTION
A database is an organized set of data stored in a
computer that can be searched automatically.
A database is essential for multi-user application to
enterprise - wide system, where coordinating between
many users’ functions is required.
Content is retrieved from the database based on
decisions made by the users while the database
settings control what the user is allowed to see and
how the information is displayed.
3. Definitions
Database: organized collection of logically related
data
Data: stored representations of meaningful objects
and events
Structured: numbers, text, dates
Unstructured: images, video, documents
Information: data processed to increase knowledge
in the person using the data
Metadata: data that describes the properties and
context of user data
3
4. The DATABASE Approach: How
it WORKS
Central repository of shared data
Data is managed by a controlling
agent
Stored in a standardized, convenient
form
4
6. Database Management System
6
DBMS manages data resources like an operating system manages hardware resources
A software system that is used to create, maintain, and provide
controlled access to user databases
Order Filing
System
Invoicing
System
Payroll
System
DBMS
Central database
Contains employee,
order, inventory,
pricing, and
customer data
7. Advantages of the Database Approach
Program-data independence
Planned data redundancy
Improved data consistency
Improved data sharing
Increased application development productivity
Enforcement of standards
Improved data quality
Improved data accessibility and responsiveness
Reduced program maintenance
Improved decision support
7
8. Costs and Risks of the Database
Approach
New, specialized personnel
Installation and management cost and complexity
Conversion costs
Need for explicit backup and recovery
Organizational conflict
8
10. MEANING
Content creation is the contribution of information to
any media and most especially to digital media for an
end-user/audience in specific contexts.
Content is something that is to be expressed through
some medium, as speech, writing or any of various arts
for self expression, distribution
11. Physical Database Design
Purpose–translate the logical description of data into
the technical specifications for storing and retrieving
data
Goal–create a design for storing data that will provide
adequate performance and insure database integrity,
security, and recoverability
11
12. Physical Design Process 12
Normalized relations
Volume estimates
Attribute definitions
Response time expectations
Data security needs
Backup/recovery needs
Integrity expectations
DBMS technology used
Inputs
Attribute data types
Physical record descriptions
(doesn’t always match
logical design)
File organizations
Indexes and database
architectures
Query optimization
Leads to
Decisions
13. Designing Fields
Field: smallest unit of data in
database
Field design
Choosing data type
Coding, compression,
encryption
Controlling data integrity
13
14. A Good Data Name is:
Related to business, not technical, characteristics
Meaningful and self-documenting
Unique
Readable
Composed of words from an approved list
Repeatable
14
15. Choosing Data Types
CHAR–fixed-length character
VARCHAR2–variable-length character
(memo)
LONG–large number
NUMBER–positive/negative number
INEGER–positive/negative whole number
DATE–actual date
BLOB–binary large object (good for
graphics, sound clips, etc.)
15
18. de
18
1. The End User
The one who will use the information
Unaware of the background processes
Perhaps has little or no computing knowledge
Expertise is in the use of the data
Database Users
19. de
19
1. The End User (cont.)
The information must be
correct
readily available
user friendly format
meet their requirements
allow them to be productive
Database Users
21. de
21
A high level management function (e.g. Director)
Determination of overall information needs from a
management perspective
Developing & administering the policies, procedures,
practices & plans for definition, organisation, protection &
efficient utilisation of data
Encompasses all corporate data whether computerised or
not
Data Administration
22. de
22
Normally responsible for computerised systems only
Management & Co-ordination function
Technical function responsible for:
physical database design
security
backup
recovery
performance
Database Administration
23. de
23
What is it?
“To successfully set up and manage an environment in
which the data resource is effectively used”
Database Administration
24. de
24
THERE ARE THREE MAIN FUNCTIONS:
1. Administration & management of Data Content
2. Administration & management of Data Structure
3. Administration & management of the Physical
Database
DBA Functions
25. de
25
1. Administration & management of Data Content
which data is to be held on the database
which users have what kind of access to the database
which kind of users have access to individual items of data
which consistency checks must be maintained
when should data be removed
DBA Functions
26. de
26
2. The administration and management of data structure.
how many logical databases do we need ?
what is the table column structure ?
normalisation
functional analysis
de normalisation
how is security to be implemented ?
DBA Functions
27. de
27
2. The administration and management of data structure
(Cont.)
how are consistency checks made ?
how is access to be optimised ?
transactions
clustering
indexing
query optimisation
how and when to re-organise the database ?
DBA Functions
28. de
28
3. The administration and management of the physical
database
how many copies should run ?
machine sizing
operating system performance
when and how should we perform backups?
database files
recovery log files
DBA Functions
29. de
29
3.The administration and management of the physical
database ( cont.)
start-up and shutdown procedures.
DBMS parameters
control procedures
what procedures are required to recover from system
failures ?
export / import procedures
roll forward / rollback
DBA Functions
30. de
30
integrity and consistency
monitoring and tuning
reducing redundant storage
facilitating sharing of data
security
backups
recovery
keep down time to a minimum
DBA Role
31. Importance of Data/Database
Administration
Data are a corporate asset
similar to personnel, equipment, and financial assets
Important assets of the organization need to be
managed properly
Data are stored in databases
Hence, effective data and database
administration provide support for managerial
decision-making
31
33. SQL Is:
Structured Query Language
The standard for relational database
management systems (RDBMS)
SQL-92 Standard -- Purpose:
Specify syntax/semantics for data definition and
manipulation
Define data structures
Enable portability
Specify minimal (level 1) and complete (level 2)
standards
Allow for later growth/enhancement to standard
33
34. History of SQL
1970–E. Codd develops relational database
concept
1974-1979–System R with Sequel (later SQL)
created at IBM Research Lab
1979–Oracle markets first relational DB with SQL
1986–ANSI SQL standard released
1989, 1992, 1999, 2003–Major ANSI standard
updates
Current–SQL is supported by most major
database vendors
34
35. Purpose of SQL Standard
Specify syntax/semantics for data definition
and manipulation
Define data structures
Enable portability
Specify minimal (level 1) and complete (level
2) standards
Allow for later growth/enhancement to
standard
35
36. Benefits of a Standardized
Relational Language
Reduced training costs
Productivity
Application portability
Application longevity
Reduced dependence on a single vendor
Cross-system communication
36
37. SQL Environment
Catalog
A set of schemas that constitute the description of a database
Schema
The structure that contains descriptions of objects created by a
user (base tables, views, constraints)
Data Definition Language (DDL)
Commands that define a database, including creating, altering,
and dropping tables and establishing constraints
Data Manipulation Language (DML)
Commands that maintain and query a database
Data Control Language (DCL)
Commands that control a database, including administering
privileges and committing data
37
38. Benefits of a Standardized
Relational Language
Reduced training costs
Productivity
Application portability
Application longevity
Reduced dependence on a single vendor
Cross-system communication
38
40. SQL Database Definition
Data Definition Language (DDL)
Major CREATE statements:
CREATE SCHEMA – defines a portion of the
database owned by a particular user
CREATE TABLE – defines a table and its columns
CREATE VIEW – defines a logical table from one or
more views
Other CREATE statements: CHARACTER SET,
COLLATION, TRANSLATION, ASSERTION,
DOMAIN
40
41. Choosing Data Types
CHAR–fixed-length character
VARCHAR–variable-length character
(memo)
LONG–large number
NUMBER–positive/negative number
INEGER–positive/negative whole number
DATE–actual date
BLOB–binary large object (good for
graphics, sound clips, etc.)
41
42. Table Creation
42
Figure 7-5: General syntax for CREATE TABLE
Steps in table creation:
1. Identify data types for attributes
2. Identify columns that can and
cannot be null
3. Identify columns that must be
unique (candidate keys)
4. Identify primary key-foreign key
mates
5. Determine default values
6. Identify constraints on columns
(domain specifications)
7. Create the table and associated
indexes
43. Changing and Removing
Tables
ALTER TABLE statement allows you to change column
specifications:
ALTER TABLE CUSTOMER_T ADD (TYPE VARCHAR(2))
DROP TABLE statement allows you to remove tables
from your schema:
DROP TABLE CUSTOMER_T
43
44. Insert Statement
Adds data to a table
Inserting into a table
INSERT INTO CUSTOMER_T VALUES (001, ‘CONTEMPORARY Casuals’,
1355 S. Himes Blvd.’, ‘Gainesville’, ‘FL’, 32601);
Inserting a record that has some null attributes requires
identifying the fields that actually get data
INSERT INTO PRODUCT_T (PRODUCT_ID,
PRODUCT_DESCRIPTION,PRODUCT_FINISH, STANDARD_PRICE,
PRODUCT_ON_HAND) VALUES (1, ‘End Table’, ‘Cherry’, 175, 8);
Inserting from another table
INSERT INTO CA_CUSTOMER_T SELECT * FROM CUSTOMER_T WHERE STATE
= ‘CA’;
44
45. Delete Statement
Removes rows from a table
Delete certain rows
DELETE FROM CUSTOMER_T WHERE STATE = ‘HI’;
Delete all rows
DELETE FROM CUSTOMER_T;
45
46. Update Statement
Modifies data in existing rows
UPDATE PRODUCT_T SET UNIT_PRICE = 775
WHERE PRODUCT_ID = 7;
46
47. The SELECT Statement
Used for queries on single or multiple tables
Clauses of the SELECT statement:
SELECT
List the columns (and expressions) that should be returned from the query
FROM
Indicate the table(s) or view(s) from which data will be obtained
WHERE
Indicate the conditions under which a row will be included in the result
GROUP BY
Indicate categorization of results
HAVING
Indicate the conditions under which a category (group) will be included
ORDER BY
Sorts the result according to specified criteria
47
49. CREATE USER ACCOUNT:
Mysql>create user (newuser_name)@localhost
identified by ‘password’;
Example:
Mysql> create user siddiq@localhost identified by
'123';
Query OK, 0 rows affected (0.02 sec)
50. Create a User Account
Mysql>GRANT ALL ON database_name.* To
user_name@localhost IDENTIFIED by ‘Password’;
mysql> GRANT ALL ON sample.* TO sps@localhost
IDENTIFIED BY 'mypassword';
Note:
GRANT ALL means all privileges i.e. user is permitted
do anything. She/he can read, modify or delete data,
but only on tables in the demo database. She/he
cannot access any other database.
51. How do I connect to MySQL server using
user1 account?
User SPS can connect to mysql server SAMPLE database
using following command:
$ mysql –u sps –p
(OR)
$ mysql –u sps -h mysql.server.com -p demo
Where,
-u user1: MySQL Username
-h : MySQL server name (default is localhost)
-p : Prompt for password
demo: demo is name of mysql database (optional)
56. Threats to Data Security
Accidental losses
human error, software failure, hardware failure
Theft and fraud
Improper data access
loss of privacy (personal data)
loss of confidentiality (corporate data)
Loss of data integrity
data becomes invalid or corrupted
Loss of availability
sabotage of hardware, networks or applications
virus attack
56
57. Managing Data Security
Database Security
protection of the data against accidental or intentional loss,
destruction, or misuse
Increasingly difficult to manage
access to data become more open through the Internet and
corporate intranets
distributed databases located on client/server architectures rather
than mainframes
57
58. 58
Figure 11-2: Possible locations of data security threats
Both internal and external threats; require firewall and physical
security.
59. Data Management Software
Security Features
Views
- restrict user views of the database; CREATE VIEW
Integrity controls
- enforced by the DBMS during querying and updating
Authorization rules
- identify users and restrict the actions they may take against a
database
- e.g., GRANT SELECT, UPDATE(price) ON PRODUCT_T TO Smith
User-defined procedures
- define additional constraints or limitations in using a database
Encryption procedures
- encode data in an unrecognizable form
Authentication schemes
- positively identify a person attempting to gain access to a database
Backup databases
- facilitate recovery procedures
59
60. Authorization Rules
Controls incorporated in the DBMS
restrict access to data
restrict actions that people may take when they access data
Authorization matrix include
subjects, objects, actions, constraints
can be viewed as metadata and stored in the repository
Authorization tables for subjects
Authorization tables for objects
60
61. Authentication Schemes
Goal is to obtain a positive identification of the user
Passwords are flawed
users share them with each other
they get written down, could be copied
automatic logon scripts remove need to explicitly type
them
unencrypted passwords travel the Internet
Possible solutions
Biometric devices
techniques that measure or detect personal characteristics such
as fingerprints, voiceprints, eye pictures, or signature dynamics
Third-party authentication
using secret keys, digital certificates
61
63. Backing Up Databases
Database recovery is the mechanism for
restoring a database quickly and accurately
after loss or damage
Recovery manager
a module of the DBMS which restores the database
to a correct condition when a failure occurs and
which resumes processing user requests
63
64. Backup Facilities
An automatic dump facility that produces
backup copy of the entire database
Periodic backup
e.g. nightly, weekly
Cold backup
database is shut down during backup
Hot backup
selected portion of the database is shut down and
backed up at a given time
useful when it is a critical system that must always
remain available
Backups stored in secure, off-site location
64
65. Journalizing Facilities
An audit trail of transactions and database changes
Transaction
a discrete unit of work that must be completely processed or
not processed at all
e.g. entering a customer order
Transaction log
record of essential data for each transaction processed
against the database
Database change log
before- and after-images of records that have been modified
by transactions
before-image is a copy of record before modification
after-image is a copy of record after modification
65
66. 66
Figure 11-8: Database audit trail
From the backup and logs,
databases can be restored
by the recovery manager
in case of damage or loss
68. Recovery and Restart Procedures
Switch
Mirrored databases
at least two copies of the database must be kept and updated
simultaneously
implemented in RAID 1 systems
Procedure
when a disk failure occurs, system switches to mirrored disk
defective disk can be removed and replaced with a new disk
Advantages
no disruption in service; fastest recovery
popular as cost of secondary storage has dropped
Disadvantages
does not protect against lost of power or damage to both
databases
68
69. Recovery and Restart Procedures
Restore/Rerun
reprocessing the day’s transactions (up to the point of
failure) against the backup copy of the database
Advantages
does not need to create a database change journal
no special restart procedures required
Disadvantages
time to reprocess transactions may be long
Used only as a last resort
69
70. Recovery and Restart Procedures
Backward Recovery (rollback)
apply before-images of records that have been changed to the
database
restore the database to an earlier state
used to reverse the changes made by transactions that have been
aborted or terminated abnormally
Forward Recovery (rollforward)
starts with an earlier copy of the database
apply after-images (the results of good transactions) to the database
preferable to restore/rerun
do not need to reprocess each transaction
only the most recent after-image of a record need to be applied
70