Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chapter 8: DATABASE ADMINISTRATION AND SECURITY (EVOLUTION OF THE DATABASE…
Chapter 8: DATABASE ADMINISTRATION AND SECURITY
DATA
DIRTY DATA- Data that suffer from inaccuracies and inconsistencies
DATA QUALITY - Ensuring accuracy, validity, and timeliness of data
DAtA PROFILING SOFTWARE - Determine data patterns and compare them against standards defines by the organization
MASTER DATA MANAGEMENT (MDM) SOFTWARE - Helps prevents dirty data by coordinating across multiple systems
NEED FOR & ROLE OF DATABASES IN AN ORGANIZATION
At the middle management level
Deliver the data required for tactical planning
Monitor the use of resources
Evaluate performance
Enforce security and privacy of data in the database
At the operational management level
Represent and support company operations
Produce query results within specified Produce query results within specified performance levels
Enhance the company’s short-term operations
At the top management level
Enable strategic decision making and planning
Identify growth opportunities
Define and enforce organizational policies
Reduce costs and boost productivity
Provide feedback
INRODUCTION OF A DATABASE: SPECIAL CONSIDERATIONS
Technological aspect
Managerial aspect
Cultural aspect
EVOLUTION OF THE DATABASE ADMINISTRATION FUNCTION
Information systems (IS) department
Provides end users with data management support and solutions for information needs
Systems administrator
General coordinator of all DBAs
Database administrator
Responsible for control of the centralized and shared database
Data administrator (DA) or information resource manager (IRM)
Has a higher degree of responsibility and authority than the DBA
DBA's MANAGERIAL ROLE
Provide end-user support
Enforce policies, procedures, and standards for correct data creation, usage, and distribution within the database
Manage data security, privacy, and integrity
Manage data backup and recovery
Fully recover data in case of data loss
Database security officer (DSO): Ensures database security and integrity
Disaster management: Planning, organizing, and testing of database contingency plans and recovery procedures
Full backup or database dump: Produces a complete copy of the entire database
Incremental backup: Produces a backup of all data since the last backup date
Concurrent backup: Takes place while the user is working on the database
Manage data distribution and use
DBA's TECHNICAL ROLE
Evaluate, select, and install DBMS and related utilities
Design and implement databases and applications
Test and evaluate databases and applications
Operate the DBMS, utilities, and applications
Train and support users
Maintain the DBMS, utilities, and applications
DBA's ROLE IN THE CLOUD
Reduced role in installing and maintaining the DBMS as cloud services provide:
DBMS installation and updates
Server/network management
Backup and recovery operations
DATABASE ADMINISTRATION AND SECURITY
Security Goals
Confidentiality: Protecting data against unauthorized access
Compliance: Activities that meet data privacy and security reporting guidelines
Integrity: Keeping data consistent and free of errors or anomalies
Availability: Accessibility of data whenever required by authorized users and for authorized purposes
SECURITY POLICY
Collection of standards, policies, and procedures created to guarantee security
Ensures auditing and compliance
Security audit process
Identifies security vulnerabilities
Identifies measures to protect the system
Security Vulnerability
Weakness in a system component that could allow unauthorized access or cause service disruptions
Categories - Technical, managerial, cultural, and procedural
Security threat
: Imminent security violation
Security breach
: Occurs when a security threat is exploited and could lead to a database whose integrity is preserved or corrupted
Database Security
DBMS features and related measures that comply with the security requirements
Authorization management
: Procedures to protect database security and integrity
User access management
View definition
DBMS access control
DBMS usage monitoring
Audit log
: Automatically records description of database operations performed by all users
Data Dictionary
Types
Integrated - Included with the DBMS
Standalone - Third-party systems
Active data dictionary
: Automatically updated by the DBMS with every database access
Passive data dictionary
: Requires running a batch process
Main function - Store description of all objects that interact with the database
Data Dictionary or Information Resource Dictionary
Metadata is the basis for monitoring database use and for assigning access rights to users
DBA uses data dictionary to support data analysis and design
Computer-Aided Systems Engineering (CASE) Tools
Automated framework for the Systems Development Life Cycle (SDLC)
Use structured methodologies and powerful graphical interfaces
Front-end CASE tools
: Provide support for the planning, analysis, and design phases
Back-end CASE tools
: Provide support for the coding and implementation phases
Components of a CASE Tool
Graphics
Screen painters and report generators
Integrated repository
Analysis segment
Program documentation generator
Developing a Data Administration Strategy
Information engineering (IE): Translates strategic goals into data and applications
Information systems architecture (ISA): Helps plan, develop, and control future information systems
Critical success factors
Management commitment and defined standards
Thorough analysis of the company situation
End-user involvement, training, and a small pilot project