Tuesday 18 April 2023 Dr. Mohamed Osman 1

What is Database Administration

A high level function (technical Function) that is responsible for

►physical DB design & ►dealing with technical issues such as

Database performance (integrity) Backup & recovery security

Dr. Mohamed Osman Hegaz 2

Database performance (integrity)

Tuesday 18 April 2023 Dr. Mohamed Osman 3

Integrity

Data integrity is to ensure that, as far as possible, the data in the database is accurate at all times

Integrity here refers to the CORRECTNESS & CONSISTENCY of the data stored in the database

Tuesday 18 April 2023 Dr. Mohamed Osman 4

Integrity of Data Sharing (1)

One of the objectives of the Database approach is that different users are allowed (forced) to share the same data.

This implies that DBMS must allow several users to access database at the same time.

This in turn can result in the problem of loss of updates if adequate concurrency control measures are not implemented ► Only a problem if some users are updating the database ► no problem if ALL users are reading only

Tuesday 18 April 2023 Dr. Mohamed Osman 5

Integrity of Data Sharing (2)Locking Mechanisms

Locking mechanisms are the most common type of concurrency control mechanism.

► Locks may be applied at various levels – Database - used mainly during backup of entire Database. Table- rarely used but useful if nearly every record in table is to be

updated e.g. giving each employee a 5% rise. Block or Page - lock on physical storage unit Record

► only the required record or row is locked ► most common type of lock & allows access to all other records.

Field► only required field is locked ► not common because of overheads required.

Tuesday 18 April 2023 Dr. Mohamed Osman 6

Integrity - CONSISTENCY

Implies that the data held in the tables of the database is consistent in terms of the Relational Data Model

► Entity integrity► Referential Integrity

Tuesday 18 April 2023 Dr. Mohamed Osman 7

Entity integrity► Each row in the table

Represents a single instance of the entity type modelled by the table

Has a UNIQUE and NON-NULL primary key value

► Each column in the table Represents the occurrences of a single attribute

type Has entries of the appropriate data type

Tuesday 18 April 2023 Dr. Mohamed Osman 8

Referential Integrity

► Concerned with relationships between tables in the database i.e. that the data in 1 table does not contradict the

data in another e.g. every FOREIGN KEY value in a table must

have a matching PRIMARY KEY value in the corresponding table

Tuesday 18 April 2023 Dr. Mohamed Osman 9

Data Validation integrity

► Database Management System (DBMS) provides features to help ensure data validation integrity Usually implemented using Database Constraints

► Specified in data dictionary table definition (Usually specified on creation of table)

Tuesday 18 April 2023 Dr. Mohamed Osman 10

Constraints► Column Constraints

e.g. Not Null Default

► Table Constraintse.g. Primary Key specifies that when a new row is inserted

the value of this column must be NOT NULL & UNIQUE

DBMS creates an INDEX on primary key columns Foreign Key specifies that when a new row is inserted

the value of this column MUST match VALUE of the corresponding PRIMARY KEY in the master table

Tuesday 18 April 2023 Dr. Mohamed Osman 11

Creating Tables► each column has a column-type indicating

the size of the column and the datatype of values that are acceptable

e.g Create Table Customer (

CustomerNo Varchar2(5) NOT NULL,

Name Varchar2(20) NOT NULL,

Address Varchar2(60) NOT NULL,

TelNo Varchar2(15) NOT NULL,

Email Varchar2(30),

Constraint Customer_pk

Primary Key (CustomerNo))

Dr. Mohamed Osman Hegaz 12

Recovery

Tuesday 18 April 2023 Dr. Mohamed Osman 13

Recovery► Database Recovery

name given to the set of procedures used to restore the data in the database quickly & accurately

to some previous known correct position after loss or damage

► Reasons for loss or damage: could be one of/combination of –

► human error► hardware failure► incorrect/invalid data► software errors► virus► other disasters

Tuesday 18 April 2023 Dr. Mohamed Osman 14

Recovery :Basic Recovery Facilities► DBMS should provide 4 basic facilities for backup &

recovery of data in database -

1.  Backup facilities provide periodic backup copies of some or all of the

database

2. Journal facilities to maintain an audit trail of transactions & DB change

3. Checkpoint facility DBMS temporarily suspends all processing &

synchronises files/journals

4. Recovery Manager allows DBMS to restore the DB to a correct condition &

restart processing transactions

Dr. Mohamed Osman Hegaz 15

Database Security

Database SecurityThreats to databases

- Loss of integrity- Loss of availability- Loss of confidentiality

To protect databases against these types of threats four kinds of countermeasures can be implemented :

► access control. ► inference control (controlling the access to a statistical

database)- statistical queries► flow control (prevents information from flowing in such a

way that it reaches unauthorized users)► encryption.

Access control Examples

GRANT CREATE TABLE TO A1;

GRANT INSERT, DELETE ON EMPLOYEE, DEPARTMENT TO A2;

GRANT SELECT ON EMPLOYEE, DEPARTMENT TO A3 WITH GRANT OPTION;

REVOKE SELECT ON EMPLOYEE FROM A3;

Inference control (Statistical Database Security)

► Statistical databases are used mainly to produce statistics on various populations.

► The database may contain confidential data on individuals, which should be protected from user access.

► Users are permitted to retrieve statistical information on the populations, such as averages, sums, counts, maximums, minimums, and standard deviations.

► Statistical queries involve applying statistical functions to a population of tuples.

► It is DBMS’s responsibility to ensure confidentiality of information about individuals, while still providing useful statistical summaries of data about those individuals to users.

Flow Control► Flow control regulates the distribution or flow of information

among accessible objects. A flow between object X and object Y occurs when a program reads values from X and writes values into Y.

► Flow controls check that information contained in some objects does not flow explicitly or implicitly into less protected objects.

► A flow policy specifies the channels along which information is allowed to move. The simplest flow policy specifies just two classes of information: confidential (C) and nonconfidential (N), and allows all flows except those from class C to class N.

► A covert channel allows information to pass from a higher classification level to a lower classification level through improper means.

Encryption► Encryption is a means of maintaining secure data in an

insecure environment.► Encryption consists of applying an encryption algorithm to

data using some prespecified encryption key. the resulting data has to be decrypted using a decryption

key to recover the original data.► The Data Encryption Standard (DES) is a system developed

by the U.S. government for use by the general public. It has been widely accepted as a cryptographic standard both in the United States and abroad.

► DES can provide end-to-end encryption on the channel between the sender A and receiver B

► Public key algorithms are based on mathematical functions rather than operations on bit patterns.