Lecture 9: Database Administration & Security

Database Systems

J Mwaura

Data as a Corporate Asset

In today's information-driven environment, data is a valuable asset that requires careful management

Data is a valuable resource that can translate into information

  • If the information is accurate and timely, it can enhance the company's competitive position and generate wealth
  • In effect, an organization is subject to a data-information-decision cycle

Security - activities and measures to ensure the confidentiality, integrity, and availability of an information system and its main asset, data

Privacy - the rights of individuals and organizations to determine access to data about themselves

Data Information Decision Cycle

data-modals

Database Administration

Database administrator (DBA)

  • The person responsible for planning, organizing, controlling, and monitoring the centralized and shared corporate database

DBA function;

  • Database planning; definition of standards, procedures, & enforcement
  • Database requirements gathering and conceptual design
  • Database logical and transaction design
  • Database physical design and implementation
  • Database testing and debugging
  • Database operations and maintenance, including installation, conversion, and migration
  • Database training and support
  • Data quality monitoring and management

DBA Functional Organisation

data-modals

System Administration

Systems administrator

  • The person responsible for coordinating and performing day-to-day data-processing activities
  • General coordinator of all DBAs

Data administrator (DA) or information resource manager (IRM)

  • The person responsible for managing the entire data resource, whether it is computerized or not
  • The DA has broader authority and responsibility than the database administrator (DBA)

Multiple Database Administrators in an Organisation

data-modals

Database Environment's Human Component

DBA activities

data-modals

DBA's Managerial Role

data-modals

Policies

  • All users must have passwords & passwords must be changed every six months

Standards

  • A password must have a min. of 5 & max. of 12 characters
  • NSSF numbers, birth dates cannot be used as passwords

Procedures

  • Written instructions that describe a series of steps to be followed during the performance of a given activity

Database Environment's Human Component

Database security officer (DSO)

  • The person responsible for the security, integrity, backup, and recovery of the database

Disaster management

  • The set of DBA activities dedicated to securing data availability following a physical disaster or a database integrity failure

Security

Database security

  • refers to DBMS features and other related measures that comply with the organization’s security requirements

Information system security

  • refers to activities and measures that ensure the confidentiality, integrity, and availability of an information system and its main asset, data

Security goals;

  • Confidentiality - ensuring that data is protected against unauthorized access
  • Compliance - activities that meet data privacy and security reporting guidelines or requirements
  • Integrity - refers to keeping data consistent and free of errors or anomalies

Security Vulnerabilities

Security vulnerability is a weakness in a system component that could be exploited to allow unauthorized access or cause service disruptions

Categories;

  • Technical - An example would be a flaw in the operating system or web browser
  • Managerial - For example, an organization might not educate users about critical security issues
  • Cultural - Users might hide passwords under their keyboards or forget to shred confidential reports
  • Procedural - Company procedures might not require complex passwords or the checking of user IDs

Database Administration Tools

The administration tools cover the entire spectrum of data administration tasks, from selection to inception, deployment, migration, and day-to-day operations

Administration tools

  • Database monitoring
  • Database load testing
  • Database performance tuning
  • SQL code optimization
  • Database bottleneck identification and remediation
  • Database modeling and design
  • Database data extraction, transformation, and loading

End of Lecture 9

Database Systems

That's it!

Queries about this Lesson, please send them to: jmwaura@jkuat.ac.ke

*References*

  • Database Systems: Design, Implementation, and Management, 12th ed. Carlos Coronel & Steven Morris
  • Database Modeling and Design; Logical Design, 5th ed. Taby Teorey et.al
  • Fundamentals of database systems, 6th ed. Ramez Elmasri & Shamkant B. Navathe
Courtesy of
Database Systems