University of Manitoba Asper School of Business 3500 DBMS Bob Travica Chapter 10 DB System Administration Based on G. Post, DBMS: Designing & Building Business Applications Updated 2014 D B S Y S T E M S Outline  Data Administrator/Analyst (DA)  Database Administrator (DBA)  DBA’s duties  DB system backup & recovery  DB system security 2 of 22 D B Data Administration  Data make a valuable asset. S Y S T E M S  Data are used at many business levels  There are many databases and database systems in an organization.  Responsibility for managing data Data Administrator (DA) or Data Analyst TPS=Transaction Processing Sys. MIS=Management Info. Sys. DSS=Decisions Support Sys. EIS=Executive Info. Sys. 3 of 21 D B S Y S T E M S Data Administration/Administrator (DA)  DA (sometimes called data architect or even business analyst) is a type of professional that resides in the IS function or in a unit interfacing with the IS function.  Focus on informing in function of business, users (reports, output forms, queries) rather than IT  Data definition and integration (e.g., Customer entity in CRM systems cutting across Sales, Marketing, R+D…).  Decision support.  Ideas for system design, involvement in system development.  Data governance and security. 4 of 21 D B Database Administrator (DBA)  DBA is focused on technology. S Y S T E M S  1. DBA actively participates in DB system life cycle (plan, develop, install, manage, upgrade…).  2. DBA manages DB system:  2.1 Users: Creating user accounts, assigning use privileges  2.2 System performance: Monitoring and tuning  2.3 Backup & recovery: Supervising backups & system restoration after crashes  2.4 Security: Monitoring 5 of 21 D B DBA: (1) System Planning & Design  Estimation & Design (logical, physical) S Y S T E M S  Data storage requirements, forms & reports needed (costs of development), hardware needs, matching organizational needs with DBMS products  Time, labor & cost to develop  Data modeling – coordinates with Data Analyst in the domain of logical design (e.g., class diagrams, user interface). Also DA and DBA cooperate on schemas.  In charge of physical design (types of files, access structures, DBMS product, hardware) 6 of 21 D B DBA: System Development & Implementation  Defining technology standards: S Y S T E M S  Programming standards.  Layout and techniques.  Variable & object definition.  User interface.  System testing techniques.  Loading databases.  Backup and recovery plans.  User and operator training. 7 of 21 D B S Y S T E M S DBA: System Upgrade  Determines need for change  Size and speed of the DB system  Usage patterns  System output:  Additional reports & queries (coop. with DA and business analysts)  Forecasting needs 8 of 21 D B DBA: (2.1) Users’ Access  Controls based via: S Y S T E M S  1. Operating system  Access to directories  Access to files  Assigned to individuals or groups.  2. DBMS functions (Read, write, modify… data; Administer system)  9 of 21 D B S Y S T E M S SQL Security Commands  GRANT privileges  REVOKE privileges  Privileges include     SELECT DELETE INSERT UPDATE  Objects include  Table  Table columns (SQL 92+)  Query GRANT INSERT ON Bicycle TO OrderClerks REVOKE DELETE ON Customer FROM Assemblers  Users include  Name/Group  PUBLIC 10 of 21 D B DBA: User Identification  User identification S Y S T E M S  Accounts  Individual  Alternative identification  Finger & hand print readers  Voice…  Groups  Passwords  Disposable passwords 11 of 21 D B DBA: (2.2) System Performance: Performance Monitors S Y S T E M S 12 of 22 D B SQL Server Query Analyzer S Y S T E M S 13 of 22 D B DBA: (2.3) Database Backup  Backups are crucial! Full  Offsite storage needed S Y S T E M S  Types of backup  Full – in longer intervals (e.g., once a week); a copy of all tables made  Partial (Differential) – in shorter intervals; just new data are copied;  Alternative (not shown): No partial backups but changes made in Op DB after the last backup copied directly into Bkp DB. Backup Manager Copies Entire OpDB Operational Database (Op DB) Backup Database (Bkp DB) Partial (part of DBMS) time 1: copies new data from Op DB time 2: copies new data from Op DB Partial backup Partial backup time 3: copies last partial backup to BkP DB Bkp DB 14 of 21 D B S Y S T E M S DBA: 2.3 Database Recovery  Recovery needed if problems with software, hardware, incorrect user input, viruses, natural causes  Recovery = getting databases to correct state (previous example of transferring $ from savings to checking account)  Key facilities:  Recovery Manager (part of DBMS)  Transactions log file  ROLLBACK procedure  Alternative: User works with operational DB, and TL engaged only if former fails. Transaction Log (TL) (managed by Backup Manager) Transactions … copied to Savepoint Operational database Transaction recovers unfinished uses System Recovery crash! Manager uses Backup databases 15 of 22 D B S Y S T E M S Transaction Log (TL) Transaction ID Pointer to previous Transaction TL record Log ID Pointer to next TL record Table Database task Key Attribute Old value New value Checkpoint (Savepoint) is when results of all new transactions are stored permanently (e.g., in Op DB). COMMIT saves data in TL. Just the first transaction is saved permanently. Recovery Mgr rolls back to Checkpoint and runs steps/transactions that haven’t been saved after it. 16 of 22 D B DBA: (2.4) Database Security  Physical security S Y S T E M S  Protecting hardware  Protecting software and data.  Logical security  Unauthorized disclosure  Unauthorized modification  Unauthorized withholding  Security Threats      Employees (!) Programmers Visitors Consultants Business partnerships  Strategic sharing  EDI (Electronic Data Interchange & other interorg. networks)  Hackers (Internet) 17 of 21 D B S Y S T E M S Data Privacy • A security issue • Who owns data? (a governance issue) • Customer rights • International issues (e.g., strict privacy regulations in West Europe; Canada stricter than the US) 18 of 22 D B S Y S T E M S Physical Security  Hardware-related  Preventing problems (fire, water…)  Hardware backup facilities (“Hot sites” etc.)  Telecommunication systems for backup  Data and software  Backups, Off-site backups (!)  Disaster planning  Plans, training & testing  Personal computers challenge (use file servers for backup) 19 of 21 D B Managerial Controls  Insiders S Y S T E M S  Employee selection & Job termination  Monitoring suspicious behavior  Job segmentation (who can do what with data*) Physical & Logical access limitations  Outsiders  Physical access limitations  “Shadowing” 20 of 21 D B S Y S T E M S Logical Security  1. Unauthorized disclosure (e.g., letting a competitor see the strategic marketing plans)  2. Unauthorized modification (e.g., letting employees change their salary figures)  3. Unauthorized withholding (e.g., preventing a finance officer from retrieving data needed to get a bank loan) 21 of 21