Professional Documents
Culture Documents
problems
Information Systems
Security violations and attacks are increasing globally at an ➢ Is capable of performing "What-if?" analysis
annual average rate of 20%. ➢ Contains a collection of business models
Database security degree to which data is fully protected ➢ Is used for tactical management tasks
from tampering
Typical Application System
Information system comprised of components working ➢ Executive expert systems (ESSs) are a type of
together
expert system used by top-level management for
strategic management goals
➢ A branch of artificial intelligence within the field of
computer science studies
➢ Software consists of:
• Knowledge base
• Inference engine
• Rules
• Domain experts
• Knowledge engineers
Transaction processing system (TPS) - Also known as
online transaction processing (OLTP) • Power users
Typical Application System
➢ Used for operational tasks
❖ Virtual university simulation
➢ Provides solutions for structured problems
❖ Financial enterprise
➢ Includes business transactions
❖ Statistical trading
➢ Logical component of TPS applications (derived
❖ Loan expert
from business procedures, business rules, and
policies) ❖ Market analysis
Typical Application System
• Order tracking
Information system components include:
• Customer service
• Data
• Payroll
• Procedures
• Accounting
• Hardware
• Student registration
• Software
• Car sales
• Network
• People
Data Management
• Each level has its own security measures Systems determines what a user can do with the
information
• Usually based on degree of confidentiality necessary
Reasons for a system to become unavailable:
to protect information
• External attacks and lack of system protection •
Components include:
• Detection equipments
• Security programs
• Monitoring equipment
Menaces to Database
Reducing access point size reduces security risks ✓
Security vulnerability: a weakness in any information
Security gaps: points at which security is missing system component
✓ Vulnerabilities: kinks in the system that can become Security threat: a security violation or attack that can
threats happen any time because of security vulnerability.
✓ Threat: security risk that can become a system Security risk: a known security gap left open.
breach Assets Types and Their Values
▪ Password policy
WHAT IS SQL TRIGGER? CREATE TRIGGER total_mark
Triggers are the SQL codes that are automatically executed after insert
in response to certain events on a particular.
ON student
SYNTAX OF TRIGGER
FOR EACH ROW
values(new.marks);
ADVANTAGES OF TRIGGERS
DROP - a command to remove a trigger from the • Triggers check the integrity data
❖ OVERHEAD
DISPLAY
• Triggers may increase the overhead of the
SHOW command to display triggers from the
database
database • SYNTAX:
❖ VALIDATION
IN database_name;
• Triggers can only provide extended validation
• EXAMPLE:
i.e. not all kind of validation
SHOW TRIGGERS ❖ TROUBLESHOOTING
IN employee;
• Triggers can be difficult to troubleshoot
because they execute automatically in the
database
INSERT
Before Insert Triggers are used to update or validate Differences between SQL procedures, triggers and
record values before they’re saved to the database functions:
• SYNTAX: ✓ Purpose
ON employee ✓ Scope
• STRING Function
After Insert Triggers are used to access field values that
• Aggregate Function
are set by the system and to effect change in other records
• Date Function
• SYNTAX:
• Time Function • Max()
➢ ASCII(): This function is used to find the ASCII value Database administration refers to the whole set of
activities performed by a database administrator
of a character.
Syntax: SELECT ascii('t');
Output: 116
Responsibilities of Database Administration
➢ CHAR_LENGTH(): This function is used to find the
• Policy Formulation and Implementation
length of a word.
Syntax: SELECT char_length('Hello!'); • Data Dictionary Management
Output: 6
• Training
➢ CHARACTER_LENGTH(): This function is used to find • DBMS Support
the length of a line.
Syntax: SELECT CHARACTER_LENGTH('ANKIT • Database Design
DUBEY');
Output: 11
Policy Formulation and Implementation
➢ CONCAT(): This function is used to add two words
Access Privileges
or strings.
Syntax: SELECT 'Ankit' || ' ' || 'Dubey' FROM dual;
Output: ‘AnkitDubey’ ➢ Users should access the database only in ways in
which they are entitled
➢ LCASE(): This function is used to convert the given Security
string into lower case.
Syntax: LCASE ("ANKIT DUBEY"); ➢ Access restrictions ensure that the database is
Output: Ankit dubey secure.
➢ Passwords, encryption, and views implement
➢ LEFT(): This function is used to SELECT a sub string
security.
from the left of given size or characters.
Syntax: SELECT LEFT('Ankit S. Dubey', 5); ➢ Effective password protection is critical.
Output: Ankit Databases can be harmed from hardware and software
malfunctions
➢ LENGTH(): This function is used to find the length of Archive is a place where corporate data is kept.
a word.
Syntax: LENGTH('AnkitDubey');
Output: 10
Additional Responsibilities of DBA
Training
Aggregate function - a function where the values of
multiple rows are grouped together as input ➢ DBA gives training on the DBMS and how to access
the database
Various Aggregate Functions Are:
DBMS Support
• Count()
➢ The DBA is charged with all aspects of a DBMS,
• Sum()
including selection and management
• Avg()
Database Design
• Min()
ALTER TABLE <tablename>
➢ DBA is responsible for tuning the design and making
changes that improve system performance ADD <position varchar(30)> after <deptno>;
DROP <columnname>
DBA Responsibilities
• Database Security
Change a column definition:
• Database Tuning
ALTER TABLE <tablename>
• Backup and Recovery
CHANGE <oldname>
• Producing Reports from Queries
<newcolumndefinition> Example:
Types of DBA ALTER TABLE tblemp
Dropping an Index:
• Data Architect
- Designs schemas, builds tables indexes, data ALTER TABLE <table_name> DROP INDEX <index_name>
structures and relationships.
- This role works to build a structure that meets a Example:
general business needs, in a particular area.
ALTER TABLE tblemp DROP INDEX enameidx;
Creating Databases and Tables in MYSQL
Deleting Records of a table: TRUNCATE <tablename> Example:
CREATE DATABASE <database name>
TRUNICATE tblemp;
▪ (to verify -> SHOW DATABASES)
▪ To select a database -> USE <databasename>
Dropping a table:
CREATE TABLE <tablename> (
DROP TABLE <tablename> Example:
Id int(5) unsigned auto_increment primary key, Ename
varchar(50) not null, DROP TABLE tblemp;
);
Databases result-file
Using the mysqldump tool to make a backup of all databases • Virtual User:
To make a backup of all databases in a MySQL Server, you use the –all- - a user who is not defined in the MySQL
database option: system but can be authenticated by an
external system, such as an LDAP server.
Example:
- has a unique username and password that is - This type of user often has a limited set of
used to authenticate and authorize access to permissions that are specific to the needs
specific resources, such as databases, tables, of the application.
and stored procedures.
Profile is a set of predefined settings that can be applied to ● Special network access requirements or restrictions
a user account to control certain aspects of the user's
behavior and access to resources. ● Restrictions on the use of particular SQL statements
or query types
Profiles can be used to limit the amount of resources a
user can consume, such as CPU time and memory, or to
enforce certain password policies, such as password
We can use MySQL profiles to configure other user
complexity requirements and expiration dates.
specific settings, such as:
User accounts are created for individual users and are used Grant previlages:
to authenticate and authorize them for accessing the
database. - GRANT ALL PRIVILEGES ON my_database. *
TO ‘my_user'@'localhost ' ;
User accounts have permissions and privileges to perform
specific operations in the database. Check where the user is:
User accounts have a unique username and password to - SELECT USER(), CURRENT_USER();
authenticate to the database.
DELETING profiles:
Syntaxes:
- DROP PROFILE my_profile;
Creating database:
Creating a user account:
- Create Database database_name;
- CREATE USER ‘username’@’localhost’
Create new User: IDENTIFIED BY ‘password’;
Creating a profile:
- CREATE PROFILE ‘profile_name’ LIMIT
Assigning a profile to user account:
Password is a secret code that is used to authenticate and authorize access to a user account or resource.
Password is encrypted and stored as a hash value, which is a one-way mathematical function that transforms the password
string into a fixed-length sequence of characters.
In MySQL Server, there are several types of passwords that can be used to authenticate user accounts:
- These are the simplest type of passwords and involve storing the password as
plaintext in the database.
Ex. Password 123
Hashed Passwords:
Salted Passwords:
- In this method, the password is encrypted using a secret key or passphrase before
being stored in the database.
Two main steps in controlling access to data
Authentication
Authentication can be verified a few times and at different levels during a single logon attempt
- Database level,
- Third-party support
Authorization
Authorization works through settings that are implemented and maintained by the organization
Authorization - in MySQL refers to the process of granting or denying specific privileges to users or roles, determining what
data they can access or modify within the database.
▪ Complexity
▪ Failed attempts
▪ Expired passwords
▪ Password reuse
▪ Password discretion
▪ Password sharing
▪ Password storage
types of Prvileges
System privileges: These are the rights and permissions
that allow a user or role to perform certain actions or
operations on the database as a whole.
Enhancing Security
Facilitating Compliance
procedures
db_securityadmin Members of the
processadmin A process administrator account that db_securityadmin role can
manage roles and object
holds the right to manage the
permissions
processes running in SQL Server
db_backupoperator Members of the
db_backupoperator role hold the
right to back up the database and
force checkpoints