database security, integrity and recovery
DESCRIPTION
TRANSCRIPT
University of Sunderland CIFM06 DB Systems Development Session 7
Database Security, Integrityand Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
Database Security Database Security and Integrityand Integrity
• Definitions
• Threats to security
• Threats to integrity
• Resolution of Problems
University of Sunderland CIFM06 DB Systems Development Session 7
Database SecurityDatabase SecuritySECURITY
• Protecting the database from unauthorised users
• Ensures that users are allowed to do the things they are trying to do
University of Sunderland CIFM06 DB Systems Development Session 7
Database SecurityDatabase SecurityINTEGRITY
• Protecting the database from authorised users
• Ensures that what users are trying to do is correct
University of Sunderland CIFM06 DB Systems Development Session 7
Database SecurityDatabase SecurityTYPES OF SYSTEM FAILURES
1.HARDWAREDISK , CPU , NETWORK
2.SOFTWARESYSTEM, DATABASE, PROGRAM
University of Sunderland CIFM06 DB Systems Development Session 7
Database SecurityDatabase Security• Important security features include:
– Views– Authorisation & controls– User defined procedures– Encryption procedures
University of Sunderland CIFM06 DB Systems Development Session 7
Authorisation RulesAuthorisation Rules
An example: a person who can supply a particular password may be authorised to read any record, but cannot modify any of those records.
Authorisation Table for subjects i.e. Salesperson
Customer Records
Order Records
Read Y Y
Insert Y Y
Modify Y N
Delete N N
University of Sunderland CIFM06 DB Systems Development Session 7
Authorisation RulesAuthorisation Rules
Authorisation Table for Objects i.e. Order Records
Salesperson Order Entry Accounting
Password (Batman) (Joker) (Julie)
Read Y Y Y
Insert N Y N
Modify N Y Y
Delete N N Y
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity• CONSTRAINTS
Can be classed in 3 different ways:
1. Business constraints
2. Entity constraints
3. Referential constraints
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity• BUSINESS CONSTRAINTS
A value in one column may be constrained by value of another or by some calculation
or formulae.
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity
• ENTITY CONSTRAINTS
Individual columns of a table may be constrained e.g. not null
• REFERENTIAL CONSTRAINTS
Some times referred to as key constraints, e.g.
Table 2 depends on Table 1
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integritycreate table account_dets
(acc_id char(6) primary key,
acc_custid char(6) references customer(cust_id),
acc_odraft number(4) check (acc_odraft <= 200),
acc_type char(2) constraint type_chk
check (acc_type in (‘AB’, ‘CD’, ‘EF’)),
acc_crtdate date not null);
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity
• BENEFITS OF USING CONSTRAINTS– Guaranteed integrity and consistency
– Defined as part of table definition– Applies across all applications– Cannot be circumvented– Application development productivity– Requires no special programming– Easy to specify and maintain(reduced coding)– Defined once only
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase IntegrityCONCURRENCY CONTROL
• WHAT IS IT?
The co-ordination of simultaneous requests, for the same data, from multiple users
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity
CONCURRENCY CONTROL
• WHY IS IT IMPORTANT?
Simultaneous execution of transactions over a shared database may create several data integrity and consistency problems
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase IntegrityJanet Time John
1. Read balance (£1000)
1. Read Balance (£1000)
2. Withdraw £200 (£800)
Balance £800 2. Withdraw £300 (£700)
3. Write balance
Balance £800 3. Write Balance
Balance £700
ERROR
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase IntegrityThe three main integrity problems are:
– Lost updates– Uncommitted data– Inconsistent retrievals
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity• LOCKING
Two kinds of Locks:
1. Shared Locks (allows read only access)
2. Exclusive Locks (prevents reading of a
record)
University of Sunderland CIFM06 DB Systems Development Session 7
Database IntegrityDatabase Integrity
Time
User 1 User2
1. Lock record X
1. Lock record Y
2. Request record Y
2. Request Record X
(Wait for Y) (Wait for X)
DEADLOCK
University of Sunderland CIFM06 DB Systems Development Session 7
Database RecoveryDatabase Recovery
• The process of restoring the database to a correct state in the event of a failure, e.g.– System Crashes– Media Failures– Application Software Errors– Natural Physical Disasters– Carelessness– Sabotage
University of Sunderland CIFM06 DB Systems Development Session 7
Basic Recovery Facilities
• Backup Facilities
• Journaling Facilities
• Checkpoint facilities
• Recovery Facilities
Database RecoveryDatabase Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
TransactionsTransactions
• Basic unit of recovery• Properties of Transaction
– Atomicity– Consistency– Isolation– Durability
• Purpose of recovery manager is to enforce Atomicity and Durability
University of Sunderland CIFM06 DB Systems Development Session 7
Staff Salary Staff Salary Update ExampleUpdate Example
Read Operations:• Find address of the disk block that contains record with primary
key x• transfer block into a DB buffer in main memory• copy salary data from DB buffer into variable salary
Write Operations:• as steps 1 & 2 above• copy salary data from variable salary into the DB buffer• write DB buffer back to disk
University of Sunderland CIFM06 DB Systems Development Session 7
Storing DataStoring Data
Database
Buffer
Main Memory
Secondary Storage Commit
Buffer contents flushed to secondary storage ‘ permanent’
buffer full
University of Sunderland CIFM06 DB Systems Development Session 7
Database(State 1)
Database(State 2)
Database(State 3)
Database(State 4)
Update Trans1 Update Trans2 Update Trans3
Database(State 2)
DatabaseBackup
Database Update Database Update ProceduresProcedures
University of Sunderland CIFM06 DB Systems Development Session 7
• DBMS provides a mechanism for taking backup copies of the database and log file at regular intervals.– A dump or copy or backup file contains all or
part of the database– backups taken without having to stop the
system
Back-up FacilitiesBack-up Facilities
University of Sunderland CIFM06 DB Systems Development Session 7
REDO LOGS
This is the main logging file. The file contains two different types of logging records.
– AFTER IMAGES
– BEFORE IMAGES
Journal FacilitiesJournal Facilities
University of Sunderland CIFM06 DB Systems Development Session 7
REDO LOGS - AFTER IMAGES After any column of any row on any table in
the database is changed, then the new values are not only written to the database but also to the redo log. The complete row is written to the log. If a row is deleted then notification is also put on to the redo log. After images are used in roll forward recovery.
Journal FacilitiesJournal Facilities
University of Sunderland CIFM06 DB Systems Development Session 7
REDO LOGS - BEFORE IMAGES Before a row is updated the data is copied to
the redo log. It is not a simple copy from the database because a separate area of the database maintains the immediate pre-update version of each row updated in the database. The extra area is called the ROLLBACK SEGMENT. The redo log takes before image copies from the rollback segment in the database.
Journal FacilitiesJournal Facilities
University of Sunderland CIFM06 DB Systems Development Session 7
Sample Log FileSample Log File
Tid Time Operation Object Before Image
After Image
pPtr nPtr
T1 10:12 START 0 2
T1 10:13 UPDATE TENANT NO21
(old value) (new value) 1 8
T2 10:14 START 0 4
T2 10:16 INSERT TENANT NO37
(new value) 3 5
T2 10:17 DELETE TENANT NO9
(old value) 4 6
T2 10:17 UPDATE PROPERTY PG16
(old value) (new value) 5 9
T1 10:18 COMMIT 2 0
10:19 CHECKPOINT T2
University of Sunderland CIFM06 DB Systems Development Session 7
• Duplicate Databases
• Rollback Recovery
• Rollforward Recovery
• Reprocessing Transactions
Types of RecoveryTypes of Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
• Requires 2 copies of the database
Advantages
• Fast Recovery (seconds)
• Good for disk failures
Disadvantages
• No protection against power failure
• Expensive
Duplicate DatabasesDuplicate Databases
University of Sunderland CIFM06 DB Systems Development Session 7
• Changes made to the database are undone
• (Backward Recovery ) • Rollback enables the updating to be
undone to a predetermined point in the database processing that provides a consistent database state.
Rollback RecoveryRollback Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
Database(State 1)
Database(State 2)
Database(State 3)
Database(State 4)
Update Trans1 Update Trans2 Update Trans3
Database(State 2)
DatabaseBackup
Database Update Database Update ProceduresProcedures
University of Sunderland CIFM06 DB Systems Development Session 7
Database(with changes)
ROLLBACKDatabase(without changes)
Before Images
Rollback RecoveryRollback Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
• This recovery technique updates an out-of-date database up-to-the current processing position.
• If the data is inconsistent then the database may need to rollback to the previous consistent state.
Roll Forward RecoveryRoll Forward Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
Database(State 1)
Database(State 2)
Database(State 3)
Database(State 4)
Update Trans1 Update Trans2 Update Trans3
Database(State 2)
DatabaseBackup
Database Update Database Update ProceduresProcedures
University of Sunderland CIFM06 DB Systems Development Session 7
Database(withchanges)
ROLL FORWARD
Database(without changes)
After Images
Roll Forward RecoveryRoll Forward Recovery
University of Sunderland CIFM06 DB Systems Development Session 7
• Similar to Forward Recovery
• Uses update transactions instead of after images
ADVANTAGES
– Simple
DISADVANTAGES
– Slow
Reprocessing Reprocessing TransactionsTransactions
University of Sunderland CIFM06 DB Systems Development Session 7
Database(State 1)
Database(State 2)
Database(State 3)
Database(State 4)
Update Trans1 Update Trans2 Update Trans3
Database(State 2)
DatabaseBackup
Database Update Database Update ProceduresProcedures
University of Sunderland CIFM06 DB Systems Development Session 7
Problem Recovery Procedure
Storage MediumDestruction
*Duplicate DatabaseForward RecoveryReprocess Transactions
Transaction error orsystem failure
*Backward RecoveryForward Recovery or reprocesstransactions - bring forward tojust before termination
Incorrect Data *Backward RecoveryReprocess Transactions(exclusing those from the updatethat created incorrect data)
Database Recovery Database Recovery ProceduresProcedures
University of Sunderland CIFM06 DB Systems Development Session 7
SummarySummary
• This lecture has looked at security and recovery procedures
• Ensuring that these two are administered correctly cuts out the majority of problems with database administration
University of Sunderland CIFM06 DB Systems Development Session 7
Further ReadingFurther Reading
• Security– Connolly & Begg, chapter 19
• Concurrency Control– Connolly & Begg, chapter 20?
• Integrity and Recovery– Connolly & Begg, chapters 18 and 19?
• Next session– Advanced Relational Theory