Civil Articles
Database Security – Database Monitoring
A database is a collection of records or data that is stored in a computer system. For a database to be functional, it must not only store large amounts of records well, but be accessed easily. Moreover new information and changes should also be fairly easy to input. In order to have a highly efficient database system, you need to incorporate a program that manages the queries and information stored on the system. This is referred to as DBMS or a Database Management System. Besides these features, all databases that are created should be built with high data integrity and the ability to recover data if hardware fails.
Here are just a few of the actions that you can perform on a database that would be difficult if not impossible to perform on a spreadsheet.
- Retrieve all records that match certain criteria
- Update record in bulk
- Cross-reference records in different tables
- Perform complex aggregate calculations.
Types of Databases
There are several common types of databases; each type of database has its own data model or structure. They are
Flat Model: This is a two dimensional array of data
Hierarchical Model: The hierarchical model database resembles a tree like structure
Network Model: This is that a record is stored with a link to other records
Relational Model: The relational model is the most popular type of database and an extremely powerful tool, not only to store information, but to access it as well. Relational databases are organized as tables. The beauty of a table is that the information can be accessed or added without reorganizing the tables
Relational databases use a program interface called SQL or Standard Query Language.
Organizing / Storing a Database
Database normalization is the process of organizing data into distinct and unique sets.
The purposes of normalization are to:
* Reduce or eliminate storage of duplicate data
* Organize data into an efficient and logical structure
The process of normalization involves determining what data should be stored in each database table. The process of normalization involves working through well-defined steps, called normal forms.
Databases can be less than 1 MB or extremely large and complicated that can be terabytes, however all databases are usually stored and located on hard disk or other types of storage devices and are accessed via computer.
Accessing Information Using a Database
While storing data is a great feature of databases, for many database users the most important feature is quick and simple retrieval of information. In a relational database, it is extremely easy to pull up information regarding an employee, but relational databases also add the power of running queries. Queries are requests to pull specific types of information and either show them in their natural state or create a report using the data.
Securing a Database
Obviously, many databases store confidential and important information that should not be easily accessed by just anyone. Many databases require passwords and other security features in order to access the information. While some databases can be accessed via the Internet through a network, other databases are closed systems and can only be accessed on site. Securing the database has become simpler. A few straightforward steps can vastly improve security, usually by locking out all users except applications and DBAs.
But even that restriction doesn’t completely protect your data. One of the primary security breaches organizations experience today takes place via applications that connect to databases. Applications don’t use native database security. Instead, they access the database as a “super user” and, therefore, could represent a risk to data security.
Some of the most common examples of exploiting this risk is known as SQL injection Database Worms, Denial of Service, Buffer overflow.
SQL injection isn’t a direct attack on the database. Instead, it takes advantage of the way many Web applications that access databases are developed. SQL Injection attempts to modify the parameters passed to a Web application via a Web form to change the resulting SQL statements that are passed to the database and compromise its security. If successful, an attacker can hijack the database server and be granted the same permissions to add, drop, and change users that the application has. From that point, the database is fully exposed.
Unfortunately, the practice of SQL injection is easy to learn. Fortunately, with a little forethought, you can prevent it. The simplest way to find out if you’re vulnerable to an SQL-injection attack is to enter a single quote into each field on each form in your applications and verify the results. Some applications will return a message claiming a syntax error. Some applications will catch the error and not report anything. In both of these cases, your site has some protection from SQL injection, but don’t assume it’s secure. You can only validate your level of protection by going to the application’s source code
The Future of Security
A new security trend is to provide multiple layers of security within a computing environment. These layers can include multiple firewalls between the Internet and the organization and even firewalls within an organization to protect high-value assets.
No Better Time
Security considerations go far beyond the database. But the database should be one of the most protected elements of any business environment; after all, it usually holds the most valuable and mission-critical knowledge. With a few simple tasks, you can reduce security risk to a reasonable level. You can start by reading more: network white papers.
Gain vital info about the topic of internet marketing – please make sure to go through this publication. The time has come when proper information is truly only one click away, use this possibility.
Tags: database
Posted in SQL Server · December 20th, 2009 · Comments (0)
Database Administration with SQL Server – Database Monitoring
A SQL (Structured Query Language) server is a complete system designed for the purpose of database management, development and administration. With the help of the SQL server software, users are able to create and handle large relational or structural databases and develop applications that increase the effectiveness of their business.
Microsoft SQL Server has always been the best database platform. It provides secure storage and when it comes to working with large databases no other product can be compared with SQL server. It is also very closely related to Visual Studio and The office suite, so it’s perfect for both database administrators and people who work with smaller and simpler databases
SQL servers have a large number of powerful tools that facilitate database maintenance, and administration. Among the most important ones are the Enterprise Manager, the Service Manager and the Query analyzer.
The Enterprise Manager allows its user to manage all the SQL server installations on a network and control all the databases from it. The Service Manager is responsible for controlling the processes and services of an SQL server Finally, the Query analyzer processes all the queries against any of the SQL databases.
The first version of Microsoft SQL server was released in 1993, the same time Windows NT 3.1 came out on the market, and after a few years, Microsoft SQL server 2000 was released. Compared to its previous versions, SQL server 2000 brings a lot of improvements and interesting new features, like XML support, functions that can be defined by the users themselves, indexed views and new data types. Also, some of the features that existed in the previous versions were enhanced in Microsoft SQL server 2000. Among the features that were enhanced you can find the full text search feature, the DBCC and. the backup and restore processes.
The last version of Microsoft SQL server was released in 2005 and it was, of course, called Microsoft SQL server 2005. This version is quite faster than SQL server 2000 and in the five years that passed since the first one was released a lot of new improvements and enhancements have been done. SQL server 2005 is not only a database administration tool, it also contains Messaging technologies, OLAP and Server integration services. It has a large variety of management tools integrated also and its security and database encryption systems have been seriously improved.
T-Sql has been implemented in order to handle errors better and the XML integration has gone deeper, now allowing XML to be stored in databases.
The new features of SQL 2005 are too many to enumerate, so we’ll just take a look at a few of the most important ones:
Database mirroring – if a database fails, the application connects to another database from a secondary server, and transfer isn’t interrupted Snapshots – if loss of data occurs or someone just made a mistake and modified some important data everything can be recovered because SQL server periodically takes ’snapshots’ of the database and uses them to restore the data Support for 64 bit processors Business Intelligence features built into SQL Server Analysis Services and Reporting Services Significant security upgrades Enhanced encryption capabilities .NET CLR, and Visual Studio integration
..and many more other useful features
SQL server 2000 and SQL server 2005 are the best and the most complex database management tools on the market, and they can do much more than just managing and administrating databases, so they are the best choice if your company needs database administration and maintenance.
A good source for more information on how to install, customize, and make the most use of a SQL Server implementation, visit the Microsoft practice section of www.unitekconsulting.com.
About the Author:
Shannon Margolis
IT Marketing Coordinator
www.unitekconsulting.com
View their website at: http://www.unitekconsulting.com
For useful knowledge about the topic of internet marketing – please make sure to study the webpage. The time has come when concise info is truly only one click away, use this possibility.
Tags: database
Posted in Mysql · December 16th, 2009 · Comments (0)