ITEC- CH4 auditing database systems
Query
Ad hoc access methodology for extracting information from a database
4 needed backup and recovery features
Backup- periodic backup of entire database stored in a remote location Transaction log- provides audit trail of all processed transactions Checkpoint- suspends all processing while system reconciled transaction log and database change log against database Recovery module- uses logs and backup files to restart the system after a failure
Data structures
Bricks and mortar of database Two components- organization and access methods
Database usage reporting
Captures statistics on database usage (who, when, etc.).
Replicated database
Common data replicated at each site (problem is maintains current versions of database at each site)
Backup and recovery
Copies made during processing
Data Manipulation Language (DML)
DML is the proprietary programming language that a particular DBMS used to retrieve, process, store data to/ from database
data redundancy which causes problems with
Data storage- data duplicated multiple times Data updating- changed must be made separately for each user (currency of information) Task- data dependency- users cannot obtain additional information as needs change
Access to the data resource is controlled by a
Database management system- centralizes orgs data into a common data base, eliminates data storage, data updating, and task-data dependency problem
Attributes
Defines entities with values that vary (each employee has a different name)
Conceptual view/ logical view (schema)
Describes the entire database logically and abstractly rather than physically. Only one conceptual view.
Hierarchical model (earliest) / navigational database
Each set contains a parent and a child Files at same level with the same parent are siblings Tree structure- with highest level in the tree being the root segment and lowest file being the leaf
Backup controls
Enables the company to recover its data if a disaster occurs
One -to many- record type
For every record type x- there are many occurrences of record type y Customer record , sales order record
One to one record type
For every record type x- there is one record type y Employee record- year to data earnings
Many-to many association
Inventory record to vendor record
Flat file approach
Large, older legacy systems still in use today Promotes a single- user view approach where end users own rather than share data files
Physical data base is at what level
Lowest level- only in physical form
Deadlock Phenomenon
Occurs when multiple sites lock each other out of the database preventing each from processing its transactions (permanent condition must be solved with special software)
Internal view/ Physical database view
Physical arrangement of records in the database
Record type
Physical database representation of an entity
External view/ User view (subschema)
Portion of database each user views. May be many distinct users.
Relational model
Portrays data in two- dimensional tables with attributes across the top performing columns Intersecting columns to form rows are tuples
Concurrency control
Presence of complete and accurate data at all user sites,
Data Encryption
Protect sensitive data
Occurrence
Related to number of records of represented by a particular record type
Database
Set of record types that an organization needs to support its business processes
Data Definition Language (DDL)
Used to define the database to the DBMS on three levels
Partitioned database advantages
Users control increased Improved transaction processing response time Volume of transmitted data Between IT units reduced Reduces potential data loss from a disaster
User-defined procedures
allow user to create a personal security program or routine to provide identification
Partitioned database
database approach that splits the central database into segments or partitions that are distributed to their primary users Works best for orgs that require minimal data sharing among units
user view (subschema)
defines how a user sees the portion of the database user is authorized to access
Access controls
designed to protect systems from unauthorized access in order to preserve data integrity
Biometric devices
fingerprints, retina prints, or signature characteristics
Database lockout
prevents two applications or users from updating the same file at the same time
Inference controls
should prevent users from inferring, through query options, specific data values they are unauthorized to access
Database Authorization Table
table containing rules that limit the actions a user can take
Entity
Anything organization wants to capture data about
Program development
Applications may be created by programmers and end users