Database Management Issues - Report Example

Report on Database Management Issues Student name Affiliate institution Professor Date Introduction With the advent of information communication technology companies have adopted this technology and integrated it in its day to day running of its operations. In the twenty first century information assets are what distinguishesvarious companies today (Bertino& Sandhu 2005). Companies capture and store a number of information in their database which includes their strategic plan, business secret, customer details, supplier details, financial data among other sensitive information that require security to prevent the risk of information landing on the hands of unauthorized persons.In order to guarantee protection of these information fromexternal and internal attacks and misuse, business institutions need to execute controls as close tothis information as possible. This therefore require that the security measure be instituted at the database level (Cook &Gannholm 2004). Database management systems are an integrate software system that assist in management optimization of database in the datacenter. Database performance is another critical area that organizations using ICT in its day to day operation need to take into consideration as database performance problems can cause application slow-downs or failures. Consequently causing the organization to lose revenues, lose customers or fail to meet its goals in other ways (Chen 2000). By securing data at the lower layer, we are in a position to centrally manage sensitive business information. In this report the author examine the security and performance issues in a database. Security issues Depending on the size of the organization and its information use, databases can be extremely complex, database administrators need to focus on all the aspect of the database to ensure that its secure. The database administrator should not overlook one aspect of the databases security aspect. For instance emphasizing on system availability and ignore configuration issues which might exposes confidential data. The four basic security issues that should be considered to guarantee security of the database include: Authentication Access controls Secure configuration Auditing a) Authentication The first stage to database access is the authentication of the users. For our case study using oracle database and also other database management system with default account users with default passwords may pose a risk to the database. In the latest Oracle databases default passwords have an expiry period and if care is not taken users might be locked out from accessing the database. By querying SQL> SELECT * FROM dba_users_with_defpwd one might be able to check all the default accounts. To further secure the database the password settings should be enabled to ensure that the any new password that is created is strong and meet a given password criteria. The script can be edited b) Access control To ensure that the database is properly secured, verification of access controls is crucial. Access controls ensures that once a user has been authenticated he should only get access to the data that is useful and necessary for him/her to carry on with day to day activities. At this stage the users are granted various privileges depending on the position and data he users in the business organization. Oracle has a PUBLIC access settings which grant more privileges to the users by default. All Public access setting should be edited and granted specific privileges. The following queries play a key role in identifying the privileges assigned to users. SQL> SELECT * FROM dba_sys_privs; SQL> SELECT * FROM dba_role_privs; SQL> SELECT * FROM dba_col_privs; SQL> SELECT * FROM dba_tab_privs; Furthermore, separation of duties and production environment is also crucial in instituting security measures. c) Secure configuration In oracle database for instance listeners are responsible for external interconnection to the database. During installation the database administrator should ensure that secure configuration are done. Some of the parameters that pose a high risk should be supplied with configurations that are secure. Some of the parameters may include the following: AUDIT_SYS_OPERATIONS (Should be set to TRUE.) AUDIT_TRAIL (Avoid FALSE or NONE settings.) DIAGNOSTIC_DEST DISPATCHERS GLOBAL_NAMES (Should be set to TRUE.) LOG_ARCHIVE_% (Note: There are multiple parameters that exist that begin with LOG_ARCHIVE.) MAX_ENABLED_ROLES O7_DICTIONARY_ACCESSIBILITY (Should be set to FALSE.) OS_AUTHENT_PREFIX (Should be set to NULL, if possible. Should Not be set to ops$.) OS_ROLES (Should be set to FALSE.) Regular patches assist to correct some of the vulnerabilities that existed in the system before. Our case database (Oracle) rely on the operating system and the application level security settings. To further secure the database its environment should be secured with firewalls, segmentation among other security measure that can be instituted at the database surrounding environment. d) Audit Security is not always about preventing attacks but also about detecting attacks in the database system. Security Auditing allows that the security attacks are detected and stopped. Audit also ensure that the database administer monitors attacks and identify potential vulnerabilities. First, the audit_sys_operations parameter should be set to TRUE. To further guarantee database security further measure such as backup, recovery plan, journaling, check points and data encryption. Database performance The goal of monitoring databases is to assess how a server is performing. Effective monitoring involves taking periodic snapshots of current performance to isolate processes that are causing problems, and gathering data continuously over time to track performance trends. Ongoing evaluation of the database performance helps you minimize response times and maximize throughput, yielding optimal performance. Efficient network traffic, disk I/O, and CPU usage are key to peak performance (Hurson 2000). You need to thoroughly analyze the application requirements, understand the logical and physical structure of the data, assess database usage, and negotiate tradeoffs between conflicting uses such as online transaction processing (OLTP) versus decision support. Some of the basic steps that can be taken to optimize database performance include the following: Ensure each table has a primary key as it is used to create data indexing by default, thus increase the database performance. Also it is better to create indexing on columns that are foreign keys. The database designer should avoid temp tables as it consume resources those slowing down the overall performance of the database. Seek for better ways of reducing loopback to the server as much as possible. This can be avoided by returning multiple result sets (Chen 2001). Performance evaluation ensures that an organization: get maximum throughput from the minimum available resources, saves the cost of having to purchase a new hardware resource, and ensures that the organization best avails services to its customers (Hurson 2000). Conclusion Database security and performance optimization should go hand in hand to avoid concentrating on one and ignoring the other. Proper methods exists that ensure all that both performance and security are optimized. References Bertino, E., & Sandhu, R. (2005). Database security-concepts, approaches, and challenges. Dependable and Secure Computing, IEEE Transactions on, 2(1), 2-19. Chen, R. S., Nadkarni, P., Marenco, L., Levin, F., Erdos, J., & Miller, P. L. (2000). Exploring performance issues for a clinical database organized using an entity-attribute-value representation. Journal of the American Medical Informatics Association, 7(5), 475-487. Chen, Zhiyuan, Johannes Gehrke, and Flip Korn. "Query optimization in compressed database systems." ACM SIGMOD Record 30.2 (2001): 271-282. Cook, W. R., &Gannholm, M. R. (2004). U.S. Patent No. 6,820,082. Washington, DC: U.S. Patent and Trademark Office. Hurson, A. R., Pakzad, S. H., & Cheng, J. B. (1993). Object-oriented database management systems: evolution and performance issues. Computer, 26(2), 48-58. Read More