SlideShare a Scribd company logo

Day2

Download as PPTX, PDF
M
madamewoolf

The document summarizes key topics from a lecture on database design for enterprise systems, including: 1) Logical and physical database design steps such as conceptual modeling and converting models to schemas. 2) Database security topics like authentication, authorization, and data encryption. 3) Characteristics of enterprise database environments including high availability, load balancing, clustering, replication, and integrating databases with continuous integration systems.

EducationTechnology
1 of 41
Downloaded 19 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
CSE 136 Lecture 2  Database design steps for the enterprise  Logical Design Overview  Physical Design  Logical design in detail  Conceptual Modeling  Model to Schema  Database Security  Enterprise Database Environment  Continuous Integration DB – build DB project
Database Design Step ER Model Using MS SQL 2008
Logical Design Overview 1
Logical Design Overview 2
Logical Design Overview 3
Logical Design Overview 4
Physical Design
Conceptual Modeling - generalization
Conceptual Modeling - relationships connectivity
Model to SQL schema  Data Definition Language  Why use data definition language?  Multiple database designers modifying DDL  Version Control  Build the database script from scratch (for unit testing)  Examples  Create table  Alter table  Drop table  Create/drop view
Model to SQL 1
Model to SQL 2
Enrollment example
Enrollment example
SQL Security  Secure Configuration  Authentication  login/password  Authorization  What you can access after you login  Data Encryption  Protectingsensitive data from internal and external hackers
SQL Security - Secure Configuration  Physically secure the server behind firewall  Enable only the minimum network protocols required  Use Windows Update to apply patches  Surface Area Configuration - turn off default SQL features  CLR Integration  Database mirroring  Debugging  Service broker  E-Mail functions
SQL Security - Authentication  Use simple connection strings containing user names and passwords during development  Create SQL user for test-user (shows password in web.config & app.config)  Use windows authentication in production with more security  SQL 2008 uses encryption of the channel by default (avoid data sniffing)  Windows Group Policy  password complexity  password history  password age expiration  lockout after failed attempts
SQL Security - Authorization  After authentication, what can you access?  Depends on your roles (owner, admin, operator, reader, etc)  Principal  Anyindividual, group, or process that can request access to a protected resource  Securable  object that you can secured by granting or denying of permissions
SQL Security - Principal  Windows-level principals  Domain, local, group  SQL Server-level principals  SQL login  login mapped to a windows login  login mapped to a certificate  login mapped to a asymmetric key  Database-level principals  Database user  user mapped to SQL server login  user mapped to windows login, certificate, asymmetric key  Database role  Application role  etc...
SQL Security - Securables
SQL Security – Dynamical SQL  Execute(@sql)  @sql is a dynamically generate SQL statement  @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’  Open for SQL injection attack  @search = ‘cse’’’; delete from users‘  Use sp_executesql (@sql, @search_text)
SQL Security – Encryption  Built-in SQL encryption methods:  EncryptByPassPhrase(), DecryptByPassPhrase()  EncryptByCertificate(), DecryptByCertificate()  Encryption side-effects:  Storage(encrypted values are larger size)  Performance  Create Index on encrypted data  Create Index on hash value
Review question  Difference between db logic design and physical design?  Difference between deny vs revoke?  Can you think of a generalization scenario for your project?  How many entities will you have in your db design?  Can you identify where you would need indexes in your db?  What db objects would you want to provide more security in your db design?
Break time
Enterprise DB – availability & load  Availability = (Total Units of Time – Downtime) / Total Units of Time  8,760 hours (365 days 24 hours) in a calendar year  100 hours of downtime during the year  (8760 – 100) / 8,760 (98.9% uptime)  Fail-over  When one db fails, another becomes active  DB Load Balance  Distribute data across different servers (multiple active databases)
Enterprise DB - architecture  Clustering  Log shipping  Mirroring  Snapshot replication  Merge replication  Peer-to-peer replication (transactional)  Combinations  Cluster & mirror  Cluster & log-shipping  Cluster & replication
Enterprise DB - clustering
Enterprise DB - log shipping
Enterprise DB - mirroring
Enterprise DB – snapshot replication
Enterprise DB – merge replication
Enterprise DB – peer-to-peer
DB Architecture comparison
Enterprise DB – cluster & mirror
Enterprise DB – cluster & log-shipping
Enterprise DB – cluster & replication
DB for Continuous Integration  Database needs to be built locally  For individual C# developers coding locally  For running unit tests locally  Database code needs to be in the source control (version control)  Nightly builds on the server  Solution:  Database Solution in VS 2010 (cse 136)  Database build script (*.sql)  Command shell (CreateDB.cmd)
Review question  Difference between fail-over and load balance?  What are the pros and cons of clustering?  What scenario would you recommend logging shipping instead of mirroring?  What scenario would you recommend mirroring instead of replication?
Demo  SQL Mixed mode  Create SQL user  Show Day 2 tutorial  Run .cmd to generate db
Assignment  Due Day 4  Create a database in SQL 2008  Create a database diagram  Create SQL Stored Procedures based on your activity diagram(s) for your entire project’s features.  Create a database solution using VS 2010 (see day 2 tutorial)  Run the db command script
References  Database Modeling and Design  Pro SQL Server 2008 Failover Clustering

More Related Content

PPTX
Day7
madamewoolf
 
PPTX
Day6
madamewoolf
 
PPTX
Day4
madamewoolf
 
PPTX
Day8
madamewoolf
 
PPTX
Day5
madamewoolf
 
PPTX
Day1
madamewoolf
 
PPTX
Microsoft Data Access Technologies
David Chou
 
PPTX
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
David Chou
 
Day7
madamewoolf
 
Day6
madamewoolf
 
Day4
madamewoolf
 
Day8
madamewoolf
 
Day5
madamewoolf
 
Day1
madamewoolf
 
Microsoft Data Access Technologies
David Chou
 
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
David Chou
 

What's hot (20)

PPTX
Microsoft Database Options
David Chou
 
PPTX
Microsoft SQL Server 2008
Hossein Zahed
 
PPT
Entity Framework Overview
ukdpe
 
PPT
JDBC Tutorial
Information Technology
 
PPTX
Java on Windows Azure
David Chou
 
PPT
Java database connectivity
Vaishali Modi
 
PPTX
Entity framework code first
Confiz
 
PPTX
Windows Azure AppFabric
David Chou
 
PDF
Database and Java Database Connectivity
Gary Yeh
 
PDF
jsf2 Notes
Rajiv Gupta
 
PPT
Jdbc
Mumbai Academisc
 
PPTX
Jdbc
Yamuna Devi
 
PPT
Jdbc
Smit Patel
 
PPT
Jdbc (database in java)
Maher Abdo
 
PPTX
Java- JDBC- Mazenet Solution
Mazenetsolution
 
PPTX
Entity Framework Overview
Eric Nelson
 
PPTX
Jdbc in servlets
Nuha Noor
 
PPTX
Entity framework and how to use it
nspyre_net
 
PPSX
JDBC: java DataBase connectivity
Tanmoy Barman
 
PPTX
Writing simple web services in java using eclipse editor
Santosh Kumar Kar
 
Microsoft Database Options
David Chou
 
Microsoft SQL Server 2008
Hossein Zahed
 
Entity Framework Overview
ukdpe
 
JDBC Tutorial
Information Technology
 
Java on Windows Azure
David Chou
 
Java database connectivity
Vaishali Modi
 
Entity framework code first
Confiz
 
Windows Azure AppFabric
David Chou
 
Database and Java Database Connectivity
Gary Yeh
 
jsf2 Notes
Rajiv Gupta
 
Jdbc
Mumbai Academisc
 
Jdbc
Yamuna Devi
 
Jdbc
Smit Patel
 
Jdbc (database in java)
Maher Abdo
 
Java- JDBC- Mazenet Solution
Mazenetsolution
 
Entity Framework Overview
Eric Nelson
 
Jdbc in servlets
Nuha Noor
 
Entity framework and how to use it
nspyre_net
 
JDBC: java DataBase connectivity
Tanmoy Barman
 
Writing simple web services in java using eclipse editor
Santosh Kumar Kar
 
Ad

Similar to Day2 (20)

PDF
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
Tobias Koprowski
 
PPT
Dr. Jekyll and Mr. Hyde
webhostingguy
 
PPT
SQLCLR For DBAs and Developers
webhostingguy
 
PPTX
Azure Data platform
Mostafa
 
PPTX
SQL Server - High availability
Peter Gfader
 
PPT
A Primer To Sybase Iq Development July 13
sparkwan
 
PDF
Be05 introduction to sql azure
DotNetCampus
 
PPTX
Azure presentation nnug dec 2010
Ethos Technologies
 
PDF
SQL or NoSQL, is this the question? - George Grammatikos
George Grammatikos
 
PPT
Sql server basics
Dilfaroz Khan
 
PPTX
GWAB 2015 - Data Plaraform
Marcelo Paiva
 
PPTX
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
Michael Noel
 
PPTX
02_DP_300T00A_Plan_implement.pptx
KareemBullard1
 
PPTX
SharePoint Security in an Insecure World - AUSPC 2012
Michael Noel
 
PPTX
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
Michael Noel
 
PPTX
android sqlite
Deepa Rani
 
PPTX
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Michael Noel
 
PDF
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
Tobias Koprowski
 
PPTX
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft Private Cloud
 
PDF
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Embarcadero Technologies
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
Tobias Koprowski
 
Dr. Jekyll and Mr. Hyde
webhostingguy
 
SQLCLR For DBAs and Developers
webhostingguy
 
Azure Data platform
Mostafa
 
SQL Server - High availability
Peter Gfader
 
A Primer To Sybase Iq Development July 13
sparkwan
 
Be05 introduction to sql azure
DotNetCampus
 
Azure presentation nnug dec 2010
Ethos Technologies
 
SQL or NoSQL, is this the question? - George Grammatikos
George Grammatikos
 
Sql server basics
Dilfaroz Khan
 
GWAB 2015 - Data Plaraform
Marcelo Paiva
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
Michael Noel
 
02_DP_300T00A_Plan_implement.pptx
KareemBullard1
 
SharePoint Security in an Insecure World - AUSPC 2012
Michael Noel
 
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
Michael Noel
 
android sqlite
Deepa Rani
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Michael Noel
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
Tobias Koprowski
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft Private Cloud
 
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Embarcadero Technologies
 
Ad

Recently uploaded (20)

PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PPTX
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
PPTX
master seminar digital applications in india
ananyaray35
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
PPTX
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
PDF
Pre independence Education in Inndia.pdf
goofy5603
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
master seminar digital applications in india
ananyaray35
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
Pre independence Education in Inndia.pdf
goofy5603
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 

Day2

  • 1. CSE 136 Lecture 2  Database design steps for the enterprise  Logical Design Overview  Physical Design  Logical design in detail  Conceptual Modeling  Model to Schema  Database Security  Enterprise Database Environment  Continuous Integration DB – build DB project
  • 2. Database Design Step ER Model Using MS SQL 2008
  • 8. Conceptual Modeling - generalization
  • 10. Model to SQL schema  Data Definition Language  Why use data definition language?  Multiple database designers modifying DDL  Version Control  Build the database script from scratch (for unit testing)  Examples  Create table  Alter table  Drop table  Create/drop view
  • 15. SQL Security  Secure Configuration  Authentication  login/password  Authorization  What you can access after you login  Data Encryption  Protectingsensitive data from internal and external hackers
  • 16. SQL Security - Secure Configuration  Physically secure the server behind firewall  Enable only the minimum network protocols required  Use Windows Update to apply patches  Surface Area Configuration - turn off default SQL features  CLR Integration  Database mirroring  Debugging  Service broker  E-Mail functions
  • 17. SQL Security - Authentication  Use simple connection strings containing user names and passwords during development  Create SQL user for test-user (shows password in web.config & app.config)  Use windows authentication in production with more security  SQL 2008 uses encryption of the channel by default (avoid data sniffing)  Windows Group Policy  password complexity  password history  password age expiration  lockout after failed attempts
  • 18. SQL Security - Authorization  After authentication, what can you access?  Depends on your roles (owner, admin, operator, reader, etc)  Principal  Anyindividual, group, or process that can request access to a protected resource  Securable  object that you can secured by granting or denying of permissions
  • 19. SQL Security - Principal  Windows-level principals  Domain, local, group  SQL Server-level principals  SQL login  login mapped to a windows login  login mapped to a certificate  login mapped to a asymmetric key  Database-level principals  Database user  user mapped to SQL server login  user mapped to windows login, certificate, asymmetric key  Database role  Application role  etc...
  • 20. SQL Security - Securables
  • 21. SQL Security – Dynamical SQL  Execute(@sql)  @sql is a dynamically generate SQL statement  @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’  Open for SQL injection attack  @search = ‘cse’’’; delete from users‘  Use sp_executesql (@sql, @search_text)
  • 22. SQL Security – Encryption  Built-in SQL encryption methods:  EncryptByPassPhrase(), DecryptByPassPhrase()  EncryptByCertificate(), DecryptByCertificate()  Encryption side-effects:  Storage(encrypted values are larger size)  Performance  Create Index on encrypted data  Create Index on hash value
  • 23. Review question  Difference between db logic design and physical design?  Difference between deny vs revoke?  Can you think of a generalization scenario for your project?  How many entities will you have in your db design?  Can you identify where you would need indexes in your db?  What db objects would you want to provide more security in your db design?
  • 25. Enterprise DB – availability & load  Availability = (Total Units of Time – Downtime) / Total Units of Time  8,760 hours (365 days 24 hours) in a calendar year  100 hours of downtime during the year  (8760 – 100) / 8,760 (98.9% uptime)  Fail-over  When one db fails, another becomes active  DB Load Balance  Distribute data across different servers (multiple active databases)
  • 26. Enterprise DB - architecture  Clustering  Log shipping  Mirroring  Snapshot replication  Merge replication  Peer-to-peer replication (transactional)  Combinations  Cluster & mirror  Cluster & log-shipping  Cluster & replication
  • 27. Enterprise DB - clustering
  • 28. Enterprise DB - log shipping
  • 29. Enterprise DB - mirroring
  • 30. Enterprise DB – snapshot replication
  • 31. Enterprise DB – merge replication
  • 32. Enterprise DB – peer-to-peer
  • 34. Enterprise DB – cluster & mirror
  • 35. Enterprise DB – cluster & log-shipping
  • 36. Enterprise DB – cluster & replication
  • 37. DB for Continuous Integration  Database needs to be built locally  For individual C# developers coding locally  For running unit tests locally  Database code needs to be in the source control (version control)  Nightly builds on the server  Solution:  Database Solution in VS 2010 (cse 136)  Database build script (*.sql)  Command shell (CreateDB.cmd)
  • 38. Review question  Difference between fail-over and load balance?  What are the pros and cons of clustering?  What scenario would you recommend logging shipping instead of mirroring?  What scenario would you recommend mirroring instead of replication?
  • 39. Demo  SQL Mixed mode  Create SQL user  Show Day 2 tutorial  Run .cmd to generate db
  • 40. Assignment  Due Day 4  Create a database in SQL 2008  Create a database diagram  Create SQL Stored Procedures based on your activity diagram(s) for your entire project’s features.  Create a database solution using VS 2010 (see day 2 tutorial)  Run the db command script
  • 41. References  Database Modeling and Design  Pro SQL Server 2008 Failover Clustering