SlideShare a Scribd company logo

Day2

Download as PPTX, PDF
M
madamewoolf
EducationTechnology
1 of 41
CSE 136 Lecture 2  Database design steps for the enterprise  Logical Design Overview  Physical Design  Logical design in detail  Conceptual Modeling  Model to Schema  Database Security  Enterprise Database Environment  Continuous Integration DB – build DB project
Database Design Step ER Model Using MS SQL 2008
Logical Design Overview 1
Logical Design Overview 2
Logical Design Overview 3
Logical Design Overview 4
Physical Design
Conceptual Modeling - generalization
Conceptual Modeling - relationships connectivity
Model to SQL schema  Data Definition Language  Why use data definition language?  Multiple database designers modifying DDL  Version Control  Build the database script from scratch (for unit testing)  Examples  Create table  Alter table  Drop table  Create/drop view
Model to SQL 1
Model to SQL 2
Enrollment example
Enrollment example
SQL Security  Secure Configuration  Authentication  login/password  Authorization  What you can access after you login  Data Encryption  Protectingsensitive data from internal and external hackers
SQL Security - Secure Configuration  Physically secure the server behind firewall  Enable only the minimum network protocols required  Use Windows Update to apply patches  Surface Area Configuration - turn off default SQL features  CLR Integration  Database mirroring  Debugging  Service broker  E-Mail functions
SQL Security - Authentication  Use simple connection strings containing user names and passwords during development  Create SQL user for test-user (shows password in web.config & app.config)  Use windows authentication in production with more security  SQL 2008 uses encryption of the channel by default (avoid data sniffing)  Windows Group Policy  password complexity  password history  password age expiration  lockout after failed attempts
SQL Security - Authorization  After authentication, what can you access?  Depends on your roles (owner, admin, operator, reader, etc)  Principal  Anyindividual, group, or process that can request access to a protected resource  Securable  object that you can secured by granting or denying of permissions
SQL Security - Principal  Windows-level principals  Domain, local, group  SQL Server-level principals  SQL login  login mapped to a windows login  login mapped to a certificate  login mapped to a asymmetric key  Database-level principals  Database user  user mapped to SQL server login  user mapped to windows login, certificate, asymmetric key  Database role  Application role  etc...
SQL Security - Securables
SQL Security – Dynamical SQL  Execute(@sql)  @sql is a dynamically generate SQL statement  @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’  Open for SQL injection attack  @search = ‘cse’’’; delete from users‘  Use sp_executesql (@sql, @search_text)
SQL Security – Encryption  Built-in SQL encryption methods:  EncryptByPassPhrase(), DecryptByPassPhrase()  EncryptByCertificate(), DecryptByCertificate()  Encryption side-effects:  Storage(encrypted values are larger size)  Performance  Create Index on encrypted data  Create Index on hash value
Review question  Difference between db logic design and physical design?  Difference between deny vs revoke?  Can you think of a generalization scenario for your project?  How many entities will you have in your db design?  Can you identify where you would need indexes in your db?  What db objects would you want to provide more security in your db design?
Break time
Enterprise DB – availability & load  Availability = (Total Units of Time – Downtime) / Total Units of Time  8,760 hours (365 days 24 hours) in a calendar year  100 hours of downtime during the year  (8760 – 100) / 8,760 (98.9% uptime)  Fail-over  When one db fails, another becomes active  DB Load Balance  Distribute data across different servers (multiple active databases)
Enterprise DB - architecture  Clustering  Log shipping  Mirroring  Snapshot replication  Merge replication  Peer-to-peer replication (transactional)  Combinations  Cluster & mirror  Cluster & log-shipping  Cluster & replication
Enterprise DB - clustering
Enterprise DB - log shipping
Enterprise DB - mirroring
Enterprise DB – snapshot replication
Enterprise DB – merge replication
Enterprise DB – peer-to-peer
DB Architecture comparison
Enterprise DB – cluster & mirror
Enterprise DB – cluster & log-shipping
Enterprise DB – cluster & replication
DB for Continuous Integration  Database needs to be built locally  For individual C# developers coding locally  For running unit tests locally  Database code needs to be in the source control (version control)  Nightly builds on the server  Solution:  Database Solution in VS 2010 (cse 136)  Database build script (*.sql)  Command shell (CreateDB.cmd)
Review question  Difference between fail-over and load balance?  What are the pros and cons of clustering?  What scenario would you recommend logging shipping instead of mirroring?  What scenario would you recommend mirroring instead of replication?
Demo  SQL Mixed mode  Create SQL user  Show Day 2 tutorial  Run .cmd to generate db
Assignment  Due Day 4  Create a database in SQL 2008  Create a database diagram  Create SQL Stored Procedures based on your activity diagram(s) for your entire project’s features.  Create a database solution using VS 2010 (see day 2 tutorial)  Run the db command script
References  Database Modeling and Design  Pro SQL Server 2008 Failover Clustering

Recommended

Day7
Day7Day7
Day7madamewoolf
 
Day6
Day6Day6
Day6madamewoolf
 
Day4
Day4Day4
Day4madamewoolf
 
Day8
Day8Day8
Day8madamewoolf
 
Day5
Day5Day5
Day5madamewoolf
 
Day1
Day1Day1
Day1madamewoolf
 
Microsoft Data Access Technologies
Microsoft Data Access TechnologiesMicrosoft Data Access Technologies
Microsoft Data Access TechnologiesDavid Chou
 
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows AzureCloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows AzureDavid Chou
 

Recommended

Day7
Day7Day7
Day7madamewoolf
 
Day6
Day6Day6
Day6madamewoolf
 
Day4
Day4Day4
Day4madamewoolf
 
Day8
Day8Day8
Day8madamewoolf
 
Day5
Day5Day5
Day5madamewoolf
 
Day1
Day1Day1
Day1madamewoolf
 
Microsoft Data Access Technologies
Microsoft Data Access TechnologiesMicrosoft Data Access Technologies
Microsoft Data Access TechnologiesDavid Chou
 
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows AzureCloudConnect 2011 - Building Highly Scalable Java Applications on Windows Azure
CloudConnect 2011 - Building Highly Scalable Java Applications on Windows AzureDavid Chou
 
Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database OptionsDavid Chou
 
Microsoft SQL Server 2008
Microsoft SQL Server 2008Microsoft SQL Server 2008
Microsoft SQL Server 2008Hossein Zahed
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overviewukdpe
 
JDBC Tutorial
JDBC TutorialJDBC Tutorial
JDBC TutorialInformation Technology
 
Java on Windows Azure
Java on Windows AzureJava on Windows Azure
Java on Windows AzureDavid Chou
 
Java database connectivity
Java database connectivityJava database connectivity
Java database connectivityVaishali Modi
 
Entity framework code first
Entity framework code firstEntity framework code first
Entity framework code firstConfiz
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabricDavid Chou
 
Database and Java Database Connectivity
Database and Java Database ConnectivityDatabase and Java Database Connectivity
Database and Java Database ConnectivityGary Yeh
 
jsf2 Notes
jsf2 Notesjsf2 Notes
jsf2 NotesRajiv Gupta
 
Jdbc
JdbcJdbc
JdbcMumbai Academisc
 
Jdbc
JdbcJdbc
JdbcYamuna Devi
 
Jdbc
JdbcJdbc
JdbcSmit Patel
 
Jdbc (database in java)
Jdbc (database in java)Jdbc (database in java)
Jdbc (database in java)Maher Abdo
 
Java- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionJava- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionMazenetsolution
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework OverviewEric Nelson
 
Jdbc in servlets
Jdbc in servletsJdbc in servlets
Jdbc in servletsNuha Noor
 
Entity framework and how to use it
Entity framework and how to use itEntity framework and how to use it
Entity framework and how to use itnspyre_net
 
JDBC: java DataBase connectivity
JDBC: java DataBase connectivityJDBC: java DataBase connectivity
JDBC: java DataBase connectivityTanmoy Barman
 
Writing simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorWriting simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorSantosh Kumar Kar
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
SQLCLR For DBAs and Developers
SQLCLR For DBAs and DevelopersSQLCLR For DBAs and Developers
SQLCLR For DBAs and Developerswebhostingguy
 

More Related Content

What's hot

Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database OptionsDavid Chou
 
Microsoft SQL Server 2008
Microsoft SQL Server 2008Microsoft SQL Server 2008
Microsoft SQL Server 2008Hossein Zahed
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overviewukdpe
 
Java on Windows Azure
Java on Windows AzureJava on Windows Azure
Java on Windows AzureDavid Chou
 
Java database connectivity
Java database connectivityJava database connectivity
Java database connectivityVaishali Modi
 
Entity framework code first
Entity framework code firstEntity framework code first
Entity framework code firstConfiz
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabricDavid Chou
 
Database and Java Database Connectivity
Database and Java Database ConnectivityDatabase and Java Database Connectivity
Database and Java Database ConnectivityGary Yeh
 
Jdbc (database in java)
Jdbc (database in java)Jdbc (database in java)
Jdbc (database in java)Maher Abdo
 
Java- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionJava- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionMazenetsolution
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework OverviewEric Nelson
 
Jdbc in servlets
Jdbc in servletsJdbc in servlets
Jdbc in servletsNuha Noor
 
Entity framework and how to use it
Entity framework and how to use itEntity framework and how to use it
Entity framework and how to use itnspyre_net
 
JDBC: java DataBase connectivity
JDBC: java DataBase connectivityJDBC: java DataBase connectivity
JDBC: java DataBase connectivityTanmoy Barman
 
Writing simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorWriting simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorSantosh Kumar Kar
 

What's hot (20)

Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database Options
 
Microsoft SQL Server 2008
Microsoft SQL Server 2008Microsoft SQL Server 2008
Microsoft SQL Server 2008
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overview
 
JDBC Tutorial
JDBC TutorialJDBC Tutorial
JDBC Tutorial
 
Java on Windows Azure
Java on Windows AzureJava on Windows Azure
Java on Windows Azure
 
Java database connectivity
Java database connectivityJava database connectivity
Java database connectivity
 
Entity framework code first
Entity framework code firstEntity framework code first
Entity framework code first
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabric
 
Database and Java Database Connectivity
Database and Java Database ConnectivityDatabase and Java Database Connectivity
Database and Java Database Connectivity
 
jsf2 Notes
jsf2 Notesjsf2 Notes
jsf2 Notes
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc (database in java)
Jdbc (database in java)Jdbc (database in java)
Jdbc (database in java)
 
Java- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionJava- JDBC- Mazenet Solution
Java- JDBC- Mazenet Solution
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overview
 
Jdbc in servlets
Jdbc in servletsJdbc in servlets
Jdbc in servlets
 
Entity framework and how to use it
Entity framework and how to use itEntity framework and how to use it
Entity framework and how to use it
 
JDBC: java DataBase connectivity
JDBC: java DataBase connectivityJDBC: java DataBase connectivity
JDBC: java DataBase connectivity
 
Writing simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorWriting simple web services in java using eclipse editor
Writing simple web services in java using eclipse editor
 

Similar to Day2

SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
SQLCLR For DBAs and Developers
SQLCLR For DBAs and DevelopersSQLCLR For DBAs and Developers
SQLCLR For DBAs and Developerswebhostingguy
 
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. HydeDr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hydewebhostingguy
 
Azure Data platform
Azure Data platformAzure Data platform
Azure Data platformMostafa
 
SQL Server - High availability
SQL Server - High availabilitySQL Server - High availability
SQL Server - High availabilityPeter Gfader
 
A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13sparkwan
 
Be05 introduction to sql azure
Be05 introduction to sql azureBe05 introduction to sql azure
Be05 introduction to sql azureDotNetCampus
 
Azure presentation nnug dec 2010
Azure presentation nnug dec 2010Azure presentation nnug dec 2010
Azure presentation nnug dec 2010Ethos Technologies
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosGeorge Grammatikos
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformMarcelo Paiva
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...Michael Noel
 
02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptxKareemBullard1
 
SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012Michael Noel
 
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecuritySPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecurityMichael Noel
 
android sqlite
android sqliteandroid sqlite
android sqliteDeepa Rani
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Michael Noel
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudTobias Koprowski
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft Private Cloud
 
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentRapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentEmbarcadero Technologies
 

Similar to Day2 (20)

SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
 
SQLCLR For DBAs and Developers
SQLCLR For DBAs and DevelopersSQLCLR For DBAs and Developers
SQLCLR For DBAs and Developers
 
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. HydeDr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
 
Azure Data platform
Azure Data platformAzure Data platform
Azure Data platform
 
SQL Server - High availability
SQL Server - High availabilitySQL Server - High availability
SQL Server - High availability
 
A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13
 
Be05 introduction to sql azure
Be05 introduction to sql azureBe05 introduction to sql azure
Be05 introduction to sql azure
 
Azure presentation nnug dec 2010
Azure presentation nnug dec 2010Azure presentation nnug dec 2010
Azure presentation nnug dec 2010
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George Grammatikos
 
Sql server basics
Sql server basicsSql server basics
Sql server basics
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data Plaraform
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
 
02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx
 
SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012
 
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecuritySPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
 
android sqlite
android sqliteandroid sqlite
android sqlite
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
 
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentRapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
 

Recently uploaded

Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Recently uploaded (20)

Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

Day2

  • 1. CSE 136 Lecture 2  Database design steps for the enterprise  Logical Design Overview  Physical Design  Logical design in detail  Conceptual Modeling  Model to Schema  Database Security  Enterprise Database Environment  Continuous Integration DB – build DB project
  • 2. Database Design Step ER Model Using MS SQL 2008
  • 8. Conceptual Modeling - generalization
  • 10. Model to SQL schema  Data Definition Language  Why use data definition language?  Multiple database designers modifying DDL  Version Control  Build the database script from scratch (for unit testing)  Examples  Create table  Alter table  Drop table  Create/drop view
  • 15. SQL Security  Secure Configuration  Authentication  login/password  Authorization  What you can access after you login  Data Encryption  Protectingsensitive data from internal and external hackers
  • 16. SQL Security - Secure Configuration  Physically secure the server behind firewall  Enable only the minimum network protocols required  Use Windows Update to apply patches  Surface Area Configuration - turn off default SQL features  CLR Integration  Database mirroring  Debugging  Service broker  E-Mail functions
  • 17. SQL Security - Authentication  Use simple connection strings containing user names and passwords during development  Create SQL user for test-user (shows password in web.config & app.config)  Use windows authentication in production with more security  SQL 2008 uses encryption of the channel by default (avoid data sniffing)  Windows Group Policy  password complexity  password history  password age expiration  lockout after failed attempts
  • 18. SQL Security - Authorization  After authentication, what can you access?  Depends on your roles (owner, admin, operator, reader, etc)  Principal  Anyindividual, group, or process that can request access to a protected resource  Securable  object that you can secured by granting or denying of permissions
  • 19. SQL Security - Principal  Windows-level principals  Domain, local, group  SQL Server-level principals  SQL login  login mapped to a windows login  login mapped to a certificate  login mapped to a asymmetric key  Database-level principals  Database user  user mapped to SQL server login  user mapped to windows login, certificate, asymmetric key  Database role  Application role  etc...
  • 20. SQL Security - Securables
  • 21. SQL Security – Dynamical SQL  Execute(@sql)  @sql is a dynamically generate SQL statement  @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’  Open for SQL injection attack  @search = ‘cse’’’; delete from users‘  Use sp_executesql (@sql, @search_text)
  • 22. SQL Security – Encryption  Built-in SQL encryption methods:  EncryptByPassPhrase(), DecryptByPassPhrase()  EncryptByCertificate(), DecryptByCertificate()  Encryption side-effects:  Storage(encrypted values are larger size)  Performance  Create Index on encrypted data  Create Index on hash value
  • 23. Review question  Difference between db logic design and physical design?  Difference between deny vs revoke?  Can you think of a generalization scenario for your project?  How many entities will you have in your db design?  Can you identify where you would need indexes in your db?  What db objects would you want to provide more security in your db design?
  • 25. Enterprise DB – availability & load  Availability = (Total Units of Time – Downtime) / Total Units of Time  8,760 hours (365 days 24 hours) in a calendar year  100 hours of downtime during the year  (8760 – 100) / 8,760 (98.9% uptime)  Fail-over  When one db fails, another becomes active  DB Load Balance  Distribute data across different servers (multiple active databases)
  • 26. Enterprise DB - architecture  Clustering  Log shipping  Mirroring  Snapshot replication  Merge replication  Peer-to-peer replication (transactional)  Combinations  Cluster & mirror  Cluster & log-shipping  Cluster & replication
  • 27. Enterprise DB - clustering
  • 28. Enterprise DB - log shipping
  • 29. Enterprise DB - mirroring
  • 30. Enterprise DB – snapshot replication
  • 31. Enterprise DB – merge replication
  • 32. Enterprise DB – peer-to-peer
  • 34. Enterprise DB – cluster & mirror
  • 35. Enterprise DB – cluster & log-shipping
  • 36. Enterprise DB – cluster & replication
  • 37. DB for Continuous Integration  Database needs to be built locally  For individual C# developers coding locally  For running unit tests locally  Database code needs to be in the source control (version control)  Nightly builds on the server  Solution:  Database Solution in VS 2010 (cse 136)  Database build script (*.sql)  Command shell (CreateDB.cmd)
  • 38. Review question  Difference between fail-over and load balance?  What are the pros and cons of clustering?  What scenario would you recommend logging shipping instead of mirroring?  What scenario would you recommend mirroring instead of replication?
  • 39. Demo  SQL Mixed mode  Create SQL user  Show Day 2 tutorial  Run .cmd to generate db
  • 40. Assignment  Due Day 4  Create a database in SQL 2008  Create a database diagram  Create SQL Stored Procedures based on your activity diagram(s) for your entire project’s features.  Create a database solution using VS 2010 (see day 2 tutorial)  Run the db command script
  • 41. References  Database Modeling and Design  Pro SQL Server 2008 Failover Clustering