D4: DB Management & Maintenance: Describe the nature of DB administration activities at Garden Glory and define the security scheme (using Figure 6-17, pp. 383 as a guide to describe the users, roles, and permissions etc). Encrypt the DB for Garden Glory and discuss the proper procedures for DB backup and recovery. You can also refer to the GG project questions in 6.
Garden Glory has modified the EMPLOYEE table by adding a TotalHours Worked column as follows:
EMPLOYEE (Employeeld, LastName, FirstName, CellPhone, Experience Level, TotalHoursWorked)
The office personnel at Garden Glory use a database application to record services and related data changes in this database. For a new service, the service-recording application reads a row from the PROPERTY table to get the Property ID. It then creates a new row in SERVICE and updates Total HoursWorked in EMPLOYEE by adding the HoursWorked value in the new SERVICE record to TotalHours Worked. This operation is referred to as a Service Update Transaction.
In some cases, the employee record does not exist before the service is recorded. In this case, a new EMPLOYEE row is created and then the service is recorded. This is called a Service Update for New Employee Transaction.
Project Question 1: Explain why it is important for the changes made by the Service Update Transaction to be atomic. Describe a scenario in which an update of totalHoursworked could be lost during a Service Update Transaction. Explain how locking could be used to prevent the lost update. Do you think optimistic or pessimistic locking would be better for the Service Update Transactions?
Per your request, Garden Glory identifies three groups of users: managers, administrative personnel, and system administrators. Suppose further that the only job of administrative personnel is to make Service Update Transactions Managers can make Service Update Transactions and Service Updates for New Employee Transactions. System administrators have unrestricted access to the tables.
Project Question 2: Describe processing rights that you think would be appropriate for this situation. Use the following template table as a guide and see Figure 6-17, pp.383 in textbook for an example. What problems might this security system have?
Table | Management | Administrative | System Administrator |
OWNER | |||
EMPLOYEE | |||
SERVICE | |||
PROPERTY |
Garden Glory has also developed an initial procedure for backup and recovery and asks you for evaluation. The company backs up the database from the server to a second computer on its network each night. Once a month, it copies the database to a CD and stores it at a manager's house. It keeps paper records of all services provided for an entire year. If it ever loses its database, it plans to restore it from a backup and reprocess all service requests.
Project Question 3: Do you think this backup and recovery program is sufficient for Garden Glory? What problems might occur? What alternatives exist? Describe any changes you think the company should make to this backup and recovery procedure.
Project Question 4: Create an encrypted DB for Garden Glory for added security measure.