Professional Documents
Culture Documents
Security Stratergy & Backup Strategy Updated PDF
Security Stratergy & Backup Strategy Updated PDF
Executive Summary
Data security has become a top priority for organizations due to the increasing number of internal
and external attacks on data repositories of business applications. As a result, majority of the
organizations are paying attention in taking stronger steps to protect their data. Meanwhile there
are some organizations that are not yet strong with a database security strategy to defend from
externally or internally originated attacks to track sensitive data. Use of detective controls over
preventive measures is also a trending concept popular among organizations although it is highly
vulnerable. Based on the recent studies, it is found that the organizations are more confident in
defending attacks when they have implemented an integrated and comprehensive security
strategy and solution including preventive measures in it.
Database security has become an essential necessity to the database environment due to
various reasons including unauthorized attempts to access or modify data, accidental data
losses and undue delays in accessing or using data.
Oracle Database Environment also face threats in privacy and integrity of data due to
unauthorized users both internal and external. The most significant types of security threats
are as follows.
1. Tampering of data
2. Data Theft and Eavesdropping
3. User Identity Falsification
4. Unauthorized Access to Tables and Columns
5. Unauthorized Access to Data Records
6. Lack of Accountability
7. Complex User Management Requirements
1.1. Tampering of Data
Data in a network transit can be interrupted by a malicious, unauthorized third party and
parts of data might subject to changes before transmission causing data tampering.
Protection, security and privacy of information of an organization is a crucial asset for it.
Information security is comprehensively addressed by Oracle Database by providing security
measures such as secure hosting, scalable security, data exchange, deep data protection and
auditing. Imperative security measures mentioned below make the Oracle database well
protected.
i. Grant a role to users when they need all privileges of the role only.
ii. No user roles are granted to application developers.
iii. Create and assign roles specific to each Oracle Database installation.
iv. Create global roles for enterprise users.
2.8 Auditing
The steps to be followed for auditing are as follows.
• Confidential data are including information assets such as customer data which would
cause damage to the organization if disclosed or modified.
4.2. Reasons to Select Differential Backup Method and Expected Advantages ................... 14
References
15
1. Database Failures
A database is susceptible for several database failures under few categories. Distributed
database systems can be mainly vulnerable for database failure types such as soft failures,
hard failures and network failures.
1 OS failure
2 Crash of main memory crash
3 Failures in transactions
4 System generated errors
5 Supporting software failure
1 Failures of power
2 Media faults
3 Malfunctional behavior in reading and writing
4 Disk corruptions
5 Crash of disk read/write head
Database backups are used to recover data prior from to corruption or data deletion. It
provides a mode for disaster recovery. Implementing a data backup strategy is significant in
conducting effective database backup.
Full backup takes a backup of all data in database. Data items for backup will not be
drastically different from previous backups. As a result, conducting full backup is easier.
Meanwhile, it consumes more time for execution as a relatively larger backup is taken
place. There are practical issues taken place due to the capacity of the backup. It will also
result gaps between full backups taken.
Taking a backup of the changed content since last full backup is called differential backup.
This is much easier and quick backup method to be followed immediately after a full
backup. This is an ideal method for taking daily backups. The size of the differential backup
increases when the time since full backup increases.
4.3. Shadow Writing
A shadow database is used to update transactions in the duplicate copy of the database
too. When the transaction is completed, a DB pointer is created to point to the shadow
database making it the latest copy of the database and old copy will be deleted later.
Writing on a shadow database can achieve atomicity and durability of a database. In an
emergency situation, when a database transaction is not completed, database pointer
will remain directing to the old copy of the database and shadow copy will be removed.
4.4. Mirroring
Mirroring is not supported by bulk-logged and simple recovery models. Thus, master,
model, msdb or tempdb databases cannot be mirrored.
Two copies of a database are maintained during mirroring, and they must be stored on
different server instances. Out of them acts as the principal server, serving the database
to clients while the second acts as the mirror server depending on the mirroring session
status and configuration. Once, database mirroring session is synchronized, a hot standby
server is provided supporting rapid failover without a loss of data from committed
transactions. The mirror server is available as a warm standby server with possible data
losses when the session is not synchronized.
Fallback strategy is a simple method. During the upgrade, user data are not even touched.
Hence, all user data tablespaces are made read-only and keep only in read-write access.
An offline backup of the core database is done before invoking the upgrade. The benefit
of it is to quickly restore the files to the offline backup in an emergency during upgrade.
The steps followed in fallback strategy are:
Step 1 – Take USER DATA tablespaces read-only
4.6. Restore/rerun
During restore/rerun method, daily transactions are reprocessed up to the failure point.
The latest database backup copy will be mounted. Then the system log is consulted and all
transaction since the copy will be rerun. The method is simple and does not need a special
restart procedure. More time is consumed for transaction reprocessing. This approach will
be impractical with complex database having more transactions as it is impossible to rerun
all lost transactions and new transactions concurrently. This drawback can cause problems
during time critical transactions.
4. Backup Strategy
1 Faster restoring process than incremental backup as only the immediate last full
backup and latest differential is required.
2 Faster backing up than full back up as only modified files are needed.
3 Less storage space required.
4 Retention of multiple versions of same files are allowed.
[3]"How To Backup A Mirrored Database Using SQL Agent", C-sharpcorner.com, 2019. [Online].
Available: https://www.c-sharpcorner.com/article/how-to-backing-up-a-mirrored-
database-using-sql-agent/. [Accessed: 26- Dec- 2019].
[4]"Top 7 Reasons Why It is Important to Backup Your Files from cyber attacks", ZNetLive Blog -
A Guide to Domains, Web Hosting & Cloud Computing, 2019. [Online]. Available:
https://www.znetlive.com/blog/top-7-reasons-why-it-is-important-to-backup-your-files-
in-todays-age-of-cyberthreats/. [Accessed: 26- Dec- 2019].
[6]"Is there a FALLBACK strategy?", Upgrade your Database - NOW!, 2019. [Online]. Available:
https://mikedietrichde.com/2009/08/19/is-there-a-fallback-strategy/. [Accessed: 27-
Dec- 2019].
[7]"Fallback Strategy: Partial Offline Backup", Upgrade your Database - NOW!, 2019. [Online].
Available: https://mikedietrichde.com/2018/07/17/fallback-strategy-partial-offline-
backup/. [Accessed: 27- Dec- 2019].
[8]"▶ Shadow Database in DBMS - Shadow Database in SQL", Tutorialcup.com, 2019. [Online].
Available: https://www.tutorialcup.com/dbms/shadow-database.htm. [Accessed: 27-
Dec- 2019].
[9]"Distributed DBMS - Failure & Commit - Tutorialspoint", Tutorialspoint.com, 2019. [Online].
Available:
https://www.tutorialspoint.com/distributed_dbms/distributed_dbms_failure_commit.h
tm. [Accessed: 27- Dec- 2019].
[10]"Database Systems: Concepts, Design and Applications", O’Reilly | Safari, 2019. [Online].
Available: https://www.oreilly.com/library/view/database-systems-
concepts/9788177585674/9788177585674_ch13lev1sec3.html. [Accessed: 27- Dec-
2019].
[14]E. Staff, "Backup Types: Full, Incremental, Differential | Pros & Cons", Enterprise Features,
2019. [Online]. Available: http://www.enterprisefeatures.com/backup-types-full-
incremental-differential/. [Accessed: 27- Dec- 2019].