DAT 380 Week 5 Security and Optimization of a DDBMS

19 May No Comments

Security and Optimization of a Distributed Database Management System University of Phoenix

Security and Optimization of a Distributed Database Management System

The database security and optimization plan for the “Wellmeadows” hospital is designed to protect a distributed and object-oriented database. The security and optimization plan looks at various elements such as security measures, back-up, and recovery, monitoring, acceptable risks, and current best practices and trends.

Overview of Database Security Measures

According to Begg and Connolly T (2015), a distributed database (DDB) is a “logically interrelated collection of shared data (and a description of this data) physically distributed over a computer network” and an Object-Oriented Database (OODB) is a “persistent and sharable collection of objects defined by an Object-Oriented Data Model (OODM).”

Let’s begin by defining the database security before discussing the security measures that will be incorporated into the Wellmeadows hospital database. Database security is defined as the “protection of the database against unauthorized access, either intentional or accidental” (Connolly & Begg, 2015). While discussing the security measures of Wellmeadows hospital database plan, I will focus on the following areas: security authentication, authorization, encryption, and multi-level access control.

Implementation of Database Security Measures

Authentication is a “mechanism that determines whether a user is who they claim to be” (Connolly & Begg, 2015). The use of passwords achieves security authentication. The medical staff will be able to access the database records by providing a unique password. The password policy will ensure that the staff is changing their passwords every thirty days. The password will be less no less than ten characters and must have a combination of letters, numbers, and special characters.

Authorization is the “granting of privileges that enables a subject to have legitimate access to a system or a system’s object” (Connolly & Begg, 2015). The Wellmeadows hospital database will employ security authorization where only the Chief Medical Officer (CMO) will have the highest level of privileges to view medical supplier records, patient health information (PHI), inventory, etc. Staff members are not granted rights to the database management system unless first authorized by the CMO.

The Wellmeadows hospital database will provide encryption of passwords and data while being transported over the network. Encryption is the “technique of encoding data in such a way that only authorized users can decode and read” (Sangeetha & Akila, 2017). There are various encryption algorithms used, and they include Rivest, Shamir, Adelman (SA), Data Encryption Standard (DE), and Sand PGP (Pretty Good Privacy).

Multi-level access control is “when a user is limited from having complete access to data” (Sangeetha & Akila, 2017). Access policies for multi-level systems are either open or closed, meaning that the users will either have access to specific features or not. Open systems where all data is considered unclassified unless access to specific security attributes is expressly prohibited. Closed systems are when all data is prohibited unless the user has specific access

privileges (Sangeetha & Akila, 2017). The Wellmeadows hospital database will deploy the closed system model, where all data is prohibited unless the user is granted the specific security

attribute to access that data. All users of the database management system will be prohibited from accessing patient health information (PHI) unless authorized by the Chief Medical Officer (CMO).

The Wellmeadows data will move across the network via a distributed database architecture. The system needs to be completely secure to protect employees and patient privacy.

Security of the network will be ensured by installing firewalls that will check incoming and outgoing data packets. There will also be antivirus software installed that will scan incoming messages for viruses, educational material will also be provided in attempts towards building a human firewall. Network devices, i.e. routers, and switches, will be secured with strong passwords and access will be limited to network administrators only.

Back-up and Recovery Plan

Data back-up is the “process of periodically copying the database and log files (and possibly programs) to offline storage devices” (Connolly & Begg, 2015). The Wellmeadows hospital database will have both a scheduled daily and weekly back-up of the database. Database recovery is the restoration of the database when a failure occurs. There are many causes of database failures, i.e., database corruption, network failure, viruses and denial of service (DOS) attacks, etc. Our database will use the two-phase commit (2PC) algorithm to ensure recovery.

The 2PC has both a voting and decision phase, if a participant is not ready to commit to a transaction, the participant(s) will abort the operation to help ensure that there is no loss of data (Connolly & Begg, 2015).

Querying and Data Access Optimization Plan

Query optimization is the “process of selecting the most efficient query-evaluation plan from among the many strategies usually possible for processing a given query, especially if the query is complex (Silberschatz, Korth, & Sudarshan, 2011) The Wellmeadows hospital database will use the heuristics rule for query optimization, and the algorithm used will be the R* algorithm.

Ongoing Monitoring, Acceptable Risks, and Current Best Practices

The database administrator will be primarily responsible for monitoring the database daily, log files will be generated to show all users logins accompanied with time and date stamp. Specific risks will be accepted since they rarely occur. These risks include damage from natural disasters, power outages, and some human errors.

The risk assessment process will be re-evaluated every three years. There will be specific schedules for assessing and mitigating mission risks. The periodically performed procedure will be flexible enough to allow changes where warranted, such as significant changes to the infrastructure and processing environment due to changes resulting from new policies and technologies. Users will use strong passwords that will incorporate numbers, letters, and special characters. The network will be secured and monitored by network administrators. Encryption protocols will be used to encrypt data over the network. The database will be backed up daily, and full back-ups performed weekly, and user passwords will be changed monthly.

Conclusion

Based on the research presented in this paper, the Wellmeadows hospital database management plan should be implemented without any critical issues barring any unforeseeable issues that could slow down progress. The Wellmeadows hospital IT department will ensure that all the above areas are implemented and tested for reliability and security. Please feel free to ask any questions you may have and I’ll do my best to address any possible issues that may arise. I intend to perform a seamless transition, making the transition as transparent to our users as possible. Thank you.

References

Connolly, T. M., & Begg, C. E. (2015). Database Systems: A Practical Approach to Design, Implementation, and Management (Vol. 6th Edition). New York: Pearson.

Elmasri, R., & Navath, S. B. (2016). Fundamentals of Database Systems, 7th Edition. Arlington: Pearson.

Sangeetha, R., & Akila, G. (2017, July). Security Issues in Distributed Database System.

Retrieved from Research Gate: https://www.researchgate.net/publication/325737373_Security_Issues_in_Distributed_Da tabase_System

Silberschatz, A., Korth, H. F., & Sudarshan, S. (2011). Database System Concepts (Vol. Sixth Edition). New York: McGraw-Hill.




Click following link to download this document

DAT 380 Week 5 Security and Optimization of a DDBMS.docx