TU2983 : Advanced Databases

1
 Having computerized database management
system does not guarantee that data will be
properly used to provide best solutions
required by managers

Introduction of a DBMS is likely to have a

profound impact, which might be positive or
negative, depending on how it is
administered
 Introduction of DBMS has three important
aspects:

Technological - DBMS software and hardware

Managerial - Administrative functions

Cultural - Corporate resistance to change

 Even most carefully crafted database system
cannot operate without the human
component

Effective data administration requires both

technical and managerial skills

Need for diverse mix of skills

 In an organization, there are 2 positions
involved with the management of information:-
The Data Administrator (DA)
The Database Administrator (DBA)

Both are responsible for managing and

controlling all activities involving the
organizations data database.
DA must set data administration goals
DBA is focal point for data/user interaction

5
 Definition

Manages data sources and is responsible towards

the planning of the development of the database;
maintaining standards, policies and procedures;
and all tasks related to the development of
conceptual and logical database designs

6
 Responsible for data from non-computer
sources.

Manages and determines the sharing and

flow of data between users, or between
different sections of the organization
according to their need.

Negotiates with upper management and

ensures that data sources used, and the use
of data, is suitable to meet the objectives of
the organization.

7
1. Assist in the development of an
organizations IS/IT strategy.
2. Produce an organizations data model.
3. Establish the organizations data
requirements.
4. Standardize data formats and data
collection methods.
5. Determine data access authorization levels
according to work requirements.

8
6. Develop the conceptual and logical
database designs.
7. Act as an intermediary between upper
management, DBA, programmers, and
users.
8. Train users on data standards and
responsibility towards the data security
and data confidentiality.
9. Manages the data dictionary.
10. Produce computer security and data
security policies.

9
 Requirements
Specification

DA

Database Design
Conceptual Design

Application
Logical Design Design

DBMS
Selection Physical Design

DBA
Prototyping Implementation

Testing

Operational
Maintenance 10
 Definition

Manages the physical database application and is

responsible towards the physical database design
and database implementation; enforces data
security and data integrity controls; monitors
system performance; and organizes data within
the database.

11
 A DBAs tasks are more technical than the DA.
Requires specific skills and training in various
DBMS packages and operating systems.
Primarily responsible with the development
and maintenance of the database and
database management system.
Assist in DA tasks.

12
1. Evaluate and select the DBMS product to
use.

2. Develop and implement the logical and

physical database designs.

3. Produce system testing strategies.

4. Train the users.

5. Monitor system performance.

13
6. Establish security rights and integrity
controls.
7. Provides end-user database support and
performs system backups.
8. Ensures that data recovery mechanisms
function perfectly.
9. Supervise the development of database
applications.
10. Ensures that transaction control
mechanisms function perfectly.

14
 DA
Involved with IS strategic
planning
Determines long term
objectives
Identifies data requirement
Produces the conceptual and
logical database design
Develop and maintain the
organizational data model
Management oriented
Is DBMS-independent
DBA
Involved with DBMS evaluation
Implements plans for achieving
the objectives
Implements data requirements
Produces the logical and
physical database design
Implement the physical
database design
Technically oriented
Dependent on a specific DBMS
15
 Question to consider: Does a company that
keeps data about you have the right to use
that data?
Social network website keeps records on your likes,
interest, and social connections.

Search engines and web advertising firms record

clickstream data of links you clicked.

Financial institutions keeps records of your bank

account and credit card activity.

16
 Ethical use of data depends on a set of principles
of correct conduct, or a theory, or a system of
moral value, in the use of stored data

Data collection enables behavioural profiling which can be

used or exploited.

Inadequately secured data collection practices can lead to

identity theft

Recent failures of well-known organizations have

lead to increased scrutiny of organizations, which
have formalized as acts of legislation worldwide.

17
 Code of Ethics:
ACM Code of Ethics and Professional Conduct 1992
BCS Code of Conduct 2001
Laws:
The Sarbanes-Oxley Act 2002 (SOX) Fraud
prevention
Health Insurance Portability & Accountability Act
1996 (HIPAA) Patient confidentiality & standards
Basel II Accord Financial management
The European Union Directive of Data Protection
1995
The United Kingdoms Data Protection Act of 1998

18
 Enacted under Malaysian Law on 2 June 2010

An Act to regulate the processing of personal data

in commercial transactions and to provide for
matters connected therewith and incidental
thereto

The Act applies to any person in Malaysia, or any

person who uses equipment located in Malaysia,
who processes, has control over, or authorizes the
processing of, any personal data in respect of
commercial transactions.

19
 The processing of personal data by a data
user must be in compliance with the
following principles (PDPA Section 5-12):

A. The General Principle.

B. The Notice and Choice Principle.
C. The Disclosure Principle.
D. The Security Principle.
E. The Retention Principle.
F. The Data Integrity Principle.
G. The Access Principle.

20
A. The General Principle (Section 6): A data user
shall not process personal data about a data
subject unless the data subject has given his
consent to the processing of the personal data

B. The Notice and Choice Principle (Section 7): A

data user shall by written notice inform a data
subject that personal data of the data subject is
being processed, and of the choices offered the
data subject for limiting the processing of
personal data

21
C. The Disclosure Principle (Section 8): No personal
data shall be disclosed , without the consent of
the data subject, for any purpose other than the
purpose for which the personal data was to be
disclosed at the time of collection to any
unauthorised a third party.

D. The Security Principle (Section 9): A data user

shall, when processing personal data, take
practical steps to protect the personal data from
any loss, misuse, modification, unauthorized or
accidental access or disclosure, alteration or
destruction.
22
E. The Retention Principle (Section 10): The
personal data processed for any purpose
shall not be kept longer than is necessary
for the fulfilment of that purpose.

F. The Data Integrity Principle (Section 11): A

data user shall take reasonable steps to
ensure that the personal data is accurate,
complete, not misleading and kept up-to-
date by having regard to the purpose

23
G. The Access Principle (Section 12): A data
subject shall be given access to his personal
data held by a data user and be able to
correct that personal data where the
personal data is inaccurate, incomplete,
misleading or not up-to-date

24
 The DA manages, plans, and oversees all data
requirements within the organization, and
requirements of external users, for achieving
the organizations objectives.

The DBA implements all decisions and technical

activities needed to support the requirements
that have been determined by the DA, for
realizing the organizations objectives.

Both DA and DBA are responsible in ensuring

the ethical and legal usage and storage of data.
25