SlideShare a Scribd company logo
1 of 41
Download to read offline
CSE 136 Lecture 2
   Database design steps for the enterprise
     Logical Design Overview
     Physical Design

     Logical design in detail
       Conceptual Modeling
       Model to Schema

   Database Security
   Enterprise Database Environment
   Continuous Integration DB – build DB project
Database Design Step


  ER Model




                       Using MS SQL 2008
Logical Design Overview 1
Logical Design Overview 2
Logical Design Overview 3
Logical Design Overview 4
Physical Design
Conceptual Modeling - generalization
Conceptual Modeling -
relationships connectivity
Model to SQL schema
   Data Definition Language
   Why use data definition language?
     Multiple database designers modifying DDL
     Version Control
     Build the database script from scratch (for unit testing)

   Examples
     Create table
     Alter table
     Drop table
     Create/drop view
Model to SQL 1
Model to SQL 2
Enrollment example
Enrollment example
SQL Security
   Secure Configuration
   Authentication
     login/password

   Authorization
     What  you can access
     after you login
   Data Encryption
     Protectingsensitive
     data from internal
     and external hackers
SQL Security - Secure Configuration

   Physically secure the server behind firewall
   Enable only the minimum network protocols
    required
   Use Windows Update to apply patches
   Surface Area Configuration - turn off default SQL
    features
     CLR Integration
     Database mirroring
     Debugging
     Service broker
     E-Mail functions
SQL Security - Authentication
   Use simple connection strings containing user names
    and passwords during development
       Create SQL user for test-user (shows password in web.config &
        app.config)
   Use windows authentication in production with more
    security
   SQL 2008 uses encryption of the channel by default
    (avoid data sniffing)
   Windows Group Policy
       password complexity
       password history
       password age expiration
       lockout after failed attempts
SQL Security - Authorization
   After authentication, what can you access?
   Depends on your roles (owner, admin,
    operator, reader, etc)
   Principal
     Anyindividual, group, or process that can request
     access to a protected resource
   Securable
     object
           that you can secured by granting or
     denying of permissions
SQL Security - Principal
   Windows-level principals
       Domain, local, group
   SQL Server-level principals
       SQL login
       login mapped to a windows login
       login mapped to a certificate
       login mapped to a asymmetric key
   Database-level principals
       Database user
       user mapped to SQL server login
       user mapped to windows login, certificate, asymmetric key
       Database role
       Application role
       etc...
SQL Security - Securables
SQL Security – Dynamical SQL
   Execute(@sql)
     @sql      is a dynamically generate SQL statement
         @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’
     Open      for SQL injection attack
       @search        = ‘cse’’’; delete from users‘




   Use sp_executesql (@sql, @search_text)
SQL Security – Encryption
   Built-in SQL encryption methods:
     EncryptByPassPhrase(),   DecryptByPassPhrase()
     EncryptByCertificate(), DecryptByCertificate()

   Encryption side-effects:
     Storage(encrypted values are larger size)
     Performance
       Create Index on encrypted data
       Create Index on hash value
Review question
   Difference between db logic design and
    physical design?
   Difference between deny vs revoke?
   Can you think of a generalization scenario for
    your project?
   How many entities will you have in your db
    design?
   Can you identify where you would need
    indexes in your db?
   What db objects would you want to provide
    more security in your db design?
Break time
Enterprise DB – availability & load

   Availability = (Total Units of Time – Downtime) /
    Total Units of Time
     8,760 hours (365 days 24 hours) in a calendar year
     100 hours of downtime during the year

     (8760 – 100) / 8,760 (98.9% uptime)

   Fail-over
       When one db fails, another becomes active
   DB Load Balance
       Distribute data across different servers (multiple
        active databases)
Enterprise DB - architecture
   Clustering
   Log shipping
   Mirroring
   Snapshot replication
   Merge replication
   Peer-to-peer replication (transactional)
   Combinations
     Cluster & mirror
     Cluster & log-shipping
     Cluster & replication
Enterprise DB - clustering
Enterprise DB - log shipping
Enterprise DB - mirroring
Enterprise DB – snapshot replication
Enterprise DB – merge replication
Enterprise DB – peer-to-peer
DB Architecture comparison
Enterprise DB – cluster & mirror
Enterprise DB – cluster & log-shipping
Enterprise DB – cluster & replication
DB for Continuous Integration
   Database needs to be built locally
     For individual C# developers coding locally
     For running unit tests locally
     Database code needs to be in the source control
      (version control)
     Nightly builds on the server

   Solution:
     Database Solution in VS 2010 (cse 136)
     Database build script (*.sql)
     Command shell (CreateDB.cmd)
Review question
   Difference between fail-over and load
    balance?
   What are the pros and cons of clustering?
   What scenario would you recommend logging
    shipping instead of mirroring?
   What scenario would you recommend
    mirroring instead of replication?
Demo
   SQL Mixed mode
   Create SQL user
   Show Day 2 tutorial
   Run .cmd to generate db
Assignment
   Due Day 4
     Create   a database in SQL 2008
     Create a database diagram

     Create SQL Stored Procedures based on your
      activity diagram(s) for your entire project’s
      features.
     Create a database solution using VS 2010 (see
      day 2 tutorial)
     Run the db command script
References
   Database Modeling and Design
   Pro SQL Server 2008 Failover Clustering

More Related Content

What's hot

Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database OptionsDavid Chou
 
Microsoft SQL Server 2008
Microsoft SQL Server 2008Microsoft SQL Server 2008
Microsoft SQL Server 2008Hossein Zahed
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overviewukdpe
 
Java on Windows Azure
Java on Windows AzureJava on Windows Azure
Java on Windows AzureDavid Chou
 
Java database connectivity
Java database connectivityJava database connectivity
Java database connectivityVaishali Modi
 
Entity framework code first
Entity framework code firstEntity framework code first
Entity framework code firstConfiz
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabricDavid Chou
 
Database and Java Database Connectivity
Database and Java Database ConnectivityDatabase and Java Database Connectivity
Database and Java Database ConnectivityGary Yeh
 
Jdbc (database in java)
Jdbc (database in java)Jdbc (database in java)
Jdbc (database in java)Maher Abdo
 
Java- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionJava- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionMazenetsolution
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework OverviewEric Nelson
 
Jdbc in servlets
Jdbc in servletsJdbc in servlets
Jdbc in servletsNuha Noor
 
Entity framework and how to use it
Entity framework and how to use itEntity framework and how to use it
Entity framework and how to use itnspyre_net
 
JDBC: java DataBase connectivity
JDBC: java DataBase connectivityJDBC: java DataBase connectivity
JDBC: java DataBase connectivityTanmoy Barman
 
Writing simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorWriting simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorSantosh Kumar Kar
 

What's hot (20)

Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database Options
 
Microsoft SQL Server 2008
Microsoft SQL Server 2008Microsoft SQL Server 2008
Microsoft SQL Server 2008
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overview
 
JDBC Tutorial
JDBC TutorialJDBC Tutorial
JDBC Tutorial
 
Java on Windows Azure
Java on Windows AzureJava on Windows Azure
Java on Windows Azure
 
Java database connectivity
Java database connectivityJava database connectivity
Java database connectivity
 
Entity framework code first
Entity framework code firstEntity framework code first
Entity framework code first
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabric
 
Database and Java Database Connectivity
Database and Java Database ConnectivityDatabase and Java Database Connectivity
Database and Java Database Connectivity
 
jsf2 Notes
jsf2 Notesjsf2 Notes
jsf2 Notes
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc
JdbcJdbc
Jdbc
 
Jdbc (database in java)
Jdbc (database in java)Jdbc (database in java)
Jdbc (database in java)
 
Java- JDBC- Mazenet Solution
Java- JDBC- Mazenet SolutionJava- JDBC- Mazenet Solution
Java- JDBC- Mazenet Solution
 
Entity Framework Overview
Entity Framework OverviewEntity Framework Overview
Entity Framework Overview
 
Jdbc in servlets
Jdbc in servletsJdbc in servlets
Jdbc in servlets
 
Entity framework and how to use it
Entity framework and how to use itEntity framework and how to use it
Entity framework and how to use it
 
JDBC: java DataBase connectivity
JDBC: java DataBase connectivityJDBC: java DataBase connectivity
JDBC: java DataBase connectivity
 
Writing simple web services in java using eclipse editor
Writing simple web services in java using eclipse editorWriting simple web services in java using eclipse editor
Writing simple web services in java using eclipse editor
 

Similar to Day2

SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
SQLCLR For DBAs and Developers
SQLCLR For DBAs and DevelopersSQLCLR For DBAs and Developers
SQLCLR For DBAs and Developerswebhostingguy
 
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. HydeDr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hydewebhostingguy
 
Azure Data platform
Azure Data platformAzure Data platform
Azure Data platformMostafa
 
SQL Server - High availability
SQL Server - High availabilitySQL Server - High availability
SQL Server - High availabilityPeter Gfader
 
A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13sparkwan
 
Be05 introduction to sql azure
Be05   introduction to sql azureBe05   introduction to sql azure
Be05 introduction to sql azureDotNetCampus
 
Azure presentation nnug dec 2010
Azure presentation nnug  dec 2010Azure presentation nnug  dec 2010
Azure presentation nnug dec 2010Ethos Technologies
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosGeorge Grammatikos
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformMarcelo Paiva
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...Michael Noel
 
02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptxKareemBullard1
 
SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012Michael Noel
 
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecuritySPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecurityMichael Noel
 
android sqlite
android sqliteandroid sqlite
android sqliteDeepa Rani
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Michael Noel
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudTobias Koprowski
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft Private Cloud
 
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentRapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentEmbarcadero Technologies
 

Similar to Day2 (20)

SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
 
SQLCLR For DBAs and Developers
SQLCLR For DBAs and DevelopersSQLCLR For DBAs and Developers
SQLCLR For DBAs and Developers
 
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. HydeDr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
 
Azure Data platform
Azure Data platformAzure Data platform
Azure Data platform
 
SQL Server - High availability
SQL Server - High availabilitySQL Server - High availability
SQL Server - High availability
 
A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13A Primer To Sybase Iq Development July 13
A Primer To Sybase Iq Development July 13
 
Be05 introduction to sql azure
Be05   introduction to sql azureBe05   introduction to sql azure
Be05 introduction to sql azure
 
Azure presentation nnug dec 2010
Azure presentation nnug  dec 2010Azure presentation nnug  dec 2010
Azure presentation nnug dec 2010
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George Grammatikos
 
Sql server basics
Sql server basicsSql server basics
Sql server basics
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data Plaraform
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
 
02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx02_DP_300T00A_Plan_implement.pptx
02_DP_300T00A_Plan_implement.pptx
 
SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012SharePoint Security in an Insecure World - AUSPC 2012
SharePoint Security in an Insecure World - AUSPC 2012
 
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint SecuritySPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
SPTechCon SFO 2012 - Understanding the Five Layers of SharePoint Security
 
android sqlite
android sqliteandroid sqlite
android sqlite
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
 
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure PresentationMicrosoft SQL Azure - Building Applications Using SQL Azure Presentation
Microsoft SQL Azure - Building Applications Using SQL Azure Presentation
 
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL DevelopmentRapid SQL Datasheet - The Intelligent IDE for SQL Development
Rapid SQL Datasheet - The Intelligent IDE for SQL Development
 

Recently uploaded

The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17Celine George
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
How to Add a many2many Relational Field in Odoo 17
How to Add a many2many Relational Field in Odoo 17How to Add a many2many Relational Field in Odoo 17
How to Add a many2many Relational Field in Odoo 17Celine George
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfTechSoup
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxEduSkills OECD
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxDr. Santhosh Kumar. N
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17Celine George
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 
Benefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationBenefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationMJDuyan
 

Recently uploaded (20)

The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
How to Add a many2many Relational Field in Odoo 17
How to Add a many2many Relational Field in Odoo 17How to Add a many2many Relational Field in Odoo 17
How to Add a many2many Relational Field in Odoo 17
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptx
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 
Benefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationBenefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive Education
 

Day2

  • 1. CSE 136 Lecture 2  Database design steps for the enterprise  Logical Design Overview  Physical Design  Logical design in detail  Conceptual Modeling  Model to Schema  Database Security  Enterprise Database Environment  Continuous Integration DB – build DB project
  • 2. Database Design Step ER Model Using MS SQL 2008
  • 8. Conceptual Modeling - generalization
  • 10. Model to SQL schema  Data Definition Language  Why use data definition language?  Multiple database designers modifying DDL  Version Control  Build the database script from scratch (for unit testing)  Examples  Create table  Alter table  Drop table  Create/drop view
  • 15. SQL Security  Secure Configuration  Authentication  login/password  Authorization  What you can access after you login  Data Encryption  Protectingsensitive data from internal and external hackers
  • 16. SQL Security - Secure Configuration  Physically secure the server behind firewall  Enable only the minimum network protocols required  Use Windows Update to apply patches  Surface Area Configuration - turn off default SQL features  CLR Integration  Database mirroring  Debugging  Service broker  E-Mail functions
  • 17. SQL Security - Authentication  Use simple connection strings containing user names and passwords during development  Create SQL user for test-user (shows password in web.config & app.config)  Use windows authentication in production with more security  SQL 2008 uses encryption of the channel by default (avoid data sniffing)  Windows Group Policy  password complexity  password history  password age expiration  lockout after failed attempts
  • 18. SQL Security - Authorization  After authentication, what can you access?  Depends on your roles (owner, admin, operator, reader, etc)  Principal  Anyindividual, group, or process that can request access to a protected resource  Securable  object that you can secured by granting or denying of permissions
  • 19. SQL Security - Principal  Windows-level principals  Domain, local, group  SQL Server-level principals  SQL login  login mapped to a windows login  login mapped to a certificate  login mapped to a asymmetric key  Database-level principals  Database user  user mapped to SQL server login  user mapped to windows login, certificate, asymmetric key  Database role  Application role  etc...
  • 20. SQL Security - Securables
  • 21. SQL Security – Dynamical SQL  Execute(@sql)  @sql is a dynamically generate SQL statement  @sql = ‘select * from course where name = ‘’‘ + @search + ‘’’’  Open for SQL injection attack  @search = ‘cse’’’; delete from users‘  Use sp_executesql (@sql, @search_text)
  • 22. SQL Security – Encryption  Built-in SQL encryption methods:  EncryptByPassPhrase(), DecryptByPassPhrase()  EncryptByCertificate(), DecryptByCertificate()  Encryption side-effects:  Storage(encrypted values are larger size)  Performance  Create Index on encrypted data  Create Index on hash value
  • 23. Review question  Difference between db logic design and physical design?  Difference between deny vs revoke?  Can you think of a generalization scenario for your project?  How many entities will you have in your db design?  Can you identify where you would need indexes in your db?  What db objects would you want to provide more security in your db design?
  • 25. Enterprise DB – availability & load  Availability = (Total Units of Time – Downtime) / Total Units of Time  8,760 hours (365 days 24 hours) in a calendar year  100 hours of downtime during the year  (8760 – 100) / 8,760 (98.9% uptime)  Fail-over  When one db fails, another becomes active  DB Load Balance  Distribute data across different servers (multiple active databases)
  • 26. Enterprise DB - architecture  Clustering  Log shipping  Mirroring  Snapshot replication  Merge replication  Peer-to-peer replication (transactional)  Combinations  Cluster & mirror  Cluster & log-shipping  Cluster & replication
  • 27. Enterprise DB - clustering
  • 28. Enterprise DB - log shipping
  • 29. Enterprise DB - mirroring
  • 30. Enterprise DB – snapshot replication
  • 31. Enterprise DB – merge replication
  • 32. Enterprise DB – peer-to-peer
  • 34. Enterprise DB – cluster & mirror
  • 35. Enterprise DB – cluster & log-shipping
  • 36. Enterprise DB – cluster & replication
  • 37. DB for Continuous Integration  Database needs to be built locally  For individual C# developers coding locally  For running unit tests locally  Database code needs to be in the source control (version control)  Nightly builds on the server  Solution:  Database Solution in VS 2010 (cse 136)  Database build script (*.sql)  Command shell (CreateDB.cmd)
  • 38. Review question  Difference between fail-over and load balance?  What are the pros and cons of clustering?  What scenario would you recommend logging shipping instead of mirroring?  What scenario would you recommend mirroring instead of replication?
  • 39. Demo  SQL Mixed mode  Create SQL user  Show Day 2 tutorial  Run .cmd to generate db
  • 40. Assignment  Due Day 4  Create a database in SQL 2008  Create a database diagram  Create SQL Stored Procedures based on your activity diagram(s) for your entire project’s features.  Create a database solution using VS 2010 (see day 2 tutorial)  Run the db command script
  • 41. References  Database Modeling and Design  Pro SQL Server 2008 Failover Clustering