Professional Documents
Culture Documents
Topics
!! Performance Tuning !! Security Features !! Database Utilities !! Other Database Concepts !! Non-Relational Approaches
Database
!! Critical layer of the overall system !! Large percentage of response time is spent
collecting data !! Needs to be designed to fit the needs of the calling applications
!! Online !! Data
Performance Tuning
Performance Tuning
!! Query Optimizations !! Explain Plans
!! Hints
Explain Plan
!! Oracle feature which provides the 'route' the query
tables get accessed, in which order indexes are being used, if any
query
!! In
rare cases, plan may not be the actual one used at execution time
4/29/12
Query Timing
!! Oracle utility that provides the total time it takes to
Single lookup
AUTOTRACE
!! Oracle utility that provides the same information as
AUTOTRACE SQLPlus
With timing option
Explain Plan, Auto Trace executes the query in question and displays the plan the optimizer actually chose !! Additional statistics can be used to determine in-memory reads vs. reads from disk
!! Can be used in conjunction with 'timing' !! May need to work with DBAs to setup and obtain
Query statistics
4/29/12
Hints
!! Ways to influence the optimizer to use or not use
13
14
Hints
Data Mart
!! A copy of data taken from one or more source tables and
tables
!! Can store subset of activity
!!
Last 90 days of bank transactions A copy of a single table Made up of columns from various tables A materialized view
!! Can be
!!
Adding a hint tells the optimizer to ignore the index and perform a full table scan
!! !!
15
16
Materialized Views
!! Backed by a concrete table, a data structure that
Materialized View
contains its own copy of qualifying data resulting from a query !! Used to organize data that normally takes a long time to query
!! May !! Can
!! Can be setup to refresh at defined intervals !! Data may become stale if source tables are modified between refresh intervals
17 18
4/29/12
Data Warehousing
!! Designed for fewer users running long, process-
Partitioning
!! Allows tables and indexes to be subdivided into
intensive queries with little to no updates !! Contains archived, less volatile data !! Separate database instance
!! Optimized !! More
smaller pieces enabling these database objects to be managed and accessed at a finer level of granularity !! Used for very large databases (VLDBs) !! Enables 'partition pruning'
!! Queries
Security Features
Security Features
!! Users and Roles !! Setting the context !! Views !! Fine Grained Access Control !! Virtual Private Databases (VPD)
!! Oracle
21
22
Users
!! Created in the database with CREATE USER
Privileges
!! Granted to users using GRANT statement !! Revoked from users using REVOKE statement !! Two types
!! System !! Object
for all objects created by the user (tables, views, indexes, etc)
Privileges Privileges
password
24
4/29/12
System Privileges
!! Allow the user to perform system level activities !! Connect to the database (create session)
!! Create
System Privileges
!! By default, scoped to user's schema can be
etc.)
!! Perform
system privileges
26
Object Privileges
!! Allow the user to perform specific activities on an
Object Privileges
!! Grant query privileges on table
GRANT SELECT ON ACCOUNT TO PRIYA, MATT;
object
!! Insert
data into a table !! Update data in a table or view !! Delete data from a table or view !! Select from a table, view, or sequence !! Alter a table or view !! Execute a procedure
!! Owners have all privileges on their objects
27
Roles
Collection of system and object privileges Can encapsulate other roles as well !! User can be assigned several roles as well as a combination of roles and direct privileges !! Simplifies access control administration
!! !!
Roles
1.! Create a role
CREATE ROLE LIBRARIAN_ROLE;
4/29/12
ORA-00942
!! "Table or View does not exist" !! Can occur for multiple reasons !! Table or view actually does not exist
!! User
!! Application end-users do not have database !! Connection Pool uses single account to connect to
attempting to access table or view does not have privileges on the table or view !! Can also be thrown if schema name is not prefixed to table or view name
!!
the database
!! Associate end-users to roles !! LDAP !! Database Table
By default, Oracle only looks in the current user's (connecting user) schema
31
32
accounts !! Database needs to know who the end-user is and what their access permissions are in order to audit and perform access control !! Call stored procedure to initialize database context before returning connection to the application
objects [Application Owner] !! Create a user to 'connect' on behalf of the application [Proxy User]
!! Should !! Has
not have any direct privileges to owner-objects synonyms for visibility into owner-objects
functionality
!! Grant
33
34
Table
what their access permissions are in order to audit and perform access control !! Call stored procedure to initialize database context before returning connection to the application
35
36
4/29/12
Obtaining a Connection
public Connection getConnection(String username) { Connection connection = myDataSource.getConnection(); initializeConnection(connection, userName); return connection; } private void initializeConnection (Connection connection, String username) { // call the pl/sql package which sets the users db context CallableStatement procedure = connection.prepareCall( "{CALL INITIALIZE_CONNECTION(?)}"); // set the db context with username procedure.setString(1, username); procedure.executeQuery(); }
Cleanup Connection
public Connection cleanupDBResources(Connection connection, Statement statement, ResultSet rs) throws SQLException { if(rs != null){ rs.close(); } if(statement != null){ statement.close(); } if(connection != null){ //call the package which cleans the users db context try{ CallableStatement procedure = connection.prepareCall( "{CALL CLEANUP_CONNECTION()}"); procedure.executeQuery(); }finally{ procedure.close(); } connection.close(); }
40
39
Views
!! Stored query accessible as a virtual table
Views
decrease performance!
tables
!! Can also be used to simplify repeated queries that
4/29/12
operation (Select, Insert, Update, Delete) is performed by the user on the specified object !! Any user statement accessing a table that has a security policy associated with it causes the server to modify the SQL statement by appending a where clause predicate !! The appended where clause is dynamically generated by the function associated with the security policy
43 44
45
46
47
48
4/29/12
OLS Components
!! Security labels are defined to identify the access
security rules !! Add-on option to database !! Does not require coding PL/SQL functions !! Used mainly by military and government !! Performance trade-off
security, a label column is built and populated with the appropriate security label !! At data access time, the database performs access mediation which determines the set of action the user can perform on the data
50
49
OLS Labels
!!
2.!
3.!
!!
51 52
Stored as a NUMBER
Exporting/Importing Data
Database Utilities
!! With
or without data
!! SQL*Loader !! Oracle tool for parsing and loading bulk text-based external files into the database
53 54
4/29/12
Scheduled Jobs
!! Oracle provides a scheduler engine for executing
will execute even if connectivity to the database is not available application servers, 1 database
55
56
Tool used for backing up and recovering Oracle databases !! If used properly, guarantees 100% data recovery up to time of system crash
!!
Try to avoid data duplication Try to avoid nullable columns Use surrogate keys Generally, fewer calls to the database are better but not always! Don't violate the design use columns appropriately!! !! Don't insert data that doesn't belong just because it's easy Avoid views unless necessary Don't go index-crazy !! Only keep the ones that get used Use naming conventions Limit wildcard/function searches
What is LDAP?
!! What is LDAP?
LDAP
59
60
Lightweight Directory Access Protocol Application protocol for querying and modifying directory services running over TCP/IP !! Directories vs. Databases: !! Organized hierarchically !! Organized for lookups (searching and reading information) !! Used for higher read-to-write ratio !! Do not support secure transaction mechanisms !! More easily extended !! Support for standards is more important !! Examples: !! Phone Book, Library Card Catalog, Identity Management
!! !!
10
4/29/12
LDAP Architecture
!! LDAP Information Model !! Directory Information Base !! All information held in the directory !! Consists of hierarchically related entries !! Entries !! Attributes !! LDAP Schema Definitions !! Collection of Object class Definitions !! Typically found in the LDAP Server's configuration file
61 62
(ABANDON)
63 64
References
!! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !!
65
http://myweb.brooklyn.liu.edu/gnarra/database/downloads/Normalization.pdf http://en.wikipedia.org/wiki/Database_normalization http://en.wikipedia.org/wiki/ACID http://articles.techrepublic.com.com/5100-10878_11-1045461.html http://www.oracle.com/technology/obe/obe10gdb/security/vpd/vpd.htm http://science.kennesaw.edu/~mguimara/8080/dbsecurity.ppt#1 http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/toc.htm http://www.oracle.com/global/yu/dogadjaji/otd_bgd/Oracle%20Database %20Security.pdf http://www.oracle.com/technology/obe/obe10gdb/security/ls/ls.htm http://download.oracle.com/owsf_2003/Leftik_40119.ppt http://wendtstud1.hpi.uni-potsdam.de/sysmod-seminar/SS2003/presentations/ gruppe-1/LDAP.pdf http://www.openloop.com/education/classes/sjsu_engr/engr_ms_network/ notes/ldap_preso.ppt#1 http://quark.humbug.org.au/publications/ldap/ldap_tut.html http://www.ieor.berkeley.edu/~goldberg/courses/F04/215/215-OODB.ppt#1 http://www.cse.iitb.ac.in/~laxman/cs617(oops)/project/lec6-OODBMS.pdf http://en.wikipedia.org/wiki/Object_database
11