Transaction Processing - Database Theory and Practice

Published on 14 July 2024 at 11:55

Simply put, database theory is database study. A database is a set of digital data that is stored and accessed in several ways. Database theory covers different aspects that has to do with databases including database management and several level of abstraction of data (USFHealth, 2021). A database is used to enforce standards and maintain data integrity. It is a repository of data which is stored in tables and made up of a lot of data that has some connection to each other. The data in the database is structured in a way that is easily accessible to computer programs and users.

Database management systems (DBMS) are software that manages and creates databases. There are different types of DBMS that exist depending on how they manage data structure. Five types of DBMS are listed below (USFHealth, 2021):

  1. Network – this type of DBMS has a hierarchical structure, but the child tables can have more than one parent.
  2. Hierarchical – this type of DBMS has a tree structure having a parent to child one on one relationship.
  3. Relational – this type of DBMS stores related data information with defined relationships between tables.
  4. Non-relational – this type of DBMS stores unstructured, or non-related data that is not restricted to data in tables.
  5. Object-oriented – this type of DBMS has data that is object-oriented and not table-oriented as it is represented by individual objects with relationships between them.

Each type of DBMS has its own benefits. However, they also have their own issues. This document will focus on two of the biggest issues with database theory, practice, and database management systems. Triggers, symptoms, and root causes of both issues will be outlined. Finally, a solution to the root causes of both issues will be listed.

Database Theory and Practice Issues and Solutions

Database Performance

One of the most common issues with databases is performance. A slow database is inconvenient for all organization’s users, and it stalls system applications and even impacts customers (Tudip, 2022). For an organization to be efficient in all areas of its operations, it must have efficient database performance. Employees couldn’t do their jobs properly and customers would be frustrated when they are not able to get the information they need quickly. An example of an issue with database performance is if an organization is running two SQL Server databases that had contention and blocking consistently when users try to access certain data. Multiple outages resulted that shut down all internal processes and stopped customers from being able to access an important application.

Another common issue with database performance is data redundancy, because when tables and fields are redundant it can affect the performance of databases (Martinez, n.d.). Data redundancy is defined as data being kept in several places in the database or storage system. Although data redundancy is good for data speed and data protection, having redundant data can become a nightmare if there is too much redundant data. An example of data redundancy issues is if an organization had a database with addresses and names that are present in different columns in a table. If in every new database entry, the link between the data points is defined, it would make duplication across the table unnecessarily.

 A few solutions to the root cause of a database performance issues are to cache to a remote host as that will support scaling an organization’s database if it doesn’t need to be updated regularly (Tudip, 2022). This is an efficient way to offload a database, especially if some of the data is read-only.  It is also a good idea to improve query performance by developing indexes which allow users to retrieve data faster. Allocating more memory to boost the system for efficiency and better performance has been proven to help tremendously (Shay , 2018). Data defragmentation is another possible solution when a database has poor performance. SQL’s internal data files become fragmented over time and defragmentation of the disk allows grouping of relevant data together. This helps operations perform faster with impacts in overall database and query performance.

 Another good solution to database performance issues is to invest in a database performance monitoring tool. The tool would help keep track of where the organization’s database is not performing how it should. This would allow changes to be made that will help keep the database efficient. A solution to data redundancy is to normalize the database and to delete unused data. Normalization in a database means to arrange data in the database that ensures redundancy elimination. The database’s table and columns should be arranged so they ensure they enforce their dependencies. Deleting unused data simply means that any data in the database that is no longer required should be deleted.

Database Security

Database security is defined as being a variety of measures, policies, methodologies, tools, and processes used to secure DBMS from illegitimate use and cyberattacks (Imperva, n.d.). Database security programs protect the DBMS itself as well as data and all applications that access it. There are several threats to databases from within the organization as well as outside the organization. These threats listed below are some common threats (Imperva, n.d.):

  1. Human error and insider threats- it is a known fact that one of the biggest threats to an organization is their own employees. This could mean a disgruntled employee, or an employee that makes a simple error and it causes a breach. The database is the most sought-after target of cybercriminals. It contains all they need to do damage. They can delete, modify, steal data, and sell it. A disgruntled employee can provide their password to the organization’s network allowing a criminal access to the database. An employee can accidentally make an error in the system that somehow triggers a vulnerability which a cybercriminal can exploit.
  2. SQL injection attacks – SQL (structured query language) is a specific language for databases. Cybercriminals can inject SQL queries inside websites in the contact us form, and other places. This can allow the cybercriminal access to the organization’s database. Databases are vulnerable to SQL injection attacks. Figure 3 below shows an example of how a SQL injection attack works.
  3. Malware – this is software that is coded to take advantage of network and system vulnerabilities and damage databases. Malware can be downloaded into any network if employees click a malicious link in emails, or a cybercriminal can design a malware packet that can be injected into a network to damage the whole organization’s system.
  4. IT environment changes – this means things like distributed infrastructures that make an organizations network hybrid or cloud, and volume in data increasing and the network not being scalable enough to handle it. Some organizations have employees that lack cybersecurity skills which have proven to be fatal for some businesses.

There are solutions to address database security root causes. These solutions involve best practices, methodologies, tools, policies, and other methods. Some of those methods and practices are as follows (Imperva, n.d.):

  1. Practice access control – an organization needs to use zero trust access control. This is when an organization only grants employees access to data in the database that is necessary for their job. Not every department will have access to data in another department. Organizations should also not grant direct access to the organization’s database to their customers. There needs to be a layer of security present to stop users from getting into the organizations inside the network.
  2. Update with security patches frequently – anytime a new security patch comes out from a vendor, the organization should apply that patch to their databases immediately.
  3. Use system security tools – these are things such as security software that protects the whole system from unauthorized access, warns the security team if an employee clicks on a malicious link, and if there is some type of malware present in the system. There are many great security software tools out there. This includes firewalls and database monitoring tools. Organizations are smart to invest in them.

These are just a few things that can be done to protect data in databases. As discussed earlier in this document, good database management is crucial to the success of businesses as any data breaches can bring them down. The cost of recovery has even been too much for some businesses to survive. There are legal costs involved, especially if any data was stolen from customers. A business is responsible for practicing good database management and database security.

 

 

 References

Imperva. (n.d.). Database Security. Imperva: https://www.imperva.com/learn/data-security/database-security/

Logicalread. (2012, November 6). Response Time Analysis: How to Improve Database Performance by Measuring User Experience. Logicalread: https://logicalread.com/response-time-analysis/#.Y91q6XbMKUk

Martinez, F. (n.d.). Bad Practices in Database Design: Are You Making These Mistakes? Toptal: https://www.toptal.com/database/database-design-bad-practices

Mitra, A. (2017, March 7). What is SQL Injection Attack? The Security Buddy: https://www.thesecuritybuddy.com/vulnerabilities/what-is-sql-injection-attack/

Shay , T. (2018, August 4). Top 5 Ways To Improve Your Database Performance. EverSQL: https://www.eversql.com/5-easy-ways-to-improve-your-database-performance/

Tudip. (2022, May 16). 9 Common Database Management Challenges and How to Fix Them. Tudip: https://tudip.com/blog-post/9-common-database-management-challenges-and-how-to-fix-them/

USFHealth. (2021, September 2). What is Database Theory? USFHealth: https://www.usfhealthonline.com/resources/health-informatics/what-is-database-theory/