Happy Republic Day

Dear friends

On this special day,

let’s promise our motherland that
we will do everything
to enrich and preserve our heritage
our ethos and our treasure
Happy Republic Day!

Read More

Database Backup and Recovery

1. DATABASE BACKUP AND RECOVERY 

An integral part of any overall database security strategy should be providing for database backup and recovery. Backups serve many different purpose. Most often, in seems that systems administrator perform backups to protect information in the case of server hardware failures. Although this is very real danger in most environments. It is often not the most likely. Data can be lost due to accidental human errors, flawed application logic, defects in the database server or operating system platform and, of course, malicious users who are able to circumvent security measures. In the event that data is incorrectly modified or destroyed altogether, the only real method to recover information is from backups.

Since all relational database systems provide some method for performing database backups while a server is still running, there is not much of an excuse for not implementing backups. The real challenge is in determining what backup strategies apply to your own environment. You will need to find out what your working limitations are. This was not an easy task, even in the best-managed organizations. It involves finding information from many different individuals and departments within your organization. You will have to work hard to find existing data, and make best guesses and estimates for areas in which data is not available.

To further complicate issues, there are many constraints in the real world that can affect the implementation of backup processes. First, resources such as storage space, network bandwidth, processing time, and local disk I/O bandwidth are almost always limited. Additionally, human resources—especially knowledgeable and experienced database administrators—may be difficult to find. And, performance requirements, user load, and other factors can prevent you from taking all the time you need to implement an ideal backup solution.

So, how do you decide what to protect? One method is to classify the importance of the relative types of information you need to protect. For example, your sales databases might be of "mission critical" importance, whereas a small decision support system might rank" Low priority" on the scale (since the data can relatively easily be re-created, if necessary). It is also importance to keep in mind that business managers may have a very different ideas of the importance of data when compared to other users who actually deals with this information frequently. Keep in mind that determining how to protect information must be a team effort if it is to be accurate and successful. 

It is important to keep in mind that the purpose of data protection is not to create backups. The real purpose is to provide the ability to recover information, in case it is lost! To that end, a good practice is to begin designing a backup solution based on your recovery requirements you should take into account the cost of downtime, the value of the data, and the amount of acceptable data loss in a worst-case scenario. Also, keep in mind the likelihood of certain types of disasters.

Read More

Database security issues

DATABASE SECURITY ISSUES

Database security is a very broad area that addresses many issues, including the following:

(i) Legal and ethical issues regarding the right to access certain information. Some information may be deemed to be private and cannot be accessed legally by unauthorized persons.

(ii) Policy issues at the governmental, institutional, or corporate level as to what kinds of information should not be made publicly available, for example credit ratings and personal medical records.

(iii) System-related issues such as the system levels at which various security functions should be enforced, for example whether a security function should be handled at the physical hardware level, the operating system level or the DBMS level. 

(iv) The need in some organizations to identify multiple security levels and to categorize the data and users based on these classifications, for example top secret, secret, confidential and unclassified. The security policy of the organization with respect to permitting access to various classifications of data must be enforced.

Threats to databases result in the loss or degradation of some or all of the following security goals: integrity, availability, and confidentiality.

Loss of integrity: Database integrity refers to the requirement that information be protected from improper modification. Modification of data includes creation, insertion, modification, changing the status of data and deletion. Integrity is lost if unauthorized changes are made to the data by either internal or accidental acts. If the loss of system or data integrity is not corrected, continued use of the contaminated system or corrupted data could result in inaccuracy, fraud or erroneous decisions.

Loss of availability: Database availability refers to making objects available to a human user or a program to which they have a legitimate right.

Loss of confidentiality: Database confidentiality refers to the protection of data from unauthorized disclosure. The impact of unauthorized disclosure of confidential information can range from violation of the Data Privacy Act to the National Security Act. Unauthorized, unanticipated or unintentional disclosure could result in loss of public confidence, embarrassment, or legal action against the organization.

Read More

Software Projects Versus Other Types of Project

Software Projects Versus Other Types of Project 

Many of the techniques of general project management are applicable to software project management, but product of software projects have certain characteristics which make them different. 

  (i) Invisibility : when a physical artefact such as Hospital, School or road is being constructed, the programs being made can actually be seen. With software, progress is not immediately visible. One way of  perceiving software  project management is as the process of making visible that which is   invisible. 

(ii) Complexity : Software products contain more complexity than other engineered artefacts. 

(iii) Conformity : The “Traditional” engineer is usually working with physical systems and physical materials like plastic, cement and steel etc. These physical systems can have some complexity, but are governed by physical laws that are consistent. Software developers have to conform to the requirements of human clients, it is not governed by physical laws. 

It is not just that individual can be inconsistent, organizations, because of laps in collective memory, in internal communication or in effective decision making, can exhibit remarkable “organizational stupidity”, which developers have to cater for. 

(iv) Flexibility : The easy which software can be changed in usually seen as one of its strengths. However this means that when the software system interfaces with a physical or organizational systems, it is expected that where necessary, the software will change to accommodate the other components rather than vice-versa. 

Read More

Project Planning and Management

Project Planning and Management

The dictionary definition put a clear emphasis on the project being a planned activity. The definition of a project as being planned assumes that to a large extent we can determine how we are going to carry out a task before we start. There may be some projects of an exploratory nature where this might be quite difficult planning is in essence thinking carefully about something before you do it- and even in the case of uncertain projects this is worth doing as long as it is accepted that the resulting plans may be provisional and speculative. Other activities, relating for example to routine maintenance, might have been performed so many times that everyone involved knows exactly what need to be done. In these cases, planning hardly seems necessary, although procedures might need to be documented to ensure consistency and to help newcomers to the job.  

Project management is an important aspect of the development of information systems. The focus of project management is to ensure that system development project meet customer expectations and are delivend within budget and time constraints. 

A software project is not only concerned with the actual writing in software. In fact, where a software application is bought in "off-the shelf", these may be no software writing as such. This is still fundamentally a software project because so may of the other elements associated with this type of project are present. 

The f­easibility study, conducted by the project manager, involves determining whether the information system maker same for the organization from an economic and operational standpoint. The study takes place before the system is constructed. If the feasibility, study produces results which indicate that the prospective project appears viable, then planning of the project can take place. Project planning involves defining clear, discrete activities and the work needed to complete each activity within a single project. It often requires you to make numerous assumptions about the availability of resources such as hardware, software and personal. The Project can now be executed. The execution of a project often contains design and implementation sub-phases. ­

The first phase of the system development life cycle is project identification and selection, during which the need for a new or enhanced system is recognized. This find life cycle phase does not deal with a specific project but rather identifies the portfolio of project  to be under taken by the organization. Thus, project identification, and selection is a pre-project steps in the life cycle. 

Read More