Using Social Psychology to Implement Security Policies - ME Kabay
1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52...
-
Upload
andrea-cole -
Category
Documents
-
view
216 -
download
0
Transcript of 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52...
![Page 1: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/1.jpg)
1 Copyright © 2015 M. E. Kabay. All rights reserved.
Application Controls
CSH6 Chapter 52“Application Controls”
Myles Walsh
![Page 2: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/2.jpg)
2 Copyright © 2015 M. E. Kabay. All rights reserved.
TopicsProtection in DevelopmentProtecting Databases Protecting Batch FilesEnsuring that Information
in the System is Valid
![Page 3: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/3.jpg)
3 Copyright © 2015 M. E. Kabay. All rights reserved.
Protection in DevelopmentSoftware Quality Assurance (QA)
Focuses on methods for preventing, catching and correcting errors in source code and other operational instructions
Application ControlsSpecific subset of methods for preventing
data corruption in production systemsDatabases
Primary mechanism for storing and manipulating data in today’s systems
Batch vs OnlineLive interaction (online)Automated processing
(batch)
![Page 4: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/4.jpg)
4 Copyright © 2015 M. E. Kabay. All rights reserved.
Types of Data Corruption Physical
Caused by hardware failures
Errors do not correlate with (respect)
ApplicationsFiles / datasets /
databasesWhy not?
LogicalCaused by software failuresErrors may correlate with
ApplicationsFiles / datasets / databases
Why only “may”?
![Page 5: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/5.jpg)
5 Copyright © 2015 M. E. Kabay. All rights reserved.
DBMS Controls
Referential IntegrityUniqueness ConstraintsLockingTransaction ControlsDatabase Recovery
For those who have completed IS240, this section should be a
review.
![Page 6: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/6.jpg)
6 Copyright © 2015 M. E. Kabay. All rights reserved.
Referential Integrity
In designing databases, may stipulate that certain records may not exist without pre-existing indexes
E.g., cannot normally enterOrder-detail without entering order-headerPrescription data without entering
Patient dataDoctor dataPharmacist dataDrug dataAdmission data
![Page 7: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/7.jpg)
7 Copyright © 2015 M. E. Kabay. All rights reserved.
Referential Integrity (cont’d)
DBMS will prevent deletion of records when others are dependent on them
E.g.,Cannot delete order-header if there are
orders with the order-number of that header
Cannot delete patient-master record if there are admission records for that patient
![Page 8: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/8.jpg)
8 Copyright © 2015 M. E. Kabay. All rights reserved.
DBMS Controls
Referential IntegrityUniqueness ConstraintsLockingTransaction ControlsDatabase Recovery
![Page 9: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/9.jpg)
9 Copyright © 2015 M. E. Kabay. All rights reserved.
Uniqueness Constraints
In relational DBMS (RDBMS), every record in a table (dataset) must be uniqueIf there is no natural key or index field (or
combination of fields) that guarantees uniqueness, can create one automatically
DBMS can enforce uniqueness of specific fields in records using the unique key characteristic
E.g., Order-numberPatient-IDStudent-ID….
![Page 10: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/10.jpg)
10 Copyright © 2015 M. E. Kabay. All rights reserved.
DBMS Controls
Referential IntegrityUniqueness ConstraintsLockingTransaction ControlsDatabase Recovery
![Page 11: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/11.jpg)
11 Copyright © 2015 M. E. Kabay. All rights reserved.
Locking
Concurrency ControlBasic Concepts of LockingSerializable TransactionsDeadlock (Deadly Embrace)Locking Strategies
![Page 12: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/12.jpg)
12 Copyright © 2015 M. E. Kabay. All rights reserved.
Concurrency Control
Multi-Step TransactionsResource LockingConsistent TransactionsTransaction Isolation LevelCursor Type
![Page 13: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/13.jpg)
13 Copyright © 2015 M. E. Kabay. All rights reserved.
Multi-Step Transactions Are Fragile
Think about order-entry systemCreate order-header
Includes total of cost of line-items (details)Updated at END of detail data entry
Begin entering line-itemsEnter 3 records … have not yet finishedSystem crashes
What is the value in the order-header’s total field?
![Page 14: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/14.jpg)
14 Copyright © 2015 M. E. Kabay. All rights reserved.
Concurrency Causes New Problems
E.g., The Lost Update Problem:User A reads inventory: finds 20 widgets.User B reads inventory: also finds 20
widgets.User A subtracts 10 widgets from 20, writes
total ____ widgets back into inventoryUser B subtracts 5 widgets from ____, writes
total ____ widgets back into inventoryBut actually, there are only ____ widgets left
in the real inventory
20 widgets
A
20 widgets
B
![Page 15: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/15.jpg)
15 Copyright © 2015 M. E. Kabay. All rights reserved.
Atomic Transactions
We want to completeAll the steps of a transaction orNone of the steps
ATOMICGreek “a” for “not” & “tomos” for “cut”Thus “atomic” means “can not be cut.”
We mark atomic transactions with boundariesStart transactionCommit transaction
If necessary, can reverse steps takenRollback transaction
ατομος
![Page 16: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/16.jpg)
16 Copyright © 2015 M. E. Kabay. All rights reserved.
Resource Locking
Basic Concepts of LockingLock TerminologySerializable TransactionsDeadlocksOptimistic vs Pessimistic LockingDeclaring Lock Characteristics
![Page 17: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/17.jpg)
17 Copyright © 2015 M. E. Kabay. All rights reserved.
Basic Concepts of Locking
Locking is used in inter-process communication (IPC)
A lock is a form of semaphore (signal)Locks allow processes to
Coordinate their access to resources Prevent inconsistencies
In DBMS, primarily used to serialize data accessOne process gets control of data at a time
![Page 18: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/18.jpg)
18 Copyright © 2015 M. E. Kabay. All rights reserved.
Lock Terminology Implicit vs explicit
Automatic locks placed by DBMS: implicitProgrammatically ordered: explicit
Lock granularityLarge: database, datasetFine: records
Exclusive vs shared locksExclusive:
One process READ/WRITENo other processes allowed at all
Shared:One process has R/WOther processes can only READ
![Page 19: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/19.jpg)
19 Copyright © 2015 M. E. Kabay. All rights reserved.
Conditional vs Unconditional Locking
Conditional lockingProcess 1 locks resource AProcess 2 locks resource A
Receives error conditionLock fails and process 2 continues
Unconditional lockingProcess 1 locks resource AProcess 2 locks resource A
Does not receive a condition reportProcess 2 waits in suspense (hangs)
until lock is granted
![Page 20: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/20.jpg)
20 Copyright © 2015 M. E. Kabay. All rights reserved.
Serializable Transactions
Prevent transactions affecting same records from overlapping
Two-phase lockingCan accumulate locksBut once any lock is released, cannot get
more until all are releasedDefines growing phase and shrinking
phaseMore restrictive (and more common) strategy
No locks released until COMMIT or ROLLBACK
![Page 21: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/21.jpg)
21 Copyright © 2015 M. E. Kabay. All rights reserved.
Deadlock (Deadly Embrace)
11 22
AA BB
Process 1 locks resource
A unconditionally
Process 2 locks resource B
unconditionally
1 locks Bunconditionall
y
1 locks Bunconditionally
2 locks Aunconditionally
![Page 22: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/22.jpg)
22 Copyright © 2015 M. E. Kabay. All rights reserved.
Preventing Deadlocks
Deadlock is example of a race conditionWill not necessarily occurOccurs by chance when specific events
happen at specific timeAlways ensure that processes in applications
LOCK RESOURCES IN SAME ORDERUNLOCK RESOURCES IN REVERSE
ORDERApply these principles to example on
previous slide to see how they absolutely prevent deadlock
![Page 23: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/23.jpg)
23 Copyright © 2015 M. E. Kabay. All rights reserved.
Pessimistic Locking Strategy
Assume collisions will occur and prevent conflictsLock recordsProcess transactionRelease locks
But very dangerous for performance if processing involves human interactionNot controllableOperator can leave resources locked and hang
systemOperator could go to lunch!
DO NOT LOCK AROUND HUMAN INTERVENTION!
![Page 24: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/24.jpg)
24 Copyright © 2015 M. E. Kabay. All rights reserved.
Optimistic Locking Strategy
Assume collisions will be rare and recover if they happenRead original data recordsProcess transaction using buffersLock original data recordsCheck to see if original data have changed
If no change, commit transaction & unlock
If change, unlock & start over
![Page 25: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/25.jpg)
25 Copyright © 2015 M. E. Kabay. All rights reserved.
Optimistic Locking (1)
ProcessProcess
Value1
Value1
Value2
Value1
Value1
DB
Data buffers
Value2 Observe events when
there is no changein initial data
during processing
Same?
![Page 26: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/26.jpg)
26 Copyright © 2015 M. E. Kabay. All rights reserved.
Optimistic Locking (2)
ProcessProcess
Value1
Value3
Value2
Value3
Value1
DB
Data buffers
If data change while process is
preparing new buffer, start over.
Same?
Someone else changed the
data
![Page 27: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/27.jpg)
27 Copyright © 2015 M. E. Kabay. All rights reserved.
Optimistic vs Pessimistic Strategies
Optimistic locking advantagesDoes not lock resources around human
interventionAppropriate for Web / Internet transactionsEspecially important if lock granularity is
large (e.g., entire DB or entire tables)Optimistic locking disadvantages
If specific resource is in high demand (much contention for specific records) then can cause repeated access (thrashing)
Can degrade individual and system performance
![Page 28: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/28.jpg)
28 Copyright © 2015 M. E. Kabay. All rights reserved.
Declaring Lock Characteristics
Older programs often used specific calls to locking routinesE.g., “DBLOCK”Passed parameters to set exact type of lock
Conditional or not, granularity etc.Modern programming using DBMS uses
transaction markersBEGIN, COMMIT, ROLLBACKAllows global definition of locking strategyDBMS handles detailsCan thus change locking globally without
reprogramming
![Page 29: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/29.jpg)
29 Copyright © 2015 M. E. Kabay. All rights reserved.
DBMS Controls
Referential IntegrityUniqueness ConstraintsLockingTransaction ControlsDatabase Recovery
![Page 30: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/30.jpg)
30 Copyright © 2015 M. E. Kabay. All rights reserved.
ACID Transactions
Transactions sometimes described as ideally ACIDAtomic: all changes in the multi-step
transaction are committed or none isConsistent: all records involved in the
transaction are changed or none isIsolated: concurrency does not harm
integrityDurable: not reversible once committed
except through normal transaction processing of a new transaction
![Page 31: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/31.jpg)
31 Copyright © 2015 M. E. Kabay. All rights reserved.
Consistency
Statement-level consistencyIf change is supposed to apply to group of
records, then no changes to any of those records will be permitted until all records have been changed
Transaction-level consistencySame principle applied to multiple stepsNot always easy to achieveIf locking applied around very long
processes, will see performance / throughput degradation for other users
May want to limit long updates to batch processing during off-hours
![Page 32: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/32.jpg)
32 Copyright © 2015 M. E. Kabay. All rights reserved.
Transaction Isolation Level
Can have difficulties / inconsistencies when concurrent processes access intermediate results during transactions
Dirty read: access a record changed by another process but not yet committed
Nonrepeatable read: some other process has altered the original record (e.g., during optimistic locking)
Phantom read: a new movie by George Lucas – NO NO – means new records inserted or deleted since last read
![Page 33: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/33.jpg)
33 Copyright © 2015 M. E. Kabay. All rights reserved.
ANSI SQL Isolation Levels
Can specify degree of protection desired
Read
Uncommitted
Read
Committed
Repeatable
Read
Serializable
Dirty Read Y N N NNonrepeatable Read Y Y N NPhantom Read Y Y Y N
I solation Level
Problem
Type
ANSI SQL
![Page 34: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/34.jpg)
34 Copyright © 2015 M. E. Kabay. All rights reserved.
DBMS Controls
Referential IntegrityUniqueness ConstraintsLockingTransaction ControlsDatabase Recovery
![Page 35: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/35.jpg)
35 Copyright © 2015 M. E. Kabay. All rights reserved.
Database Recovery
TransactionsApplication LoggingTransactions and Log FilesBackups & Log FilesRecovery from BackupsRecovery from Log Files
![Page 36: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/36.jpg)
36 Copyright © 2015 M. E. Kabay. All rights reserved.
Transactions
What are transactions?Why should we care if a transaction were
interrupted by a DBMS failure or a system failure?
CLASS DISCUSSION
![Page 37: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/37.jpg)
37 Copyright © 2015 M. E. Kabay. All rights reserved.
Application Logging
Benefits of loggingAudit trail for security / investigationsPerformance dataDebugging
What might a logging process write into the log file when a process is
Adding a record?
Changing a record?
Deleting a record?
CLASS DISCUSSION
![Page 38: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/38.jpg)
38 Copyright © 2015 M. E. Kabay. All rights reserved.
Transactions and Log Files
Why would it matter to anyone that a log file keep a distinction among different types of transactions?
How does a log file mark completion of an atomic transaction?
CLASS DISCUSSION
![Page 39: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/39.jpg)
39 Copyright © 2015 M. E. Kabay. All rights reserved.
Backups & Log FilesDistinguish among the following types
of backups:System vs applicationFull (everything)Differential (aka “Partial”) (everything changed
since last full) Incremental (everything changed since last
incremental) (aka “Partial”)Delta (only changed data) (aka “Partial”)Log files (only the information about the
changes)
![Page 40: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/40.jpg)
40 Copyright © 2015 M. E. Kabay. All rights reserved.
Backup Types
File SUN MON TUE WED THU FRI SAT
A
B
C
D
E
Backup Type SUN MON TUE WED THU FRI SAT
FULL ABCDE ABCDE ABCDE ABCDE ABCDE ABCDE ABCDE
DIFFERENTIAL A AB ABD ABCD ABCDE ABCDE
INCREMENTAL A B AD ABCD CDE ABC
DELTA (records) A' B' A'D' A'B'C'D' C'D'E' A'B'C'
Do not use the term “partial backup.”
![Page 41: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/41.jpg)
41 Copyright © 2015 M. E. Kabay. All rights reserved.
Recovery from Log Files
Roll-backward recoveryUse log file to identify interrupted
(incomplete) transactions using checkpointsLook for start marker without end marker
Remove all changes that are part of those incomplete transactions
Roll-forward recoveryStart with valid backupUse log file to re-apply all completed
transactionsLeave out the incomplete transactions
Which kind of recovery is faster?
![Page 42: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/42.jpg)
42 Copyright © 2015 M. E. Kabay. All rights reserved.
Protecting Batch FilesBatch processing as defined in Computer Desktop
Encyclopedia: (1) Performing a particular operation automatically
on a group of files all at once rather than manually opening, editing and saving one file at a time. For example, graphics software that converts a selection of images from one format to another would be a batch processing utility.
(2) Processing a group of transactions at one time. Transactions are collected and processed against the master files (master files updated) at the end of the day or some other time period. Contrast with transaction processing.
![Page 43: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/43.jpg)
43 Copyright © 2015 M. E. Kabay. All rights reserved.
Batc
h P
rocessin
g (
2)
© Computer Desktop
Encyclopedia
![Page 44: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/44.jpg)
44 Copyright © 2015 M. E. Kabay. All rights reserved.
Batch Processing (3)
Normal batch processing automatically keeps original files as default backups
Process master file + transaction file(s)Copy unchanged records into new fileCopy modified records from transactionsDon’t copy deleted records
End up withOriginal master fileNew master fileTransaction (activity) files
Typically keep several generations of masters
![Page 45: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/45.jpg)
45 Copyright © 2015 M. E. Kabay. All rights reserved.
Assuring that Information in the System is ValidValidation Controls: catching data input errors
Check digits in input streamHash totalsDigital signaturesRange checksTable lookups (including combinations)
Diagnostic Utilities: catching data corruption or tamperingEdit checksBusiness rules Exception reportsStatistical Quality Control (SQC) methods
(anomaly detection)
![Page 46: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/46.jpg)
46 Copyright © 2015 M. E. Kabay. All rights reserved.
Review Questions (1)1. Distinguish between SQA and application controls.2. Why should we pay attention to applications when
planning our security procedures?3. Why are databases of such concern in application security
discussions?4. Name and distinguish between the two fundamental types
of data corruption (by cause).5. Explain the concept of referential integrity using
examples.6. How do DBMSs enforce uniqueness constraints?
![Page 47: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/47.jpg)
47 Copyright © 2015 M. E. Kabay. All rights reserved.
Review Questions (2)7. Why do concurrently-accessed databases require locking
strategies?8. What’s a transaction?9. What is meant by atomic transactions?10.How is a transaction marked in a log file?11. Which has finer granularity, locking an entire dataset or
locking a set of records?12.Distinguish between exclusive and shared locks.13.Distinguish between conditional and unconditional locks.14.What’s a deadlock and how can you prevent it?
![Page 48: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/48.jpg)
48 Copyright © 2015 M. E. Kabay. All rights reserved.
Review Questions (3)15.Distinguish between pessimistic and optimistic locking
strategies.16.What does ACID mean in discussions of transactions?
Explain each of the components.17.Why do production applications normally include log
files as part of their design?18.Explain how roll-backward recovery works.19.Explain how roll-forward recovery works.20.Discuss the security features of batch processing.21.Explain how applying each of the validation controls
described in slide 45 could help check the validity of stored information in a database.
![Page 49: 1 Copyright © 2015 M. E. Kabay. All rights reserved. Application Controls CSH6 Chapter 52 “Application Controls” Myles Walsh.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfa71a28abf838c98feb/html5/thumbnails/49.jpg)
49 Copyright © 2015 M. E. Kabay. All rights reserved.
Now go and study