Martin Grasdal, ... Dr.Thomas W. ShinderTechnical Editor, in
MCSE (Exam 70-293) Study Guide, 2003 Database servers are used to store and manage databases that are stored on the server and to provide data access
for authorized users. This type of server keeps the data in a central location that can be regularly backed up. It also allows users and applications to centrally access the data across the network. A large number of the databases used in your organization can be kept on one server or a group of servers that are specifically configured to protect data and service client requests. The Configure Your Server Wizard does not include a configurable role for
database servers. A database server is any server that runs a network database application and maintains database files, such as Microsoft SQL Server or Oracle. SQL Server is a high-performance database management system. It is used for data storage and analysis, and it provides users with the ability to access vast amounts of data quickly over the network. Because SQL Server provides additional measures of security that would not otherwise be available (as discussed in the “Securing Database
Servers” section later in this chapter) and processing occurs on the server, transactions can occur securely and rapidly. Data stored in database management systems is generally accessed through user interfaces that are developed by an organization or third parties. For example, a company might create custom applications in Visual Basic (or some other programming language), or use ASP on the Web server to display information that is stored in a database.
While the user interacts with the data through the user interface, the data is actually stored in the SQL Server or Oracle database located on a database server.MCSE 70-293: Planning Server Roles and Server Security
Database Servers
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781931836937500063
Server Classifications
Shu Zhang, Ming Wang, in Encyclopedia of Information Systems, 2003
III.B.1. Description
Database servers are networked computers on a network dedicated to database storage and data retrieval from the database. The database server is a key component in a client/server computing environment. It holds the database management system (DBMS) and the databases. In the database context, the client manages the user interface and application logic, acting as a sophisticated workstation on which to run database applications. The client takes the user's request, checks the syntax, and generates database requests in SQL or another database language. It then transmits the message to the server, waits for a response, and formats the response to the end-user. The server accepts and processes the database requests, then transmits the results back to the client. The process involves checking authorization, ensuring integrity maintaining the system catalog, and performing query and update process.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B012227240400157X
Sybase Migrations from a Systems Integrator Perspective, and Case Study
Tom Laszewski, Prakash Nauduri, in Migrating to the Cloud, 2012
Database Server
Sybase database servers consist of a data server and a backup server. There are two processes of the Sybase database server, whereas an Oracle instance has five mandatory processes: SMON (System Monitor), PMON (Process Monitor), LGWR (Log Writer), DBWR (Database Writer), and CKPT (Checkpoint). The optional ARCH archive process writes filled redo logs to the archive log location(s). In an Oracle Real Application Cluster (RAC), the various ARCH processes can be utilized to ensure that copies of the archived redo logs for each instance are available to the other instances in the RAC setup should they be needed for recovery. Additional Oracle background processes include the CJQ job queue processor, CQJ0 job queue controller, FMON mapping libraries, LMON locking manager, and MMON collector for AWR (Automatic Workload Repository). It is good to understand the server architecture differences between these two databases; however, these differences will not have an adverse effect on your migration project and estimates.
A key difference is that the Sybase data engine can have multiple databases within one engine. Oracle, on the other hand, has one database for the entire data engine. This can cause customers to believe they need to create an Oracle database server for each Sybase database. This is not the case, as Oracle has the concept of schemas (i.e., a database user). Therefore, a Sybase database is mapped to an Oracle schema.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781597496476000119
Physical Data Warehouse Design
Daniel Linstedt, Michael Olschimke, in Building a Scalable Data Warehouse with Data Vault 2.0, 2016
8.4.3 Memory Options
The database server uses physical memory for caching pages from disk. While operational database systems often deal with small transactions, data warehouse systems deal with large queries (referring to the amount of data being touched by the query). In addition, a query often requires multiple passes to deal with large tables; having the table already in memory can greatly improve the performance [23]. If SQL Server doesn’t have enough memory available to complete the operation, it uses hard disk storage, for example by using page files, tempdb or re-reading database pages from disk. Therefore, the more RAM the data warehouse system provides to Microsoft SQL Server, the better.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128025109000088
Platform level defenses
Justin Clarke, in SQL Injection Attacks and Defense (Second Edition), 2012
Revoke PUBLIC Permissions
Every database server platform has a default role to which every login belongs, usually called the public role, which has a default set of permissions that includes access to system objects. Attackers can use this default access to query database metadata to map out the database schema and target the juiciest tables for subsequent querying, such as those storing application login credentials. The public role is also commonly assigned permissions to execute built-in system stored procedures, packages, and functions used for administrative purposes.
Usually you cannot drop the public role; however, it is recommended that you not grant additional permissions to the public role, because each database user inherits the permissions of this role. You should revoke public role permissions from as many system objects as possible. Additionally, you must revoke superfluous permissions granted to the public role on custom database objects (such as application tables and stored procedures) unless a justifiable reason for the permissions exists. If necessary, you should assign database permissions to a custom role that you can use to grant a default level of access to specific users and groups.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781597499637000098
References
Justin Clarke, in SQL Injection Attacks and Defense, 2009
System Command Execution
For PostgreSQL database servers prior to Version 8.2, you can use the following SQL to import the system function from the standard UNIX libc library:
CREATE OR REPLACE FUNCTION system(cstring) RETURNS int AS '/lib/libc.so.6',
'system' LANGUAGE 'C' STRICT;
The system function can then be called by executing the following SQL query:
SELECT system('command');
Current versions of Postgres require that external libraries be compiled with the PostgreSQL PG_MODULE_MAGIC macro defined. To achieve code execution via this method you will need to upload your own shared .so or .dll file with the appropriate PG_MODULE_MAGIC macro enabled. See the following resource for further information:
▪www.postgresql.org/docs/8.2/static/xfunc-c.html#XFUNC-C-DYNLOAD
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781597494243000104
Installing GFI EventsManager
Brien Posey, in GFI Network Security and PCI Compliance Power Tools, 2009
Configuring the Backend Database
The first step in the initial configuration process is to configure a backend SQL Server database. As I mentioned before, I will be configuring GFI EventsManager to use a SQL Server 2005 Developers Edition database rather than a SQL 2005 Express Edition Database. Keep in mind though that other versions of SQL Server are also supported, and that the SQL Server database does not have to reside locally.
To configure the SQL Server database, perform the following steps:
1Click the Click Here To Configure link, found in the Configure SQL Server Database Backend section.
2Windows will now display the Database Backend properties sheet, which prompts you to enter the name of the server and database you want to use. Enter either the name or the IP address of your database server, followed by a backslash, and then the name of the database instance. For example, I have a SQL Server instance named GFI installed on my local server. Therefore, I am using GFI\GFI as the server name. If your database is not installed locally, then just replace [local] with the NetBIOS name or IP address of your database server.
3Enter EventsManager into the Database field.
4Choose the Windows Authentication option, as shown in Figure 13.4.
5Click OK.
6GFI EventsManager will now create the necessary database. When the process completes, click OK.
Figure 13.4. Enter the Server Name and the SQL Server Instance Name for the Database Server You Want to Use
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781597492850000133
Database Security
Jan L. Harrington, in Relational Database Design and Implementation (Fourth Edition), 2016
Handling Malware
Malware infecting a database server can be a serious problem. The result may be loss of data, loss of access to the database, or loss of control of the database server’s hardware. Protection against malware is typically provided by “virus protection” software running on firewalls and the servers themselves.
Most current virus protection software handles worms, Trojan horses, and bots, as well as viruses. The most important thing to keep in mind, however, is that there is an ever-escalating battle between those who write malware and those who produce the virus protection software. As soon as a new threat is identified, the software developers rush to add the new malware to their protection database; the malware producers then write new malware that is typically more powerful and sophisticated than previous releases. You can never be completely safe from malware because there is always a lag, however short, between the detection of a new piece of malware and the updating of virus protection software to handle that malware. The best you can do is to update the database that accompanies your virus protection software regularly.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128043998000235
Design Guidelines for Data Virtualization
Rick F. van der Lans, in Data Virtualization for Business Intelligence Systems, 2012
8.4 Implementing Transformations in Wrappers or Mappings
Wrappers on SQL database servers are usually straightforward. In principle, in such a wrapper the data passes one-to-one from the relational source table to the relational virtual table. For wrappers on non-SQL data stores, such as XML documents and web services, it might be a different story. Languages such as XPath, XSLT, or XQuery are used to transform the nonrelational structure of the data store. If those languages are indeed used, extra processing can be added to those wrappers. For example, selections can be added to minimize the amount of data returned, projections can be added to minimize the number of columns returned, transformations can be added to change values, and so on.
This allows designers to choose whether particular transformations should be included inside the wrappers or inside the mappings of the virtual tables. This choice can have a serious impact on performance. If the module executing the wrapper executes the transformations faster than the data virtualization server can execute the mapping, then including them in the wrappers can speed up performance. Moving transformations to the wrapper can also minimize data transmission (Stage 8), but this only applies if the wrapper is really executed on the data store side.
Design Guideline 10: Include transformations in wrappers if the module executing them can do this faster than the data virtualization server can.
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780123944252000083
Installing GFI EndPointSecurity
Brien Posey, in GFI Network Security and PCI Compliance Power Tools, 2009
Configure the Backend Database
The next step in the initial configuration process is to configure a backend database. Technically, configuring a backend database is optional (as are all of the initial configuration tasks), but it doesn't mean that using a database is optional. It only means that you do not have to configure a database right this minute if you don't want to. Since the database plays such an important role in GFI EndPointSecurity, I want to go ahead and set it up now. For demonstration purposes, I will be configuring GFI EndPointSecurity to use a Structured Query Language (SQL) Server 2005 database. Keep in mind that other versions of SQL Server are also supported, and that the SQL Server database does not have to reside locally.
To configure the SQL Server database, perform the following steps:
1Click the Click Here to Configure link found in the Configure Backend Database section.
2At this point, you will see a screen prompting you to enter the name of the server and database that you want to use. Enter either the name or the IP address of your database server, followed by a back slash and the name of the database instance. For example, I have a SQL Server instance named GFI installed onto my local server. Therefore, I am using [Local]\GFI as the server name. If your database is not installed locally, then just replace [local] with the Network Basic Input/Output System (NetBIOS) name or Internet Protocol (IP) address of your database server.
3Enter EndPointSecurity into the Database field. Choose the Windows Authentication option, as shown in Figure 8.4.
4Choose the Use Windows Authentication option.
5Click OK.
6GFI EndPointSecurity will now create the necessary database, as shown in Figure 8.5. When the process completes, click OK.
Figure 8.4. Enter the Server Name and the SQL Server Instance Name for the Database Server That You Want to Use
Figure 8.5. The Software Goes Through Several Different Steps to Create the Database
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B978159749285000008X