The concept of providing information security in a distributed system of organizational database
Download 142.26 Kb.
|
1.en
- Bu sahifa navigatsiya:
- Keywords
- II. MAIN PART
UDC 004.056, 336.71 THE CONCEPT OF PROVIDING INFORMATION SECURITY IN A DISTRIBUTED SYSTEM OF ORGANIZATIONAL DATABASE Botirov F.B. The article examines the basic principles of creating and operating a distributed database, client-server technologies, the file server model, the remote data access model, the database server model, and the application server model. Keywords:file server, database, server, applications, distributed data, SQL, RDA. I. INTRODUCTION It is known that in large automated information systems built on the basis of corporate networks, it is not always possible to organize centralized placement of all databases and MBBT in one node of the network. This has led to the emergence of distributed computing systems that are integrated with a distributed database management system. A distributed database is a set of logically interconnected databases distributed over a computer network. A distributed database management system is a software system that provides management of a distributed database and transparency of its distribution to users. A distributed database can integrate databases supporting any model (hierarchical, network, relational, and object-oriented databases) within a single global schema. Such a configuration should ensure transparent access to any data, regardless of its location and format, for all applications. II. MAIN PART The main principles of the creation and operation of a distributed database are as follows: - transparency of data location for users (in other words, the distributed database should appear to the user as if it were not distributed); - isolation of users from each other (the user should not "feel", "see" the work of other users when changing, updating, deleting data); - synchronization and harmony (non-contradiction) of the state of data at any moment in time. The following additional principles are derived from the basic principles [1]: - local autonomy (any computing device should not depend on any other device for its successful operation); - absence of a central device (result of the previous paragraph); - location-independent (as if the data is located on the user's local device); - continuity of operation (absence of planned interruption of the system); - independent of data fragmentation (horizontal fragmentation - different groups of records of the same table are placed on different devices or different local bases; vertical fragmentation - different frames - columns of the same table are placed on different devices); - does not depend on data replication (repetition) (some table of the database can be represented by several copies located on different devices); - distributed processing of requests (optimization of requests should be of a distributed nature - first global optimization, then local optimization in each of the launched devices); - distributed management of transactions (in a distributed system, a separate transaction may require the execution of actions on different devices, the transaction is considered completed when it is completed on all participating devices); - that it does not depend on the hardware (having different computersit is acceptable that the system can work on the devices); - that the operating system does not depend on the time (the system should work regardless of the difference of operating systems on different computing devices); - does not depend on the communication network (possibility of working in different communication environments); - MBBT-independent (different MBBTs may work on different devices, in practice SQL-enabled MBBTs are used). Distributed information systems, which are usually created on the basis of MBBT, are also characterized by the term "distributed MBBTs" and, accordingly, the term "distributed database" is used [2]. Implementation of distributed computing is done by deviating from some of the principles of creation and operation of distributed systems mentioned above. Depending on what principle is "sacrificed", several independent directions have been distinguished in distributed system technologies - "client-server" technologies, replication technologies, object binding technologies, real distributed information systems, usually a combination of all three technologies. based on From the methodological point of view, it is appropriate to discuss them separately. One of the main principles of creation and operation of distributed systems in "client-server" technologies is the absence of a central device. Therefore, the following two main ideas underlying client-server technologies can be distinguished [3]: - commonality of information on one or several servers for all users; - the number of users (clients) processing common data together (parallel and simultaneously) on different computing devices. In other words, systems based on "client-server" technologies are distributed only with respect to users. For this reason, they are often considered by most users to be a separate class of systems rather than belonging to "true" distributed systems. In "client-server" technologies, the concepts of server and client have an important value. In a broad sense, Verver means any system, process, computer with some computing resources (memory time, processor performance, etc.) [4]. Client means any system, process, computer, user that requests some resource from the server, user of some Uesours or served by the server in a special way. Various models of "client-server" systems have been formed in the process of passing through several stages in its development. Their implementation and, therefore, a correct understanding is based on dividing the MBBT structure into the following three components: - presentation component - sometimes simply called the user interface, which performs the function of entering and displaying data; - application component is a set of requests, events, rules, procedures and other computing functions that perform the tasks of an automated information system in a specific subject area; - data access component - performing data acquisition, storage, physical update and change functions. Based on the characteristics of implementation and distribution of these three components in the system, four models of "client-server" technologies are distinguished: - file server model (File Server - FS); - remote data access model (Remote Data Access - RDA); - database server model (Data Base Server - DBS); - application server model (Application Server - AS). The file server model is the simplest, as much as it characterizes the method of creating an information system, it characterizes the general method of interaction of components in a local network. One of the network computers is separated and considered as a file server, that is, a common place where any data is stored. The essence of FS-model can be explained by Fig. 1 [5]. Figure 1. File server model In the FS model, all the main components are placed on the client device. When data is accessed, MBBT, in turn, makes I/O requests to the file system. During the session, the database file is copied in whole or in part to the main memory of the client device using the functions of the operating system. In this case, the server performs a passive function. The advantage of this model is its simplicity, the absence of high requirements for server performance (mainly, any size of disk space). It should be noted that in this case, the software components of MBBT are not distributed, that is, no part of MBBT is installed and placed on the server. The disadvantage of this model is high network traffic, which reaches a peak value when users are using the system in bulk, for example, at the beginning of the working day. However, from the point of view of working with a common database, the lack of special mechanisms for the security of database file(s) by MBBT is a more serious drawback. In other words, data distribution among users (parallel work with one data file) is carried out only using the file system tools of the operating system. Despite its shortcomings, the file transfer model is a natural means of extending the possibilities of personal MBBT in the direction of supporting the multi-user mode, and remains relevant in this respect [6]. The model of remote data access is based on taking into account the peculiarities of data placement and physical manipulation in external memory for relational MBBTs. In the RDA model, the data access component in MBBT is completely separated from the other two components (presentational and implementation components) and is hosted on the system server. The data access component is implemented as an independent part of MBBT software called SQL-server and is installed on the computing device of the system server. In other words, SQL Server acts as a data engine. Figure 2 shows the scheme of the RDA model. Figure 2. Remote data access model. The database file(s) located on the system server also contains the database system directory, which includes, among other things, registered customers, their authorizations, etc. information about it will also be posted. The software part of MBBT, which implements the interface and application functions, is installed on the client devices. The user enters the client part of the system, registers on the system server through it and starts processing data. The application component of the system (request library, data processing procedures) is fully deployed and executed on the client device. The application component is directed to the SQL server when performing its function Forms the necessary SQL statements. The SQL server receives and coordinates SQL statements from various clients, executes them, checks and enforces data integrity constraints, and sends the results of SQL statements to clients in the form of data sets (tables). In this way, the communication of the client with the server goes through SQL instructions, and from the server to the client devices only the results of the operation, that is, a set of data that is significantly less than the database in terms of size, are transferred. As a result, the network load is dramatically reduced, and the server has the status of an active central function. In addition, the MBBTi kernel in the form of SQL - server provides traditional and important functions for ensuring limited integrity and security of data when working together with several users. Another, invisible advantage of the RDA model is the unification of the communication interface of the application components of information systems with common information. Such interaction is standardized within the SQL language through a special protocol ODBC (Open Database Connectivity - transparent use of the database). This protocol plays an important role in providing multi-protocol, i.e. independence of MBBT time on client devices in distributed systems. MBBT's multi-protocol capability – MBBT's ability to serve a variety of applications originally intended for MBBT. In other words, a special component of the MBBT core in Verver (called an ODBC driver) has the ability to receive requests, process and send results to other, "foreign" relational MBBT client devices. This possibility significantly increases the flexibility in creating a distributed information system in the management of personal or other relational MBBT based on the local database available in some organization. The high requirements for client computing devices are a disadvantage of the RDA model, because the data processing applications determined by the specific nature of the subject area of the information system are executed in them. Another disadvantage is the seriousness of network traffic, that is, data sets (tables) of a fairly large volume are sent to clients from the database server at some points. The database server model is an evolution of the PDA model. The mechanism of stored procedures is its core. In contrast to the PDA model, events, rules and procedures defined for a specific subject area of the information system, described by SQL language tools, are stored and executed on the system server together with the data [7]. In other words, the application component is fully deployed and executed on the system server. The database server model is shown schematically in Figure 3. 3 – picture. Database server model Only the interface component (presentation component) is placed on the client devices of the DBS model. This leads to a significant reduction in the requirements for the client's computing device. The user sends only necessary procedures, queries and other function calls to the database through the system interface on the client device. All outgoing operations on the use of data and their processing are performed on the server and only performance results are sent to the client (and in the RDA model, a data set is sent). This leads to a significant decrease in network traffic in the DBS model compared to the RDA model. It should be noted that the application issues of all system users are performed simultaneously on the system server. As a result, requirements for server computing devices (disk space and main memory size, speed) increase dramatically. This is the main disadvantage of the DBS model. In addition to reducing the network load, the active role of the network server, the ability to store and execute the mechanism of events, rules and procedures, the ability to more adequately and effectively "adjust" the distributed information system to all the nuances of the subject area, is an advantage of the DBS model. In addition, as a result of reliable provision of consistency of data status and changes, the ability to sort and work with data increases, and the collective work of users with common data is effectively coordinated. the application server model is used to distribute the server computing resource speed and memory requirements across different computing devices. In the AS-model, the application component of the information system is transferred to an additional server specialized for the high speed of system resources. The scheme of this model is presented in Figure 4.
Figure 4. Application server model Similar to the DBS model, only the interface part of the system, that is, the presentation component, is placed on the client devices. But calls to data processing functions are sent to the application server, where these functions are executed together for all users of the system To perform low-level data access and modification operations, the application server, as in the RDA model, addresses the SQL server, sends SQL procedure calls to it, and, as appropriate, retrieves data sets from it. It is known that a sequential set of actions performed on data with a special value (SQL - instructions) is called a transaction Geb. In this sense, the application server manages the formulation of the transactions that the SQL server executes. Therefore, the software component of MBBT installed on the application server is also called Transaction Processing Monitors (TPM) or simply transaction monitor. Download 142.26 Kb. Do'stlaringiz bilan baham: |
ma'muriyatiga murojaat qiling