毕业设计外文文献-数据库管理系统

1、附录A外文翻译一原文局部(Database ManagementSystems, 2000-06)Database Management SystemsA database (sometimes spelled data base) is also called an electronic database, referring to any collection of data, or information, that is specially organized for rapid search and retrieval by a computer. Databases are str

2、uctured to facilitate the storage, retrieval , modification, and deletion of data in conjunction with various data- processing operations. Databases can be stored on magnetic disk or tape, optical disk, or some other secondary storage device.A database consists of a file or a set of files. The infor

3、mation in these files may be broken down into records, each of which consists of one or more fields. Fields are the basic units of data storage, and each field typically contains information pertaining to one aspect or attribute of the entity described by the database . Using keywords and various so

4、rting commands, users can rapidly search , rearrange, group, and select the fields in many records to retrieve or create reports on particular aggregate of data.Complex data relationships and linkages may be found in all but the simplest databases . The system software package that handles the diffi

5、cult tasks associated with creating ,accessing, and maintaining database records is called a database management system(DBMS). The programs in a DBMS package establish an interface between the database itself and the users of the database. (These users may be applications programmers, managers and o

6、thers with information needs, and various OS programs.)A DBMS can organize, process, and present selected data elements form the database. This capability enables decision makers to search, probe, and query database contents in order to extract answers to nonrecurring and unplanned questions that ar

7、en? t available in regular reports. These questions might initially be vague and/or poorly defined , but people can “browse” through the database until they have the needed information. In short, the DBMS will “manage” the stored data items and assemble the needed items from the common database in r

8、esponse to the queries of those who aren, t programmers.A database management system (DBMS) is composed of three major parts:(l)a storage subsystem that stores and retrieves data in files;(2) a modeling and manipulation subsystem that provides the means with which to organize the data and to add , d

9、elete, maintain, and update the data;(3)and an interface between the DBMS and its users. Several major trends are emerging that enhance the value and usefulness of最新的数据库管理方法使用对象模型，其中记录由称为对象的实体表示，这 些实体既可以存储数据，也可以提供执行特定任务的方法或过程。用于对象模型的查询语言是用于开发数据库应用程序的相同的面向对象的 编程语言。但这可能会产生一些问题，因为没有像SQL这样简单，统一的查询语 言。对象

10、模型相对较新，只有少数面向对象数据库的例子存在。它之所以引起了 人们的注意，是因为选择面向对象编程语言的开发人员需要一个基于面向对象模 型的数据库。分布式数据库类似地，分布式数据库是数据库的不同局部分别存储在物理上别离的计算机 上的数据库。分布式数据库的一个目标是访问信息，而不考虑数据的存储位置。请记住，一旦用户及其数据别离，通信和网络概念就会发挥作用。分布式数据库需要局部存储在较大计算机中的软件。这种软件在个人计算机 和大型计算机之间建立起桥梁，解决了数据格式不兼容的问题。理想情况下， 它会使大型机数据库看起来像是大型信息库，大局部处理都是在个人计算机上完 成的。一些分布式系统的缺点是它们通

11、常基于所谓的大型主机为中心，其中较大 的主计算机被视为主设备，而终端或个人计算机被视为从设备。但是这种方法也 有一些优点：在集中控制数据库的情况下，我们前面提到的许多数据完整性问题 都得到了解决。但是今天的个人计算机，部门计算机和分布式处理需要计算机及 其应用程序在更平等或点对点的基础上相互通信。在数据库中，客户端/服务器 模型提供用于分发数据库的框架。利用运行数据库应用程序的许多连接计算机的一种方法是将应用程序分发 给彼此独立的合作方。客户端是通过网络请求资源的最终用户或计算机程序。服 务器是运行软件的计算机，它通过网络满足这些请求。当请求资源是数据库中的 数据时，客户端/服务器模型就提供用

12、于分布式数据库的框架。文件服务是一种通过网络访问文件的软件，专门的文件服务器是一台被指定 为文件服务器的计算机。假如文件很大并且需要快速访问，这就很有用，在这种 情况下，小型计算机或大型机将用作文件服务器。分布式文件服务器在单个计算 机上传播文件，而不是将它们放在一台专用计算机上。后一种服务器的优点包括在其他计算机上存储和检索文件以及消除每台计 算机上的重复文件的能力。然而，主要的缺点是个别读/写请求需要在网络上传 输，并且在更新文件时会出现问题。假设用户从文件请求记录并更改它，而另一 个用户请求相同记录并更改它，这个问题的解决方案称为记录锁定，这意味着第 一个请求会让其他请求等到第一个请求得

13、到满足之后才可以读取数据，但是不能 修改。数据库服务器是通过网络向数据库提供请求的软件。例如，假设用户在他或 她的个人计算机上键入查询数据，如果应用程序的设计考虑了客户端/服务器模 型，那么个人计算机上的查询语言局部会简单地将查询通过网络发送到数据库服务 器，并在发现数据时发送通知。分布式数据库系统的例如可以在工程领域中找到。例如，Sun的网络归档系 统（NFS）用于计算机辅助工程应用程序，以在Sun工作站的网络中的硬盘之间 分发数据。分发数据库是一个渐进的步骤，因为把数据存放在被使用位置上是很合乎常 理的。例如，大型公司内的部门计算机应该将数据存储在本地，但是当他们想 要合并部门数据时，授权

14、的公司管理人员应该可以访问这些数据。DBMS软件将 保护数据库的安全性和完整性，并且分布式数据库对其用户来说与非分布式数据 库没有区别。在这个信息时代，数据服务器已成为公司的核心。这一个软件控制着大多数 组织的节奏，用于通过网络的动脉泵送信息命脉。由于此应用程序的关键性质， 数据服务器也是黑客最受欢迎的目标之一。如果黑客拥有这个应用程序，他可能 会导致该公司的“心脏”遭受致命的破坏。具有挖苦意味的是，尽管大多数用户现在都知道黑客，但他们仍然没有意识 到他们的数据库服务器对攻击的攻击程度有多大。因此，本文介绍了攻击数据库 服务器（也称为SQL服务器）的主要方法，并向我们展示了如何保护自己免受这

15、些攻击。我们应该注意这些信息并不断更新。许多技术白皮书都详细介绍了如何执行 SQL攻击，并且已将大量漏洞发布到安全列表中，这些漏洞准确描述了某些数据 库应用程序是如何被利用的。本文是为那些不关心细节的好奇的非SQL专家编写 的，并且是对那些经常使用SQL的人的评论。什么是 SQL Server?数据库应用程序是一种为客户提供数据访问的程序。这种类型的应用程序有 很多种，从昂贵的企业级Microsoft SQL Server到免费和开源的mySQL。无论 风格如何，大多数数据库服务器应用程序都有几个共同点。首先,数据库应用程序使用相同的通用编程语言，即SQL或结构化查询语言。 这种语言由于其语法

16、简单而被称为第四级语言，是客户端如何将其请求传达给服 务器的核心。使用最简单的SQL,程序员可以在数据库中选择，添加，更新和删 除信息。但是，SQL也可用于创立和设计整个数据库，对返回的信息执行各种功 能，甚至执行其他程序。为了说明如何使用SQL,以下是一个简单的标准SQL查询和一个更复杂的 SQL查询的例如：简单的标准 SQL 查询：“Select * from dbFurniture. tblChair，/；这将返回数据库db Furniture中表tbl Chair中的所有信息。复杂的 SQL 查询：“EXEC master. xp_cmdshell dir这个简短的SQL命令将客户端返

17、回到SQL服务器的c： 目录下的文件和文 件夹列表。请注意，此例如使用MS SQL Server独有的扩展存储过程。数据库服务器应用程序共享的第二个功能是它们都需要客户端和主机之间 的某种形式的经过身份验证的连接。虽然SQL语言相当容易使用，至少在其基本 形式中，任何想要执行查询的客户端必须首先提供某种形式的凭证来授权客户端; 客户端还必须定义请求和响应的格式。此连接由多个属性定义，具体取决于客户端的相对位置以及正在使用的操作 系统。我们可以花一整篇文章讨论各种技术，如DSN连接，无DSN连接，RDO, ADO等，但这些主题超出了本文的范围。如果你想了解更多关于它们的信息，谷 歌会给你提供足够

18、的信息。但是，以下是连接请求中包含的更常见工程的列表：数据库来源请求类型数据库使用者身份证密码在建立任何连接之前，客户端必须定义它连接的数据库服务器类型。这由一 个软件组件处理，该组件向客户端提供以正确格式创立请求所需的指令。除了数 据库类型之外,请求类型还可用于进一步定义服务器如何处理客户端的请求。接 下来是数据库名称，最后是身份验证信息。所有连接信息都很重要，但到目前为止，最薄弱的环节是身份验证信息或者 缺少身份验证信息。在正确管理的服务器中，每个数据库都有自己的用户，这些 用户具有专门指定的权限，可以控制他们可以执行的活动类 例如，对于只需要 访问信息的应用程序，用户帐户将被设置为只读。

19、另一个帐户应该用于插入或更 新，甚至可能会使用第三个帐户进行删除，此类帐户控制可确保任何受损帐户的 功能受限。不幸的是，许多数据库程序都设置了空密码或简单密码，这导致成功 的黑客攻击。database management systems;Managers: who require more upto-data information to make effective decisionCustomers: who demand increasingly sophisticated information services and more current information about

20、the status of their orders, invoices, and accounts.Users: who find that they can develop custom applications with database systems in a fraction of the time it takes to use traditional programming languages.Organizations : that discover information has a strategic value; they utilize their database

21、systems to gain an edge over their competitors. The Database ModelA data model describes a way to structure and manipulate the data in a database. The structural part of the model specifies how data should be represented(such as tree, tables, and so on ).The manipulative part of the model specifies

22、the operation with which to add, delete, display, maintain, print, search, select, sort and update the data.Hierarchical ModelThe first database management systems used a hierarchical model-that is-they arranged records into a tree structure. Some records are root records and all others have unique

23、parent records. The structure of the tree is designed to reflect the order in which the data will be used that is , the record at the root of a tree will be accessed first, then records one level below the root , and so on.The hierarchical model was developed because hierarchical relationships are c

24、ommonly found in business applications. As you have known, an organization char often describes a hierarchical relationship: top management is at the highest level, middle management at lower levels, and operational employees at the lowest levels. Note that within a strict hierarchy, each level of m

25、anagement may have many employees or levels of employees beneath it, but each employee has only one manager. Hierarchical data are characterized by this one-to- many relationship among data.In the hierarchical approach, each relationship must be explicitly defined when the database is created. Each

26、record in a hierarchical database can contain only one key field and only one relationship is allowed between any two fields. This can create a problem because data do not always conform to such a strict hierarchy.Relational ModelA major breakthrough in database research occurred in 1970 when E. F.

27、Codd proposed a fundamentally different approach to database management called relational model , which uses a table as its data structure.The relational database is the most widely used database structure.Data is organized into related tables. Each table is made up of rows called and columns called

28、 fields. Each record contains fields of data about some specific item. For example, in a table containing information on employees, a record would contain fields of data such as a person, s last name ,first name , and street address.Structured query language (SQL)is a query language for manipulating

29、 data in a relational database . It is nonprocedural or declarative, in which the user need only specify an English-like description that specifies the operation and the described record or combination of records. A query optimizer translates the description into a procedure to perform the database

30、manipulation.Network ModelThe network model creates relationships among data through a linked- list structure in which subordinate records can be linked to more than one parent record. This approach combines records with links, which are called pointers. The pointers are addresses that indicate the

31、location of a record. With the network approach, a subordinate record can be linked to a key record and at the same time itself be a key record linked to other sets of subordinate records. The network mode historically has had a performance advantage over other database models. Today , such performa

32、nce characteristics are only important in high-volume , high-speed transaction processing such as automatic teller machine networks or airline reservation system.Both hierarchical and network databases are application specific. If a new application is developed , maintaining the consistency of datab

33、ases in different applications can be very difficult. For example, suppose a new pension application is developed . The data are the same, but a new database must be created.Object ModelThe newest approach to database management uses an object model , in which records are represented by entities cal

34、led objects that can both store data and provide methods or procedures to perform specific tasks. The query language used for the object model is the same object- oriented programming language used to develop the database application .This can create problems because there is no simple , uniform que

35、ry language such as SQL . The object model is relatively new, and only a few examples of object-oriented database exist. It has attracted attention because developers who choose an object-oriented programming language want a database based on an object-oriented model. Distributed DatabaseSimilarly ,

36、 a distributed database is one in which different parts of the database reside on physically separated computers . One goal of distributed databases is the access of information without regard to where the data might be stored. Keeping in mind that once the users and their data are separated , the c

37、ommunication and networking concepts come into play .Distributed databases require software that resides partially in the larger computer. This software bridges the gap between personal and large computers and resolves the problems of incompatible data formats. Ideally, it would make the mainframe d

38、atabases appear to be large libraries of information, with most of the processing accomplished on the personal computer.A drawback to some distributed systems is that they are often based on what is called a mainframe-entire model , in which the larger host computer is seen as the master and the ter

39、minal or personal computer is seen as a slave. There are some advantages to this approach . With databases under centralized control , many of the problems of data integrity that we mentioned earlier are solved . But today s personal computers, departmental computers, and distributed processing requ

40、ire computers and their applications to communicate with each other on a more equal or peer-to-peer basis. In a database, the client/server model provides the framework for distributing databases.One way to take advantage of many connected computers running database applications is to distribute the

41、 application into cooperating parts that are independent of one anther. A client is an end user or computer program that requests resources across a network. A server is a computer running software that fulfills those requests across a network . When the resources are data in a database , the client

42、/server model provides the framework for distributing database.A file serve is software that provides access to files across a network. A dedicated file server is a single computer dedicated to being a file server. This is useful , for example , if the files are large and require fast access . In su

43、ch cases, a minicomputer or mainframe wou1d be used as a file server. A distributed file server spreads the files around on individual computers instead of placing them on one dedicated computer.Advantages of the latter server include the ability to store and retrieve files on other computers and th

44、e elimination of duplicate files on each computer. A major disadvantage , however, is that individual read/write requests are being moved across the network and problems can arise when updating files. Suppose a user requests a record from a file and changes it while another user requests the same re

45、cord and changes it too. The solution to this problems called record locking, which means that the first request makes others requests wait until the first request is satisfied . Other users may be able to read the record, but they will not be able to change it .A database server is software that se

46、rvices requests to a database across a network. For example, suppose a user types in a query for data on his or her personal computer . If the application is designed with the client/server model in mind , the query language part on the personal computer simple sends the query across the network to

47、the database server and requests to be notified when the data are found. Examples of distributed database systems can be found in the engineering world. Sun s Network Filing System(NFS), for example, is used in computer-aided engineering applications to distribute data among the hard disks in a netw

48、ork of Sun workstation.Distributing databases is an evolutionary step because it is logical that data should exist at the location where they are being used . Departmental computers within a large corporation , for example, should have data reside locally , yet those data should be accessible by aut

49、horized corporate management when they want to consolidate departmental data . DBMS software will protect the security and integrity of the database , and the distributed database will appear to its users as no different from the non-distributed database .In this information age, the data server has

50、 become the heart of a company. This one piece of software controls the rhythm of most organizations and is used to pump information lifeblood through the arteries of the network. Because of the critical nature of this application, the data server is also the one of the most popular targets for hack

51、ers. If a hacker owns this application, he can cause the companys heart to suffer a fatal arrest.Ironically, although most users are now aware of hackers, they still do not realize how susceptible their database servers are to hack attacks. Thus, this article presents a description of the primary me

52、thods of attacking database servers (also known as SQL servers) and shows you how to protect yourself from these attacks.You should note this information is not new. Many technical white papers go into great detail about how to perform SQL attacks, and numerous vulnerabilities have been posted to se

53、curity lists that describe exactly how certain database applications can be exploited. This article was written for the curious non-SQL experts who do not care to know the details, and as a review to those who do use SQL regularly.What Is a SQL Server?A database application is a program that provide

54、s clients with access to data. There are many variations of this type of application, ranging from the expensive enterprise-level Microsoft SQL Server to the free and open source mySQL. Regardless of the flavor, most database server applications have several things in common.First, database applicat

55、ions use the same general programming language known as SQL, or Structured Query Language. This language, also known as a fourth-level language due to its simplistic syntax, is at the core of how a client communicates its requests to the server. Using SQL in its simplest form, a programmer can selec

56、t, add, update, and delete information in a database. However, SQL can also be used to create and design entire databases, perform various functions on the returned information, and even execute other programs.To illustrate how SQL can be used, the following is an example of a simple standard SQL qu

57、ery and a more powerful SQL query: Simple: Select * from dbFurniture. tblChair/zThis returns all information in the table tblChair from the database dbFurniture.Complex: EXEC master. . xpcmdshell dir c:This short SQL command returns to the client the list of files and folders under the c: directory

58、of the SQL server. Note that this example uses an extended stored procedure that is exclusive to MS SQL Server.The second function that database server applications share is that they all require some form of authenticated connection between client and host. Although the SQL language is fairly easy

59、to use, at least in its basic form, any client that wants to perform queries must first provide some form of credentials that will authorize the client; the client also must define the format of the request and response.This connection is defined by several attributes, depending on the relative loca

60、tion of the client and what operating systems are in use. We could spend a whole article discussing various technologies such as DSN connections, DSN-less connections, RDO, ADO, and more, but these subjects are outside the scope of this article. If you want to learn more about them, a little Google，