Computer Systems and Website Planning

H. Database Management System

Updated on July 13, 2011

What does THNC need for a DBMS to do? We hope these ideas are not new, and we hope that other customers have database situations similar to ours. If so, there is hopefully an off-the-shelf DBMS that THNC can use and quickly get started with its research.

1. How the database will be used:
1. All sensitive data must be encrypted or password protected before transmission, such as done by Adobe Acrobat 7 (credit - Abagnale)
2. Employees will gather information from hundreds of sources and enter it into a staging area
3. This staged information is screened, verified, or tested by employees for accuracy; one tool to be used is THNC's Ethical Standard (ES);
4. After verification, information is edited into a portion of the primary database called the "members' area"
5. Others will access the database for preparing new or updated editions of existing Educational Presentations (EPs) and for new and revised books covering specialized topics.
6. Still others will speak with members (voice or chat rooms) by accessing the database to find answers for members' questions.
7. Members login to the website and access and search the members' area.
8. THNC plans to expand the database with information generated by new THNC branches (subsidiaries). These subsidiaries may perform the following types of work:
1. product testing and certifications,
2. standards and protocol development;and
3. research to find applications of home networking technology not currently being pursued by others.



2. Needed / Anticipated Features of a DBMS
1. Designed for possible use in cloud environment
2. Additions and changes in the database from all employees will be tagged; this allows security tracking (for THNC's use) and collaboration with other employees (for employees' use).
3. Many chronological tracks of information, one for each industry involved with home networking and additional tracks for specialty topics / departments; able to create new tracks for new industries and new topics, with No Limits
4. All industry tracks will be separate yet capable of being linked with every other track and capable of being cross-referenced to related information in other tracks.
5. Chronological searches and keyword searches will be common by both members and employees.
6. There should be a cross-referencing, keyword search tool with automatic tagging capabilities that seeks out terms throughout the database. A Boolean search engine tool should include operators, term creation, brackets and parentheses, and algorithm storage for individual employees.
7. Standards need to be created to know how to arrange information, what constitutes a suitable entry, and what amount of detail is appropriate.
8. Keyword search capability, for members' use in the member area, and for employees' use in all parts of the database;
9. Cross-referencing capability for employees' use;
10. Tags to other information and/or special events. Triggers, etc. to be set by employees so that members can be notified about new products. Related triggers for member services (help with purchasing, information about other new products) which may create possibility of new sales.
11. Other needs for future use (user-defined capabilities)
12. Database must be designed to work with dynamic websites (those which have employees performing the updates and have members accessing information that is being updated in real time
13. Each entry in the database will be characterized by the nature of information and how that information might be used; known types of entries: definitions, protocols, parts, systems, utilities, appliances, applications, equipment, software, computer-based intelligence (Artificial Intelligence), and industrial specialties. Also… product descriptions, product reviews, product recommendations, professional referrals, representative director information, representative director elections information, member organization information, conventions, elections, and SIG information, and Test Equipment Rental Service information.



3. Security, Monitoring, Maintenance
1. A log, integral with database that records statistics for each user’s session, such as
1. log on time and place;
2. number and types of additions, deletions, and changes; and
3. log off time and place;
2. Encrypted identification string placed on an authorized computer:
1. the absence of a correct or current identification string prevents log-in;
2. stolen equipment would cause identifications to be blocked;
3. encrypted identification strings protect the equipment before someone attempts database access;
4. digital certificates protect the passage of data providing security in both directions, but blocked strings prevent transmission.
3. Work (additions, changes, deletions) tagged with alphanumeric identifier to somehow make each block of text unique in the database.
4. A modifications cache – where changes and deletions are tracked and stored for a period of time – an informational audit trail; for use by employees -- not accessible by members
5. Levels of access: each ID (for employees and members) capable of being assigned an access level and other privileges; one for each employee, based on purposes of access and skill-level; one for each member, based on category and type of membership. An example… members in the Professional Category may have database access levels similar to employees
6. Examples of access levels:
1. perform research;
2. add, update, delete entries in the database;
3. employees (technicians, teachers, instructors) creating or revising Educational Presentations (EPs) and other products for sale and/or presentation;
4. employees and volunteers interacting with members via chat rooms and/or telephone help sessions;
5. future THNC subsidiaries will use database to assist in their work, to record their findings, and expand the database with new topics
7. Daily backups for entire database and/or daily employee activity
8. Some kind of serial backup for all entries
9. Systems recovery capability: possibly using a test region or version of database, reinstall from backup, reinstall update entries for each user since date and time of backup
10. Integrated functionality with THNC-stations, possibly using methods to streamline work done at authorized terminals making it easier to do
11. Multiple servers or duplication for stability and affordability



4. Questions about DBMS Capabilities
1. How will queries from website interact with DBMS?
2. How will changes requested by members be sent to DBMS?
3. Where does DBMS software reside with respect to the database itself?
4. How does encryption work in the following situations:
1. database access via Internet;
2. information inside database (always encrypted?);
3. multiple levels (encrypted encryption?); and
4. changing algorithms (encryption changes with time or some kind of random number generator)?
5. Internet security involves HTTPS and SSL/TLS, but these are under the control of others. What other encryption can be done by DBMS and at local THNC-stations to increase levels of security that we control?
6. Can encryption/de-encryption be done at each end via specially installed routines?
7. Can VeriSign SSL be used with all transactions? Can VeriSign be integrated into other functions?
8. How many break-ins have been documented with this DBMS? What fixes have been implemented because of the break-ins? What efforts are currently in effect to prevent future breaches?
9. How does merchant services work between database, website, and the DBMS? How can security be improved? How can weaknesses in security be improved?
10. Can selected servers be chosen such that each has UPS capabilities (large enough capacity to keep THNC “on the air”)? How to guarantee this?
11. Does the DBMS product have its own passwords and IDs -- that protect the database itself? Are there other levels of security to prevent hackers / crackers from gaining automatic access to database?)