Flix2You Online Movie Database
Upgrade Proposal
IST 210 (SP 13), Section 001: ORG DATA (wd)
Prepared for:
Gary Heberling
April 26, 2013
Submitted by:
TEAM UNO
Nicole Smith, Project Manager
Zohreh Fakhraee, Database Administrator
Rick Peddicord, Data Analyst
Jeff Frye, Programmer
Marci Watson, QualityAssurance
Table of Contents
1.
Executive Summary …………………………………………………………3
A. Services
2.
Project Overview…………………..…………………………………………4
A. Scope of Work
3.
Project Management…………………………………………………………5
A.
Project Plan
B.
Project Resources and Budgets – Gantt Chart
Getting to know DB1 Consulting Team
3.1 Project Resources and Budget
3.2 Costs and Labor
3.3 Component Cost
4.
User Analysis…………………………………………………………………9
4.1 Assigning Users
4.2 Access example Chart
About Roles
5.
Organization of Data………………………………………………………..13
5.1 SQL Statements and Databases tables
5.2 ERD Relational Database Diagram
6.
Database Administration..…18
A 6.1 Hardware & Software Required
B. 6.2 Processor, Management and Operator System Requirements
C. 6.3 Database Backup and Recovery
7.
Database Dashboard and Analytics ……………………………………24
Examples of Database Dashboard Module:
7.1 Example of Movie Information Dashboard
7.2 Example of Customer Database Dashboard
7.3 Example of Genre Rented Pie Chart
7.4 Example of Financial Earnings Chart
8.
Legal Issues....…… …………………………………………………..… 26
Examples of Terms of Use and Privacy Policy examples
9.
List of Reference………………………………………………………… 30
2
1. EXECUTIVE SUMMARY
Five graduates of Penn State University founded DB1 CONSULTING COMPANY in 2011.
It was developed in our Data Management class and after our strong project experiment;
we decided to take it out to the real world.
We offer design and database development services to any company wishing to expand
their business on the World Wide Web. We provide high-level consulting and software
design services providing innovative ideas and website packages for all of your marketing
needs. At DB1, our drive is to help our customers meet their goals. Our goal is to attain
brilliance in what we do as individuals and as a firm. We will succeed if our concepts are
the finest; our implementation of those concepts and our service to customers are second
to none.
We will thrive if we are dedicated to an open environment that prizes diversity of opinion
and encourages every one of us to independent thought and impartiality. We are stronger
as a team than as individuals, and we will prosper if we are collective, members of the
same team. We are each accountable for the wellbeing of the organization. Our veracity
will not be compromised.
With the ever-changing Global Marketplace there is no limits to our plans. We are willing
to go to the furthest reaches our clients want to go and maybe a little more. Our full
service consulting team will find the answer if it is not readily available and suggest every
opportunity to not only expand your market but reduce your long term costs.
A. Services
DB1 Consulting is a full-service Internet solutions provider for all businesses. We focus on
Database Management and development, offering the following services:
• Initial consultation. Design and Development
• Analysis of goals and target market demographics.
• Planning.
• Provide ideas for data collection, storage and retrieval of information and making it
available to your key employees.
• Provide Data Management enabling management the ability to evaluate alternative
problem solutions and identify the best solutions containing demographic, employment,
consumer-habit information, plan delivery and service routes.
• EIS Executive Information System support to your MIS and IT departments helping
make the easiest access of company information for managers and all executive levels
to be able to display a variety of reports, lists, charts, table and graphs.
• Implementation of additional media (usually through subcontractors).
• Follow-up analysis.
Additional third party contracted services available:
• Internet access service.
• Implementation of additional media (usually through subcontractors).
• Local Area Network (LAN) installation.
• Intranet setup and installation.
3
2.
PROJECT OVERVIEW
A. Scope of Work
America loves watching television. By the time the average American reaches the age of
30, they have spent five of those years in front of the TV (Norman, 2007). But times have
changed, and now Americans are cutting the cord with their local cable companies and
looking to Netflix and Hulu for their fix. Netflix has reached over 30 million subscribers,
while Hulu just hit the 3 million mark (Rosen, 2013). At the end of 2012 Hulu’s revenue
totaled $695 million, which was a 65% growth from the previous year (Kilar CEO, 21012).
Netflix closed the year at just over $3.6 billion (Netflix, 2013). Flix2You cannot afford to
miss out on this market, due to a stone-age database. DB1 Consulting is here to bring your
database and your revenue to the 21st century.
As it stands, Flix2You has an enormous amount of untapped data - eight years’ worth - in
an ‘off-the-shelf’ database that is not prepared to grow with your company. While the
current system may have met the needs of the company before, this recent transition to an
all-online environment will leave your biggest asset in the same condition. It is the mission
of DB1 Consulting to give Flix2You the ability to analyze this data to make well-informed
decisions and become the frontrunner in this market. To do this we will migrate the data
into a custom database system that will provide checks and balances that ensures the
highest possible standard for your data’s integrity. This system, which will be designed
specifically for e-commerce transactions, will be structured to allow easier querying and
the ability to create, view, and print reports based on the information that is needed. This
information will be displayed in pre-designed tables and charts that will be easily
understood by all levels of management and all departments of the company. While
money isn’t an issue in terms of creating this new system, money is being lost every day
that the current system exists. Time is of the issue. Let us, DB1 Consulting, deliver a
system that will give you the ability to analyze your data and grow your customer base.
For you to achieve a better business strategy, we will be supplying you with specific
products and processes within our new system. One of the major items will be an
upgraded database. Currently Flix2You is using Microsoft SQL Server 2008 R2 Standard
Edition, and we strongly suggest upgrading this system to the newest 2012 edition. This
will be a benefit in more than one way. While staying with the same vendor you will be able
to cut costs on additional training for a different database, and subsequently save time,
which is an important resource for any company. This upgraded system is by no means
subpar; as it has additional features added that would help your company succeed in this
market. Another item will consist of some hardware changes to give your company the
capacity to handle larger amounts of data and consequently customers. The specifics of
the hardware components will be addressed in the Project Management section. In
addition, our team is staffed with one of the best programmers in the business, which will
be developing a new and improved database model to fit your unique business
environment. This design will be open-ended to allow your company to make minimal
changes when adding new items as your business decides to grow beyond movies and
venture into games and apps. More on this will be discussed within the Organization of
4
Data section. We also have employed on our staff an exceptional Data Analyst that will be
working to design a Dashboard for all levels of management to view up-to-the-minute, and
easy to understand reports on all aspects of the business. This will be discussed further in
the Database Dashboard and Analytics section, along with prototypes of how your data will
appear based on business-specific queries that your company would want to understand.
Every change that is made to the current system will be weighed based on the potential
benefits and risks to your company, and all avenues will be exhausted to achieve a system
that supports your needs.
This project is no small feat, but the staff at DB1 Consulting is more than ready to
complete the job, as well as, meet and exceed your expectations. By the end of this
contract we will have provided a system that will allow faster transaction processing,
introduce easy-to-understand reporting for better business strategies, and possess strict
tables that will uphold the integrity of your data. Most importantly, this upgraded system will
be able to stay around for a long time and grow as your company grows. Our plan to
accomplish this will be discussed in more detail in the next section.
3. PROJECT MANAGEMENT
A. Project Plan
Over the years DB1 Consulting has perfected a system for designing and implementing
quality databases. While we use the same model for each customer, we custom tailor the
project plan to fit their exact needs; you can expect the same brand of quality and
dedication in your project management plan.
Our plan consists of six phases: Planning, Analysis, Development, Implementation,
Maintenance, and Sign Off. Each phase consists of specific deliverables and milestones
that will be presented throughout our work so that you know where we are within the
project and what you can expect from each milestone. This will also give you the ability to
continuously contribute to the process, as well as, give you the peace of mind in knowing
that your needs are constantly being met.
The Planning phase is meant for us to evaluate your database’s problems. We will work to
determine the scope of the problem and find the best solution that fits your budget and
your time constraint. After we have identified the problem and the solution, we will draft a
proposal that will explain in detail how we plan on going about solving this problem. As you
can see, we have already completed this phase, and our deliverable is in the form of this
detailed proposal.
After you have decided on whether or not you would like to pursue a contract with our
consulting group our staff will move on to the Analysis phase. Here we will determine the
business rules that make your business tick. We will use these rules to determine what
data is important to your business and what constraints surround this data. This will help
us determine the best route for laying out the foundation of your new system. In this phase
we will also analyze your current database to understand what it is doing well, what it is not
5
doing well, and what is it not doing at all. This will help us to decide what new hardware
and software the database system might need. If the database is doing everything exactly
how it should then new hardware and software are not necessary. But if that were the case
we would not be here. After gathering all the important data, our team will begin to design
new data structures for your business that will show how your data relates to each other
and specific characteristics that your data possesses. At the end of this phase we will be
able to start the procurement of the components needed for the new system and, you will
be able to assess a detailed Entity-Relationship diagram that represents your business.
In the Development phase, the most important and time consuming, we will begin to create
the tables and determine the best methods for populating the tables with your data. From
there we will test sample data to ensure that your data’s integrity is held to the highest
standard. In this stage we will also begin to formulate triggers and views to enable your
company’s user to access the data for business intelligence purposes. Finally we will begin
working on the reporting documents with Dundas Solutions. These reports will target sales
performances and help you better understand your customers’ needs. Upon the
completion of this phase, you will have a full database package, and will be able to view
sample reports of a small portion of your data to understand how your data will be used to
assist in making well-informed business decisions.
During the Implementation Phase we set up your database server and environment. This
will be done within a sandbox where it will not upset the current database of its data. We
will run the script that was designed in the Development phase to build all tables and
views. From there we will open the server and migrate the data over to the new database.
Once all the data has been moved we will run queries to assess the database and then
refresh and backup the data. While the Implementation phase is usually not a long process
in itself, we do provide enough time for your company’s users to train on the new
database. This will span a two-week length for this phase starting with upper management
and working down to the lower levels of the company. This phase will produce the
complete results of the project.
While it may seem that our work is done, we do stay with the company for another week to
assist in any debugging, and extra coding. In this Maintenance phase we ensure that our
work has met your needs and requirements and work to supplement the work as needed.
Finally we finish all remaining reports and leave you as a happy customer, but more
importantly a happy business.
While we do not have exact dates, we can presume that the project should take no longer
than 45 days. Below the Gantt chart displays the above project plan in a visual manner. All
important milestones and deliverables will be available for your company to assess at the
times specified in the chart.
6
(Illustration 3.1)
B. Project Resources and Budget
Two major resources that will be necessary to complete this project include the new
system components to be assembled and the team that will be assembling it. While you
have stated that money isn’t an important factor when creating an improved data
repository, it is important to address the costs of the project to understand your options.
Our team is comprised of five IT professionals, each specializing in a unique are of the ‘IT
puzzle’. With their varied skills in computers, you can rest assured that all aspects of your
business will be taken into consideration from beginning to end.
Project Manager - Nicole Smith
Nicole Smith first came to DB1 Consulting through an internship from University of
Pennsylvania. Upon graduating with a BS in Operations and Information Management,
Nicole joined our firm. Three years later, Nicole is one of our top project managers and
consistently delivers desired results on time and on budget. She has managed projects for
some of our biggest clients including Chesapeake Energy, Allegheny Technologies, and
W.L. Gore & Associates. Nicole will be in charge of managing the team and the phases of
the project schedule. It is the goal of the Project Manager to see the project successfully
through to the end, and to ensure that the least amount of time, budget, and resources are
wasted in this effort.
7
Database Administrator – Zohreh Fakhraee
Zohreh Fakhraee has earned her bachelors from Penn State University in Information Science and
Technology. She has over ten years of broad experience in database administration and
programming. She also has two years of experience in Arc Info programming for GIS Department
of Electro Company. As a database administrator, she works with clients to create a database that
fulfills the company’s needs. Zohreh is a dedicated, and hardworking member of DB1 Consulting
Company. As, Data Administrator, she will be in charge of planning the storage requirements of the
system, developing a backup and recovery plan, and supervise the initial data migration to the new
system. It is the goal of the Database Administrator to ensure that this new system is in compliance
with all vendor license agreements, and safeguards the integrity of your data.
Data Analyst – Ricky Peddicord
Ricky Peddicord is the newest member to the DB1 Consulting. While he has been with the
company the shortest, he is by no means inexperienced. Ricky graduated with top honors from
Pennsylvania State University with a B.S. in Computer Engineering and a Minor in Statistical
Analysis. We are lucky to have such a hard-working individual on our team. Ricky will be working
with the team during the initial phase of collecting the information needed to determine the specific
business items that will be important in providing a well-formed system. He will also be involved in
creating the reporting applications that will assist in understanding your revenue and your
customers. The Data Analyst’s objective is to help Flix2You develop an understanding of your
products, your customers, and your future business goals.
Quality Assurance – Marcia Watson
Marci Watson brings over 20 years of corporate experience to this position as DB1’s Information
Security and Risk Officer. Marci is a Certified Information Systems Security Professional (CISSP)
and Certified Information Systems Auditor (CISA). Her IT experience includes working in and with
the information security community for many years and has held key security management
positions for companies such as Pitney Bowes, Prudential Securities and Steris Corporation. Her
proven track record of success in strategic and tactical security planning has been established in
some of the leading Fortune 1000 companies. She graduated from Pennsylvania State University
World Campus in the Information Science and Technology Program with a minor in Business
Administration. Her objectives include overseeing information security, risk, and privacy; She will
be working closely with the team through all phases of the project and ensure that the final product
is bug free.
Programmer – Jeffrey Frye
After graduating from Penn State University with a Bachelor Degree in Information and Science
technologies, Jeff Frye was hired by DB1 Consulting to fill the position of programmer. With over
10 years’ experience with DB1 Consulting, Jeff has proven to be a worthy asset to our database
design team. Jeff’s main responsibilities are to write, develop, and test many of the programs used
by our firm in the creation of database. As a programmer, he is also in charge of developing new
programming methods, consulting with outside parties to determine the best techniques for
improving and updating your software, developing sample SQL and reports, and document the
procedures that will be used by your employees to access the database.
8
While the system will be the main item in terms of cost, the labor will be largest amount
due to the magnitude of the project. Below is a chart detailing the total cost of labor.
(Illustration 3.2)
Team Member
Project Manager
Database Administrator
Data Analyst
Quality Assurance
Programmer
Hourly Rate
$55.67
$35.33
$37.38
$37.38
$34.32
Total:
Labor
$20,041.20
$12,718.80
$13,456.80
$13,456.80
$12,355.20
$72,028.80
In addition to the team, the new system will have an upgraded server, hardware, and
software components. It is in the best interest of the company to continue a contract with
the Microsoft SQL Server. With the upgraded system, you will have the ability to use a
familiar system server while gaining many advanced feature that are in the 2012 version.
Similarly, the operating system will be upgraded to the newest version to ensure you
receive the maximum benefits that Microsoft has to offer. Furthermore, your memory will
be significantly larger to contain the new system and data, while we suggest that migrating
the movies to Microsoft Azure would be a smart decision to rapidly expand based on the
influx of the number of movies. Below is a chart detailing the total costs of all components
associated with the project.
(Illustration 3.3)
Component
CPU/Motherboard
Memory
Storage
Operating System
Database
Model
HP ProLiant DL560 Gen8 Intel Xeon E54650
4x8GB PC3-12800R DDR3-1600
Windows Azure (5TB Pay-as-you-go Plan)
Microsoft Windows 8 Professional - 64 bit
Microsoft Windows 2012 Standard Edition,
Core-based
Total (+ sales tax):
Pricing
$11,999.00
$756.00
$537.25/mon
$199.99
$14,344.00
$30,296.96
Total Cost of Labor and Components: $102,325.76
4. USER ANALYSIS
We will work with Management and Human Resources to develop the User Analysis Roles
and Permissions for the System:
Below are the SQL Predefined database roles:
9
You may need to create your own, but you will have access to several predefined
database roles:
•
•
•
•
•
•
•
•
•
db_owner: Members have full access.
db_accessadmin: Members can manage Windows groups and SQL Server logins.
db_datareader: Members can read all data.
db_datawriter: Members can add, delete, or modify data in the tables.
db_ddladmin: Members can run dynamic-link library (DLL) statements.
db_securityadmin: Members can modify role membership and manage permissions.
db_bckupoperator: Members can backup the database.
db_denydatareader: Members can’t view data within the database.
db_denydatawriter: Members can’t change or delete data in tables or views.
Fixed roles:
The fixed server roles are applied server wide, and there are several predefined server
roles that you can use. We will help define them and set them up for your employees.
We have put some example titles next to the predefined roles:
Database Administrator/ Manager • SysAdmin: Any member can perform any action on
the server.
Database Administrator • ServerAdmin: Any member can set configuration options on the
server.
Database Administrator • SetupAdmin: Any member can manage linked servers and SQL
Server startup options and tasks.
Database Administrator/ Manager • Security Admin: Any member can manage server
security.
Database Administrator • ProcessAdmin: Any member can kill processes running on SQL
Server.
Database Administrator • DbCreator: Any member can create, alter, drop, and restore
databases.
Database Administrator • DiskAdmin: Any member can manage SQL Server disk files.
Database Administrator • BulkAdmin: Any member can run the bulk insert command.
Assigning roles
Let’s use SQL Server Enterprise Manager to add a Windows group to a Pubs database (a
sample database that comes with SQL Server 2000) role. The first step is to create a login
for the members of the Guests group, so they can access SQL Server.
To do so:
1.
Launch Enterprise Manager and expand the security folder.
10
Example: Right-click the Logins item, and choose New Login from the resulting submenu
to open the New Login dialog box shown in Figure 4.1. Note that in this case, Windows
Authentication is already selected. If it isn’t selected on your system, select it. We’ll use
Windows Authentication Mode as opposed to SQL Server Mixed Mode. (Mixed Mode
comprises Windows Security and SQL Server’s own security model. Windows
Authentication is the recommended security model when using SQL Server.)
(Illustration 4.1)
Name
Type
Server Access
Default Database
BUILTIN\Administrat
ors
Windows Group
Permit
master
HOME\Management
Windows User
Permit
Flix2You
HOME\MidLevel
Windows Users
Permit
Flix2You
HOME\Hourly
Employees
Windows Users
Permit
Flix2You
HOME\Guest
Windows Users
Permit
Flix2You
Sa
Standard
Permit
master
HelpAssistant(Remo
teDesktop)
Remote Assistant
Permit
master
Public\Guests
Windows Users
Permit
Flix2You\Limited
Flix2You Organization now employs 50 employees. DB1 will work with you to assign and
approve all employees who utilize the system.
• 12 employees are upper level management and administrative support.
• 18 are mid-level management
• 20 are hourly employees working in warehousing and logistics.
(Illustration 4.2)
Projects
Reference: http://msdn.microsoft.com/en-us/library/ms178534.aspx
Read
Write
Edit
Admin
• View project
• View project
2. Save project
3. Modify project
properties
• Create
announcements
• Delete
announcements
• Edit
announcements
• Publish project to
the portal
11
Calendar
• View Calendar • Create events
• Notify other
• Attach files
users about an
and discussions
event.
• Modify event
properties
• Delete events
• Configure
Calendar security
Tasks
• View Tasks
• Notify other
users about a
task or task list.
• Create tasks
• Claim tasks
• Attach files
and discussions
• Update task
status assigned
to user
• Modify task
list and task
properties
• Create task
lists
• Assign owners
• Copy task lists
• Import and
export task lists
• Delete task lists
and tasks
• Move task lists
• Configure task list
security
Folders
• View folders
• Notify other
users about
changes made to
the contents of
the folder.
• Add files to
folders
• Upload
documents
• Create new
Microsoft Office
documents
• Create folders
• Modify folder
properties
• Rename
folders
• Copy folders
• Delete folder
• Move folders
• Configure folder
security
Documents
• View files
• Notify other
users about the
file.
• Check files in
and out
• Undo checkout
• WebEdit
• Attach task
lists and
discussions
• Modify file
properties
• Create
shortcuts
• Publish to
Knowledge
Directory
• Revert files to
previous
versions
• Copy files
• Delete files
• Move files
• Configure file
security
• Delete previous
versions of the file
Discussions
• View
Discussions
• Notify other
users about the
file.
• Post
messages
• Reply to
messages
• Attach task
lists and files
• Modify
discussion
properties
• Create new
discussions
• Export
discussions
• Copy
discussions
• Delete discussions
and messages
• Move discussions
• Configure
discussion security
• Edit messages
• Approve or reject
messages
Read
Write
Edit
Full Control
12
About Roles
Employees are assigned to a role, thereby determining what that user can do within a
project. to which a project user is assigned.
For step-by-step instructions on how to assign roles, see Assigning Roles.
The three project roles are:
• Project Leaders: this role has full control Project Leaders have full control for
Collaboration objects. This includes Read, Write, and Edit permission for the
objects, as well as the ability to set role permissions for the object. of all
Collaboration objects. Project leaders can create, modify, and delete objects, and
can perform all actions on project objects. This role can also assign access
privileges to projects and project objects.
• Project Members: by default, this role has Write access to project objects and
can participate in the project. This role can create events and tasks, add documents,
attach links, and check files in and out. The Project Leader configures the access
privileges for this role.
• Project Guests: by default, this role has read access to project objects. This role
cannot create objects; it is intended for users who simply want to monitor projects
but not participate actively. The Project Leader also configures the access privileges
for this role.
5. ORGANIZATION OF DATA
Flix2You is currently using a generic e-commerce database and while it is working, it could
be more efficient. The current database was modified from off-the-shelf software and
recreated by the prior company. Therefore we will be upgrading their current database so
that it is easy to use, works consistently, and will be able to keep up with ever changing
technologies.
Inconsistent and illogical data that has been stored causes some performance problems,
including slowing down the online system and disrupting the transactions. This poorly
designed database has provided flawed information and has negatively affected the profit
and growth of the company. Upon investigation, we found that most of these errors occur
as a result of the poor design of the database, including unnecessary reoccurring data and
anomalies. These anomalies and redundant data increasingly weaken the integrity of the
database and also affect its data storage. As a result, our team of database designers has
found that the existing database must be efficiently reorganized. This process is known as
“normalization”. The normalization process consists of two main objectives; improving the
data structure, and creating an appropriate database design. The following are the
expected outcomes of the normalization process:



All Repetitive data will be removed.
The Data will be rearranged into tables that describe only a small piece of database.
The database will maintain the data integrity, and access and manipulation of data
will be quicker and highly efficient.
13

The amount of data stored in the database will be reduced.

There will no longer be an Inability to represent certain information (or loss of
information).
We will start the organization process by first checking that the tables are in 1NF
(First Normal Form). This is done through the following steps;
Removing the repeating groups of similar data from the base table. This is
accomplished by removing the Nulls.
Identify the primary key. This primary key must uniquely identify any attribute value.
Identify all of the dependencies.
After we are sure that the database is in 1NF, the next step is to modify all of the
tables so that they are in 2NF (Second Normal Form). This is done by;
Making new tables to eliminate partial dependencies. We will determine which nonkey columns are not dependent upon the table’s primary key and then remove all of
those non-key columns to a separate table.
Reassign corresponding dependent attributes in each new table.
Our final step in organizing Flix2You’s database will be to normalize into 3NF (Third
Normal Form). A table is in 3NF if it meets all database requirements for both 1NF
and 2NF, and if all transitive dependencies are eliminated (each column must
depend directly on the primary key, and all attributes that are not dependent upon
the primary key must be eliminated).
3NF meets the following criteria;
Each table contains all-atomic data items, no repeating groups, and a designated
primary key.
Each table has all non-primary key attributes fully functionally dependent on the
whole primary key.
All transitive dependencies are removed from each table












Once this normalization process has been completed, data will be able to be stored
without unnecessary redundancy and thereby eliminating data inconsistency so that users
can maintain and retrieve data from a database without difficulty. The database will be
efficient and effective with no anomalies in updating, inserting, or deleting data.
14
(Illustration 5.1)
SQL Statements to Create Tables
/* Script to build tables for FLIX2YOU */
/* customer */
CREATE TABLE customer(
cus_id int IDENTITY(1,1) NOT NULL,
zip_code int NOT NULL,
memb_id int NOT NULL,
trans_id int NOT NULL
cus_rating_code int NOT NULL;
/* customer_rating */
CREATE TABLE customer_rating(
Cus_rating_code int IDENTITY(1,1) NOT NULL,
cus_id int NOT NULL,
movie_id int NOT NULL);
/* director */
CREATE TABLE director(
Dir_id int IDENTITY(1,1) NOT NULL);
/* genre */
CREATE TABLE genre(
genre_id int IDENTITY(1,1) NOT NULL);
/* invoice */
CREATE TABLE invoice(
invoice_id int IDENTITY (1,1) NOT NULL,
memb_id int NOT NULL(32) NOT NULL;
trans_id int NOT NULL(32) NOT NUL;
tax_code int NOT NULL(32) NOT NULL);
/* membership */
CREATE TABLE membership(
memb_id int IDENTITY(1,1) NOT NULL,
cus_id int NOT NULL,
payment_code int NOT NULL);
/* movie */
CREATE TABLE movies(
movie_id int IDENTITY(1,1) NOT NULL,
dir_id int NOT NULL,
genre_id int NOT NULL,
star_id int NOT NULL,
product_id int NOT NULL);
/* payment */
CREATE TABLE payment(
payment_code int IDENTITY(1,1) NOT NULL,
zip_code int NOT NULL);
/* pricing */
CREATE TABLE pricing(
15
price_id int IDENTITY (1,1) NOT NULL);
/* product */
CREATE TABLE product(
product_id int IDENTITY(1,1) NOT NULL,
price_id NOT NULL);
/* star */
CREATE TABLE star(
star_id int IDENTITY(1,1) NOT NULL);
/* state_tax */
CREATE TABLE state_tax(
tax_code int IDENTITY(1,1) NOT NULL,
zip_code int NOT NULL);
/* transactions */
CREATE TABLE transactions(
trans_id int IDENTITY(1,1) NOT NULL,
product_id int NOT NULL,
memb_id int NOT NULL);
/* zipcode */
CREATE TABLE zipcode(
zip_code int IDENTITY(1,1) NOT NULL);
/* create primary keys with ALTER TABLE statement */
ALTER TABLE customers ADD CONSTRAINT pk_cus_id PRIMARY KEY (cus_id);
ALTER TABLE customer_rating ADD CONSTRAINT pk_ cus_rating_code PRIMARY
KEY (cus_rating_code);
ALTER TABLE director ADD CONSTRAINT pk_dir_id PRIMARY KEY (dir_id);
ALTER TABLE genre ADD CONSTRAINT pk_genre_id PRIMARY KEY (genre_id);
ALTER TABLE invoice ADD CONSTRAINT pk_invoice_id PRIMARY KEY
(invoice_id);
ALTER TABLE membership ADD CONSTRAINT pk_memb_id PRIMARY KEY
(memb_id);
ALTER TABLE movies ADD CONSTRAINT pk_movie_id PRIMARY KEY (movie_id);
ALTER TABLE payment ADD CONSTRAINT pk_payment_code PRIMARY KEY
(payment_code);
ALTER TABLE pricing ADD CONSTRAINT pk_price_id PRIMARY KEY (price_id);
ALTER TABLE product ADD CONSTRAINT pk_product_id PRIMARY KEY
(product_id);
ALTER TABLE star ADD CONSTRAINT pk_star_id PRIMARY KEY (star_id);
ALTER TABLE state_tax ADD CONSTRAINT pk_tax_code PRIMARY KEY (tax_code);
ALTER TABLE transactions ADD CONSTRAINT pk_trans_id PRIMARY KEY
(trans_id);
ALTER TABLE zipcode ADD CONSTRAINT pk_zip_code PRIMARY KEY (zip_code);
/* end of primary key creation */
/* END OF SCRIPT */
16
(Illustration 5.2)
17
6. DATABASE ADMINISTRATION
The entire Database system will be under the supervision of our database
administrator.
Our DBA will support the whole system to make sure everything is running
efficiently and to its highest potential. The DBA will support the system in three
levels: Managerial, Technical, and cloud base data services.
Managerial
o
o
o
o
Supporting the users by making sure they have all the requirements
Providing all the information needed for working with the system
Resolving the upcoming issues
Providing the necessary training of the users
 Defining and enforcing the procedures and standards to the
users
 Setting the necessary policies such as:
 How to create a password
 How often to change their password
 Making sure of data privacy, security, and integrity
 Planning for the regular backup
 Planning for the proper recovery
 Prioritizing the access grants to the proper users
Technical
o Responsibility of providing the best system and proper hardware for
the company
o Installing the new system
o Implementing the database
o Evaluating and testing the new system to make sure everything works
well
o System support including tuning, backup, and recovery plan
o To make sure all the users get the proper training
o Maintenance of the system
Cloud-base data services

Since we recommend Microsoft Azure for the storage of the movies, we will
use the Microsoft’s virtual server for the movies, apps, and the games.
Microsoft Azure users will be provided the latest updates, and security
essentials. The scaling of the database on the server, and all across the
workstations will be configured and managed by Microsoft Azure. Microsoft
Azure will provide the backup and maintenance of the movies, apps, and
games.
18
A. Hardware and Software Requirements
The following requirements apply to all SQL Server 2012 installations: ( Requirements are
provided by Microsoft)
(Illustration 6.1)
Component
Requirement
.NET Framework
Since the current Server runs Setup with the
Windows Server 2008 R2 SP1 operating
system, you must enable .NET Framework 3.5
SP1 before you install SQL Server 2012.
Internet Software
Internet Explorer 7 or a later version is required
Hard Disk
SQL Server 2012 requires a minimum of 6 GB
of available hard-disk space. The current server
exceeds this requirement.
Drive
A DVD drive, as appropriate, is required for
installation from disc.
Monitor
SQL Server 2012 requires Super-VGA
(800x600) or higher resolution monitor.
B. Processor, Memory, and Operating System Requirements
The following memory and processor requirements apply to all editions of SQL Server
2012 (The requirement is provided by Microsoft)
(Illustration 6.2)
Component
Requirement
Memory[1]
At least 4 GB and should be increased as
database size increases to ensure optimal
performance. The current Server exceeds this
requirement.
CPU/Motherboard
l Xeon with Intel EM64T· x64 Processor:
AMD Opteron, AMD Athlon 64, Inte
19
Server Core Support:
Change of the Server Code is not needed since installing SQL Server 2012 is supported
on the Flix2You’s current Server Core mode of Windows Server 2008 R2 SP1 64-bit x64
Standard.
C. Database Backup and Recovery
o Planning for recovery after a catastrophe is a necessity. In order to recover
the database, a backup plan will be provided. Providing two different
buildings for storing the backups is recommended. Each location should be
fire resistant, earthquake and flood proof. Both places should have security
cameras. Disks will be used for the backups, and backup operators are
responsible for different backups:
o Full backup: This backup is meant for the whole database. In SQL Server
2012, the full backup is smaller than the whole database, and this will lead to
shorter amount of time for the full backups.
o Differential Backups: This backup is only for the objects that have been
changed since last backup.
o Incremental Backups: This will be for transaction log operations.
o Encryption keys backups: In SQL Server 2012, it is important to have a
complete backups of all the keys and certificates, and store them in a safe
place to protect against theft, fire, flood, or any kinds of damages. SQL
Server 2012 Enterprise Edition supports data compression, which reduces
the disk cost by 60-70 percent. Timing of the backup depends on the size of
database. Since Flix2You has about 20 Million users, every full backup might
take between up to one hour. Differential and incremental backups will take
less than 15 minutes.
(Illustration 6.3)
Day of the Week
Weekly Full Backups
Monday
A full backup
Tuesday
A differential and incremental backup with all
changes since Monday
Wednesday
A differential and incremental backup with all
changes since Tuesday
Thursday
A differential and incremental backup with all
changes since Wednesday
Friday
A differential and incremental backup with all
changes since Thursday
Saturday
A differential and incremental backup with all
changes since Friday
Sunday
A differential and incremental backup with all
changes since Saturday
20
Our suggestion for backup device: Using Disk drive since they are the fastest way to
backup and restore the files.
Recovery Plan
Validating the backups weekly. It means after finishing the backups, we will validate
that we have a usable backup, and we can use them for recovery.
Practicing restoring the database on a regular bases. This will make everybody to
be prepared when the system goes down, and the pressure is high.
The estimation for the time of recovery will be determined in each restore practice to
make sure we plan according time in needed time.
Data Access and Security
We make sure that our security approach will secure all:
1. Hardware system

Authorized users should use the server and each workstation. Each user
based on his/her authorization is going to be assigned with a user ID that
gives specific permissions for accessing the database.

Each one of the stations will be utilized to the UPS to prevent the system
interruption due to the power outage.




Having a backup and recovery plan
The server and all workstation must have locks.
A remote kill switch will be implemented.
Using separate building for backup and recovery disks just in case of any
natural disasters.
2. Operating system

Installing the most recent antivirus and security systems against worm
attacks, denial-of-service attacks, Trojan horses, password crackers.

Regular backups

Only authorized application can be installed by using group policies.

Audit log will be created automatically in the SQL Server 2012.
3. Software applications

Application programs will be tested extensively to make sure they are free
from bugs and buffer flow.

To prevent cross-site scripting and unauthorized inputs, all the application
codes will be safeguarded.

Providing spam filters and antivirus For E-mail attacks.

We will be using the open web application security project to make sure
using the secure coding techniques.
21
4. Network and all related devices

To make sure that our network is secure against IP spoofing and packet
sniffers, we install firewalls.

Another step will be installing a VPN (Virtual Private Network)

IDS also will be used for Intrusion Detection System.

Any network activity will be monitored extensively.
5. All users

A set of rules will be enforced for creating passwords to make sure users
create the least vulnerable passwords.

Using screen savers for the moments that the user has left the computer
unattended.

Security cameras will be installed in the server and workstation areas.

The server room will have an automatic door lock.
6. Data: SQL Server 2012 encrypts data by using:

The transparent data encryption.

Extensible key management (encryption standard AES256)

Built-in cryptography hierarchy

Access permission will be defined.
Data view will be defined by DBA. The SQL Server 2012 allows the DBA to define the
scope of data that each user can view. This will make sure that each user can have access
to part of the database that is related to their job.
There will be a need for data security officer to ensure the company is in compliance with
the necessary amount of confidentiality. Data security officer, database administer, and
Flix2You management should have an agreement to follow the company’s policies, and
also to make sure the data confidentiality rules are agreeable with HIPPA, GLBA, and SOX.
Authorization:
There will be different levels of access to the database:

DB1 Administration: They can do anything throughout the system.

Flix2You Administration: They have access to the entire database

Member: They are all users with valid account.

Guest: They are authenticated user, and they have very limited viewing
access of the site.
22
Benefit from the Most Secure Database







SQL Server has recorded the fewest number of vulnerabilities. [National
Vulnerability Database]
Most Up-to-Date Encryption Technologies Built on Trustworthy Computing
Initiatives
10 years of applying Security Development Lifecycle in Trustworthy
Computing initiatives.
Take advantage of a built-in cryptography hierarchy.
Encrypt data seamlessly using Transparent Data Encryption.
Sign code modules.
Employ Extensible Key Management using the latest encryption standard
AES256.
Privacy statement*
There is sensitive information about the customers in the tables. We take the security of
the database very seriously. Other than encrypting the data, and providing a firewall, we
take further steps to protect the backup disks and the server itself. We have to also protect
the keys that will be used for encrypting the data. In SQL server 2012, encryption of data
happens by hierarchical encryption, which gives the database a more reliable security by
providing asymmetric keys. These asymmetric keys will be stored in outside of SQL server
in an EKM module.
Implications or Disclaimers
Each member should sign an agreement for a disclaimer. A lawyer to protect the Flix2You
from future legal complications should provide this disclaimer. Each employee, who has
access to the sensitive information, must sign an agreement for being faithful towards the
sensitive data assets.
Company also is responsible to provide some information about Flix2You privacy policy
such as:
 What types of information Flix2You will collect, and what does company do
with the information.
 How does Flix2You protect customer information?
 Does your company use cookies?
 Will be any of the customers’ information shared with the third party?
 Any future changes in the company’s policy.
 Any links to other websites.
 Contact information
Sample of Privacy Disclaimer generated by http://www.privacypolicyonline.com/:
*Privacy Policy for Flix2You can be found in the General Terms and Conditions of the
Legal Issues section of this proposal. (page 28 )
23
Dataload
For migrating from existing database to the new one we use the SQL Server Import and
Export wizard. Over all we have twelve tables. For each table, we have to change the
mappings between the source and destination columns since we have changed all the
tables and their attributes.
For installing SQL Server and Integration SSDT (SQL Server Data Tools) and SSIS ( SQL
Server Integration Services will be installed first).
7. DATABASE DASHBOARD AND ANALYTICS
We have decided to go with the Dundas Dashboard Software as we believe it is the
one of the best pieces of dashboard software on the market. It is very easy to use and
includes such features as exporting data to Excel, advanced filtering, more than 50 out-ofthe-box formulas, ability to print to .pdf, email notifications, and many other innovative
features.
Dundas supports many of the most mainstream as well as new data sources for
importing data and for the sources they don't support, they will build custom data
connectors to the data source for you!
Dundas includes a very sleek and powerful HTML5-based Mobile Dashboard
Explorer App. It is tile based so it works really well with a touchscreen, it allows you to
customize the apps homescreen with various metrics, allows you to easily drill-down by
just tapping a tile on the touchscreen, and the data is even in real time!
We couldn’t be happier using any other software on the market for our Database
Dashboard needs.
(Illustration 7.1)
Examples of Database Dashboard Module
24
(Illustration 7.2)
(Illustration 7.3)
(Illustration 7.4)
25
There is a plethora of data-rich information within the Flix2You data. This information can
be used to make very informative and advantageous marketing decisions. Such
information includes what movies the customers rent, how much they spend at Flix2You
per month, what their favorite genre is, and even who their favorite actor or director is. The
possibilities are endless.
To actually be able to effectively use this data, you will have to run SQL queries to retrieve
it.
The following SQL query would give you information what movies the customer has rented
or purchased:
SELECT CUS_FNAME, CUS_LNAME, CUS_PHONE, CUS_EMAIL, MOVIE_ID,
MOVIE_TITLE, MOV_SUMMARY, TRANS_ID, TRANS_DATE;
FROM CUSTOMER, MOVIE, TRANSACTION;
WHERE MOVIE.MOVIE_ID = TRANSACTION.MOVIE_ID;
GROUP BY MOVIE_TITLE;
ORDER BY CUS_LNAME ASC;
This following SQL query would generate a list of actors and what movies that they play in:
SELECT STAR_ID, STAR_FNAME, STAR_LNAME, MOVIE_ID, MOVIE_TITLE;
FROM STAR, MOVIE;
WHERE STAR.STAR_ID = MOVIE.STAR_ID;
GROUP BY STAR_FNAME;
ORDER BY STAR_FNAME ASC;
This last SQL query would generate a customer's rating for a movie:
SELECT CUS_RATING_CODE, MOVIE_ID, CUS_ID, MOVIE_TITLE, CUS_FNAME,
CUS_LNAME;
FROM CUSTOMER_RATING, MOVIE, CUSTOMER;
WHERE MOVIE.MOVIE_ID = CUSTOMER_RATING.MOVIE_ID;
AND CUSTOMER.CUS_ID = CUSTOMER_RATING.CUS_ID;
GROUP BY CUS_FNAME;
ORDER BY MOVIE_TITLE DESC;
8. LEGAL ISSUES
DB1 Consulting will work closely with your Legal Council in drafting a Terms and
Conditions and Privacy Policy for your website. We are also willing to work with your
Human Resources department in drafting Employee Policies for the handling of Customer
Confidential Information including setting up permissions and roles for accessing Payment
records.
26
Below is a sample for your review:
Flix2You Web Site Terms and Conditions of Use
1. Terms
By accessing this web site, you are agreeing to be bound by the Flix2You web site Terms
and Conditions of Use, all applicable laws and regulations, and agree that you are
responsible for compliance with any applicable laws. If you do not agree with any of these
terms, you are prohibited from using or accessing this site. The materials contained in this
web site are protected by applicable copyright and trademark law.
2. Use License
Permission is granted to temporarily download one copy of the materials.
(information or software) on Flix2You's web site for personal, non-commercial transitory
viewing only. This is the grant of a license, not a transfer of title, and under this license you
may not:
Modify or copy the materials use the materials for any commercial purpose, or for any
public display (commercial or non-commercial) attempt to decompile or reverse engineer
any software contained on Flix2You's web site remove any copyright or other proprietary
notations from the materials; or transfer the materials to another person or "mirror" the
materials on any other server.
This license shall automatically terminate if you violate any of these restrictions and may
be terminated by Flix2You at any time. Upon terminating your viewing of these materials or
upon the termination of this license, you must destroy any downloaded materials in your
possession whether in electronic or printed format.
3. Disclaimer
The materials on Flix2You's web site are provided "as is". Flix2You makes no warranties,
expressed or implied, and hereby disclaims and negates all other warranties, including
without limitation, implied warranties or conditions of merchantability, fitness for a particular
purpose, or non-infringement of intellectual property or other violation of rights. Further,
Flix2You does not warrant or make any representations concerning the accuracy, likely
results, or reliability of the use of the materials on its Internet web site or otherwise relating
to such materials or on any sites linked to this site.
All trademarks, trade names, service marks, copyrighted work, logos referenced belong to
their respective owners/companies.
4. Limitations
In no event shall Flix2You or its suppliers be liable for any damages (including, without
limitation, 3rd party applications, websites or endorsement of any content listed on the
website) arising out of the use or inability to use the materials on Flix2You's Internet site,
even if Flix2You or a Flix2You authorized representative has been notified orally or in
writing of the possibility of such damage. Because some jurisdictions do not allow
27
limitations on implied warranties, or limitations of liability for consequential or incidental
damages, these limitations may not apply to you.
5. Account Access and Payment Information
Your personal information shall be password protected and encrypted by Flix2You
administration. It is your responsibility to update and maintain your account information.
Personal Payment Method provided upon purchase is only maintained for that single
transaction verification and shall not be stored for future use. There are no refunds or
credits for merchandise that is received. If there is a problem with a purchase you can
contact Billing@Flix2You.com for resolution.
6. Links
Flix2You has not reviewed all of the sites linked to its Internet web site and is not
responsible for the contents of any such linked site. The inclusion of any link does not
imply endorsement by Flix2You of the site. Use of any such linked web site is at the user's
own risk.
7. Site Terms of Use Modifications
Flix2You may revise these terms of use for its web site at any time without notice. By using
this web site you are agreeing to be bound by the then current version of these Terms and
Conditions of Use.
8. Governing Law
Any claim relating to Flix2You's web site shall be governed by the laws of the State of
Pennsylvania without regard to its conflict of law provisions.
Privacy Policy
Your privacy is very important to us. Accordingly, we have developed this Policy in order
for you to understand how we collect, use, communicate and disclose and make use of
personal information. The following outlines our privacy policy.
We protect your information
We protect the confidentiality and security of your personal information by using industryrecognized security safeguards such as firewalls, coupled with carefully developed security
procedures to protect your information from loss, misuse or unauthorized alteration.
Whenever we ask for sensitive information, such as credit card numbers, we encrypt it as it
is transmitted to us. Our employees are trained and required to safeguard your information
and, using physical, electronic and procedural safeguards, we restrict access to personal
information to those employees and agents for business purposes only. Additionally, we
use internal and external resources to review the adequacy of our security procedures.
Before or at the time of collecting personal information, we will identify the purposes for
which information is being collected.
We will collect and use of personal information solely with the objective of fulfilling those
purposes specified by us and for other compatible purposes, unless we obtain the consent
of the individual concerned or as required by law.
28
Cookies, Web beacons and other Web technologies
We use a variety of technologies on our Web site. Among these are cookies, which are pieces
of information that our Web sites provide to your browser. Cookies allow us to track overall site
usage and determine areas users prefer. Cookies also allow us to customize your visit to our
Web site by recognizing you when you return. You can choose to decline cookies while at our
Web site, however, this may limit your ability to access certain areas of the Web site. Most
browsers accept and maintain cookies by default. Check the "Help" menu of your browser to
learn how to change your cookie preference.
When we track activity on our Web site, we collect information such as your IP address,
browser type and version, and pages you view. We also keep track of how you got to our site
and any links you click on to leave our site. Once you leave our site, we do not track you. We
use your Web site activity to assist us in offering you a personalized Web experience, assist
you with technical support and to tailor our offerings to you. Remember, you control whether
you receive Flix2You promotional materials.
We may access and set cookies using Web beacons, also known as single-pixel GIFs which
are invisible graphical images. These Web beacons tell us useful information regarding our
site such as which pages users access. When we send you e-mails, we may include a singlepixel GIF to determine the number of people who open our e-mails. When you click on a link in
an email, we record this individual response to allow us to customize our offerings to you.
Advertising networks that serve ads on our Website may assign a different cookie to you. The
information collected is anonymous and is not linked to your personal information. These
cookies may be used to select which ads you see and determine the effectiveness of this
advertising. You may choose to decline cookies from third-party ad servers, which Flix2You
does not control. We will only retain personal information as long as necessary for the
fulfillment of those purposes.
We will collect personal information by lawful and fair means and, where appropriate, with the
knowledge or consent of the individual concerned. Personal data should be relevant to the
purposes for which it is to be used, and, to the extent necessary for those purposes, should be
accurate, complete, and up-to-date. We will protect personal information by reasonable
security safeguards against loss or theft, as well as unauthorized access, disclosure, copying,
use or modification. We will make readily available to customers information about our
policies and practices relating to the management of personal information and are committed
to conducting our business in accordance with these principles in order to ensure that the
confidentiality of personal information is protected and maintained.
Online Privacy Policy Only
This privacy policy applies only to our online activities and is valid for visitors to our website
and regarding information shared and/or collected there. This policy does not apply to any
information collected offline or via channels other than this website.
29
9. REFERENCES --- ALL MEMBERS
Cherry, D. (2012). Securing SQL Server: Protecting Your Database from Attackers.
Syngress Media.
Dundas Data Visualization, Inc. (2013). Dashboard customization and interactivity.
Retrieved from http://www.dundas.com/dashboard/features/dashboard-customization.aspx
Infocaptor. (2013). Business intelligence dashboards. Retrieved from
http://www.infocaptor.com/help/infocaptor_enterprise.htm?mw=MzAw&st=MQ==&sct=MA=
=&ms=AAAA
Kilar CEO, J. (2012, December 17). A Big 2012 [Web log post]. Retrieved from
http://blog.hulu.com/2012/12/17/a-big-2012/
Knight, B., Knight, D., Davis, M., & Snyder, W. (2012). Knight's Microsoft SQL Server 2012
Integration Services 24-Hour Trainer. Wrox.
Microsoft. (2013). SQL server 2012 standard edition. Retrieved from
http://www.microsoft.com/en-us/sqlserver/editions/2012-editions/standard.aspx
Nadel, Ben (2013). Blog of Ben Nadel “Private Policy Generator” BenNadel.com
http://www.bennadel.com/coldfusion/privacy-policy-generator.htm#primary-navigation
Netflix. (2013). Q4 12 Financials Statements. Retrieved from
http://ir.netflix.com/results.cfm?Quarter=4&Year=2012
Norman, H. (2007). Television & health. Informally published manuscript, Science
Education, California State University, Northridge, CA, Retrieved from
http://www.csun.edu/science/health/docs/tv&health.html
Oracle Database Online Documentation Library 10g Release 2 (10.2)
http://docs.oracle.com/cd/B19306_01/network.102/b14266/policies.htm
http://docs.oracle.com/cd/B19306_01/network.102/b14266/admusers.htm#i1007493
Rosen, J. (2013, January 07). 2013 Showdown: Netflix vs. Hulu Plus [Web log post].
Retrieved from http://infospace.ischool.syr.edu/2013/01/07/2013-netflix-vs-hulu-plus/
Rudrasoft LLC. (Designer). (2013). Infocaptor Dashboard Designer [Portable Document].
Retrieved from http://www.infocaptor.com/how_to_build_dashboard_using_excel.pdf
Simmons, K., & Carstarphen, S. (2012). Pro SQL Server 2012 Administration. Apress.
30