UNIVERSITY OF THE PHILIPPINES

OPEN UNIVERSITY

MASTER OF INFORMATION AND COMMUNICATION STUDIES

Rey Lawrence L. Torrecampo

Asset Management System for Database Management Systems

Thesis Adviser:

Ria Borromeo
Faculty of Information and Communication Studies

30 May 2022

Permission of the classification of this academic work access is subject to the provisions of
applicable laws, the provisions of the UP IPR policy and any contractual obligations:

Invention (I) Yes or X No

Publication (P) Yes or No
Confidential (C) Yes or No
Free (F) Yes or No

Student's signature:

Thesis adviser signature:

Asset Management System for Database Management Systems … i

 University Permission Page

Asset Management System for Database Management Systems

“I hereby grant the University of the Philippines a non-exclusive, worldwide, royalty-

free license to reproduce, publish and publicly distribute copies of this Academic
Work in whatever form subject to the provisions of applicable laws, the provisions
of the UP IPR policy and any contractual obligations, as well as more specific
permission marking on the Title Page.”

“I specifically allow the University to:

Specifically, I grant the following rights to the University:

a. Upload a copy of the work in the theses database of the

college/school/institute/department and in any other databases available on the
public internet

b. Publish the work in the college/school/institute/department journal, both in print and

electronic or digital format and online; and

c. Give open access to the work, thus allowing “fair use” of the work in accordance
with the provision of the Intellectual Property Code of the Philippines (Republic Act
No. 8293), especially for teaching, scholarly and research purposes.

Rey Lawrence L. Torrecampo May 30, 2022

Signature over Student Name and Date

Asset Management System for Database Management Systems … ii

 Acceptance Page:

This paper prepared by REY LAWRENCE L. TORRECAMPO with the title: “Asset
Management System for Database Management Systems” is hereby accepted by the
Faculty of Information and Communication Studies, U.P. Open University, in partial fulfillment
of the requirements for the degree Course.

14 July 2023
Ria Mae H. Borromeo, Ph.D.
Adviser (Date)

14 July 2023
Roberto B. Figueroa Jr., Ph D.
Program Chair (Date)

Diego S. Maranan, Ph.D.

Dean
Faculty of Information and Communication Studies

July 20, 2023

_____________________
(Date)

Asset Management System for Database Management Systems … iii

 Biographical Sketch

Born and raised in Cainta, Rizal, Philippines, Rey Lawrence Torrecampo is a licensed

electronics engineer who pursued Data Analytics. After graduating in Electronics and

Communication Engineering from the Ateneo De Manila University, he spent most of his

early career as an IT professional delving into multiple industries from healthcare to logistics.

His core competencies range from software and system development to data

analytics, and database administration. His knowledge of multiple database platforms (MS

SQL Server, MySQL, Postgres, and Prestosql) has contributed to adapting to any task that

involves data migration, ETL data pipelines, and dashboard development for companies he

worked with. With his passion for learning, he spent most of his leisure time learning new

skills. In October 2021, he earned his pathway certification from DAP’s SPARTA program. In

the following year, he completed his master’s degree from the University of the Philippines

Open University.

Rey Lawrence is not just an office worker and individual contributor to his team; he

also shares his expertise in data analytics to fifth-year students in his alma mater.

Asset Management System for Database Management Systems … iv

 Acknowledgement

I am deeply grateful to all those who supported me with this journey. First and

foremost, I would like to thank the faculty and staff of the University of the Philippines Open

University for giving me the opportunity to learn from your institution. Second, I would like to

thank my former employer, dbWatch for providing me the resources to make this project a

success. Finally, I would like to thank my family for the never-ending support they provided.

Asset Management System for Database Management Systems … v

 TABLE OF CONTENTS

Title Page ......................................................................................................................... i

University Permission Page ............................................................................................. ii
Acceptance Page ........................................................................................................... iii
Biographical Sketch ........................................................................................................ iv
Acknowledgement ........................................................................................................... v
TABLE OF CONTENTS ................................................................................................. vi
LIST OF TABLES ............................................................................................................ x
LIST OF FIGURES ......................................................................................................... xi
ABSTRACT ................................................................................................................... xii
Chapter I THE PROBLEM DOMAIN ............................................................................... 1
Statement of the Problem ...................................................................................... 1
Background and Objectives of the Project ............................................................. 1
Significance and Scope of the Project ................................................................... 2
Documentation of Existence and Seriousness of the Problem............................... 2
1. Web based intelligent inventory management system. .............................. 2
2. An inquiry into machine learning-based automatic configuration tuning
services on real-world database management systems ........................... 3
Chapter II REVIEW OF EXISTING ALTERNATIVES ...................................................... 4
A. Site 24x7......................................................................................................... 4
B. PRTG Network Monitoring .............................................................................. 4
C. Icinga .............................................................................................................. 5
D. dbWatch Control Center ................................................................................. 5
Chapter III APPROACH TO BE TAKEN IN THIS PROJECT ........................................... 7
Overview ................................................................................................................ 7
Theoretical Framework .......................................................................................... 7
Rational of Framework ........................................................................................... 7
A. System Architecture ............................................................................... 7
B. Database Design.................................................................................... 8
C. Use Case Models ................................................................................... 9
D. Sequence Diagrams............................................................................. 10
E. Waterfall Methodology ......................................................................... 10
Technologies you plan to consider or use ............................................................ 11
1. Host Server .............................................................................................. 12
2. Web Services ........................................................................................... 12

Asset Management System for Database Management Systems … vi

 3. Client-Server Interface ............................................................................. 13
4. Server-side Scripting ................................................................................ 13
5. Local Database........................................................................................ 14
6. Database Connection ............................................................................... 14
7. Native SQL ............................................................................................... 14
Chapter IV CHAPTER PLAN ........................................................................................ 17
CONCEPT .......................................................................................................... 17
A. Input and Output .................................................................................. 17
B. Web Interface ....................................................................................... 17
C. Server Side Script ................................................................................ 17
D. Database Connection ........................................................................... 17
E. Native SQL ........................................................................................... 18
F. Machine Learning................................................................................. 18
G. System Features .................................................................................. 18
METHODS .......................................................................................................... 19
Plan for User Testing and Project Assessment ................................................... 20
A. Scheduling and Implementation ........................................................... 20
B. Project Assessment and User Testing ................................................. 21
Chapter V RESULTS AND DISCUSSION ..................................................................... 28
A. What I learned from this project .................................................................... 28
B. Maintenance Plan ......................................................................................... 31
Chapter VI CONCLUSION ............................................................................................ 32
Chapter VII RECOMMENDATIONS .............................................................................. 34
REFERENCES .............................................................................................................. 35
APPENDICES ............................................................................................................... 37
Appendix A: System Architecture .................................................................................. 37
Appendix B: Entity Relationship Diagram ...................................................................... 38
Appendix C: Webpages ................................................................................................. 39
C.1: Home Page................................................................................................... 39
C.2: Project Page ................................................................................................. 39
C.3: Sign Up / Login Page .................................................................................... 40
C.4: Change Password ........................................................................................ 40
C.5: Dashboard .................................................................................................... 40
C.6: Configuration > ADD..................................................................................... 41
C.7: Configuration > Edit ...................................................................................... 43
C.8: Configuration > Remove ............................................................................... 43
C.9: MONITOR > [CONNECTION] ...................................................................... 44

Asset Management System for Database Management Systems … vii

 C.10: INVENTORY ........................................................................................ 44
C.11: ANALYZE > Environment .................................................................... 45
C.12: Analyze > [CONNECTION] .................................................................. 45
C.13: LOGS ................................................................................................... 45
C.14: Notification ........................................................................................... 46
C.15: Search Bar ........................................................................................... 47
C.16: My Profile Page ................................................................................... 47
C.17: Log Out ................................................................................................ 48
Appendix D: Actual Project Progress............................................................................. 49
Appendix E: User Case Model ...................................................................................... 50
Appendix F: Sequence Diagrams .................................................................................. 51
F.1: Account Creation, Log In and Change Password .......................................... 51
F.2: Recover Password and Connect to database ............................................... 52
F.3: Edit Connection and Remove Connection..................................................... 53
F.4: Monitor database, logging, and refresh database connection ....................... 54
Appendix G: List of Databases ...................................................................................... 55
G.1: List of Database for Integration Testing ........................................................ 55
G.2: List of Database for Staging Area Testing .................................................... 55
Appendix H: Test Scenarios .......................................................................................... 57
H.1: All test cases ................................................................................................ 57
H.2: All test cases and scenarios ......................................................................... 57
H.3: Severity Criteria ............................................................................................ 60
Appendix I: Test Scenarios ............................................................................................ 61
I.1: Create an Account ......................................................................................... 61
I.2: Duplicate Email Address ................................................................................ 61
I.3: Recover Password ......................................................................................... 61
I.4: Add Database Connection ............................................................................. 62
I.5: View Environment .......................................................................................... 62
Appendix J: Testing Results .......................................................................................... 63
J.1: Integration Testing – First Attempt................................................................. 63
J.2: Integration Testing – First Attempt (Database ConnectionResults) ............... 63
J.3: Integration Testing – Second Attempt ........................................................... 63
J.4: Integration Testing – Second Attempt (Database ConnectionResults) .......... 64
J.5: Staging Environment Testing ........................................................................ 64
J.6: Staging Environment Testing (Database Connection Results) ...................... 65
Appendix K: Code .......................................................................................................... 66
Appendix L: ZAP Alerts.................................................................................................. 67

Asset Management System for Database Management Systems … viii

Appendix L: List of Files................................................................................................. 71
M.1: List of Stored Procedures............................................................................. 71
M.2: List of Views ................................................................................................ 74

Asset Management System for Database Management Systems … ix

 LIST OF TABLES

TABLE 1: LIST OF CORRESPONDING TECHNOLOGIES TO BE USED ............................ 11

TABLE 2: LIST OF SECURITY VULNERABILITIES .............................................................. 25

TABLE 3: LIST OF DATABASE AND ACCESS INFORMATION FOR INTEGRATION

TESTING ......................................................................................................................... 55

TABLE 4: LIST OF DATABASES AND ACCESS INFORMATION FOR STAGING AREA

TESTING ......................................................................................................................... 56

TABLE 5: BUG TRIAGE - SEVERITY CRITERIA .................................................................. 60

Asset Management System for Database Management Systems … x

 LIST OF FIGURES
FIGURE 1: WEB-BASED INTELLIGENT INVENTORY MANAGEMENT SYSTEM: CLIENT

SERVER ARCHITECTURE ..................................................................................................... 3

FIGURE 2: DNN TUNING PIPELINE ....................................................................................... 3

FIGURE 3: ALL TECHNOLOGIES TO BE USED .................................................................. 12

FIGURE 4: DATA DISPLAY AND DATA INPUT .................................................................... 13

FIGURE 5: DATA EXTRACTION, TRANSFORMATION AND LOAD TO SERVER AND

DISPLAYING OF DATA TO SERVER ................................................................................... 15

FIGURE 6: WATERFALL METHODOLOGY OF PROJECT .................................................. 19

FIGURE 7: NETWORK TESTING RESULTS ........................................................................ 24

FIGURE 8: SYSTEM ARCHITECTURE ................................................................................. 37

FIGURE 9: ENTITY RELATIONSHIP DIAGRAM ................................................................... 38

FIGURE 10: GANTT CHART FOR PROJECT IMPLEMENTATION ...................................... 49

FIGURE 11: USE CASE MODEL........................................................................................... 50

Asset Management System for Database Management Systems … xi

 ABSTRACT

Databases hold critical data that is valuable for both consumers and businesses. As abusiness

expands, the reliance on a healthy and working database becomes imperative for its business

operations. Hence, it is essential to maintain and monitor relational databases as they are the

backbone for business longevity and growth.

This project aims to retrofit the concept of an inventory management system to database

systems. The scope and result of this project are to (1) host the system in awebserver, (2)

capability to connect to any of the popular relational database systems(SQL Server, Postgres,

Oracle, or MySQL), (3) monitor a database’s availability and capacity, and (4) aggregate and

display historical data into graphs and tables.

The resulting system satisfied the requirements mentioned above. The system is hosted on

AWS EC2 Windows 2019. Through the web interface, you can monitor andanalyze historical

data. With the pyodbc library, it can Extract-Transform-Load data from the target database and

then load it to the local database. This method is possiblewith the help of SQLs native for each

target database.

Even though numerous database monitoring tools are on the market, this system is alow-cost

alternative. Also, the system is still in its infancy. It suffered from project ailments that hindered

the progress of this project, such as underestimating tasks, shortage of time, and delayed

testing. In essence, the system still satisfies the benchmarks for testing, and it is subjected to

future improvements.

Keywords: Databases, Database Monitoring Tools, ETL, Database Systems

Asset Management System for Database Management Systems … xii

 Chapter I

THE PROBLEM DOMAIN

Statement of the Problem

Daily business operations and business intelligence rely on the availability of database

management systems. Since databases hold critical data that is valuable to both the

consumer and the business, they are the backbone of the modern business.

However, as modern businesses continue to expand and meet their customer's needs,

relational database management systems also grow in scale. Companies are struggling to

track and monitor the databases properly. Plus, businesses also need the tools to cope in

maintaining and auditing their database systems.

In that regard, the problem for this research centers on tracking and auditing database

management systems. As they are the most critical assets, we want to find alternative

monitoring and tracing them.

Background and Objectives of the Project

The purpose of this research is to retrofit and repurpose inventory management

systems to monitor and track RDBMS precisely and the servers where they are hosted.

There are four questions we want to address:

1. How do we transform the existing Inventory Management System to monitor and audit

RDBMS primarily?

2. Is there any related literature on inventory management that needs to be considered?

3. What best practices should we consider transforming an existing inventory system?

Asset Management System for Database Management Systems … 1

 4. What essential RDBMS properties are relevant in tracking and auditing?

Significance and Scope of the Project

This document will only include the software specifications for an Inventory

Management System specifically designed for database and server monitoring.

As stated previously, a management inventory system explicitly designed for databases

is the goal of this project. It can connect to any major brands (MySQL, Oracle. MS SQL

Server, and Postgres).

The proposed product is akin to a database monitoring tool that monitors and tracks

database availability and capacity. The product will be named RDB IMS. However, this is

where the similarity ends. The product will be hosted on a web server as a centralize The

development will include features such as:

● capacity auditing

● network traffic analysis

● server availability

● real-time analytics

● Machine Learning Algorithm for automated and consistent uptime monitoring

Documentation of Existence and Seriousness of the Problem

There are two relevant studies that are relevant for this project.

1. Web based intelligent inventory management system.

The web-based intelligent inventory management system follows perfectly the proposed

client-server architecture of the system. In the architecture seen below (Figure 1), it has an

input and Output Module, Web Services, Database and Intelligent System.

Asset Management System for Database Management Systems … 2

 Figure 1: Web-based Intelligent Inventory Management System: Client Server Architecture

The input module provides a user login for different privileges and access restrictions while

the Output Module enables users to view and monitor activity. The database, on the other

hand, is a repository to store transactions and status of remaining stocks. Similarly, it has

the intelligent system using fuzzy logic.All of the above are hosted in a web service for

centralization and faster communication with other users. [1]

2. An inquiry into machine learning-based automatic configuration tuning services on real-

world database management systems

In a paper written by Aken and company, database performance tuning and optimization

was done using machine learning. In their study, it resulted in a 45% increase in db time

compared to the default settings.

Figure 2: DNN Tuning Pipeline

Asset Management System for Database Management Systems … 3

 Chapter II

REVIEW OF EXISTING ALTERNATIVES

All the existing systems are monitoring tools. For a detailed list, you can find it in the link

provided. Below are the brief overview of the related systems, the similarity and differences

to the proposed system and the rationale why the proposed system is a better alternative.

A. Site 24x7

Site 24x7 is a web hosted server that measures web traffic and server resources. It is

marketed as an all-in-one monitoring solution that monitors web server, web site, network,

and application. However, this monitoring solution does not include database monitoring

which is an essential and main component of the proposed system. The goal of the proposed

system is to have portability and easy connection to a centralized server. In that regard, it

burrows the concept of a web server from Site 24 x7 with the added features of network and

server resource monitoring.

B. PRTG Network Monitoring

PRTG Network Monitoring is a premium monitoring solution that tracks performance, load

and services for Cloud application, Databases, Hardware and Network. For databases, it

includes all four major platforms (MS SQL Server, MySQL, Postgres and Oracle). It also

has monitoring features for Operating System cloud monitoring, service, and performance.

The monitoring tool is an application where it will be installed to your machine. Similar to

the proposed system, it will need the network and server monitoring features but only the

basics. However, the differences between the proposed system and this alternative

Asset Management System for Database Management Systems … 4

 system is the cost and scope. It has comprehensive features that are outside the main

features proposed earlier. Subsequently, the idea to use open-source software to minimize

costs is another consideration for this project. The goal is to democratize database

monitoring hence costing is a priority for this project without affecting the main the

objectives.

C. Icinga

Icinga is a open-source monitoring tool that is only available for desktop. It can monitor

servers and databases with minimum hardware requirement. It features Infrastructure

Monitoring, Monitoring Automation, Cloud Monitoring, Metrics and Logs, Analytics and

Notifications.

Similarly, the proposed system is in line with the philosophies and features of this product.

As it is an open-source product then cost is the main selling point for it. Next, it monitors

cloud servers and databases which is another key component of the proposed system.

Finally, it has the added option for configurability since most the technologies used will

have an open-source software.

The difference with Icinga is that it is community driven. Being heavily reliant to a

community of developers has its pros and cons. But most likely, there is less control over

the final product and a blurry vision from the initial specifications. This is a risk not worth

taking.

D. dbWatch Control Center

dbWatch is a database-centric monitoring and management solution that covers

multiple database platforms. It has the following features:

Asset Management System for Database Management Systems … 5

 1. Database Monitoring

2. Database Management

3. Advanced Reporting

4. Database Maintenance Automation for SQL Server

5. Cluster support

6. Security package

7. Autodiscovery

8. Customization support package

9. Performance Management

10. Integrations

11. CLI scripting package

12. Multi-Site/Multi-Server support

13. Database Farm Management

14. Web dashboards

15. Auto-update

For similarities with the proposed system, it will only include the basics of database

monitoring and management. The other modules will not be included such as reports,

multi-server support and database cluster support. Furthermore, it will only limit it to

database availability such as uptime and downtime statistics and database capacity such

as growth rate and table space.

Another similarity is the seamlessness and non-intrusive nature to the operations of

the targeted database. However, the software is installed in a machine. For the proposed

system, it will be hosted on a server.

Asset Management System for Database Management Systems … 6

 Chapter III

APPROACH TO BE TAKEN IN THIS PROJECT

Overview

A database Inventory Management System or DB IMS responds to the growingdemand to

track and monitor relational databases. As a business today relies heavily on database

management systems and operations, DB IMS aids in helping them keep track of all their

database environments.

The system will use open-source technology and be hosted on a web server while

monitoring relational databases. This is ideal for professionals who prefer an on-the-go type of

monitoring. You log in, put in your database credentials, and the software will monitor your

database availability and capacity.

Theoretical Framework

In this project, we will use the following theoretical framework for a functioning

system:

▪ System Architecture - see Appendix A

▪ Entity Relationship Diagram - see Appendix B

▪ Use Case Model - see Appendix E

▪ Sequence Diagrams - see Appendix F

The default methodology for this project is a Waterfall Model Methodology.

Rational of Framework

A. System Architecture

The system architecture serves as the backbone for the proposed information system.
Asset Management System for Database Management Systems … 7
 Appendix A shows the interaction with all the components inside the host server, user, and

targeted databases.

Firstly, Input and Output are directly linked to the web interface. The web interface acts

as the User Interface, and it displays the graphs, information, and connection details to the

end-user. This serves as the output of the web interface. While the commands and

interactions done by the user are the inputs. (See AppendixC for the list of web pages)

Similarly, two buffer scripts (Server Side Scripts and Database Connection) are

connected between the local database to the web interface and the targeted database.The

server-side script displays information from the local database to the webinterface. While

the database connection script connects and interacts with thetargeted database and loads

data to the local database. The database connection script will perform ETL on the database

instance and load it to the local database.

It uses a stored procedure that will be installed inside the targeted database

environment. This design was chosen to have little impact on the targeted database server.

B. Database Design

The Entity-Relationship Diagram (ERD, see Appendix B) intends to preserve data

integrity and structure in the relational database management system (RDMS). This, in turn,

prevents orphan records from being stored and normalizes data. Similarly,this acts as a filter

when displaying data to the web interface.

First, a unique identifier is a primary key for the first two tables (users and

Asset Management System for Database Management Systems … 8

 db_connection_details). A unique identifier is a more straightforward way to enhance

security and join tables more accurately. Plus, adding a unique identifier will restrict access

to other information in the system.

Next, each platform has separate tables allocated for them. Due to the nature of

different database information, it is more convenient to separate data into different tables

rather than consolidate them in one table and separate the information afterward.

Then, you have configuration tables and generic tables. Configuration tables are

reference tables to know when to run a db ims job or track their status automatically. Generic

tables contain all general values that can be used for the entire system.

Similarly, you also have the uptime table, which holds the uptime statistics. You also

have the db_connection_logs, which holds status if the connection is ONLINE or OFFLINE.

Aside from those, the database has functions and stored procedures (Appendix M.1)

to verify the integrity of the input data. SPs and functions are also used to store data in the

local database. As for extracting data from the database, view tables are used. (See

appendix M.2)

C. Use Case Models

The use case model shows the interactions between the user and the system. In

Appendix E, it shows the multiple actions of the user and the corresponding resulting action

of the system.

Asset Management System for Database Management Systems … 9

D. Sequence Diagrams

The sequence diagrams map out the from and to for each entity (user, web server,

local database, and target database server). It defines how the data will be inputted and

stored into the database. Not only that, but it also shows how data will travel between two

entities.

For each scenario, the arrows points from the source entity (one doing the action)

and target entity (one receiving the action). For each column, there is a duration

represented by line bar for the action.

E. Waterfall Methodology

In choosing a methodology, the following questions should be answered: "who," "what,"

"when," "why," and "how." "Who" focuses on responsible teams and individualson activities

that need to be done. "What" answers project elements that need to be achieved for the

system to complete and work. "When" answers the timeline of deliverables so that the

system will reach the target date based on the client and team's date of release. "Why"

refers to activity dependencies, objectives of the project,and reasons for continuing the

project. Finally, "How" describes the process ofimplementing the theoretical frameworks

above.

When discussing methodologies, two models come into mind – waterfall or agile. The

waterfall is more traditional, wherein it follows a linear software development approach in

sequential order and moves on to the next phase when development is complete. On the

other hand, agile is a continuous and iterative development process wherein concurrent

development and testing. The client has nearly negligible participation in the project in the

Asset Management System for Database Management Systems … 10

 former, while the other has more exposure to the client.

Upon considering the project timeline (Appendix D), a more traditional approach like a

waterfall should be implemented for this project due to the following points:

▪ minor changes to be done during the product life cycle

▪ smaller uncertainties and unknown variables are expected

▪ simplified system requirement means a more linear approach is morecompatible

Technologies you plan to consider or use

Listed below are the technologies used:

Components Technologies/ Languages

Host Server AWS EC2: Windows 10 (2019),

64bit, 30Gigabyte of ROM, 2.4
GHz
Web Services Apache running in Xampp

Client-Server Interface HTML, CSS, and Javascript

Server-side Scripting PHP 8.0

Local Database MySQL

Database Connection and Data Python 3.8

Extraction
Database data extraction Native SQL (Oracle, MySQL,
Postgres, and MS SQL Server)
Machine Learning Python
Table 1: List of Corresponding technologies to be used

** Machine Learning was not implemented in this project due to the lack of data, time,and resources.

Asset Management System for Database Management Systems … 11

 Figure 3: All Technologies to be used

1. Host Server

The web server is hosted in AWS EC2. AWS was chosen to accommodate theproposed

testing plan, VPN connection to the dbWatch’s network, and seamless transition between

the integration environment (local pc) and the staging environment(AWS hosted). We are

using a free tier to utilize the full capacity of AWS EC2, especially its high availability.

Since we are working with a windows server, it’s more natural to lean to AWS EC2.In

addition, EC2 has an elastic IP and security group to whitelist all network connections. We

can set the security group to limit root access only to my IP Address.

2. Web Services

Web services are still running on an Apache engine. The difference is that we are using

Xampp to moderate the web server and database services. Both integration and staging

environment will be running on Xampp. When accessing the website, it’s seamless. For

deployment purposes, xampp is much faster to deploy, and overwriting codes is more

manageable by opening an FTP connection between the server and the local pc. Also,

Xampp’s UI is much easier than killing and restarting services.

Asset Management System for Database Management Systems … 12

3. Client-Server Interface

The Client-Server interface uses Javascript, CSS, and HTML. By default, HTMLis the display

format for the web interface. All HTML codes will be displayed on the client-side of the

server. CSS is for formatting and stylizing HTML contents. Finally, Javascript is one of the

most utilized programming languages used in the project. From animations, adding HTML

contents, graphs, and java queries, javascript has become the backbone to smoothening

user experience.

4. Server-side Scripting

PHP is the go-to server-side scripting to access the local database and store them as

variables for HTML. This style was used to reduce the strain in Javascript anddisplay pages

statically. At most, PHP is used in sessions and local database queries.

Although it can query in the local database, the credentials set are only for the db_ims

database.

Figure 4: Data Display and Data Input

In addition, select statements are limited to views, while insert, delete and update statements

are executed via a stored procedure.

Asset Management System for Database Management Systems … 13

5. Local Database

A MySQL database is hosted in the AWS EC2 instance. The database is running through

XAMPP. MySQL was chosen as the database of due to the following reasons:

1) MySQL is an open-source platform that has been relatively long in the market. This

project aims not to create a complex database system but to act as a storage unit for

the local database. MySQL suffices in this aspect.

2) MySQL has all the functions, views, and stored procedures available even for a

standard license. It is easier to restrict all transactions using View Tables, functions,

and stored procedures for security purposes. Similarly, it is easier to do this on the

command line.

3) Configuring MySQL databases is available on the internet. Since this projectaims to use

open-source resources, it will be easier to implement it with a non-enterprise database

such as MS SQL Server or a community-driven database system such as Postgres. It

is also straightforward compared to the likes of Oracle.

6. Database Connection

Python is the most suitable program language to establish, maintain, and closeconnections

to a database. Pyodbc uses the drivers available in windows. Later, we will discuss the

implications of this structure. Python ODBC is better than JDBC because it is easy to

implement, and it only requires a single library, making it platform-independent.

7. Native SQL

It uses an agentless monitoring procedure to capture database capacity and the remaining

availability components. Stored procedures stores database data and information locally. A

Asset Management System for Database Management Systems … 14

python script from the server triggers this. Once data needs to be retrieved for analysis, it

extracts the aggregated data back to the server.

Figure 5: Data extraction, transformation and load to server and displaying of data to server

Several problems with using this process during implementation will be discussed later in

the discussion section.

Asset Management System for Database Management Systems … 15

Asset Management System for Database Management Systems … 16
 Chapter IV

CHAPTER PLAN

CONCEPT

The system architecture design will follow that in Appendix A. As discussed in the

Technologies you plan to use section, the system architecture will be discussed with the

following components:

A. Input and Output

The input describes the command interactions done by the user while output are the

graphs, information and connection details displayed in the web interface for the end user.

B. Web Interface

The web interface acts as the user interface between the system local database and

scripts running behind the host server. To see the initial web pages for the project, check

appendix C for the Mockup of the web pages. This will be discussed later.

C. Server Side Script

This is the connecting script between the local database and the web interface. It provides

information for database availability, error logs and aggregated data extracted from the

targeted database.

D. Database Connection

The database connection captures availability and errors, maintains connection and loads

information to the local database. It employs the ODBC library in Python. Similarly, when

the database establishes its first connection, it will install several stored procedure.

Asset Management System for Database Management Systems … 17

E. Native SQL

In the same diagram, the targeted database will capture capacity information such as

memory, table space check, log file statistics and growth rate. Using a stored procedure

that will be installed inside the targeted database environment along with creating a

database and schema, it will store capacity data locally. The reason for this setup is to

lessen burden and storage for the web server.

F. Machine Learning

Machine learning algorithm will act as the database administrator for the database

management system. Using one of the performance tuning algorithms defined by Aken

and company, the implementation of machine learning will help in doing performance

tuning for a single database system. The machine learning algorithm is also in charge of

executing the stored procedures found in the target database. Due to time constraints, this

was not implemented in the final design.

G. System Features

The sequence diagrams map out the connection for each entity (user, web server, local

database, and target database server). It defines how the data will be inputted and stored

into the database. Not only that, but it also shows how data will travel between two entities.

In Appendix C, the web pages are shown. These are:

• Home Page - displays the home screen when accessing the website. It provides
information on the project.
• Project Page – illustrates how the system works.
• Sign Up / Login Page – access the system by creating an account or accessing your
account through Email or Username and your Password
• Change Password – password recovery page; accessed by clicking “forgot password”
and opening the recovery email. Afterward, the userwill be redirected to the password
Asset Management System for Database Management Systems … 18
 recovery page.
• Home Page – Once logged in, the user will be redirected to the home page. This shows
the notification widget, inventory graph, and quick access information tables.
• CONFIGURE > ADD – step-by-step process in connecting to a database. First, fill out
the connection form; then, the summary will be prompted. After confirming, the system
will connect to the database. After establishing a connection, it will ask for a
“connection name.” Once all are done, it will save the connection details in the
database.
• CONFIGURE > EDIT – displays the list of connections. You can change the connection
name or database details on this page. After refreshing the page, the changes will be
re-displayed.
• CONFIGURE > REMOVE – removes a database connection from the list of database
connections.

• MONITOR > [CONNECTION] – displays DB IMS jobs and installation status of DB IMS
jobs. You can run jobs manually on this page. Db IMSjobs will differ with the platform.
• INVENTORY – shows the list of active databases currently being monitored.
• Analyze > Environment – displays an inventory graph and version details of the
database you are currently monitoring.
• Analyze > [CONNECTION] – shows data extracted from the database you are
monitoring. Data displayed will differ per platform.
• LOGS – shows python script logs thru iframe
• Notification – shows user notifications
• Search Bar – queries for connection names and list them
• My Profile Page – shows an editable form for user name and Password
• Log Out – destroys current session and redirects to index page

METHODS

Figure 6: Waterfall Methodology of Project

Asset Management System for Database Management Systems … 19

 This project will observe the above straightforward methodology. For the Development

Phase, it will include each component: ODBC connector, Data Collector Script, Stored

Procedure Scripting, PHP Scripting, Machine Learning Algorithm and Web Page

Development. For every component developed, then component testing will be done. In

addition, for every component completed then it will be uploaded in github with a

corresponding version. This is to have reliable backup during the development process and

with a version control.

Once all components are complete, it will be integrated and an end-to-end testing will

ensue. If the system is stable and no potential errors can be found then it will be deployed to

the web server. Otherwise, it will remain in the local environment until all bugs and fixes are

done.

When the system is deployed in the web server, another testing phase will commence

- Prod Testing. The prod testing will be a high-level testing where potential bugs should be

intercepted and negate the probability of failure. In essence, only two environments are

available: local environment and server environment.

Plan for User Testing and Project Assessment

A. Scheduling and Implementation

Since this project will only involve two environments, then the test and deployment

will be limited to only the local environment and web server environment. For the full

breakdown, It follows the Gantt chart shown in Appendix D.Source code for the system

can be found in Appendix K. The breakdown of files can be found in Appendix M.

Asset Management System for Database Management Systems … 20

 For the implementation of the system, the first three months were dedicated to

developing the system. Afterward, two weeks were allotted for testing. Then, the last week

was devoted to documentation.

B. Project Assessment and User Testing

1. Test Plan

As discussed in the test plan, testing is done in two environments composed of Ui

Testing, White-box testing, and functional testing. The first environment involves the local

environment with databases within my machine (local database 127.0.0.1) and other

approved database instances. All instances for testing can be found in Appendix G.1

The local environment is running in Xampp, and it is accessed using Google Chrome and

Microsoft Edge. I connected to the company's network through a VPN toconnect to each

approved database. Approved databases are the databases green-litby the owner for

testing purposes, while those with Local databases are databases running on my local

machine.

Testing includes all the following scenarios, as seen in Appendix H.1. For a complete list of

test scenarios, click on the link.

Next, the staging server is used for staging environment testing. A staging environment is

provisioned and hosted in AWS. Similarly, it uses Xampp, but it’s hosted in a webserver

running on SSL. Twenty-four databases is used from dbWatch's testing environment, and

all of them are in the company’s network. It is ideal to have this many databases to see if

there will be a different response to different database versions. The list of databases for
Asset Management System for Database Management Systems … 21
 the staging environment can be found in Appendix G.2.

Similarly, the same test scenario is applied to the second testing phase. (See Appendix

H.1 for details) In addition, all databases used are approved databases for this testing

phase.

2. Finding Bugs

The expected results list of test scenarios is used when tracking bugs. In appendix H.2, the

tabulated format of the test case shows the action, input data, and expected result. Any

deviation from the “expected result” is marked as a bug. The test scenarios are influenced

by Sequence Diagram (Appendix F) and the Use case diagram(Appendix E). Bug Severity

is categorized into low, medium, and high. Categorization of bug severity can be found in

Appendix H.3

3. Test Specifications

Test results can be found in Appendix J. There were two attempts when testing the

integration environment. The first one (Appendix J.1 and J.2) failed since there were a lot of

bugs uncovered during the testing phase. (See Appendix I) The second attempt was made

after fixing all the bugs. A re-test was done and produced more accurate results. (Appendix

J.3 and J.4)

Then, testing was done in the staging environment. All bug fixes were migrated to the EC2

machine before testing commenced. Like the integration environment’s second attempt,

most of the features were functioning. (See Appendix J.5 and J.6)

Asset Management System for Database Management Systems … 22

4. Bug Triage

There are 5 Major defects found. (See Appendix I).

Special characters are omitted for the first bug (Appendix I.1) when registering for a new

account. This was more on the problem with Mail gun rather than Python. I removed all

special characters in the Stored Procedure when generating a new password to fix this.

For the second bug (Appendix I.2), “Input Valid Email” returns inputting a duplicate email.

Bug fixes include adjusting the functions related to email validation and adding an indicator

that if the output code is 2, it produces a “duplicate email” message.

For the third bug (see Appendix I.3), below are the bugs found:

▪ Redirect to Login Page After submission

▪ Subject Line not found in the recovery email

▪ No Email Sent or Confirmation.

▪ Password Recovery should work; after submitting a newPassword, it does not save

in DB level

Upon checking, the problem was that the PHP file was invoking the wrong javascript and

python files. All the issues listed above were resolved by changing file pointers (of both JS

and Py files).

The fourth bug (Appendix I.4) requires adjusting the python script for initial installation.

Several functions were revised, and after that, it worked.

Finally, the javascript for inventory charts was adjusted in the last bug (Appendix I.5). So as

the select statements of the home page and analyze_inventory page. Also,two views were
Asset Management System for Database Management Systems … 23
 added to accommodate the missing MySQL and Postgres tables.

5. Regression Testing

At the bare minimum, regression testing was done to verify if the system was notaffected by

any code changes. All parts are moving, and confirming if the system is working should be

a high priority during any code change before setting the bug fix asresolved.

6. Security Testing

Using the ZAP application, we were able to get the following alerts:

Figure 7: Network Testing Results

The complete list of Security Vulnerabilities can be found in Appendix J. But for

discussion, the table below summarizes the security vulnerabilities:

Security Vulnerability
1 Cross Site Scripting
2 Absence of Anti-CSRF Tokens
3 Application Error Disclosure
4 Content Security Policy (CSP) Header Not Set
5 Directory Browsing
6 Missing Anti-clickjacking Header
7 Parameter Tampering
8 Cookie No HttpOnly Flag
Asset Management System for Database Management Systems … 24
 9 Cookie Without Secure Flag
10 Cookie without SameSite Attribute
11 Cross-Domain JavaScript Source File Inclusion
12 Server Leaks Information via "X-Powered-By" HTTP Response Header
Field(s)
13 Timestamp Disclosure - Unix
14 X-Content-Type-Options Header Missing
15 Information Disclosure - Sensitive Information in URL
16 Information Disclosure - Suspicious Comments
17 Re-examine Cache-control Directives
Table 2: List of Security Vulnerabilities

Below are the future tasks to address the security vulnerabilities:

1) Cross-Site Script involves adding a script at the exposed part of the system’s

URL. You can do this by starting with a script identifier (<script>) and appending

a JavaScript in between. Based on the check result, the exposed part is the

exposed query selector (qres). Mitigating the exposed part will create another

section and remove the query selector from the URL. All back-end processes

will be done using Javascript and removing the header location in the PHP query

file.

2) From what the evidence suggests and from research, implementing a

synchronizer token pattern prevents unwanted sessions from getting critical

information. [3] A redesign of the PHP files will be needed to accommodate the

token submission.

3) The system does not have any error handling for Javascript or PHP executions.

Adding that crucial try-catch statement will be necessary, so it does not disclose

any sensitive information.

4) This was missed during the development of the system. A content security

policy will be added in both the bg_background.php and bg_dashboard.php. [4]

Both PHP files display the contents as HTML.

5) Since the server is running in Apache in Xampp, the same process of disabling

the list of directories will be followed. This means changing httpd-vhosts.conf to

Asset Management System for Database Management Systems … 25
 add the following Line [6]:

<Directory /{YOUR DIRECTORY}>

Options FollowSymLinks
</Directory>

6) Like number 5, the content security policy will be added. In addition, x-frame

options will be modified in the logs.php file.

7) Same as number 3, an error-handling statement will be implemented to redirect

pages to page 404.

8) ZAP suggests ensuring that the HTTP Only flag is set for all cookies. [7] This is

done by setting the cookie to accept HTTP requests, thus blocking javascript

from accessing the cookie. Cookies will be set in PHP files such as home.php,

etc.

setcookie($name, $value, [
'expires' => time() + 86400,
'path' => '/',
'domain' => 'domain.com',
'secure' => true,
'httponly' => true,
'samesite' => 'None’,
]);

9) Same as number 8.

10) Same as number 8.

11) This is caused by accessing untrusted javascript files. A solution to this is to

use sub source integrity [9]:

<script src="https://example.com/example-framework.js"
integrity="sha384oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl
1kPzQho1wx4JwY8wC"
crossorigin="anonymous">
</script>

12) Remove php exposure in php.ini file in xampp:

Asset Management System for Database Management Systems … 26
 expose_php = off

13) Remove time-zone disclosure in files css/bootstrap.min.css and

lib/tempusdominus/js/moment-timezone.min.js

<meta content="text/html; charset=UTF-8; X-Content-Type-Options=nosniff" http-

equiv="Content-Type" />

14) Add the following to the HTML file [10] or add this in the Apache Web Server

<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>

15) Alter Javascript and PHP so it does not return sensitive

information over theURL.

16) Alter Javascript so that it does not return sensitive or user

information over theconsole.

17) Adjust cache-control over the header [11]

<meta http-equiv="Cache-control" content="public">

Asset Management System for Database Management Systems … 27

 Chapter V

RESULTS AND DISCUSSION

A. What I learned from this project

In this project, I learned several key lessons. First, overestimation is determinantal to a

project’s success. Before starting this project, I submitted a strict timeline and the system's

initial design. I failed to consider the actual man-hours, information, and resources necessary

for the system. I should have realized that building this system would need an entire team to

check and balance the software andmethodology. Doing it alone, I was clouded in my judgment

and had difficulty adjustingsome features.

Second, the timeline is too rigid. It did not consider the number of hours of research and

trial and error; this further pushed the development period much later. For instance, the initial

structure of the code is to install a stored procedure, trigger thesaid stored procedure, extract

data, and transfer it to the local database. There are several problems with this design that will

be expounded on later.

Another example, I forgot to factor in research, testing the script, and how the scripts will

function per version. Upon further investigation, there are different ways to do monitoring and

extract data. It takes a longer time to test and verify each suggestion. Not all SQL native

languages are universally similar. Getting the agent status in SQL Server 2019 may differ from

getting it in SQL Server 2005. Some databases are structured differently for each version. This

was not considered during development. Thus, legacy versions will need a different approach.

Third, although it’s logical to integrate Python, PHP, Native SQL, and Javascript for the

system's backbone, it was harder to develop. The approach is different for eachprogramming

language, and cross-applying one concept to the other is overwhelming.There are moments that
Asset Management System for Database Management Systems … 28
I’m stuck with Javascript or PHP, and it had to be remedied with overreliance on Python and

Native SQL. But since most are moving parts, I cannot pinpoint where the problem occurs.

Plus, the skillset for PHP and Javascript are different from my expertise.

There were times when working scripts and codes were also altered multiple times.

Regression testing was done in conjunction with adding different platforms to verify that the

script does not change the intended output of the program. In addition, many optimizations in

the python scripts were done to negate the slowness and confusion in reading the code.

Changes done were branching If-then statements wereconverted to one-line formats. Then,

Try-catch statements were also re-structured to avoid redundancy. Finally, database timeouts

were also added to the script, but later it was found out that these timeouts were not

implemented correctly. Since it will affectthe system, it was postponed and not fixed.

Finally, the ETL structure might have been a significant factor in system development.

Below are the major problems I found when using both the pyodbc library and developing the

database python and SQL scripts:

1) Pyodbc library has an inherent design flaw; it uses odbc drivers installed in your

windows machine. This is problematic since you must have a pre- installed version

of the drivers to function correctly; otherwise, you need to add new drivers.

2) Development was too focused on one specific version and configuration per

platform. This resulted in the following problems:

a. SQL Server

i. SQL Server drivers can only accommodate any SQL Server instance

2012 and after. Pyodbc cannot connect to earlier versions.

ii. Some parts of the SQL Server stored procedure are designed to run for

version 2014 and above. The SP will not run if the version extracts
Asset Management System for Database Management Systems … 29
 information from an earlier version. Affected states are Agent Status.

iii. If the given credentials cannot access the master database or other

database information table, the sp_installation job will fail.The system can

still run the python file, but it will not produce any result. For example, if

the credentials have no access to information schema, it becomes a

significant blocker as the system will need those checks.

b. Postgres

i. Stored Procedures are only added after version 11. The earlierversion

only used functions. This is problematic for earlierversions of Postgres

as the system explicitly defines it as a “stored procedure” and not as a

“function.”

ii. If the given credentials cannot access the Postgres database or other

database information table, the sp_installation job will fail. The system

can still run the python file, but it will not produce any result. For

example, if the credentials have no access to information schema, it

becomes a significant blockeras the system will need those checks.

c. MySQL

i. If the given credentials cannot access the MySQL database or other

database information table, the sp_installation job will fail.The system can

still run the python file, but it will not produce any result. Most approved

databases have limited credentials, so accessing MySQL database is

quite impossible even when creating a new user. For example, if the

credentials have no access to information schema, it becomes a

significant blockeras the system will need those checks.

d. Oracle

i. A major problem with Oracle is that it connects to the local oracle

Asset Management System for Database Management Systems … 30
 database before accessing the target database. This produced errors in

extracting information from Oracle.

ii. Oracle is also driver-sensitive. Connecting an Oracle 19 driver to an

Oracle 12 version fails. But, connecting the same driver oracle 19 driver

to Oracle version 19 also fails. An XE driver was considered, but it

produced the same error.

iii. Also, failing to verify this later forced the developer not to investigate why

these bugs are prevalent in the system.

B. Maintenance Plan

The system adopts the proposed maintenance plan found in the SRS. All codes will still

be backed up in GitHub, and there will be a constant backup of data on the serverevery week.

Asset Management System for Database Management Systems … 31

 Chapter VI

CONCLUSION

With the growing need for database monitor, this project aims to develop and implement

a database inventory management system. As discussed earlier, the system should be hosted

in a webserver and hold RDBMS connection details. Once connected, they should

automatically monitor a database instance’s availability and capacity. The system should also

be readily available for the end-user to analyze. It should also neatly display historical data and

graphs in the web interface.

The developed system, named DB-IMS, fulfilled those requirements. In addition,this

project pushed the boundaries of developing a system that utilizes open-source technology.

First, HTML is the language for the web interface embedded in PHP files.Tables and

historical data are displayed in HTML format for the user to check and analyze their

database state quickly.

Next, PHP and JavaScript are server-side scripts that extract and manipulate data and

then display them in the web interface. PHP is used to extract, transform andload data in the

database and the web interface. On the other hand, Javascript contributed to validating input

data, web page animations, query data directly, and displaying graphs. Javascript and PHP

work in parallel to produce a color interaction between web pages and databases.

Then, Python accesses and performs ETL on the target databases. Python scripts mostly

do back-end processes. It installs stored procedures in the target databases, extracts database

data, transform it, and loads it into the local database. The python script is integral in the ETL

process as it’s the direct link between the system and the target database.

Asset Management System for Database Management Systems … 32

 Finally, SQL is the database language to extract and manipulate data from the database

instance. SQL is the native language of databases. Both the local databaseand target database

utilize SQL to extract data. SQL is also the transactional language on the local database to

manipulate and extract data.

These technologies harmoniously work together to automate the extraction and display

them for the user's convenience. However, it’s not a perfect system. It is still under thorough

reevaluation and realignment. It encountered multiple security threats,UI enhancement, error-

handling improvements, database connection fixes, redesign of approach to legacy databases,

and expansion of features.

Although other systems out in the market can do more than the current system's

limitations, the system is still in its infancy. It’s also apparent that underestimating tasks,lack of

supporting cast, shortage of time, and late testing played a massive factor in completing this

project.

Even though the system has reached a good benchmark as the system has satisfied all

testing scenarios, the improvements mentioned above should also be considered for further

development.

Asset Management System for Database Management Systems … 33

 Chapter VII

RECOMMENDATIONS

For future development, the priority is to fix all bugs, extend research ondatabase

functionality and address the security vulnerabilities. Improving the system'sfunctionality and

UI will be at the forefront of any future work. With a well-functioning system and smoother UI,

then it will entice users to use the system.

Next, when data is sufficient, adding the missing feature – Artificial Intelligence,will be

the next order of business. Artificial Intelligence requires a lot of data and time to develop,

verify and test. The system is already designed for Artificial Intelligence expansion as

response time is recorded for databases. With a month’s data and moretime, this feature will

be possible to implement.

Finally, the next logical step is to adjust the webpage to accommodate mobile users.

The system is currently designed for desktop applications. Expanding it to mobile will benefit

the philosophy of being on the go.

Asset Management System for Database Management Systems … 34

 REFERENCES

[1] A. O. Madamidola, O. A. Daramola, and K. G. Akintola, "Web-based intelligent inventory management

system," International Journal of Trend in Scientific Research and Development, vol.1,no. 4, May 2017
[Online]. Available:https://www.researchgate.net/publication/317276986_WEB_-
_BASED_INTELLIGENT_INVENTORY_MANAGEMENT_SYSTEM. [Accessed: 12-Jan- 2022]

[2] D. V. Aken, D. Yang, S. Brillard, A. Fiorino, B. Zhang, C. Bilien, and A. Pavlo, "An inquiry into machine
learning-based automatic configuration tuning services on real-world database management systems,"
Carnegie Mellon Database Research Group, 01-Mar-2021. [Online]. Available:
https://db.cs.cmu.edu/papers/2021/p1241-aken.pdf. [Accessed: 12-Jan-2022].

[3] “Cross-site request forgery prevention cheat sheet,” Cross-Site Request Forgery Prevention -OWASP
Cheat Sheet Series. [Online]. Available: https://cheatsheetseries.owasp.org/cheatsheets/Cross-
Site_Request_Forgery_Prevention_Cheat_Sheet.html. [Accessed: 25-May-2022].

[4] “Content security policy (CSP) - http: MDN,” HTTP | MDN. [Online]. Available:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP. [Accessed: 25-May-2022].

[5] “X-Frame-Options - http: MDN,” HTTP | MDN. [Online]. Available: https://developer.mozilla.org/en-

US/docs/Web/HTTP/Headers/X-Frame-Options. [Accessed: 25-May-2022].

[6] Z. Banach, “How you can disable directory listing on Your web server – and why you should,”
How to disable directory listing on your web server | Netsparker, 14-Mar-2022. [Online].

Available: https://www.invicti.com/blog/web-security/disable-directory-listing-web-
servers/#apacheserver. [Accessed: 25-May-2022].

[7] T. A. Nidecki, “The httponly flag – protecting cookies against XSS,” Acunetix, 24-Aug-2020.[Online].
Available: https://www.acunetix.com/blog/web-security-zone/httponly-flag- protecting-cookies/.
[Accessed: 25-May-2022].

[8] “SameSite cookies - http: MDN,” HTTP | MDN. [Online]. Available: https://developer.mozilla.org/en-
US/docs/Web/HTTP/Headers/Set-Cookie/SameSite. [Accessed: 25-May-2022].

[9] “Subresource integrity - web security: MDN,” Web security | MDN. [Online]. Available:

Asset Management System for Database Management Systems … 35

 https://developer.mozilla.org/en- US/docs/Web/Security/Subresource_Integrity#browser_compatibility.
[Accessed: 25-May- 2022].

[10] “X-content-type-options - http: MDN,” HTTP | MDN. [Online]. Available:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options. [Accessed: 25-
May-2022].

[11] “Cache-Control - http: MDN,” HTTP | MDN. [Online]. Available: https://developer.mozilla.org/en-

US/docs/Web/HTTP/Headers/Cache-Control. [Accessed: 25- May-2022].

Asset Management System for Database Management Systems … 36

 APPENDICES

Appendix A: System Architecture

Figure 8: System Architecture

Asset Management System for Database Management Systems … 37

 Appendix B: Entity Relationship Diagram

Figure 9: Entity Relationship Diagram

I. PNG File
II. HTML File
III. DrawIO

Asset Management System for Database Management Systems … 38

 Appendix C: Webpages
C.1: Home Page

C.2: Project Page

Asset Management System for Database Management Systems … 39

C.3: Sign Up / Login Page

C.4: Change Password

C.5: Dashboard

Asset Management System for Database Management Systems … 40

C.6: Configuration > ADD

C.6.A: Connection Details – ADD

C.6.B: Connection Details – Confirm

Asset Management System for Database Management Systems … 41

C.6.C: Connection Details – Connect

C.6.D: Connection Details – Alias

Asset Management System for Database Management Systems … 42

C.7: Configuration > Edit

C.8: Configuration > Remove

Asset Management System for Database Management Systems … 43

C.9: MONITOR > [CONNECTION]

C.10: INVENTORY

Asset Management System for Database Management Systems … 44

C.11: ANALYZE > Environment

C.12: Analyze > [CONNECTION]

C.13: LOGS

Asset Management System for Database Management Systems … 45

C.14: Notification

C.14.A: Notification Bar

C.14.B: See All Notifications

Asset Management System for Database Management Systems … 46

C.15: Search Bar

C.16: My Profile Page

C.16.A Profile Page

C.16.B Edit Profile

Asset Management System for Database Management Systems … 47

 C.16.C Edit Password

C.17: Log Out

Asset Management System for Database Management Systems … 48

Appendix D: Actual Project Progress

Figure 10: Gantt Chart for Project Implementation

Asset Management System for Database Management Systems … 49

Appendix E: User Case Model

Figure 11: Use Case Model

Asset Management System for Database Management Systems … 50

 Appendix F: Sequence Diagrams
F.1: Account Creation, Log In and Change Password

Asset Management System for Database Management Systems … 51

F.2: Recover Password and Connect to database

Asset Management System for Database Management Systems … 52

F.3: Edit Connection and Remove Connection

Asset Management System for Database Management Systems … 53

F.4: Monitor database, logging, and refresh database connection

Asset Management System for Database Management Systems … 54

 Appendix G: List of Databases
G.1: List of Database for Integration Testing
Database DB Version Hostname Host IP SID Port OS Type DB DB
Type type user password

1 Local MySQL 127.0.0.1 3306 Windows 10 root p@ssw0rd

2 Local SQL Server 127.0.0.1 1433 Windows 10 postgres p@ssw0rd
3 Local PostgreSQL 127.0.0.1 5455 Windows 10 sa p@ssw0rd
4 Approved MariaDB 5.5.41 iqobal 10.0.0.86 NA 3306 Ubuntu 14.04 LTS 64bit root root

5 Approved MySQL 8.0.15 jante 10.0.0.221 NA 3306 Ubuntu 16.04 LTS 64bit root root
11.2.0.1.0 Oracle Enterprise Linux
6 Approved Oracle Enterprise Edition rafa4 10.0.1.115 rafa4 1521 5.10 64bit sys master
19.3.0.0.0 Oracle Enterprise Linux
7 Approved Oracle Enterprise Edition jodaka 10.0.1.164 ORCL19C 1521 7.5 64bit sys master
Ubuntu 18.04.3
PostgreSQL 14.2.0 laboi 10.0.2.238 NA 5432 postgres postgres
8 Approved LTS 64bit
2005 Windows Server
SQL Server hijado 10.0.0.61 SQLEXPRE 1433 sa Master007
9 Approved Express 2003Enterprise 32bit
SS
Edition
2016 Windows Server
SQL Server ithona 10.0.0.94 MSSQLSE 1433 sa Master007
10 Approved Standard 2016Enterprise 64bit
RVER
Edition
Table 3: List of Database and Access Information for Integration Testing

Note: Local databases are found in my local machine, while approved databases are found on our company’s server. They can
only be accessed with a VPN provided by our company.

G.2: List of Database for Staging Area Testing

Database type DB Version Hostname Host IP SID Port DB user DB password

1 MariaDB 5.5.41 hirsi 10.0.0.62 NA 3306 root root

2 MySQL 8.0.13 janguine 10.0.0.187 NA 3306 root root

3 MySQL 5.0.90 halmad 10.0.0.54 NA 3306 root root

4 Oracle 9.2.0.1 EnterpriseEditiongand 10.0.0.48 ORA92 1521 sys master

18.3.0.0.0 Enterprise
5 Oracle Edition jiaan 10.0.1.163 ORCL18C 1521 sys master
18.3.0.0.0 Enterprise
6 Oracle Edition jiaan 10.0.1.163 ORCL18C 1521 sys master
19.3.0.0.0 Enterprise
7 Oracle Edition jerne 10.0.1.70 ORCL19C 1521 sys as sysdba master

8 PostgreSQL 8.1.23 herego 10.0.0.60 NA 5432 postgres postgres

9 PostgreSQL 8.3.9 belsavis 10.0.0.39 NA 5432 postgres postgres

10 PostgreSQL 8.4.10 budpock 10.0.0.40 NA 5432 postgres postgres

11 PostgreSQL 9.0.6 bunduki 10.0.0.41 NA 5432 postgres postgres

12 PostgreSQL 10.4.0 jangelle 10.0.0.183 NA 5432 postgres postgres

13 PostgreSQL 12.5.0 kanzi 10.0.1.191 NA 5432 postgres postgres

14 PostgreSQL 13.1.0 kardoa 10.0.1.192 NA 5432 postgres postgres

15 SQL Server 2005 Express Edition gyndine 10.0.0.51 SQLEXPRESS 1433 sa Master007

16 SQL Server 2008 Express Edition cona 10.0.0.45 SQL2008EX 1433 sa Master007

17 SQL Server 2012 EnterpriseEdition imdaar 10.0.0.68 MSSQLSERVER 1433 sa Master007

Asset Management System for Database Management Systems … 55

18 SQL Server 2014 Standard Edition indupar 10.0.0.76 MSSQLSERVER 1433 sa Master007
19 SQL Server 2014 EnterpriseEdition indikir 10.0.0.73 MSSQLSERVER 1433 sa Master007
20 SQL Server 2014 Express Edition intran 10.0.0.79 SQLEXPRESS 1433 sa Master007
21 SQL Server 2016 EnterpriseEdition ivatch 10.0.0.95 SQLA 1433 sa Master007
22 SQL Server 2017 Standard Edition ixtlar 10.0.0.99 MSSQLSERVER 1433 sa Master007
23 SQL Server 2017 EnterpriseEdition jaminere 10.0.0.121 MSSQLSERVER 1433 sa Master007
24 SQL Server 2019 RC1 Developer jaroona 10.0.1.53 MSSQLSERVER 1433 sa Master007
Edition
Table 4: List of Databases and Access Information for Staging Area Testing

Note: All listed databases are found in our company’s network. They can only be accessed through a VPN provided by our
company. Here are the complete details of the list of databases.

Asset Management System for Database Management Systems … 56

 Appendix H: Test Scenarios
H.1: All test cases
Case ID Suite Title Title Description Type Automation status
As a user, I should be able to create an
1 Account Details Create an Account account through Email Functional Not automated
2 Account Details Duplicate Email Address Users cannot have similar emails Functional Not automated
As a user, I should be able to recover my
3 Account Details Recover Password Password. Functional Not automated
As a user, I should be able to change my
4 Account Details Change Username Username Functional Not automated
As a user, I should be able to change my
5 Account Details Change Password in "My Password on the Profile Page Functional Not automated
Profile"
Connect Db As a user I should be able to connect to a
6 Connections Add Database Connection database Functional Not automated
Edit / Remove As a user I should be able to edit the current
7 Connection [Save] Edit Connection Details connection details Functional Not automated
Edit / Remove As a user, I should be able to remove any
8 Connection [Confirm] Remove Connection connection Functional Not automated
Edit / Remove As a user, I should be able to remove any
9 Connection [Cancel] Remove Connection connection Functional Not automated
Edit / Remove As a user I should be able to edit the current
10 Connection [Cancel] Edit Connection Details connection details Functional Not automated
As a user I should see my database
11 View all Connections View Inventory inventory Functional Not automated
Search Conenction View As a user, I should be able to search my
12 View all Connections Inventory database connection with name Functional Not automated
As a user I should be able to be notified by
13 Account Details [Individual] See Notifications the system Functional Not automated
As a user I should be able to be notified by
14 Account Details [All] See Notifications the system Functional Not automated
15 View all Connections See Logs As a user, I should be able to see the log file Functional Not automated
As a user I should be able to see if jobs were
17 View all Connections View Environment executed and their status Functional Not automated

H.2: All test cases and scenarios

Test Category Case Title Action Input Data Expected Result

Account Details Create an Account Go to Register Page Directed to Registered Link
renpogiman@gmail Email is Successfully Sent
Account Details Create an Account Type in Email
.com Confirmation
Email should show Username and
Password similar to that in
Account Details Create an Account Go to Email Account
database.
Click Log in to
Account Details Create an Account Transition to log in page
dashboard
Login = (Username)
/
Log in Username
Account Details Create an Account Password = redirect to dashboard
and Password
(Password)
Duplicate Email Open Registration
Account Details Open Registration Page
Address Page
Duplicate Email renpogiman@gmail
Account Details Input Existing Email Flag as duplicate email
Address .com
Click Forget
Password in Log in Redirected to Password Recovery
Account Details Recover Password
Page Page

Asset Management System for Database Management Systems … 57

 renpogiman@gmail Click Submit and Email should be
Account Details Recover Password Input Email Address
.com sent
Account Details Recover Password Open Email Account Recover Password Email
Redirected to Password Recovery
Account Details Recover Password Open Email Link
Page
password1@ in
both
Account Details Recover Password Input New Password Change Password is successful
input bar
Go back to the
registration Log- in
Account Details Recover Password Redirected to Log in Page
Page
Given Username or
email address /
Input email and new
Account Details Recover Password password1@ Redirect to Home Page
Password
Account Details Change Username Go to My Profile Redirect to My Profile Page
Password button disabled,
Click Change Username field enabled and Save
Account Details Change Username
Username button Button Enabled
Account Details Change Username Change Username New_Username
Reload Page and New_username
Account Details Change Username Click Save Button
should appear
Change Password
in "My
Account Details Click on My Profile redirected to My Profile Page
Profile"
Change Password
Click "Change Enable Password inputs, and Save
Account Details in "My Profile"
Password" button
Change Password
Account Details in "My Profile" Input New Password p@ssw0rd4w
Change Password
in "My Reload Page and changes should
Account Details Click Save
Profile" be seen
[Individual] See
Account Details Notifications Click on notification Dropdown list of new notifications
[Individual] See
Account Details Notifications Click on notification Direct to relevant notification link
[All] See
Account Details Click on notification Dropdown list of new notifications
Notifications
[All] See Click on "See All
Account Details redirected to notification page
Notifications Notifications"
Connect Db
Add Database Click on Add
Connections Redirect to Add Connection Form
Connection Database
If Oracle (Oracle db field should be
Connect Db
Add Database seen); else it should be the same
Connections Click on Platform
Connection form
host ip / port/
username
Connect Db / password /(Oracle
Add Database Add Connection
Connections db if oracle is
Connection Details
chosen)
Connect Db
Add Database
Connections Click Next See Summary in Text Box
Connection

Asset Management System for Database Management Systems … 58

 Test connection details; if correct
then CONFIRM should be enable,
Connect Db
Add Database else only previous should be
Connections Click Test
Connection enabled
Connect Db
Add Database input database
Connections Add Alias
Connection alias
Connect Db
Add Database
Connections Click Save Save Alias for database name
Connection
Click Inventory Link
View all in
View Inventory Directed to Inventory Page
Connections Dashboard
View all Inventory should list all instances
View Inventory See Inventory Page
Connections connected
Search Conenction
View all Input Connection
View Inventory Click on search bar Dropdown list of like instances
Connections Name
Search Conenction
View all
View Inventory Click on the instance Directed to Monitor Page
Connections
View all
See Logs Click on LOGS redirected to log file
Connections
View all
See Logs View Log File Log file is shown in iframe
Connections
View all Open Analyze >
View Environment Analyze Environment Page
Connections Environment
View all See Details of Display Analyze Page must be
View Environment
Connections Analyze page correct
[Save] Edit
Edit / Remove
Connection
Connection Click Edit Redirected to Edit Web Page
Details
Edit / Remove [Save] Edit
Click on one of the
Connection Connection Details Open up other connection details
records
New Connection
[Save] Edit
Edit / Remove Details
Connection Edit Connection
Connection and Connection
Details Details
Name
Edit / Remove [Save] Edit
Connection Connection Details Click Save Refresh Page
Edit / Remove [Confirm] Remove
Connection Connection Click on Remove Directed to Remove Page
Click on the row with
Edit / Remove [Confirm] Remove
delete
Connection Connection Pop up saying to proceed
button
Edit / Remove [Confirm] Remove
Connection Connection Click Confirm Refresh Page
Edit / Remove [Cancel] Remove
Connection Connection Click on Remove Directed to Remove Page
Edit / Remove [Cancel] Remove Click on the row with
Connection Connection delete button Pop saying to proceed
Edit / Remove [Cancel] Remove
Connection Connection Click Cancel Should not remove connection
Edit / Remove [Cancel] Edit
Connection Connection Details Click Edit Redirected to Edit Web Page
Edit / Remove [Cancel] Edit
Connection Connection Click on one of the Open up other connection details
Details records
Asset Management System for Database Management Systems … 59
 Edit / Remove [Cancel] Edit New Connection
Connection Connection Details Edit Connection Details and
Details Connection Name
Edit / Remove [Cancel] Edit
Connection Connection Details Click Cancel No Action Done

H.3: Severity Criteria

When a bug is detected, testing will continue until all test scenarios are done

unless the bug affects the testing (see table 2 for expected bugs that might

affect testing). For each bug, the following severity will be observed:

Severity Action
High Stop Testing and address bugs; Highest Priority to be addressed immediately
Medium Continue Testing until all test scenarios are covered; not too much game-
breaking and can be deployed in the next release
Low Continue testing until all test scenarios are covered; least priority and primarily
for recommendation
Table 5: Bug Triage - Severity Criteria

Below are High Priority Bugs that need to be addressed immediately:

Unable to proceed due to invalid Username or Password

Non-Clickable links
Zero connected instances for a particular platform (except for Oracle)
Wrong web pages displayed
Unresponsive python script, javascript, or other components

Asset Management System for Database Management Systems … 60

 Appendix I: Test Scenarios

I.1: Create an Account

I.2: Duplicate Email Address

I.3: Recover Password

Asset Management System for Database Management Systems … 61

I.4: Add Database Connection

I.5: View Environment

Asset Management System for Database Management Systems … 62

 Appendix J: Testing Results

J.1: Integration Testing – First Attempt

Link for complete documentation: First Attempt (Full Documentation)

J.2: Integration Testing – First Attempt (Database ConnectionResults)

Link for complete documentation: First Attempt – db connection

J.3: Integration Testing – Second Attempt

Asset Management System for Database Management Systems … 63

Link for complete documentation: Second Attempt (Full Documentation)

J.4: Integration Testing – Second Attempt (Database ConnectionResults)

Link for complete documentation: Second Attempt – db connection

J.5: Staging Environment Testing

Asset Management System for Database Management Systems … 64

Link for complete documentation: Staging Environment (Full Documentation)

J.6: Staging Environment Testing (Database Connection Results)

Link for complete documentation: Staging Environment db connection

Asset Management System for Database Management Systems … 65

 Appendix K: Code

Link to all files: https://github.com/reyTorre/db_ims_final

Asset Management System for Database Management Systems … 66

 Appendix L: ZAP Alerts
Alert Affected HTTP
https://db-ims-
Cross Site Scripting module.online/idx_registration.php?qres=%3C%2Fp%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cp%3E
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
https://db-ims-module.online/home.php
https://db-ims-module.online/idx_recovery.php
Absence of Anti-CSRF Tokens
https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/db_connection_edit.php?q=edit
Application Error Disclosure https://db-ims-module.online/db_connection_edit.php?q=remove
https://db-ims-module.online/home.php
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-module.online
https://db-ims-
module.online/
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
https://db-ims-module.online/db_ims-connection-logs-May-25-2022.log
https://db-ims-module.online/favicon.ico
https://db-ims-module.online/home.php
Content Security Policy
https://db-ims-module.online/idx_product_specs.php
(CSP)Header Not Set
https://db-ims-module.online/idx_recovery.php
https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/index.php
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/robots.txt
https://db-ims-module.online/sitemap.xml
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-module.online/css/
https://db-ims-module.online/Images/
Directory Browsing
https://db-ims-module.online/js/
https://db-ims-module.online/Styles/

Asset Management System for Database Management Systems … 67

 https://db-ims-module.online
https://db-ims-
module.online/
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
https://db-ims-module.online/home.php
Missing Anti-
https://db-ims-module.online/idx_product_specs.php
clickjackingHeader
https://db-ims-module.online/idx_recovery.php
https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/index.php
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-module.online/auto_user_action.php?q=login
Parameter Tampering
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-module.online/auto_user_action.php?q=login
Cookie No HttpOnly Flag
https://db-ims-module.online/auto_user_action.php?q=login
Cookie Without Secure Flag https://db-ims-module.online/home.php
Cookie without SameSite
Attribute https://db-ims-module.online/home.php
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
Cross-Domain https://db-ims-module.online/home.php
JavaScriptSource File https://db-ims-module.online/idx_registration.php
Inclusion https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online
https://db-ims-
module.online/
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/auto_user_action.php?loc=index.php&q=logout
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
Server Leaks Information https://db-ims-module.online/home.php
via"X-Powered-By" HTTP https://db-ims-module.online/idx_product_specs.php
Response Header Field(s) https://db-ims-module.online/idx_recovery.php
https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/index.php
https://db-ims-module.online/inventory.php
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-module.online/auto_user_action.php?q=register
Asset Management System for Database Management Systems … 68
 https://db-ims-module.online/css/bootstrap.min.css
Timestamp Disclosure - Unix
https://db-ims-module.online/lib/tempusdominus/js/moment-timezone.min.js
https://db-ims-module.online
https://db-ims-
module.online/
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online/analyze_env.php
https://db-ims-module.online/css/bootstrap.min.css
https://db-ims-module.online/css/connectionform.css
https://db-ims-module.online/css/recoveryform.css
https://db-ims-module.online/css/regform.css
https://db-ims-module.online/css/style.css
https://db-ims-module.online/db_connection_edit.php?q=edit
https://db-ims-module.online/db_connection_edit.php?q=remove
https://db-ims-module.online/home.php
https://db-ims-module.online/idx_product_specs.php
https://db-ims-module.online/idx_recovery.php
https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/Images/background_dbims.png
https://db-ims-module.online/Images/dbims_banner.gif
https://db-ims-module.online/Images/dbims_logo.png
https://db-ims-module.online/Images/product_specifications.png
X-Content-Type-
https://db-ims-module.online/Images/step1_adding_db_instance.png
OptionsHeader Missing
https://db-ims-module.online/Images/step2_install_stored_procedure.png
https://db-ims-
module.online/Images/step3_triger_stored_procedure.pnghttps://db-
ims-module.online/Images/step4_display_analysis.png https://db-ims-
module.online/Images/user_profiles/default_profile.png https://db-ims-
module.online/Images/why_dbims.png
https://db-ims-module.online/index.php
https://db-ims-module.online/inventory.php
https://db-ims-module.online/js/auth_user_js.js
https://db-ims-
module.online/js/change_user_js.jshttps://db-
ims-module.online/js/connectdb_js.js
https://db-ims-module.online/js/delete_connection_js.js
https://db-ims-module.online/js/edit_connection.js
https://db-ims-module.online/js/inventory_js.js
https://db-ims-module.online/js/main.js
https://db-ims-module.online/js/recover_email_js.js
https://db-ims-module.online/lib/easing/easing.min.js
https://db-ims-module.online/lib/owlcarousel/assets/owl.carousel.min.css
https://db-ims-module.online/lib/owlcarousel/owl.carousel.min.js
https://db-ims-module.online/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
https://db-ims-module.online/lib/tempusdominus/js/moment-timezone.min.js
https://db-ims-module.online/lib/tempusdominus/js/moment.min.js
https://db-ims-module.online/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
https://db-ims-module.online/lib/waypoints/waypoints.min.js
https://db-ims-module.online/logs.php
https://db-ims-module.online/profile.php?qpg=notification
https://db-ims-module.online/profile.php?qpg=profile
https://db-ims-module.online/Styles/Stylesheet.css
https://db-ims-module.online/auto_user_action.php?q=login
https://db-ims-
Information Disclosure - module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
Sensitive Information in =MY&port=1&username=ZAP
URL https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com

Asset Management System for Database Management Systems … 69

 https://db-ims-
module.online/js/change_user_js.jshttps://db-
ims-module.online/js/connectdb_js.js https://db-
ims-module.online/js/inventory_js.js
Information Disclosure https://db-ims-module.online/lib/tempusdominus/js/moment-timezone.min.js
-Suspicious Comments https://db-ims-module.online/lib/tempusdominus/js/moment.min.js
https://db-ims-module.online/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
https://db-ims-module.online/add_connection_details.php
https://db-ims-
module.online/add_connection_details.php?db_alias=ZAP&host_address=ZAP&orcdb=ZAP&password=ZAP&platform
=MY&port=1&username=ZAP
https://db-ims-module.online
https://db-ims-
module.online/
https://db-ims-module.online/idx_product_specs.php
Re-examine Cache-control https://db-ims-module.online/idx_recovery.php
Directives https://db-ims-module.online/idx_recovery.php?email=foo-bar%40example.com
https://db-ims-module.online/idx_registration.php
https://db-ims-module.online/idx_registration.php?qres=Duplicate%20Email
https://db-ims-module.online/idx_registration.php?qres=Failed%20to%20Sent%20Email
https://db-ims-module.online/idx_registration.php?qres=Invalid%20Email
https://db-ims-module.online/index.php
https://db-ims-
module.online/auto_user_action.php?q=login

Asset Management System for Database Management Systems … 70

 Appendix L: List of Files

M.1: List of Stored Procedures

No Name Object Name Description Type
Generate Automatically Generate User ID, 32 characters
1 Unique User generate_unique_user_id that must Function
ID not be similar to any User ID
Validate
Validate Email Address. Must follow:
2 Email validate_email Function
[address]@[domain].[com. etc.]
Address
Creates Username following the format:
Generate
3 generate_username USER + (3 digit Count Number) + (3 random Function
Username
number)
Check if
Email check_email_address_exi
Check if Email Address Exists Function
4 Address st
Exists
Insert New Record to User and Email Address
Tables. If Email Address is correct then:
Check if Email exists in Email Address Table
If not exists:
1) Insert generated Username,
Create User generated Password, and generated userid
create_user_record Proceedure
5 Record to the Users table
2) Insert generated userid, Email, and
generated Password to the Email Address
table
Else
Do nothing
Validate
6 Record validate_record_creation Check if create_user_record is successful or not Function
Creation
Automatically Generates 10 character password
Generate
7 generate_initial_password with combination of alphanumeric characters with
Initial Function
a Special Character and Upper Case
Password
Checkdb
check_db_connection_det Check Format IP Address Format, Port Format
8 connection
ails and Platform Function
details
9 Get User ID get_user_id Get User ID using email or Username
Function
Insert New Record to temporary connection
Create
table. Get UserID using user information.
Temporary
10 create_connection_details Get DB to check if the format is ok. Procedure
Connection
Details if UserID =/= NULL and dbCheck is correct:
insert connection details to temporary table
Get
Temporary
11 get_temp_con_id Gets Temporary Connection ID from parameters Function
Connection
ID
Change Updates connection detail status. If
12 Connection change_connection_status 1 --> Change status to Connected, Procedure
Status 0 ---> Change status to Failed
Generate
13 Connection generate_connection_id Generate Permanent Connection ID Function
ID for
Asset Management System for Database Management Systems … 71
 Permanent
Table
Transfer
transfer_connection_detail Transfer Connection Details from Temp Table to
14 Connection Procedure
s Permanent Table
Details

15 Create Salt generate_random_string Random Encoded String for salting Function

for Password
Encypted
16 get_salted_password Extract Password from Database Function
Password

Edit
17 edit_connection_details Procedure
Connection Edit Connection Details
Details
Delete
remove_connection_detail
18 Connection Delete Connection Details Procedure
s
Details
Get
Username get_username_and_pass Get Username and Password from Users using
19 Procedure
and word email address
Password
20 Delete User remove_user Delete user from database Procedure
Remove
remove_temporary_conne
21 Temp Remove Temporary Connection ID Procedure
ction_details
Connection
Transfer to
transfer_to_permanent_co Copy Temporary Connection details and create a
22 Permanent Procedure
nnection_details permanent connection
Connection
Get New
23 get_new_password Get Password Details Function
Password
Rename db
24 rename_db_connection Rename Permanent Connection Details Procedure
Connection
Get uptime Get current uptime cycle for SQL Server
25 get_uptime_cycle Function
Cycle Connection
Deactivate Change Uptime Status from 'A' (Active) to 'X'
26 sp_deactive_other_uptime Procedure
other uptime (Deactivated)
App Uptime
27 sp_add_uptime_check Add Uptime Record Procedure
Check
Validate
28 Uptime sp_validate_uptime_check Verify if uptime > db uptime Procedure
Check
Check Lastdb check if latest and uptime follows a chronological
29 sp_check_last_db_uptime Procedure
Uptime flow in inserting records
Validate
validate and executes procedures when
30 Uptime validate_uptime_records Procedure
conidtions are met
Records
Add
sp_add_database_statuse
31 Database Add SQL Server database statuses Procedure
s
Statuses
Update
sp_update_database_deta Update JSON field for SQL Server uptime
32 Database Procedure
ils records
Details
De-jsonify
dejson_current_uptime_re
33 Uptime De-jsonify SQL Server uptime record Procedure
cords
Records
Insert Max insert_db_max_connection Extract and record Max Connection Record for
34 Procedure
Connection _details SQL Server

Asset Management System for Database Management Systems … 72

 Stage
35 Breakdown stage_breakdown_logs Extract and record Connections for SQL Server Procedure
Logs
SP Log to
sp_log_to_systems_log_tb
36 System log Record System Logs Procedure
l
table

37 Stored SP sp_store_to_sp_history Procedure

Record SP History
History
Get active Extract and record all active sessions for SQL
38 sp_get_active_sessions Procedure
Sessions Server
Get
sp_get_breakdown_conne Extract and record all connections for SQL
39 Breakdown Procedure
ctions Server
Connections
Get Table
40 fxn_get_tbl_name Get corresponding table name from SP Function
Name
Table
41 Get corresponding table name from SP and Procedure
Reference sp_table_reference
Platform
Mask
42 Function
Password fxn_mask_password Mask Password upon display to front end
Insert Uptime
43 Procedure
Status sp_insert_status Record Uptime Status
Get
44 Get Username from UserID Function
Username get_username
Generate
Growth rate generate_growthrate_back
45 Create Pivot Table for Growth Rate Procedure
Backup Pivot _up_pivot_tbl
Table
Convert To
46 fxn_convert_to_bytes Convert Memory String to bytes Function
Bytes
Log Py DB Log Python SP Response Time and pyodbc
47 sp_log_py_db_details Procedure
Details details
Get Database Version
Get
48 fx_get_db_version MS: substring to nearest '-' PG: substring to Function
Database
nearest ',' Others: Get the actual version
Version
Update User Update User password and salt using email
49 update_user_password Procedure
password address as indicator
Generate Job
sp_create_default_job_co Populate DBIMS jobs table with default
50 Default Procedure
nfiguration configuration
Configuration
Get
Unchecked get_unchecked_installatio
51 Check Job installation Status Function
Installation n_status
Status
Alter Job
alter_job_installation_statu Update installation status to Uninstalled if (A or
52 Installation Procedure
s N) else Installed
Status
Get Number
get_number_of_unchecke
53 of Unchecked Get Number of Unchecked jobs Function
d_status
Status
Decipher Outputs scheduled or occurrence values from
54 fx_decipher_datastring Function
Data string data string
Convert
sp_convert_occurance_str Changes Scheduling Occurrence to its table
55 Occurrence Procedure
_to_tbl equivalence
String to table
Check Time Validates if Time Format is correct (Frequency
56 fx_check_time_format Function
Format [FQ] or ST [Set Time])

Asset Management System for Database Management Systems … 73

 Extract
fx_extract_number_from_s Converts Time string to its Integer Equivalence
57 Number from Function
tring by parts
String
Convert
58 fx_convert_string_to_time Converts Time string to its time equivalence Function
String to time
Convert
sp_convert_time_str_to_tb
59 String to Converts Time String to its table equivalence Procedure
l
Table
Update Job sp_update_job_configurati
60 Update Job Configuration Procedure
Configuration on
Update Last
61 update_last_run Update Job with last run Procedure
Run
Populate
sp_populate_automated_t Populate Automated Table for reference during
62 Automated Procedure
bl automated run
Table
Get Priority
63 fx_get_priority_queue Get top most list for automated run Function
Queue
Generate
Notification generate_notification_id Generate Notification ID Function
64
ID
Get User ID
from get_user_id_from_con_stri
65 Get Userd ID from db_con_string_id Function
Connection ng
String
Update
66 sp_update_user_name Update Username Procedure
Username
Archive
archive_connection_detail Delete all records from a platform using db con
67 Connection Procedure
s string id
Details
Oracle
68 Record or_record_connections Insert Connection Records for Oracle Procedure
Connections
Oracle
69 Instance or_instance_information Insert Instance Information for Oracle Procedure
Information
Get
70 get_user_name Get Username from UserID Procedure
Username
Read All
71 sp_read_all set all notifications to read Procedure
Notifications
Generate
72 generate_sql_id Create SQL ID to link to DE-JSONIFIED table Function
SQL ID

M.2: List of Views

No Object name Description
1 vw_userinfo Displays complete user information
2 vw_db_connection_details_complete Displays db connection along with user information
3 vw_db_connection_details_temporary Displays temporary db connection along with user
information
4 vw_table_details table details extract from local database information schema
5 vw_uptime_check Displays uptime connection details
6 vw_sql_connection_details Displays most recent connection details extract from SQL
Server
7 vw_sql_backup_growth_rate_six_months displays the backup growthrate for the last six months
8 vw_sql_database_growth_rate_90_days displays the growth rate for the last 90 days
9 vw_db_uptime_logs_graph displays uptime data to be translated to a line graph
Asset Management System for Database Management Systems … 74
10 vw_db_status_check displays SQL Server database statuses
11 vw_job_status_history displays SQL Server job history
12 vw_sql_server_memory_capacity aggregates data to the most recent sever memory for SQL
SERVER
13 vw_sql_db_logs_cap displays log capacity for SQL SERVER
14 vw_sql_db_logs_cap_size_comp displays log capacity in percentage for SQL SERVER
15 vw_sql_backup_details displays SQL SERVER backup details
16 vw_pg_connection_details displays the most recent connection statistics for Postgres
17 vw_pg_longest_running_queries displays the top 3 longest running queries for Postgres
18 vw_pg_active_sessions displays Postgres active sessions
19 vw_pg_cache_hit_ratio_and_memory displays critical hit ratio for indexes and tables (Postgres)
20 vw_pg_tbl_index_sizes displays table index sizes for Postgres
21 vw_pg_tbl_cache_hit_ratio_below_80 displays cache hit ratio below 80 percent (table) for
Postgres
22 vw_pg_idx_cache_hit_ratio_below_80 displays cache hit ratio below 80 percent (index) for
Postgres
23 vw_pg_vacuum_summary displays vacuum summary for Postgres
24 vw_pg_inherentance_map displays Postgres role and inheritance map
25 chk_db_status_per_ten_mins check database status every ten minutes
26 db_ims_job_summary DB IMS job summary
27 vw_db_invetory displays database inventory for all platforms
28 vw_sql_job_summary displays SQL SERVER DB IMS job status
29 vw_pg_job_summary displays Postgres DB IMS job status
30 vw_mysql_job_summary displays MySQL DB IMS job status
31 vw_oracle_job_summary displays Oracle DB IMS job status
32 vw_monitoring_details displays monitornig details per platform and job
33 vw_mysql_to_py_steps Converts mysql tsql to py function step
34 vw_job_reference_tbl displays monitornig details per platform and job
35 vw_job_reference_tbl_filtered_view filters jobs to be executed (automation)
36 vw_all_con_details reference table jobs, database conenction and user
37 notify_user displays notifications for user
38 vw_db_invetory_summary displays inventory summary for all platforms
39 vw_my_connection_details displays latest connection details for MySQL
40 table_size_and_index_info displays table size and index information for MySQL
41 vw_my_active_sessions displays active sessions for MySQL
42 vw_or_connection_details displays latest connection details for Oracle
43 vw_check_read_notif provides a tag for read and unread notifications

Asset Management System for Database Management Systems … 75