The orebody data group which can be subdivided as shown in figure 4 contains the following data: descriptive, form and
5. Data checks against validation tables
Due to the nature of the data much of the validation is done by checking the entries against tables of allowed terms. SAMINDABA has 45 validation tables.
5.3 Database Enquiries and Output
All enquiries and output of SAMINDABA data are done through an enquiry system called SAMENQ (Samindaba Enquiries). This enquiry system ensures that users of the database cannot corrupt
data or access data that is not available to them according to their security classification.
SAMENQ is a menu driven on-line system which allows any
registered user, no matter what his level of computer experience
or knowledge of the database structure is, to make enquiriesagainst SAMTNDABA.
The SAMENQ enquiry path is depicted in figure 9 showing two basic types of enquiries. The first is a simple enquiry where the user specifies area and/or commodity criteria followed by what output is required. The second type of enquiry is more complex. The user again specifies area and/or commodity criteria and then refines the search by selecting more specific criteria regarding other data elements on the database, followed by an output specification. It is envisaged that these two types of searches will satisfy 90 per cent of all enquiries made against the database.
AREA/COMMODITY SECTION
SIMPLE ENOLUIRY COMPLEX ENttUIRY
OUTPUT SECIFICAT10N;
FIG. 9. Diagrammatic representation of SAMENQ enquiry paths
Output of SAMINDABA data resulting from a SAMENQ enquiry may be routed to a screen, printer or interface file in the follow-ing formats :
1. Deposit profiles (partial or complete) 2. Mineral map interface files
3. Metallogenic map interface files 4. SAS interface files
The output in the metallogenic format may be edited before being sent to an interface file while specific data elements may be selected for output to a SAS interface files.
5.4 Database Security
Due to the nature and sensitivity of the data stored on SAMINDABA one of the most important aspects of the database design was the security aspect. SAMINDABA security is applied at three levels :
1. The system level
2. The application level 3. The data level
5.4.1 System security
System level security refers to the standard security options available with the database management system (DBMS) and are in effect regardless of what applications are being used. A user is assigned a password-protected identification code (ID) which is linked to a profile specifying the files and applications to be used and the operating system and programming commands that can be executed. Thus, at this level it is possible to restrict a user from accessing applications and programming.
5.4.2 Application Security
Security at this level refers to controls programmed into the SAMINDABA system and are only effective during a SAMINDABA session. The controls operate in a similar manner to the system security in that a user is assigned a password protected ID linked to a profile. This profile is stored on a SAMINDABA database file and contains the following information :
1. The SAMINDABA user ID 2. The user password
3. Entry menu
4. SAMINDABA file access 5. Data ownership code
6. Printer identification code
The user password must be supplied before sign-on to SAMIN-DABA is effected. Once the user is signed on his user profile, linked to the ID, determines which files may be accessed and at what level the menu hierarchy will be entered. For example, a user who just has authority to search the database will only be allowed to enter the system via the enquiry menu where no updates, deletions or any programming can be done. The user will not be aware that these functions even exist.
5.4.4 Data Security
At the data level it is possible to indicate the
confidentiality status and ownership of the data. For practical considerations data elements are grouped together and each grouping is given a security status and data ownership code. At present there are three basic confidentiality options.
1. The entire document is not confidential
2. Certain of the specified data element groupings within the document are confidential
3. The entire document is confidential
If the document is not confidential any user may access the data. If only certain of the data element groupings within a document are confidential the confidentiality indicator for that element grouping is set and the data origin code is entered. In this case only users with the same data element group may access the data. All other users will not be aware that the data exists.
In the case where an entire document is confidential, the confidentiality indicator on the deposit header record is set and the data ownership code entered. All data on this deposit can then only be accessed by users with the same ownership code on their profiles as that on the record.
6. SAMINDABA DATA PROCESSING
As stated above, the processing of data extracted from SAMINDABA is completely separated from the data input, valida-tion, maintenance and enquiry functions.
All data extracted from SAMINDABA will have been routed via
SAMENQ where all the necessary security controls have been
applied. Once a user has extracted the data he may do what he wishes with that data, which cannot be put back onto the data-base.At present provision has been made to process the data using SAS, IGGS and DIGIMAP, three commercially available software packages which are briefly described below.
SAS is a data analysis system containing statistical routines as well as providing data management, querying, reporting, graphics and modelling facilities all using an english-like language.
IGGS is an interactive, geo-f acuities graphics support program written in fortran IV and used to develop applications for data entry, editing, updating and displaying of geograhi-cally oriented data.
DIGIMAP, an application of IGGS, is an interactive mapping
application. It provides rapid response to user requests for map
displays. Several mathematical techniques are available as interpretation aids, e.g. gridding, contouring, kriging.6.1 SAMINDABA/SAS
Once the data has been extracted from SAMINDABA a user may process it using SAMSAS, a specially developed system providing the capability to process SAMINDABA data using SAS. An interface program has been written which reads the SAMINDABA output file and converts it into a SAS dataset. Three basic methods of SAS processing are available: