Thomas M. Connolly Carolyn E. Begg Database Systems Thomas M. Connolly Carolyn E. Begg

Table of Contents 1. Introduction to Databases 5 2. Database Environment 16 3. The Relational model 36 4. Relational Algebra 44 5. SQL 58 6. SQL: Data Definition 120 8. Query-By-Example (QBE) 9. Database System Lifecycle 193 10. Database Analysis and the DreamHome Case Study 193 11. Entity–Relationship Modeling 213 12. Enhanced Entity–Relationship Modeling 213

13. Normalization 226 14. Advanced Normalization 226 15. Methodology—Conceptual Database Design 241 16. Methodology—Logical Database Design for Relational Model 241 17. Methodology—Physical Database Design for Relational Databases 249 18. Methodology—Monitoring and Tuning the Operational System 249 19. Security and Administration 257 20. Transaction Management 273 21. Query Processing 22. Distributed DBMSs—Concepts and Design 23. Distributed DBMSs—Advanced Concepts 24. Replication and Mobile Databases 25. Object-Oriented DBMSs—Concepts and Design 293

25. Object-Oriented DBMSs—Standards and Languages. 293 26 25. Object-Oriented DBMSs—Standards and Languages 293 26. Object-Relational DBMSs 293 27. Web Technology and DBMSs 28. Semistructured Data and XML 29. Data Warehousing Concepts 30. Data Warehousing Design 31. OLAP 32. Data Mining

Introduction to Databases Chapter 1 Introduction to Databases

Agenda File-based Systems History of Database Database Management Systems (DBMS)

File-based Definition Program defines and manages it’s own data

Limitations of File-based Separation and isolation Duplication Program & data dependence Fixed queries Proliferation of application programs

History of Database Systems First generation Hierarchical model Information Management System (IMS) Network model Conference on Data System Languages (CODASYL) Data Base Task Group (DBTG) Limitation Complex program for simple query Minimum data independence No theoretical foundation Second generation Relational model E. R. Codd DB2, Oracle Limited data modeling Third generation Object-relational DBMS Object-oriented DBMS

Database Definition System catalog Data abstraction A collection of self-describing and integrated data files System catalog Meta data Data dictionary Overhead data Data abstraction

Database Management System Facility Data definition language (DDL) Data manipulation language (DML) Structured query language (SQL) Security system Integrity system Concurrency control system Backup & recovery system View mechanism

DBMS Environment Hardware Software Data People Procedure Client-server architecture Software dbms, os, network, application Data Schema, subschema, table, attribute People Data administrator & database administrator Database designer: logical & physical Application programmer End-user: naive & sophisticated Procedure Start, stop, log on, log off, back up, recovery

Advantages of DBMS Control redundancy Consistency Integrity Security Concurrency control Backup & recovery Data standard More information Data sharing & conflict control Productivity & accessibility Economy of scale Maintenance

Limitations of DBMS Complexity Size Cost Software Hardware Conversion Performance Vulnerability

Points to Remember File-based Systems History of Database Database Management Systems (DBMS)

Chapter 2 Database Environment

Agenda Three-Level ANSI-SPARC Architecture Database Languages Data Models Functions of DBMS Components of DBMS Teleprocessing

Three-Level ANSI-SPARC Architecture External level User's view Data gathering Conceptual level Organization view (entity, attribute, & relationship) Constraints and security Entity-relationship diagram Normalization Internal level Physical presentation Storage, index, compression, & encryption File organization

Database Schemas Database schema (intension) & database instance (extension) External schemas (subschema) Conceptual schema (database schema) Internal schema

Mapping External/conceptual mapping Conceptual/internal mapping Example

Data Independence Logical data independence Physical data independence

Database Languages Data Definition Language (DDL) Structured Query Language (SQL) Data Manipulation Language (DML) Procedural DML Non-procedural DML Query-by-Example (QBE) Fourth-Generation Language Form, report, graphics, & application generators

Data Models Definition Types Integrated concept for describing data, relationships and constraints Types Object-based data models Record-based data models Physical data models (internal structure, ordering, & paths)

Object-Based Data Models Entity-relationship Entity, attribute, relationship Usage: documentation Object-oriented Object, class, subclass, inheritance, state (attributes), behavior (methods or actions), encapsulation, message, polymorphism Usage: building software

Record-Based Data Models Relational data model Network model Hierarchical Model

Relational Data Model Terminology Record relationship Usage Relations Attributes Tuples Record relationship One-to-many relationship Usage Ad hoc reporting

Network Model CODASYL DBTG Terminology Record relationship Usage Data item & group item Record type: owner, member Set type: optional, mandatory, permanent Record relationship Many-to-many relationship Link or pointer between set owner and set member Usage Large volume transaction processing

Hierarchical Model IBM Information Management Systems Terminology Tree, general tree, & subtree Nodes, root node, parent node, and child node Segment type ( root, parent, child) Record relationship One-to-many relationship Link or pointer between parent node and child node No many-to-many relationship Usage Large volume transaction processing

Functions of a DBMS Data storage, retrieval and update A user-accessible catalog Transaction support Concurrency control Recovery Authorization Integrity Data independence Data communication Other Utilities

Components of a DBMS Query processor Database manager File manager DML preprocessor DDL compiler Catalog manager

Components of Database Manager Authorization control Command processor Integrity checker Query optimizer Transaction manager Scheduler Recovery manager Buffer manager

Teleprocessing - I Two-tier client-server architecture Client: user interface, business and data processing logic Database server: data validation and database access Advantage Accessing to distributed database Increasing performance and consistency Lowering server and communication cost Supporting open systems architecture

Teleprocessing - II Three-tier client-server architecture Client: user interface Application server: business and processing logic Database server: data validation and database access Advantage Reducing client cost Software distribution Maintenance cost Balancing load

Teleprocessing - III Transaction processing (TP) monitor Transaction manager between client and server Advantage Transaction routing Distributed transaction for load balancing

Points to Remember Three-Level ANSI-SPARC Architecture Database Languages Data Models Functions of DBMS Components of DBMS Teleprocessing

Chapter 3 The Relational Model

Agenda Concept Property Key Integrity Constraint Base Relation & View

Concept Relation Attribute Domain Tuple Degree Cardinality Relational Database

Property Unique relation name Unique attribute No duplication tuples No repeating group (single value for an attribute) Same domain for an attribute Insignificance of the tuples or attributes order

Key Superkey Candidate key (Alternative key) Primary key Foreign key

Integrity Constraint Null Integrity constraint Entity Reference Domain (edit or field) Enterprise (business rule)

Base Relation & View Base relation View Purpose of views A named relation of an entity in conceptual schema Tuples stored in physical database View Virtual relation Dynamic generated for end user Not stored in the physical database Purpose of views Security User friendly report Performance

Points To Remember Concept Property Key Integrity Constraint Base Relation & View

Chapter 4 Relational Algebra

Agenda Relational Languages Relational Algebra

Relational Languages Procedural language Non-procedural language Relational algebra Non-procedural language Relational Calculus Other Languages Transform-oriented languages Graphical languages Fourth-generation languages Fifth-generation languages

Relational Algebra Intra Relation Selection - horizontal partition SELECT relation WHERE condition [GIVING relation]  condition(relation) Projection - vertical partition PROJECT relation OVER (attribute, attribute,...)[GIVING relation]  attributes(relation)

Union-Compatible Union - tuples in either of 2 union compatible relations relation1 UNION relation2 [GIVING relation] relation1  relation2 Difference - tuples in one union compatible relation, but not other relation1 MINUS relation2 [GIVING relation] relation1 - relation2

Union-Compatible Intersection - tuples in both of 2 union compatible relations relation1 INTERSECT relation2 [GIVING relation] relation1  relation2

Any 2 Relations Product - Cartesian product of any two relations relation1 TIMES relation2 [GIVING relation] relation1 relation2 Join - common domain relation1 JOIN relation2 WHERE condition [GIVING relation] relation1conditionrelation2 Division - same pattern relation1 divided by relation2 [GIVING relation] relation1 / relation2

Types of Join Equi - based on equality with 2 identical attribute columns Theta - a join based on a relational operator (=,<,>,<=,>=,~=) Natural - equijoin with no duplicate column Outer - includes tuples without matches (left, right, full)

Types of Outer Join Left outer join - including every tuple of the left (first) relation in the solution Right outer join - including every tuple of the right (second) relation in the solution Full outer join - including every tuple of the left (first) relation and right (second) relation in the solution

Types of Join Semi-join: only the tuple of the left (first) relation with match relation1 SEMIJOIN relation2 WHERE condition [GIVING relation] relation1 lxcondition relation2 Semi-theta-join Semi-natural join

Division Examples

Relation R Relation C Relation T1 1 J K 3 L 2

Relation R Relation C Relation T1 Jones B.S. Jensen M.S. Ph.D. Smith Roger

Points To Remember Relational Languages Relational Algebra

Chapter 5 SQL

Agenda Data Manipulation Language (DML) SELECT Union compatible operations Update database

SQL DML - SELECT SELECT [DISTINCT|ALL] {* | [column expression [AS newname]] [,...]} FROM table-name [alias] [,...] [WHERE condition] [GROUP BY column list] [HAVING condition] [ORDER BY column list]

Simple SELECT SELECT attributes (or calculations: +, -, /, *) FROM relation SELECT DISTINCT attributes SELECT attributes (or * wild card) WHERE condition

Example SELECT stuname FROM student; SELECT stuid, stuname, credits FROM student; SELECT stuid, stuname, credits+10 FROM student; SELECT DISTINCT major FROM student;

SELECT * FROM student; SELECT stuname, major, credits FROM student WHERE stuid = ‘S114’; SELECT * FROM faculty WHERE dept = ‘MIS’;

SELECT - WHERE condition AND OR NOT IN NOT IN BETWEEN IS NULL IS NOT NULL SOME ALL NOT BETWEEN LIKE '%' multiple characters LIKE ‘_’ single character Evaluation rule: left to right, brackets, NOT before AND & OR, AND before OR

Example SELECT * FROM faculty WHERE dept = ‘MIS’ AND rank = ‘full professor’; SELECT * FROM faculty WHERE dept = ‘MIS’ OR rank = ‘full professor’; SELECT * FROM faculty WHERE dept = ‘MIS’ NOT rank = ‘full professor’;

SELECT * FROM class WHERE room LIKE ‘b_s%’; SELECT * FROM class WHERE room NOT LIKE ‘bus%’; SELECT productid, productname FROM inventory WHERE onhand BETWEEN 50 and 100; SELECT customerid, discountrate FROM sales WHERE discountrate LIKE ‘20#%’ ESCAPE ‘#’;

SELECT companyid, companyname. FROM company. WHERE companyname BETWEEN SELECT companyid, companyname FROM company WHERE companyname BETWEEN ‘G’ AND ‘K’; SELECT productid, productname FROM inventory WHERE onhand NOT BETWEEN 50 and 100; SELECT companyid, companyname FROM company WHERE companyname NOT BETWEEN ‘G’ AND ‘K’;

SELECT facname FROM faculty WHERE dept IN (‘MIS’, ‘ACT’); SELECT facname FROM faculty WHERE rank NOT IN (‘assistant’, ‘lecture’); SELECT customername FROM customer WHERE emailadd IS NOT NULL;

SELECT customername FROM customer WHERE creditlimit IS NULL;

SELECT - aggregate functions COUNT SUM AVG MIN MAX

Example SELECT COUNT(*) FROM student; SELECT COUNT(major) FROM student; SELECT COUNT(DISTINCT major) FROM student;

SELECT COUNT(stuid), SUM(credits),. AVG(credits), MAX(credits), SELECT COUNT(stuid), SUM(credits), AVG(credits), MAX(credits), MIN(credits) FROM student;

How many different guests have made bookings for August 2006? Hotel (hotelno, hotelname, city) Room (roomno, hotelno, type, price) Booking (hotelno, guestno, datefrom, dateto, roomno) Guest (guestno, guestname, guestaddress)

How many different guests have made bookings for August 2006?   SELECT COUNT(DISTINCT guestno) FROM booking WHERE (datefrom <= ‘8/31/06’) AND (dateto >= ‘8/1/06’);

SELECT - GROUP GROUP BY HAVING

Example SELECT major, AVG(credits) FROM student GROUP BY major; SELECT course#, COUNT(stuid) FROM enrollment GROUP BY course#;

Example SELECT major, AVG(credits) FROM student GROUP BY major HAVING COUNT(*) > 2; SELECT course#, COUNT(stuid) FROM enrollment GROUP BY course# HAVING COUNT(*) > 2;

SELECT major, AVG(credits) FROM student WHERE major IN (‘mis’, ‘act’) GROUP BY major HAVING COUNT(*) > 2;

SELECT - ORDER BY ORDER BY ORDER BY ... DESC

Example SELECT facname, rank FROM faculty ORDER BY facname; ORDER BY rank DESC, facname;

SELECT - JOIN Tables Multiple tables in FROM clause MUST have join conditions!!!

Example List stuname and grade SELECT stuname, grade FROM student, enrollment WHERE student.stuid = enrollment.stuid;

Example List stuname and grade SELECT stuname, grade FROM student s, enrollment e WHERE s.stuid = e.stuid;

List course#, stuname and major for faculty number is equal to f114 SELECT enrollment.course#, stuname, major FROM class, enrollment, student WHERE class.course# = enrollment.course# AND enrollment.stuid = student.stuid AND facid = ‘F114’ ORDER BY enrollment.course#;

OUTER JOINS RIGHT JOIN LEFT JOIN FULL JOIN Appending (+) to the optional column (null) in the join condition (Oracle)

Example List the faculty member who does not teach any class SELECT f.facid, f.facname FROM class c, faculty f WHERE c.facid (+) = f.facid AND c.course# is null ORDER BY f.facname; (right outer join)

List the faculty member who does not teach any class SELECT f.facid, f.facname FROM class c RIGHT JOIN faculty f ON c.facid = f.facid WHERE c.course# is null ORDER BY f.facname; (right outer join)

List the student name and major who is not enrolled in any class SELECT s.stuname, major FROM student s, enrollment e WHERE s.stuid = e.stuid (+) AND e.stuid is null ORDER BY s.stuname; (left outer join)

List the student name and major who is not enrolled in any class SELECT s.stuname, major FROM student s LEFT JOIN enrollment e ON s.stuid = e.stuid WHERE e.stuid is null ORDER BY s.stuname; (left outer join)

List the faculty member who does not teach any class SELECT f.facid, f.facname FROM class c, faculty f WHERE c.facid (+) = f.facid (+) AND c.course# is null ORDER BY f.facname; (full outer join) Use only when the database contains proper records

List the faculty member who does not teach any class SELECT f.facid, f.facname FROM class c FULL JOIN faculty f ON c.facid = f.facid WHERE c.course# is null ORDER BY f.facname; (full outer join)

Example List the number of room in each hotel in London. Hotel (hotelno, hotelname, city) Room (roomno, hotelno, type, price) Booking (hotelno, guestno, datefrom, dateto, roomno) Guest (guestno, guestname, guestaddress)

Example List the number of room in each hotel in London. SELECT r.hotelno, COUNT(roomno) FROM room r, hotel h WHERE r.hotelno=h.hotelno AND city = ‘London' GROUP BY hotelno;

Union Compatible Operations MINUS or EXCEPT INTERSECT Union compatible operator [ALL] [CORRESPONDING][BY column,..] (ALL includes duplicated rows in the result) Used between SELECT commands

Example List stuid and stuname who attends SAC or CHICO SELECT stuid, stuname FROM sacstudent UNION SELECT stuid, stuname FROM chicostudent; SELECT * FROM sacstudent UNION CORRESPONDING BY stuid, stuname SELECT * FROM chicostudent;

List stuid and stuname who attends SAC not CHICO SELECT stuid, stuname FROM sacstudent EXCEPT SELECT stuid, stuname FROM chicostudent; List stuid and stuname who attends SAC and CHICO (SELECT stuid, stuname FROM sacstudent) INTERSECT (SELECT stuid, stuname FROM chicostudent) ORDER BY 2;

A renter viewing list (Rno, Fname, Lname) of renters who only look property_for_rent at Sacramento (Select * From Viewing v, Property_for_rent p, Renter r Where v.Pno = p.Pno and r.Rno = v.Rno and City=‘Sacramento’) EXCEPT CORRESPONDING BY Rno, Fname, Lname Where v.Pno = p.Pno and r.Rno = v.Rno and City~=‘Sacramento’)

Column Alias SELECT prodid, prodname, (salesprice - goodofcost) profit FROM product ORDER BY prodid; SELECT prodid, prodname, (salesprice - goodofcost) AS profit FROM product ORDER BY prodid;

SUBQUERY List stuid, stuname, and credits for the student whose credits are larger than the average student credits SELECT stuid, stuname, credits FROM student WHERE credits > (SELECT AVG(credits) FROM student);

SELECT stuid, stuname, major WHERE stuid IN (SELECT stuid List stuid, stuname, and major of those student who is enrolled in a class SELECT stuid, stuname, major FROM student WHERE stuid IN (SELECT stuid FROM enrollment);

SELECT stuid, stuname, major WHERE stuid NOT IN List stuid, stuname, and major of those student who is not enrolled in a class SELECT stuid, stuname, major FROM student WHERE stuid NOT IN (SELECT stuid FROM enrollment);

Example What is the most commonly booked room type for all hotels in London? Hotel (hotelno, hotelname, city) Room (roomno, hotelno, type, price) Booking (hotelno, guestno, datefrom, dateto, roomno) Guest (guestno, guestname, guestaddress)

Find the type with its number of rooms of every hotel in London SELECT type, COUNT(type) AS y FROM booking b, hotel h, room r WHERE r.roomno = b.roomno AND r.hotelno = b.hotelno AND b.hotelno = h.hotelno AND city = 'London' GROUP BY type;

The most commonly booked room type for all hotels in London   SELECT type, MAX(y) FROM (SELECT type, COUNT(type) AS y FROM booking b, hotel h, room r WHERE r.roomno = b.roomno AND r.hotelno = b.hotelno AND b.hotelno = h.hotelno AND city = 'London' GROUP BY type) GROUP BY type;

EXIST Find student name and major who is enrolled in a class SELECT s.stuname, major FROM student s WHERE EXIST (SELECT * FROM enrollment e WHERE s.stuid = e.stuid);

NOT EXIST Find student name and major who is not enrolled in a class SELECT s.stuname, major FROM student s WHERE NOT EXIST (SELECT * FROM enrollment e WHERE s.stuid = e.stuid);

SOME Find stuid, stuname, major, and credits of the student whose credits are greater than some mis students’ credits SELECT stuid, stuname, major, credits FROM student WHERE credits > SOME (SELECT credits WHERE major=‘mis’);

ANY Find stuid, stuname, major, and credits of the student whose credits are greater than any mis student’s credits SELECT stuid, stuname, major, credits FROM student WHERE credits > ANY (SELECT credits WHERE major=‘mis’);

ALL Find stuid, stuname, major, and credits of the student whose credits are greater than every mis student’s credits SELECT stuid, stuname, major, credits FROM student WHERE credits > ALL (SELECT credits WHERE major=‘mis’);

What is the lost income from unoccupied rooms at the Grosvenor Hotel today? Hotel (hotelno, hotelname, city) Room (roomno, hotelno, type, price) Booking (hotelno, guestno, datefrom, dateto, roomno) Guest (guestno, guestname, guestaddress)

Find the rooms that are occupied at the Grosvenor Hotel today SELECT roomno FROM booking b, hotel h WHERE b.hotelno = h.hotelno AND (datefrom <= ‘SYSTEM DATE’ AND dateto >= ‘SYSTEM DATE’) AND h.hotelname = 'Grosvenor';

Find the total income of all rooms at the Grosvenor Hotel SELECT SUM(price) FROM room r, hotel h WHERE r.hotelno = h.hotelno AND h.hotelname = 'Grosvenor’;

The lost income from unoccupied rooms at the Grosvenor Hotel today SELECT SUM(price) FROM room r, hotel h WHERE r.hotelno = h.hotelno AND h.hotelname = 'Grosvenor’ AND r.roomno NOT IN (SELECT roomno FROM booking b, hotel h WHERE b.hotelno = h.hotelno AND (datefrom <= ‘SYSTEM DATE’ AND dateto >= ‘SYSTEM DATE’) AND h.hotelname = 'Grosvenor');

What is the lost income from unoccupied rooms at each hotel today? Hotel (hotelno, hotelname, city) Room (roomno, hotelno, type, price) Booking (hotelno, guestno, datefrom, dateto, roomno) Guest (guestno, guestname, guestaddress)

What is the lost income from unoccupied rooms at each hotel today? SELECT h.hotelno, SUM(price) FROM room r WHERE NOT EXIST (SELECT * FROM booking b, hotel h, room r WHERE b.hotelno = h.hotelno AND r.roomno = b.roomno AND r.hotelno = b.hotelno AND datefrom <= ‘SYSTEM DATE’ AND dateto >= ‘SYSTEM DATE’ ) GROUP BY hotelno;

SQL DML - UPDATE, INSERT, DELETE INSERT INTO table-name [(colm [, colm])] VALUES (const [, const] ) UPDATE table-name SET colm = expr [colm = expr] ... [WHERE condition] DELETE FROM table-name [WHERE condition]

Example INSERT INTO student (stuid, stuname, major, credits) VALUES (‘S114’, ‘Grace’, ‘MIS’, 60); UPDATE student SET major = ‘Database’, credits = 100 WHERE stuid = ‘S114’; SET major = ‘MIS’;

DELETE FROM student WHERE stuid = ‘S114’; DELETE FROM student;

Points To Remember Data Manipulation Language (DML) SELECT Union compatible operations Update database

Chapter 6 SQL

Agenda Data Definition Language (DDL) Access Control

String Data Types Boolean data: true, false, null, unknown value (true > false) Character data Fixed length: CHAR(4) Variable length: VARCHAR(30) Bit data: binary string BIT(4)

Numeric Data Types NUMERIC or NUMBER [precision, [scale]] DECIMAL or DEC [precision, [scale]] INTEGER or INT SMALLINT (32,767) FLOAT [precision] REAL DOUBLE PRECISION

Datetime data DATE: year, month, day (DD-MON-YY) TIME [timeprecision (for second, default=0)] [with time zone (control hour and minute)]: hour:minute:second a.m. or p.m. TIMESTAMP [timeprecision (for second, default=6] [with time zone (control hour and minute)]: date and times (DD-MON-YY hour:second:minute a.m. or p.m.)

Integrity Enhancement Feature Required data Domain constraint Entity integrity constraint Referential integrity constraint Enterprise constraint

Required Data Position VARCHAR(10) NOT NULL

Domain Constraint - I CHECK (search condition) sex CHAR(1) NOT NULL CHECK (VALUE IN (‘m’, ‘f’)) credit AS NUMBER(3) CHECK (VALUE BETWEEN 0 AND 999) major AS CHAR(3) DEFAULT ‘mis’ CHECK (VALUE IN (‘mis’, ‘man’, ‘act’, ‘obe’))

Domain Constraint - II CREATE DOMAIN domain name [AS] data type [DEFAULT default option] [CHECK (VALUE IN (search condition))] CREATE DOMAIN sextype AS CHAR(1) DEFAULT ‘m’ CHECK (VALUE IN (‘m’,’f’)); sex sextype NOT NULL CREATE DOMAIN cnumber AS CHAR(2) CHECK (VALUE IN (SELECT cno FROM customer)); cid cnumber NOT NULL DROP DOMAIN domain name [RESTRICT l CASCADE] DROP DOMAIN cnumber;

Entity Integrity PRIMARY KEY key name or key names NOT NULL PRIMARY KEY sno NOT NULL sno INTEGER NOT NULL UNIQUE PRIMARY KEY (sno, classno, sdate) NOT NULL

Referential Integrity Referential action for ON UPDATE and ON DELETE CASCADE SET NULL SET DEFAULT NO ACTION Examples FOREIGN KEY hotelno REFERENCES hotel (hotelno) FOREIGN KEY hotelno REFERENCES hotel (hotelno) ON DELETE SET NULL FOREIGN KEY hotelno REFERENCES hotel (hotelno) ON UPDATE CASCADE

Enterprise Constraint Methods CHECK clause UNIQUE clause CREATE ASSERTION statement CREATE ASSERTION assertion name CHECK (assertion condition): for defining attribute constraint CREATE ASSERTION toomuch CHECK (NOT EXIST (SELECT sno FROM enroll GROUP BY sno HAVING COUNT (*) >10));

SQL DDL CREATE ALTER DROP

CREATE SCHEMA DOMAIN TABLE INDEX VIEW

ALTER TABLE DOMAIN

DROP SCHEMA DOMAIN TABLE INDEX VIEW

CREATE Schema CREATE SCHEMA [name | AUTHORIZATION creator-id] DROP SCHEMA name [RESTRICT | CASCADE] Examples CREATE SCHEMA mis150 AUTHORIZATION tsai; DROP SCHEMA mis150;

SQL DDL For Table CREATE TABLE table-name (colm data-type [NOT NULL][UNIQUE] [DEFAULT option][CHECK search-cond][,...],[PRIMARY KEY (colm [,colm])],[FOREIGN KEY (colm [,colm]) REFERENCES (parent-table)[colms])

Create A New Table Example CREATE TABLE student (stuid NUMBER(5) NOT NULL CHECK (VALUE BETWEEN 00001 AND 99999), stuname CHAR(10), major CHAR(10), credit NUMBER(3), CONSTRAINT pkstudent PRIMARY KEY (stuid));

Create A New Table Example CREATE TABLE faculty (facid NUMBER (5) NOT NULL, facname CHAR(10), dept CHAR(10), rank CHAR(3) CHECK (VALUE IN (‘F’,’Aso’, Ast’)), CONSTRAINT pkfaculty PRIMARY KEY (facid));

Create A New Table Example CREATE TABLE class (course# NUMBER(5) NOT NULL, facid NUMBER(5), sched CHAR(10), room CHAR(10), CONSTRAINT pkclass PRIMARY KEY (course#), CONSTRAINT fkclassfaculty FOREIGN KEY (facid) REFERENCES faculty (facid));

Create A New Table Example CREATE TABLE enrollment (course# NUMBER(5) NOT NULL, stuid NUMBER(5) NOT NULL, grade CHAR(10), CONSTRAINT pkenroll PRIMARY KEY (course#, stuid), CONSTRAINT fkenrollclass FOREIGN KEY (course#) REFERENCES class (course#), CONSTRAINT fkenrollstudent FOREIGN KEY (stuid) REFERENCES student (stuid));

Create A New Table Example CREATE DOMAIN PropertyNo AS SMALLINT; CREATE DOMAIN StaffNo AS CHAR(5) CHECK (VALUE IN (SELECT Sno FROM Staff); CREATE DOMAIN Prent AS DECIMAL(6,2) CHECK (VLAUE BETWEEN 0 AND 9999.99); CREATE TABLE PropertyForRent (Pno PropertyNo NOT NULL, Sno StaffNo CONSTRAINT StaffNotTooMuch CHECK (NOT EXIST (SELECT Sno FROM PropertyForRent GROUP BY Sno HAVING COUNT (*) >10)) NOT NULL, Rent Prent NOT NULL, CONSTRAINT pkPropertyForRent PRIMARY KEY (Pno), CONSTRAINT fkPropertyForRentStaff FOREIGN KEY (Sno) REFERENCES Staff (Sno));

SQL DDL For Table DROP TABLE table-name [RESTRICT | CASCADE]; ALTER TABLE table-name [ADD][MODIFY][COLUMN] colm data-type [NOT NULL][UNIQUE] [DEFAULT option][CHECK search-cond][,...] [DROP [COLUMN] colm [RESTRICT|CASCADE] [ALTER [COLUMN] SET DEFAULT default option] [ALTER [COLUMN] DROP DEFAULT]

Example ALTER TABLE enrollment MODIFY (grade NUMBER(3)); ADD (datetake DATE not null); DROP TABLE enrollment;

SQL DDL For Table ALTER TABLE table-name [ADD [CONSTRAINT[constrnt-name]]table-constrnt][DROP CONSTRAINT constrnt-name][RESTRICT | CASCADE]

CREATE TABLE customer (lastname CHAR(20) NOT NULL, firstname CHAR(20) NOT NULL, customerid NUMBER(5) NOT NULL, address CHAR(10)); ALTER TABLE customer ADD (CONTRAINT pkcustomer PRIMARY KEY (lastname, firstname)); DROP CONSTRAINT pkcustomer; KEY (customerid));

Example CREATE TABLE purchaseorder (ponumber CHAR (5) NOT NULL, podate DATE CONTRAINT pkpurchasorder PRIMARY KEY (ponumber)); CREATE TABLE puchaseorderlineitem (ponumber CHAR(5) NOT NULL, lineitem CHAR(5) NOT NULL, quantity NUMBER(5) NOT NULL, CONTRAINT pkpuchaseorderlineitem PRIMARY KEY (ponumber, lineitem)); ALTER TABLE puchaseorderlineitem ADD (CONSTRAINT fkpolineitem FOREIGN KEY (ponumber) REFERENCES purchaseorder (ponumber)); DROP (CONSTRAINT fkpolineitem);

SQL DDL For Index CREATE [UNIQUE] INDEX index-name ON base-table-name (column [ASC | DESC] [, ... ) DROP INDEX index-name

Example CREATE INDEX studentname ON student (stuname DESC); CREATE INDEX majorcredit ON student (major, credit); DROP INDEX majorcredit;

SQL DDL For View CREATE VIEW view-name [(view-colm [, ...])] AS SELECT ... [WITH [CASCADE|LOCAL] CHECK OPTION] DROP VIEW view-name [RESTRICT | CASCADE]

Example CREATE VIEW substudent (studentid, studentname, major) AS SELECT stuid, stuname, major FROM student; CREATE VIEW productprofit (productid, productname, profit) SELECT productid, productname, sale-cost FROM inventory; DROP VIEW productprofit;

Advantage of View Data independence Currency Improved security Reduced complexity Convenience Customization Data integrity

Disadvantage of View Update restriction Structure restriction (new attribute in the base table) Performance (complex views)

Access Control GRANT system-privilege [ALL PRIVILEGES] TO role-name [WITH GRANT OPTION] GRANT object-privilege [ALL PRIVILEGES] ON [owner.] object-name TO role-name [WITH GRANT OPTION] GRANT role-name TO user-name REVOKE privilege FROM role-name REVOKE role-name FROM user-name

System Privileges CREATE TABLE CREATE VIEW CREATE USER ALTER INDEX

Object Privileges SELECT INSERT UPDATE DELETE

Examples GRANT CREATE TABLE, CREATE VIEW, CREATE USER TO manager; GRANT SELECT, INSERT, UPDATE, DELETE ON student TO manager; GRANT manger TO tsai;

REVOKE DELETE ON student FROM manager; REVOKE manager FROM tsai;

Points To Remember Structured Query Language (SQL) Data Definition Language (DDL) Access Control

Student (Stuid, Stuname, Major, Credits) Class (Course#, Facid, Sched, Room) Faculty (Facid, Facname, Dept, Rank) Enrollment (Course#, Stuid, Grade)

Branch (Bno, Area, City) Staff (Sno, Name, Position, Sex, Salary, Bno) Property_for Rent (Pno, Area, City, Type, Rooms, Rent, Ono, Sno, Bno) Renter (Rno, Name, Max_Rent) Owner ( Ono, Name,) Viewing (Rno, Pno, Date)

Oracle 9i

Agenda Start and exit SQL Plus (General) Start and exit SQL Plus (Tah 1006) Syntax Create a new user Create a new table Enter data into a new table Export & import data

Start and Exit SQL Plus Start SQL Plus Exit SQL Plus Start Select Program Select Oracle-ORACLE_9i Select Application Development Select SQL Plus Enter your name for User Name (system) Enter Enter your password for Password (manager) Exit SQL Plus Type exit at SQL prompt

Start and Exit SQL Plus (Tah 1006) Start Database Start the computer Wait for couple minutes Select Oracle-XP-SP1 Press Enter for password (no password is needed) Double clicks the SQL Plus icon Enter your name for User Name (system) Enter your password for Password (manager) Exit SQL Plus Type exit at SQL prompt Close the database window

Syntax - General Use semicolon (;) to terminate a statement SQL is not case-sensitive SQL statement can be entered into several lines Use comma (,) to separate attributes Use a pair of single quotes (‘) for any character string Use a pair of double quotes (“”) for a single (‘) character string

Syntax - General Use percentage sign (%) for a group of wildcard characters Use underscore (_) for one wildcard character Escape character Select…from….where city like ‘%s/_f%’ escape ‘/’; Underscore _ after / will be interpreted as a regular meaning underscore Subquery must be enclosed in a pair of parentheses

Syntax - Name Table name or attribute name limited to 30 characters (characters, number, special symbols $, _, and #) Name has to begin with a character No blank Not case sensitive No reserved word

Syntax - Data Types Characters Numbers Varchar2(n): max 4,000 characters (ASCII, 8-digit) Char(n): max 2,000 characters (ASCII, 8-digit) Nvarchar2(n): as char (Unicode, 16-digit) Nchar(n): as char (Unicode, 16-digit) Numbers Integer: number(n) Fixed-point: number(5,2), 999.99 Floating-point: number

Syntax - Data Types Date Date:DD-MMM-YY HH:MI:SS Timestamp (fractional seconds precision) with 6 as default value Large object (LOB): max 4 gigabytes for digitized sounds, images, and binary files

Syntax - Editor L or LIST - displays most current SQL statements from buffer Line number - changes the current line number to the entered line number and shows the listed line number LIST line number or nn nn - show the indicated line number text or between the nn and nn

Syntax - Editor A or APPEND text - adds the entered text to the end of the current line I or INPUT text – create a new line after the current line C or CHANG/old text/new text/ - replaces an existing text string (old text) in the line with a new text string (new text) DEL or DELETE - deletes the current line START filename – execute the contents of the SQL Plus command file

Syntax - Editor SAVE file name - saves the most current SQL statements to a file (filename.sql) GET file name - retrieves SQL statements from the file name (filename.sql) R or / - runs the most current statements SPOOL file name - saves SQL statements, its query, and other results to a file SPOOL OFF - terminates SPOOL

Spool File - Menu SPOOL file SPOOL off Select File Select Spool Select Spool file Type drive (such as a:) Type file name (such as f1) Select spool file (*.lst) SPOOL off File Spool Spool off

Save File Menu Select File Select Save Select Create to create a *.sql file Select Replace to replace a *.sql file Select Append to append a *.sql file

Syntax - View Table Structure View all tables SELECT TABLE_NAME FROM USER_TABLES; SELECT TABLE_NAME FROM ALL_TABLES; View field definitions of a table DESCRIBE table name DESCRIBE student; View all constraints of a table SELECT CONSTRAINT_NAME, TABLE_NAME, CONSTRAINT_TYPE FROM USER_CONSTRAINTS; SELECT CONSTRAINT_NAME, CONSTRAINT_TYPE FROM USER_CONSTRAINTS WHERE TABLE_NAME = ‘student’;

Oracle Constraint Type Identifier Primary key: p Foreign key: r Check condition: c Not null: n Unique: u

Error Message Type http://otn.oracle.com for the Internet address Click ‘Search’ Check ‘Oracle Technology Network Documentation’ box Type ‘ORA-error messages’ in the search field Click ‘Search icon’

Create A New Table CREATE TABLE student (stuid char(5) NOT NULL, stuname char(10), major char(10), credit number(3), CONSTRAINT pkstudent PRIMARY KEY (stuid));

Create A New Table CREATE TABLE faculty (facid char(5) NOT NULL, facname char(10), dept char(10), rank char(10) check (rank in (‘F’,’Aso’, ‘Ast’)), CONSTRAINT pkfaculty PRIMARY KEY (facid));

Create A New Table CREATE TABLE class (course# char(5) NOT NULL, facid char(5), sched char(10), room char(10), CONSTRAINT pkclass PRIMARY KEY (course#), CONSTRAINT fkclassfaculty FOREIGN KEY (facid) REFERENCES faculty (facid));

Create A New Table CREATE TABLE enrollment (course# char(5) NOT NULL, stuid char(5) NOT NULL, grade char(10), CONSTRAINT pkenroll PRIMARY KEY (course#, stuid), CONSTRAINT fkenrollclass FOREIGN KEY (course#) REFERENCES class (course#), CONSTRAINT fkenrollstudent FOREIGN KEY (stuid) REFERENCES student (stuid));

Delete A Record or A Table DELETE FROM tablename DELETE FROM student; DROP TABLE tablename DROP TABLE student;

Create A New User CREATE USER username IDENTIFIED BY password CREATE USER tsai IDENTIFIED BY tsai GRANT privilege1, privilege2,…TO username or role name GRANT CREATE USER, CREATE TABLE, DROP TABLE TO tsai; (current user’s schema – user level) GRANT role name TO username GRANT DBA TO tsai; (any user’s schema –DBA level)

Delete An User REVOKE privilege FROM role name REVOKE CREATE USER form tsai; REVOKE role name FROM username REVOKE DBA from tsai; DROP USER username DROP USER tsai;

Input Data Into A Table The ampersand (&) signal the SQL compiler to prompt the user for a value that is then substituted into the query &prompt_variable is the name of the attribute for which the user is prompted to specify a value Example INSERT INTO student VALUES (&stuid, &stuname, &major, &credit);

Load Data Into A Table Tsaitest.dat file contains 11111,Ching,MIS,100 22222,Anderson,MIS,200 33333,Martin,ACT,300 Tsaitest.ctl contains LOAD DATA INFILE ‘tsaitest.dat’ APPEND INTO TABLE student FIELDS TERMINATED BY ‘,’ (stuid, stuname, major, credit) The following command should be issued in command line SQLLDR USERID=tsai/tsai CONTROL= tsaitest.ctl LOG=tsaitest.LOG Tsaitest.dat, tsaitest.ctl, and tsaitest.log have to be in the same directory such as C:

Export Data Program MS-DOS Prompt Type exp user name/password (such as exp nancy/nancy) Specify export file (such as a:extf1.dmp where a: is the drive) Answer the questions to execute the expert program

Import Data Program MS-DOS Prompt Type imp user name/password (such as imp nancy/nancy) Specify Import file name (such as a:extf1.dmp) Answer the questions to execute the import program

Process for Oracle Homework Use notepad to prepare the sql codes for creating tables, data, problems, and control files Save each control file in an individual file with the ctl as file extension Save each table data in an individual file with the dat as the file extension Use copy and paste to move the sql codes of create table from notepad to oracle then press / to run Copy every data file and control file in the root of C drive

Process for Oracle Homework Type sqlldr statement at C:> to load the data into each table (one at the time) Use copy and paste to move the sql codes of problem from notepad to oracle then press / to run Use save command to store the sql solution for each problem Use spool to put every problem together Use get command to get the saved solution of each problem and press / to run Use spool off to turn off the spooling Use Word to add the question before each solution and print the saved spool file

Process for Oracle Homework Use Imp and exp to import and export records and tables between each work session

Database Planning, Design and Administration Chapter 9 & 10 Database Planning, Design and Administration

Agenda Database Application Lifecycle DBMS Selection Database Administration

Database Application Lifecycles Database planning Systems definition Requirements collection and analysis Database design DBMS selection Application design Prototyping Implementation Data conversion and loading Testing Operational maintenance

Database Planning Business goals, plans, and needs Mission statements Mission objectives Current information systems evaluation Strengths Weaknesses IT opportunities for competitive advantages Corporate data model User needs Standards Legal requirement

System Definition Scope & boundaries Applications

Requirement Collection Fact-finding techniques Interview Questionnaires Observation Documentation Experience

Requirement Analysis Requirements specification technique Approach Structured Analysis and Design (SAD) Data Flow Diagram (DFD) Hierarchical Input Process Output (HIPO) Computer-Aided Software Engineering (CASE) Unified Model Language (UML) Approach Centralized View integration (local data model and global data model) Combination

Database Design Approach Top-down Bottom-up or inside-out Mixed

Optimal Logical Data Model Structure validity Simplicity Expressability Nonredundancy Shareability Extensibility Integrity Diagrammatic representation

Phase of Database Design Conceptual database design Independent of physical consideration Logical database design Normalization Specific data model Physical database design Relational tables and constraints Storage structures and access methods Security protection

DBMS Selection Steps Selection Criteria Define terms of reference of study Shortlist two or three products Evaluate products (feature, comment, rating weight, and score) Selection Criteria Data definition Physical definition Accessibility Transaction handing Utilities Development Other features

Application Design Considerations User interface (forms & reports) Data Transaction type (retrieval, update, or mixture) User interface (forms & reports) Logical Simple Error handling Help Meaningful Consistency Status

Prototyping Type Pros Cons Requirement prototyping Evolutionary ptototyping Pros Define user’s requirements Quick Feasibility test Low cost and risk, new technology Cons Costs

Implementation Data definition language (DDL) Data manipulation language (DML) or embedded DML Security control

Data Conversion and Loading Actual data conversion Bridge

Testing Learnability Performance Robustness (tolerant of user error) Recoverability Adapatability

CASE Tools Computer-Aided Software Engineering (CASE) Types Benefits: Upper-Case: planning to design Lower-Case: implementing, test, performance Integrated-Case Benefits: Productivity (effectiveness and efficiency) Standard Integration (repository) Support structured methods Consistency Automation

Data Administration Role Planning Developing and maintaining standard Developing policy & procedure Design conceptual and logical database

Database Administration Role Physical database design Security & integrity control Performance monitoring Tuning database

Points To Remember Database Application Lifecycle DBMS Selection Database Administration

Entity-Relationship (E-R) Model Chapter 11 & 12 Entity-Relationship (E-R) Model

Agenda Characteristics of E-R Model Components of E-R Model Example of E-R Model Enhanced E-R Model

Characteristics of E-R Model Semantic data model Express the logical properties of an enterprise database Design tools and documentation for data base structure No physical DBMS Proposed by Dr. Peter Chen Unified Modeling Language (UML)

Components of E-R Model Entity Attribute Key Relationship Structural constraints on relationship

Entity Definition Types Diagram Notation An object or concept Strong entity (parent, owner, dominant) Weak entity (child, dependent, or subordinate) Diagram Notation Rectangular

Attribute Domain Types Single Composite Single-valued Multi-valued Derived

Key Candidate key Primary key Composite key

Relationship Definition Diagram Notation Degree of a relationship Association among entities Diagram Notation Line – (relation or role name) Degree of a relationship Number of participating entities Types Unary (recursive relationship) Binary Ternary Quaternary

Structural Constraints on Relationship Cardinality constraints Zero-to-one 0..1 Zero-to-many 0..* One-to-many 1..* Many-to-many *..* Participation constraints Total (mandatory, every one involved) Partial (optional, only some involved) Improper relationship Fan trap (ambiguous pathway) Chasm trap (missing pathway)

Enhanced Entity-Relationship Model Additional entity types Superclass: including one or more distinct subgroups in the data model Subclass: a distinct subgroup of an entity type in the data model Attribute Inheritance Specialization hierarchy (specialization: maximizing the differences between members of an entity by identifying their distinguishing characteristics) Generalization hierarchy (generalization: minimizing the differences between entities by identifying their common characteristics) Is-A hierarchy Constraints on specialization/generalization Participation (mandatory, optional) Disjoint: disjoint (or), non-disjoint (and) Other Aggregation (has a or is part of) Composition (strong ownership of aggregation)

Design Steps Identify EER model example Entity types, relationship types Cardinality and participation constraints Attributes Keys Specialize/generalize EER diagram EER model example

Create an enhanced ER diagram for a rental management using following entities: Rental agency Staff Part time Full time Owner Renter Property Business Home

Points To Remember Characteristics of E-R Model Components of E-R Model Example of E-R Model Enhanced E-R Model

Chapters 13 & 14 Normalization

Agenda Definition Purpose Terminology Types of Normal Form Examples

Definition Technique for producing a set of relations having the real primary key(s)

Purpose Eliminate insertion anomalies Eliminate deletion anomalies Eliminate modification anomalies

Terminology Functional dependency Determinant Transitive dependency

Types of Normal Form First normal form Second normal form No repeating group Second normal form every non-primary-key attribute is fully functionally dependent on the whole primary key Third normal form No transitive dependency Boyce-Codd normal form Every determinant is a candidate for primary key

Types of Normal Form Fourth normal form Fifth normal form No multi-valued dependency Fifth normal form No join dependency

Relation Holds Book Information in a Bookstore BOOKS ( TITLE, ISBN, AUTHOR, PUB_NAME, PUB_ADD, TOTAL_COPIES_ORDERED, COPIES_IN_STOCK, PUB_DATE, CATEGORY, SELL_PRICE, COST) Unique: ISBN, PUB_NAME

BOOK (ISBN, TITLE, AUTHOR, PUBLISHER_NAME, TOTAL_COPIES_ORDEORED, COPIES_IN_STOCK, PUBLICATION DATE, CATEGORY, COST, SELLING_PRICE) PUB (PBULISHER_NAME, PUBLISHER_ADDRESS)

Relation Holds Student Information in the Dormitories COLLDORM (STUNAME, STUID, HOMEADD, HOMEPHONE, DORMROOM, ROOMMATE_NAME, DORMADD, STATUS, MEALPLAN, ROOMCHARGE, MEALCHARGE) Unique: STUID, DORMADD, DORMROOM, MEALPLAN

STUDENT (STUID, STUNAME, HOMEADD, HOMEPHONE, DORMROOM, ROOMMATE_NAME, STATUS, MEALPLAN) DORM(DORMROOM, DORMADD, ROOMCHARGE) MEALS (MEALPLAN, MEALCHARGE)

Rental Relation ClientRental (clientNo, cName, propertyNo, pAdd, rentStart, rentFinish, rent, ownerNo, oName)

Inspection Relation Inspection (Pno, Padd, IdateAndItime, Comment, Sno, Sname)

Work Relations W1 ( EMPID, EMPNAME, DATE_HIRED, JOB_TITLE, JOB_LEVEL) W2 (EMPID, EMPNAME, JOB_TITLE, RATING_DATE, RATER_NAME, RATING) W3 (EMPID, EMPNAME, PROJECT#, PROJECT_NAME, PROJ_BUDGET, EMP_MANGER, HOURS_ASSIGN) W4 (EMPID, EMPNAME, SCHOOL_ATTENDED, DEGREE, GRADUATION_DATE) W5 (EMPID, EMPNAME, SSNO, DEPENDENT_NAME, DEPDENT_ADDRESS, RELATION_TO_EMP)

Points To Remember Definition Purpose Terminology Types of Normal Form Examples

Conceptual and Logical Database Design Methodology Chapters 15 &16 Conceptual and Logical Database Design Methodology

Agenda Definition Conceptual database design Relational database - logical design Example

Definition Design methodology Conceptual database design Structured design approach using procedures, techniques, tools and documentation aids Conceptual database design Constructing an information model, independent from all physical consideration for an enterprise Logical database design Building an organization database based on a specific data model

Conceptual Database Design Entities Relationships Attributes (simple, no composite, no derived) Attribute domains Primary and candidate key attributes Minimal set of attributes Less change Uniqueness in the future Fewest characters Easy to use by users

Relational Database - Logical Design Draw ER model Review Always binary with1 to many relationship No complex relationship No redundant relationship No recursive relationship No relationship with attribute(s)

Relational Database - Logical Design Normalize relations Primary key Foreign key BCNF Add constraints Domain & enterprise Referential Entity legal

Relational Database - Logical Design Review Organization current & future needs All user current & future requirements Normalization (Boyce-Codd) Relationship (one-to-one or one-to-many) Redundancy Constraints User approval Document

Points To Remember Definition Conceptual database design Relational database - logical design Example

Physical Database Design Methodology Chapters 17 & 18 Physical Database Design Methodology

Agenda Physical database design Mapping Logical Design to DBMS Balancing the flexibility and performance Monitoring and Tuning DBMS

Physical Database Design Implementing a database using specific data storage structures and access methods

Mapping Logical Design to DBMS -I Create base relations Name Attributes Primary key Foreign key Alternative key Indexes Implement integrity rules Domain Enterprise Referential (no action, cascade, set null, set default, and no check for deleting and updating) Entity

Mapping Logical Design to DBMS -II Design representation of derived data Analysis transactions for file organizations and indexes Estimate disk space requirements Design user views Design security System Data

Balancing Flexibility and Performance Denormalization Low update rate High query rate Cross-referencing transactions and relations table Steps Derived data Redundancy

Monitoring and Tuning DBMS Correct inappropriate design Implement new minor requirement Produce better Response time and throughput Increase user’s satisfaction

Points To Remember Physical database design Mapping Logical Design to DBMS Balancing the flexibility and performance Monitoring and Tuning DBMS

Chapter 19 Security

Agenda Database Security Countermeasure Challenge over the Internet Computer-based Non-computer-based Challenge over the Internet Firewall Web security

Database Security Definition Asset Threat Consequence Mechanisms to protect the database against intentional or accidental threats Asset Hardware Software Communication network Database Individual (user, programmer, operator, administrator, and outsider) Threat Theft and fraud Consequence Loss of confidentiality Loss of privacy Loss of integrity Loss of availability

Countermeasures Computer-based controls Non-computer-based controls

Computer-based Controls - 1 Authorization & authentication Password and account number Discretionary access control (grant and revoke) Mandatory access control (object, security class, and clearance) Virtual views

Computer-based Controls - 2 Logs or journaling Transaction log Violation log Check points Integrity Domain Enterprise Entity Referential Backup (redundant array of independent disks - RAID) & recovery Audit

Computer-based Controls - 3 Encryption or cryptosystem Encryption key Encryption algorithm Decryption key Decryption algorithm Symmetric encryption (Data Encryption Standard (DES) Asymmetric encryption (RSA)

Example of Encryption - I Divide text into groups of 8 characters. Pad with blank at end as necessary Select an 8-characters key Rearrange text by interchanging adjacent characters Translate each character into an ordinal number with blank as 0, A as 1, B as 2… Add the ordinal number of the key to the results Divide the total by 27 and retain the remainder Translate the remainder back into a character to yield the cipher text

Example of Encryption - II Message: DATA COM Key: PROTOCOL A D A T C M O (switching) 01 04 01 20 03 00 13 15 (adatc mo) 16 18 15 20 15 03 15 12 (protocol) 17 22 16 40 18 03 28 27 (sum) 17 22 16 13 18 03 01 00 remainder Q V P M R C A SPACE

Example of Decryption - I Divide cipher text into groups of eight characters. Pad with blanks at end as necessary Translate each cipher text alphabetic character and the encryption key into an ordinal number For each group, subtract the ordinal number of the key value from the ordinal number of the cipher text Add 27 to any negative number Translate the number back to alphabetic equivalents Rearrange the text by interchanging adjacent characters

Example of Decryption - II Q V P M R C A SPACE 17 22 16 13 18 03 01 00 (qvpmrca ) 16 18 15 20 15 03 15 12 (protocol) 01 04 01 -7 03 00 -14 -12 (substract) plus 27 27 27 27 01 04 01 20 03 00 13 15 A D A T C M O D A T A C O M

Non-Computer-based Controls Security policy Contingency plan Person, phone no., procedures Site (cold, warm, or hot) Personnel control Reference Termination Training Balance of duty Escrow & maintenance agreements Physical

Challenge over the Internet Privacy (inaccessible except sender & receiver) Integrity (no change during transmission) Authenticity (genuine sender) Non-fabrication (genuine receiver) Non-repudiation (sender can not deny)

Firewall Definition Types A system to prevent unauthorized access to or from a private network Types Packet filter (difficult to configure and subject to IP spoofing) Application gateway (degrade performance) Circuit level gateway (TCP or User Datagram Protocol UDP) Proxy server (performance & filtering)

Web Security Message digest algorithms and digital signature Digital signatures & Certificate Authority (CA) Kerberos: centralized security server (certificate server Secure Sockets Layer (SSL) for data & Secure HTTP (S-HTTP) for individual message Secure Electronic Transaction (SET) for credit card & Secure Transaction Technology (STT) for bank payment

Points to Remember Database Security Countermeasure Computer-based Non-computer-based Challenge over the Internet Firewall Web security

Transaction Management Chapter 20 Transaction Management

Agenda Transaction Concurrent Processing Backup and Recovery

Transaction - I Definition Types An action or actions to read or update the contents of the database Types Committed Aborted Compensating

Transaction - II Property of Transactions (ACID) Atomicity (all or nothing) Consistency (state by database constraints and applications) Isolation (independent) Durability (permanent)

Concurrent Processing Definition Problems Control

Concurrent Processing Multiprogramming Interleaved between two transactions CPU I/O Logical unit of work

Concurrent Processing Problem No problem Write different data Update different data Read the same data Problem Write the same data Update the same data

Concurrent Processing Problems Lost update Two transactions simultaneously update the same files Uncommitted update Transaction 2 uses the result updated by transaction 1 Transaction 1 aborts and rolls back Transaction 2 commits Inconsistent Analysis Transaction 1 reads Transaction 2 reads and uses for calculation Transaction 1 updates and commits Transaction 2 updates and commits

SERIALIZABILITY Transaction results form concurrent processing are the same as if stand-alone sequential processing was used Ensure no anomalies arise from concurrent processing

Concurrency Control Locking Deadlock Two-phase locking Timestamping Optimistic technique

Locking Types Granularity Shared Locks vs. Exclusive Locks Read Locks vs. Write Locks Upgrade vs. Downgrade Granularity Database file page record field

Deadlock Definition Control Tow or more transactions each wait for locks held by other transaction Livelock Control Wait-Die Wound-wait Time out Conservative 2PL

Two-phase Locking Growing phase Shrinking phase Get all locks Upgrade locks Shrinking phase Downgrade locks Once starting to release a lock - no more new locks

Timestamping Timestamp Timestamp protocol unique identifier as relative starting time of a transaction Read-timestamp & write timestamp Timestamp protocol Transactions with smaller timestamps get priority in the event of conflict Transaction is only allowed on the item with smaller read-timestamp or write timestamp

Optimistic Technique Read phase Validate phase Write phase

Database Recovery Definition Reasons Restoring the database to its correct state in the event of a failure Reasons Physical (fire, flood, etc.) Sabotage Carelessness Hardware Software (application/system)

Database Backup Backup Transaction log Checkpoint Copy of the database Transaction ID, time, operation, object, before image, after image, prior pointer, next pointer Checkpoint Synchronize transaction log and the database Write data from buffers to database on the disk Write checkpoint to log identify current transaction(s)

Recovery Methods Reprocessing Rollfoward Rollback Record all transactions since last backup and replay the following transactions Rollfoward Use the transaction log to change any committed transactions on the database or since last checkpoint Rollback Use transaction log to undo any aborted transactions

Shadow Paging Method Current page table vs. Shadow page table Pros & cons Faster Less overhead Data fragmentation Reclaim inaccessible blocks

Points To Remember Properties of Transaction Concurrent Processing Backup and Recovery

Object-Oriented Practices Chapter 25 - 28 Object-Oriented Practices

Agenda Object-Oriented Concepts Terminology Object-Oriented Modeling Tips Object-Oriented Data Models and DBMSs OODBMS Manifesto Object Management Architecture Common Object Request Broker Architecture

Object-Oriented Concepts Abstraction – encapsulation and information hiding Identifying the essential aspects of an entity (Object) Abstract Data Type (ADT): interface part (operation) implementation part (data structure) Encapsulation An object has data structure and operations Information hiding Internal details Data independence

Terminology Object Identity Classes Operations, methods & messages Inheritance Polymorphism

Object Identity (OID) System generated Unique to that object Invariant Independent of the values of its attributes Invisible to the user Advantages: Fast, efficient, independent of content, not changeable by user

Class Definition Diagram Superclasses & subclasses Group of objects with similar properties (attributes), common behavior (methods), similar relationship to other objects, and common semantics. Diagram Box: class name, attributes, operations (methods) Superclasses & subclasses Generalization & specialization

Inheritance Definition Types A subclass inherits the attributes, operations, and association of its superclasses Types Single inheritance: one superclass Multiple inheritance: two or more superclasses Repeated inheritance: common superclass Selective inheritance: limited number of properties from the superclass

Operations Methods & Messages Function or procedure may be applied to or by objects in a class Methods The implementation of an operation for a class Messages Communication between objects to execution of a method

Link & Association - 1 Link Association A physical or conceptual connection between objects Link attribute describes property of an association Association A description of a group of links with common structure and common semantics Has a name (roles for problem description) A link is an instance of an association

Link & Association - 2 Qualified association Multiplicity The objects in a many role are partially or fully disambiguated by an attribute called the qualifier A small box on the end of the association line near the source class Multiplicity The number of instances of one class that may relate to a single instance of an associated class one, many, zero or one

Polymorphism Overloading Overriding Dynamic binding The name of a method to be reused within a class definition or across class definitions Overriding The name of property to be redefined in a subclass Dynamic binding Runtime determination of object and method

Object Modeling Tips Scope Simplicity Layout of diagram Name (descriptive, crisp, and unambiguous) Association (foreign keys) Multiplicity Qualifiers Review

Object-oriented DBMSs Object-oriented data model (OODM) A logical data model of objects supported in object-oriented programming Object-oriented database (OODB) A persistent and sharable collection of objects defined by an OODM Object-oriented DBMS (OODBMS) The manager of an OODB

OODBMS Manifesto - 1 Support complex objects Support object identity Support encapsulation Support types or classes Support inheritance between types or classes Support dynamic binding

OODBMS Manifesto - 2 Completed computational DML Extensible data types Data persistence Support very large databases Support concurrent users Backup & recovery Support simple way of querying data

Object Management Architecture (OMA) Object Model (OM) A design-portable abstract model for communicating with OMG (Object Management Group)-compliant object-oriented systems Object Request Broker (ORB) Handles distribution of messages between application objects (software bus) Object Services (concurrency control, security, persistence etc.) Common Facilities (printing, e-mail etc.) Common Object Request Broker Architecture (CORBA) Enable client-server interaction with a specific implementation of ORB

Points To Remember Object-Oriented Concepts Terminology Object-Oriented Modeling Tips Object-Oriented Data Models and DBMSs OODBMS Manifesto Object Management Architecture Common Object Request Broker Architecture