ICS 2415 ADBS Sess05 06 DBase Security Integrity and Recovery

Database Security, Integrity
and Recovery
Kyanganda S.
ICS 2415 Advanced Dbase Systems
Database Security
and Integrity
Definitions
Threats to security
Threats to integrity
Resolution of Problems
Kyanganda S.
Database Security
SECURITY
Protecting the database from unauthorised users
Ensures that users are allowed to do the things they
are trying to do
Kyanganda S.
Database Security
INTEGRITY
Protecting the database from authorised users
Ensures that what users are trying to do is correct
Kyanganda S.
Database Security
TYPES OF SYSTEM FAILURES
1. HARDWARE
DISK , CPU , NETWORK
2.
SOFTWARE
SYSTEM, DATABASE, PROGRAM
Kyanganda S.
Database Security
Important security features include:
Views
Authorisation & controls
User defined procedures
Encryption procedures
Kyanganda S.
Authorisation Rules
An example: a person who can supply a particular
password may be authorised to read any record, but
cannot modify any of those records.
Authorisation Table for subjects i.e. Salesperson
Customer Records
Order Records
Read
Insert
Modify
Delete
Kyanganda S.
Authorisation Rules
Authorisation Table for Objects i.e. Order Records
Salesperson
Password
Order Entry
Accounting
(Batman)
(Joker)
(Julie)
Read
Insert
Modify
Delete
Kyanganda S.
Database Integrity
CONSTRAINTS
Can be classed in 3 different ways:
1. Business constraints
2. Entity constraints
3. Referential constraints
Kyanganda S.
Database Integrity
BUSINESS CONSTRAINTS
A value in one column may be constrained by value
of another or by some calculation
or formulae.
Kyanganda S.
Database Integrity
ENTITY CONSTRAINTS
Individual columns of a table may be constrained e.g. not
null
REFERENTIAL CONSTRAINTS
Some times referred to as key constraints, e.g.
Table 2 depends on Table 1
Kyanganda S.
Database Integrity
create table account_dets
(acc_id char(6) primary key,
acc_custid char(6) references customer(cust_id),
acc_odraft number(4) check (acc_odraft <= 200),
acc_type char(2) constraint type_chk
check (acc_type in (AB, CD, EF)),
acc_crtdate date not null);
Kyanganda S.
Database Integrity
BENEFITS OF USING CONSTRAINTS
Guaranteed integrity and consistency
Defined as part of table definition

Applies across all applications
Cannot be circumvented
Application development productivity
Requires no special programming
Easy to specify and maintain(reduced coding)
Defined once only
Kyanganda S.
Database Integrity
CONCURRENCY CONTROL
WHAT IS IT?
The co-ordination of simultaneous requests, for the
same data, from multiple users
Kyanganda S.
Database Integrity
CONCURRENCY CONTROL
WHY IS IT IMPORTANT?
Simultaneous execution of transactions over a shared
database may create several data integrity and
consistency problems
Kyanganda S.
Database Integrity
Janet
Time
1. Read balance (1000)
John
1. Read Balance (1000)
2. Withdraw 200 (800)

Balance 800
(700)
3. Write balance
Balance 800
2. Withdraw 300
3. Write Balance
Balance 700
ERROR
Kyanganda S.
Database Integrity
The three main integrity problems are:
Lost updates
Uncommitted data
Inconsistent retrievals
Kyanganda S.
Database Integrity
LOCKING
Two kinds of Locks:
1. Shared Locks (allows read only access)
2. Exclusive Locks (prevents reading of a
record)
Kyanganda S.
Database Integrity
Time
User 1
1. Lock record X
User2
1. Lock record Y
2. Request record Y
2. Request Record X
(Wait for X)
(Wait for Y)
DEADLOCK
Kyanganda S.
Database Recovery
The process of restoring the database to a
correct state in the event of a failure, e.g.
System Crashes
Media Failures
Application Software Errors
Natural Physical Disasters
Carelessness
Sabotage
Kyanganda S.
Database Recovery
Basic Recovery Facilities
Backup Facilities
Journaling Facilities
Checkpoint facilities
Recovery Facilities
Kyanganda S.
Transactions
Basic unit of recovery
Properties of Transaction (ACID)
Atomicity
Consistency
Isolation
Durability
Purpose of recovery manager is to enforce

Atomicity and Durability
Kyanganda S.
Staff Salary
Update Example
Read Operations:
Find address of the disk block that contains record with primary key x
transfer block into a DB buffer in main memory
copy salary data from DB buffer into variable salary
Write Operations:
as steps 1 & 2 above
copy salary data from variable salary into the DB buffer
write DB buffer back to disk
Kyanganda S.
Storing Data
Buffer contents flushed to secondary storage
permanent
buffer full
Main Memory
Database
Buffer
Secondary
Storage
Kyanganda S.
Commit
Database Update Procedures

Update Trans1
Database
(State 1)
Update Trans2 Update Trans3
Database
(State 2)
Database
(State 3)
Database
Backup
Database
(State 2)
Kyanganda S.
Database
(State 4)
Back-up Facilities
DBMS provides a mechanism for taking backup
copies of the database and log file at regular
intervals.
A dump or copy or backup file contains all or
part of the database
backups taken without having to stop the
system
Kyanganda S.
Journal Facilities
REDO LOGS
This is the main logging file. The file
contains two different types of
logging records.
AFTER IMAGES
BEFORE IMAGES
Kyanganda S.
Journal Facilities
REDO LOGS - AFTER IMAGES
After any column of any row on any table in the
database is changed, then the new values are
not only written to the database but also to the
redo log. The complete row is written to the log.
If a row is deleted then notification is also put on
to the redo log. After images are used in roll
forward recovery.
Kyanganda S.
Journal Facilities
REDO LOGS - BEFORE IMAGES
Before a row is updated the data is copied to
the redo log. It is not a simple copy from the
database because a separate area of the
database maintains the immediate pre-update
version of each row updated in the database.
The extra area is called the ROLLBACK
SEGMENT. The redo log takes before image
copies from the rollback segment in the
database.
Kyanganda S.
Sample Log File

Tid
Time
Operation
T1
10:12
START
T1
10:13
UPDATE
T2
10:14
START
T2
10:16
INSERT
T2
10:17
DELETE
T2
10:17
UPDATE
T1
10:18
COMMIT
10:19
CHECKPOINT
Kyanganda S.
Object
TENANT
NO21
TENANT
NO37
TENANT
NO9
PROPERTY
PG16
Before
Image
After
Image
pPtr
nPtr
(old value)
(old value) (new value)
(old value) (new value)
(new value)
T2
Types of Recovery
Duplicate Databases
Rollback Recovery
Rollforward Recovery
Reprocessing Transactions
Kyanganda S.
Duplicate Databases
Requires 2 copies of the database
Advantages
Fast Recovery (seconds)
Good for disk failures
Disadvantages
No protection against power failure
Expensive
Kyanganda S.
Rollback Recovery
Changes made to the database are
undone
(Backward Recovery )
Rollback enables the updating to be

undone to a predetermined point in the
database processing that provides a
consistent database state.
Kyanganda S.

Update Trans1
Database
(State 1)
Database
(State 2)
Database
(State 3)
Database
Backup
Database
(State 2)
Kyanganda S.
Database
(State 4)
Rollback Recovery
Database
(with
changes)
ROLLBACK
Database
(without
changes)
Before
Images
Kyanganda S.
Roll Forward Recovery

This recovery technique updates an out-of-date
database up-to-the current processing position.
If the data is inconsistent then the database may
need to rollback to the previous consistent state.
Kyanganda S.

Update Trans1
Database
(State 1)
Database
(State 2)
Database
(State 3)
Database
Backup
Database
(State 2)
Kyanganda S.
Database
(State 4)
Roll Forward Recovery
Database
(without
changes)
ROLL FORWARD
Database
(with
changes)
After
Images
Kyanganda S.
Reprocessing Transactions
Similar to Forward Recovery
Uses update transactions instead of after
images
ADVANTAGES
Simple
DISADVANTAGES
Slow
Kyanganda S.

Update Trans1
Database
(State 1)
Database
(State 2)
Database
(State 3)
Database
Backup
Database
(State 2)
Kyanganda S.
Database
(State 4)
Database Recovery Procedures

Problem
Recovery Procedure
Storage M edium
Destruction
*Duplicate Database
Forward Recovery
Reprocess Transactions
*Backward Recovery
Forward Recovery or reprocess
transactions - bring forward to
just before termination
*Backward Recovery
Reprocess Transactions
(exclusing those from the update
that created incorrect data)
Transaction error or
system failure
Incorrect Data
Kyanganda S.
Summary
This lecture has looked at security and
recovery procedures
Ensuring that these two are administered
correctly cuts out the majority of problems
with database administration
Kyanganda S.
Further Reading
Security
Connolly & Begg, chapter 19
Concurrency Control
Connolly & Begg, chapter 20?
Integrity and Recovery

Connolly & Begg, chapters 18 and 19?
Kyanganda S.
Advanced Database Security
Kyanganda S.
44
Contents
Definitions
Countermeasures
Security Controls
Data Protection and Privacy
Statistical Databases
Web Database Security Issues and Solutions
SQL Injection
Kyanganda S.
45
Database Security Definition

Definition (revisited):
The protection of the database against intentional or
unintentional threats using computer-based or noncomputer-based controls
Areas in which to reduce risk:
theft and fraud

loss of confidentiality
loss of privacy
loss of integrity
loss of availability
Kyanganda S.
46
Countermeasures
Ways to reduce risk
Include
Computer Based Controls
Non-computer Based Controls
Kyanganda S.
47
Computer Based Controls

Security of a DBMS is only as good as the OS
Computer based Security controls available:
authorization and authentication

views
backup and recovery
Integrity
Encryption
within database and data transport
RAID for fault tolerance

associated procedures
e.g. backup, auditing, testing, upgrading, virus checking
Kyanganda S.
48
Non-computer based Controls

Include:
Security policy and contingency plan
personnel controls
secure positioning of equipment
escrow agreements
maintenance agreements
physical access controls
Both internal and external
Kyanganda S.
49
Data Security
Two (original) broad approaches to data security:
Discretionary access control
a given user has different access rights (privileges) on different objects
flexible, but limited to which rights users can have on an object
privileges can be passed on at users discretion
Mandatory access control

each data object is labelled with a certain classification level
each user is given a certain clearance level
rigid, hierarchic
Kyanganda S.
50
Role Based Access Control

A specific function within an organisation
Authorizations are granted to the roles
Instead of users
Users are made members of roles

Privileges can not be passed on to other users
Simplifies authorization management
Supported in SQL
Kyanganda S.
51
System R Authorization Model

One of the first authorization model for RDBMS
As part of System R RDBMS
Based on concept of Protection Objects

Tables and views
Access modes
SELECT
INSERT
DELETE
UPDATE
Not all applicable for views

Kyanganda S.
52
System R Authorization Model

Users can give access to other users through use of
GRANT and REVOKE
Removing REVOKE is recursive

System R has a closed world policy
If no authorization then access is denied
However authorization can be granted later
Negative authorization
Denials are expressed
Denials take precedence
Kyanganda S.
53
SQL Facilities
SQL supports discretionary access control using view
mechanism and authorization system
e.g. CREATE VIEW S_NINE_TO_FIVE AS
SELECT S.S#, S.SNAME, S.STATUS, S.CITY
FROM S
WHERE to_char(SYSDATE, 'HH24:MI:SS) >= 09:00:00
AND to_char(SYSDATE, 'HH24:MI:SS) <= 17:00:00;
GRANT SELECT, UPDATE (STATUS)
ON S_NINE_TO_FIVE
TO Purchasing;
parameterised view
Also referential and entity integrity

Kyanganda S.
54
Oracle Virtual Private Databases

Fine-grained access control based on tuple-level
access
Uses dynamic query modification
Users are given a specific policy
The policy returns a specific WHERE clause in the query
depending on the policy
SELECT * FROM prop_for_rent
Becomes
SELECT * FROM prop_for_rent WHERE prop_type = F
Kyanganda S.
55
Data Protection and Privacy

Privacy
concerns the right of an individual not to have personal
information collected, stored and disclosed either willfully
or indiscriminately
Data Protection Act

the protection of personal data from unlawful
acquisition, storage and disclosure, and the provision of
the necessary safeguards to avoid the destruction or
corruption of the legitimate data held
New Freedom of Information Act

Kyanganda S.
56
A database that permits queries that derive
aggregated information (e.g. sums, averages)
but not queries that derive individual information
Tracking
possible to make inferences from legal queries to
deduce answers to illegal ones
SELECT COUNT(*) FROM STATS X WHERE X.SEX=M AND
X.OCCUPATION = Programmer)
SELECT SUM(X.SALARY) FROM STATS X WHERE X.SEX=M AND
X.OCCUPATION = Programmer)
Kyanganda S.
57
Various strategies can be used to minimize
problems
prevent queries from operating on only a few
database entries
swap attribute values among tuples
randomly add in additional entries
use only a random sample
maintain history of query results and reject queries
that use a high number of records identical to
previous queries
Kyanganda S.
58
Web Database Security Issues

Internet is an open network
traffic can easily be monitored, e.g. credit card numbers
Challenge is to ensure that information conforms to:

privacy, integrity, authenticity, non-fabrication, nonrepudiation
Information also needs protected on web server

Also need to protect from executable content
Kyanganda S.
59
Web Database Security Solutions

Various methods can be used
proxy servers
improve performance and filter requests
firewalls
prevents unauthorised access to/from a private network
digital certificates
electronic message attachments to verify that user is
authentic
Kerberos
centralised security server for all data and resources on
network
Kyanganda S.
60
Web Database Security Solutions

Secure Sockets Layer and Secure HTTP
SSL - secure connection between client and server
S-HTTP - individual messages transmitted securely
Secure Electronic Transactions

certificates which splits transactions so that only relevant
information is provided to each user
Java - Java Virtual Machine (JVM)

class loader - checks applications do not violate system
integrity by checking class hierarchies
bytecode verifier - verify that code will not crash or violate
system integrity
Active-X
uses digital signatures, user is responsible for security
Kyanganda S.
61
SQL Injection
a technique used to take advantage of nonvalidated input vulnerabilities to pass SQL
commands through a Web application for
execution by a backend database1
Can chain SQL commands
Embed SQL commands in a string
Ability to execute arbitrary SQL queries
1 http://imperva.com/application_defense_center/glossary/sql_injection.html
Kyanganda S.
62
SQL Injection: Example 1

Form asking for username and password
Original Query:
SQLQuery = SELECT count(*) FROM users
WHERE username = + $usename +
AND password = + $password + ;
Specify username and password = OR 1 = 1

SELECT count(*) FROM users WHERE
username = OR 1 = 1 AND password =
OR 1 = 1;
Kyanganda S.
63
SQL Injection : Example 2

SQLQuery = SELECT * FROM staff WHERE staff_no =
+ $name + ;
Enter staff_no: 100 OR 1 = 1
Will give the query:

SELECT * FROM staff WHERE staff_no = 100 OR 1
= 1;
Even worse:
Enter staff_no: 100; DROP TABLE staff; SELECT * FROM
sys.user_tables
Enter staff_no: 100 UNION SELECT SELECT Username,
Password FROM Users
Kyanganda S.
64
SQL Injection : Remedies

Can include:
Strip quotation marks and other spurious
characters from strings
Use stored procedures
Limit field lengths or even dont allow text entries
Restrict UNION
Kyanganda S.
65
Summary
Have looked at a number of issues and
solutions for database security
e.g. access controls, SQL features, etc.
Web security is an important problem

Need to consider security of data transmission, the
data server and the clients
Kyanganda S.
66
Further Reading
Connolly and Begg, chapter 19
Date (7th edition), chapter 17
both Connolly and Date have general introductions to security
concepts, with mention of some advanced features
Bertino and Sandhu: Database Security Concepts,

Approaches and Challenges, IEEE Transactions on
Dependable and Secure Computing, Vol. 2, No. 1, 2005
Oracle 8i Virtual Private Database White Paper:
http://www.oracle.com/technology/deploy/security/oracle8i/
pdf/vpd_wp6.pdf
Kyanganda S.
67
Client/Server, Distributed and

Internet Databases
Kyanganda S.
68
Contents
Client/Server Databases
Web Databases
Distributed Databases
Kyanganda S.
69
Client/Server
Architecture
In a file server client architecture each client must run a
copy of the DBMS
A better solution is to have a central database server
which performs all database commands sent to it from
client PCs.
Application programs on each client PC can then
concentrate on user interface functions.
Database recovery, security and concurrency control is
managed centrally on the server.
Kyanganda S.
70
Client/Server
Architecture
DATABASE SERVER
The SERVER portion of the client/server database
system which provides processing and shared access
functions.
Kyanganda S.
71
Client/Server
Architecture
CLIENT
Manages the user interface (controls the PC screen,
interprets data sent to it by the server and displays the
results of database queries)
The client forms queries in a specified language (usually

SQL) to retrieve data from the database. This query process
is usually transparent to the user.
Kyanganda S.
72
Client/Server
Architecture
CLIENT/SERVER ADVANTAGES
Allows companies to harness the benefits of
microcomputer technology such as low cost.
Processing can be performed close to the source of
the data - more speed.
Allows the use of GUI interfaces that are commonly
available on PCs and workstations.
Paves the way for truly open systems.
Kyanganda S.
73
Client/Server
Architecture
CLIENT/SERVER DESIGN ISSUES
The server must be upgradeable to allow for the
growth in clients.
Gateway software is normally required for accessing
databases held on a mainframe.
The server must have capabilities for backup,
recovery, security and UPS.
Kyanganda S.
74
Client/Server
Architecture
CLIENT/SERVER DESIGN ISSUES
Can be complex and so require specialised and expensive
tools such as database servers and APIs.
A lack of comprehensive standards.
Front-end GUI software often requires expensive client
workstations.
Kyanganda S.
75
Traditional ClientServer Architecture

Traditional
Database Systems
are based on a
two-tier clientserver architecture
Fat clients
Kyanganda S.
Client
User interface
Main business and data
processing logic
Database
Server
Server-side validation
Database access
76
Web Architecture
Need for enterprise
scalability causes
problems which
can be solved by a
three-tier
architecture
Thin clients
Kyanganda S.
Client
User interface
Application
Server
Business logic
Data processing logic
Database
Server
Server-side validation
Database access
77
Web as a Database
Platform
Advantages
DBMS advantages
E.g. transactions, concurrency, synchronisation, security, integrity
Simplicity
HTML is a simple markup language, however with new scripting languages
this simplicity is being lost
Platform independence
Web clients are mostly platform independent
Graphical User Interface

Users prefer a GUI to a text based application
Standardization
HTML is a de facto standard
Kyanganda S.
78
Advantages (cont).
Cross-platform support
Users on all types of computer can access a machine with a web browser
Transparent network access

Access solely by URL
Scalable deployment
Applications upgraded on server only
Innovation
Organisations can provide new services and reach new customers
Kyanganda S.
79
Web as a Database
Platform
Disadvantages
Reliability
Internet is a slow and unreliable communication medium
No guarantee of delivery
Security
Data accessible on web
User authentication and secure data transmissions are critical
Cost
A report from Forrester Research claims that maintaining a commercial web
site costs $200 to $3.4 million
Scalability
Unreliable and potentially very large peak loads
Needs highly scalable server architectures
Kyanganda S.
80
Disadvantages (cont.)
Limited HTML Functionality
Need to extend HTML with scripting languages
Adds a performance overhead
Statelessness
No concept of a database connection
Bandwidth
Internet is slow! 1.5mbps compared to 10-100mbps
Performance
Many scripting languages are interpreted languages
Immaturity of development tools

This is improving!
Kyanganda S.
81
Web Database
Approaches
Traditional web pages are normally static
To run queries, need to be able to produce
dynamic HTML pages
Kyanganda S.
82
Client Side vs.

Server Side
To access database and process information from the
database, need executable content
Acts as a gateway between the Web and the
database Server
This can run at either of two locations
Client Side
Server Side
Kyanganda S.
83
Web Database
Approaches
Approaches include:
CGI - Common Gateway Interface
HTTP Cookies - allows machine to store information,
e.g. user authentication
JavaScript - code which runs on client machine
PHP - Hypertext Preprocessor
Active Server Pages - MS Access dynamic forms
Kyanganda S.
84
Database Connectivity
Client Side, 2 approaches:
Extend the browser using scripts, or add-ons or applets,
e.g. plug-ins, JavaScript, ActiveX, Java applets
Link browser to other (external) applications, e.g. legacy systems
Server Side, 2 approaches:

Embed scripts within web page source, e.g. PHP, Java servlets
Create programs which are executed when accessed by client, e.g.
CGI
Kyanganda S.
85
Client Side
Advantages
Distribution of processing
Feedback speed
Web-page functionality
Disadvantages
Platform/environment dependent
Security and integrity
Download time
Programming limitations
Kyanganda S.
86
Server Side
Advantages
Platform/browser independent
Security and integrity
Download time
Programming limitations direct access to database
Disadvantages
Lack of debugging tools
Lack of direct control over user interface
Kyanganda S.
87
DECENTRALIZED DATABASE
stored on computers at multiple locations.
computers are not interconnected by a network.
users at the various sites cannot share data.
DISTRIBUTED DATABASE
Spread physically across computers in multiple locations that
are connected by a data communications link.
Kyanganda S.
88
Distribution Types
Geographical Distribution: Several databases run
under the control of different CPU's at a variety of
different locations.
Platform Distribution: Databases exist on diverse
hardware platforms, and are 'brought together' by
the distributed database manager.
Architectural Distribution: Different database
architectures exist together, e.g. an object-oriented
database communicating with a relational database
Kyanganda S.
89
Dates Rules
Distributed Database Requirements:
For a distributed database to be as such, a
fundamental principle must be adhered to:
To the user, a distributed database should look exactly like
a non-distributed system
Local Autonomy:
All operational controls and data maintenance are
controlled only by that site.
Kyanganda S.
90
Dates Rules
No Reliance On A Central Site:
This follows on from the first objective and is selfexplanatory
Continuous Operation:
A distributed approach leads to greater reliability
and availability. The database should still be able to
function, even if one of its sites is unavailable.
Kyanganda S.
91
Dates Rules
Distributed Transaction Management:
Transaction processing is the key to the successful
usage of distributed databases.
Must cater for two core aspects of transaction
management i.e. recovery control and
concurrency.
Location Independence
Otherwise known as Transparency.
Kyanganda S.
92
Dates Rules
Fragmentation Independence:
Horizontal Partitioning: different rows from the
same table are stored at different sites.
Vertical Partitioning: different columns from the
same table are maintained at different sites.
Replication Independence:
Replication occurs when a stored relation can be
represented by many distinct copies (replicas), stored at
many sites. As with fragmentation, users must not be aware
that the data is replicated.
Kyanganda S.
93
Dates Rules
Distributed Query Processing:
Queries may retrieve information from several
sites. Therefore distributed queries must be
optimised.
Kyanganda S.
94
Dates Rules
Hardware Independence:
Presenting a 'single-image' system to the end user

regardless of platform.
Operating System Independence:

Same as above, but based upon software.
Network Independence:
Support for a disparate variety of communication
networks.
DBMS Independence:
Achieving heterogeneity between different database

management systems via a common interface, i.e. The SQL
language.
Kyanganda S.
95
ADVANTAGES
Increased reliability and availability
Encourages local ownership of data
Modular growth
Lower communication costs
Faster response
Kyanganda S.
96
DISADVANTAGES
Software complexity and cost
Processing overhead
Data integrity
Slow response
Kyanganda S.
97
HOW SHOULD A DATABASE BE
DISTRIBUTED ?
Four basic strategies

1. Data replication
2. Horizontal partitioning
3. Vertical partitioning
4. Combinations of the above
Kyanganda S.
98
Data Replication
Separate copy of the database stored at the

different sites.
Preferred for systems where:
Most transactions are read only
Data is relatively static, for example timetables or
catalogues.
Kyanganda S.
99
Data Replication
Advantages
Advantages
Reliability - If one site fails another copy of the
data can be found at a second site.
Fast response - Each site has a full copy of the
data therefore queries can be processed locally.
Kyanganda S.
100
Distributed databases
Horizontal Partitioning:
The base table is split horizontally into several
different tables at different sites.
Selected rows from a table are put into tables at
different sites.
Kyanganda S.
101
Advantages
Efficiency - Data items are stored where they are
most often used away from other applications.
Optimisation - Data optimised for local use
Security - Only relevant data is available
Kyanganda S.
102
Disadvantages
Inconsistent access speed - When data from
several different partitions are required, access
speed can vary significantly.
Backup vulnerability
Kyanganda S.
103
Vertical PARTITIONING
Some of the columns in a table are projected into
a table at one of the sites and other columns are
projected into a table at another site.The same
advantages and disadvantages of horizontal
partitioning apply.
Kyanganda S.
104
Combinations
To complicate matters even further it is possible
to have a strategy which is a combination of all
the above. Some data stored centrally, some
distributed both horizontally and vertically. It
could be a real challenge (or a nightmare).
Kyanganda S.
105
DISTRIBUTED DBMS
Determine the location from which data is to be
retrieved.
Translate requests from different nodes.
Provide functions such as security, recovery,
concurrency and optimisation.
Kyanganda S.
106
DISTRIBUTED DBMS
IT SHOULD ALSO OFFER:
Location transparency
Replication transparency
Failure transparency
Concurrency transparency
Commit protocol
Kyanganda S.
107
Further Reading
Web Databases
Sections 29.1 to 29.3
Kyanganda S.
108

ICS 2415 ADBS Sess05 06 DBase Security Integrity and Recovery

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

ICS 2415 ADBS Sess05 06 DBase Security Integrity and Recovery

Загружено:

Авторское право:

Доступные форматы

Database Security, Integrity

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

SYSTEM, DATABASE, PROGRAM

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Defined as part of table definition

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

2. Withdraw 200 (800)

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Purpose of recovery manager is to enforce

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Database Update Procedures

Update Trans2 Update Trans3

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Sample Log File

(old value) (new value)

(old value) (new value)

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Rollback enables the updating to be

ICS 2415 Advanced Dbase Systems

Database Update Procedures

Update Trans2 Update Trans3

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Roll Forward Recovery

ICS 2415 Advanced Dbase Systems

Database Update Procedures

Update Trans2 Update Trans3

ICS 2415 Advanced Dbase Systems

Roll Forward Recovery

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Database Update Procedures

Update Trans2 Update Trans3

ICS 2415 Advanced Dbase Systems

Database Recovery Procedures

ICS 2415 Advanced Dbase Systems

ICS 2415 Advanced Dbase Systems

Integrity and Recovery