1. DATABASE CONTROLS Chapter 14

2. Access Controls Discretionary Access Controls Discretionary Access Controls Types of Restrictions : 1. Name-dependent restrictions 2. Content-dependent restrictions 3. Context-dependent restrictions 4. History-dependent restrictions

3. Horizontial propagation of privileges limited to three users : User A User FUser E User D User CUser B User A User FUser E User D User CUser B Vertical propagation of privileges limited to three users : privileges

4. Mandatory Access Controls Mandatory Access Controls - Classification level - Clearance level - Polyinstantiation Approach Some Implementation Issues Some Implementation Issues

5. Integrity Controls Entity-Relationship Model Integrity Constraints Entity-Relationship Model Integrity Constraints 1. Uniqueness 2. Maximum cardinality 3. Minimum cardinality 4. Entity identifier 5. Value type of identifier 6. Value set of identifier

6. Relational Data Model Integrity Constraints Relational Data Model Integrity Constraints 1. Key 2. Entity 3. Referential Object Data Model Integrity Constraints Object Data Model Integrity Constraints 1. Unique identifier 2. Unique key 3. Value type of attribute 4. Value set of attribute 5. Types and inheritance

7. Application Software Controls Update protocols : Sequence check transaction and master files Sequence check transaction and master files Ensure all records on files are processed Ensure all records on files are processed Process multiple transactions for a single record in the correct order Process multiple transactions for a single record in the correct order Maintain a suspense account Maintain a suspense account

8. Report Protocols : Print control data for internal tables Print control data for internal tables Print run-to-run control totals Print run-to-run control totals Print suspense account entries Print suspense account entries

9. Concurrency Controls Nature of the shared data resource problem Nature of the shared data resource problem The problem of Deadlock : The problem of Deadlock : 1. Lockout 2. Concurrency 3. Additional request 4. No preemption 5. Circular wait

10. Solutions to Deadlock Solutions to Deadlock Preventing Deadlock Preventing Deadlock 1. Atomicity 2. Consistency 3. Isolation 4. Durability Distributed Database Concurrency Controls Distributed Database Concurrency Controls 1. Schedulers are replicated and stored with each version of the data item. 2. One version of the data item and its associated scheduler is designated as the primary copy.

11. Cryptographic controls File Key File Key Secondary Key Secondary Key Master Key Master Key Access to the key Access to the key Several disadvantages arise

12. File Handling Controls Internal data item : Internal data item : 1. Internal label 2. Generation Number 3. Retention date 4. Control totals Several hardware controls Several hardware controls

13. Audit Trail Controls Accounting Audit Trail : Accounting Audit Trail : 1. It must attach a unique time stamp to all transaction applied against the database. 2. The database subsystem must attach beforeimages and afterimages. 3. The database subsystem must provide facilities to define, create, modify, delete, and retrive data in the audit trail. Operations Audit Trail. Operations Audit Trail.