Presentation is loading. Please wait.

Presentation is loading. Please wait.

Temple University – CIS Dept. CIS616– Principles of Data Management V. Megalooikonomou Integrity Constraints (based on notes by Silberchatz,Korth, and.

Published byCameron Dixon Modified over 9 years ago

Similar presentations

Presentation on theme: "Temple University – CIS Dept. CIS616– Principles of Data Management V. Megalooikonomou Integrity Constraints (based on notes by Silberchatz,Korth, and."— Presentation transcript:

1 Temple University – CIS Dept. CIS616– Principles of Data Management V. Megalooikonomou Integrity Constraints (based on notes by Silberchatz,Korth, and Sudarshan and notes by C. Faloutsos at CMU)

2 General Overview Formal query languages rel algebra and calculi Commercial query languages SQL QBE, (QUEL) Integrity constraints Functional Dependencies Normalization - ‘good’ DB design

3 Constraints: Integrity constraints in the E-R Model: Key cardinalities of a Relationship

4 Overview Domain constraints; Referential Integrity constraints Assertions and Triggers Functional dependencies

5 Domain Constraints Domain Types, e.g., SQL Fixed Length characters Int; float; (date) null values e.g., create table student( ssn char(9) not null,...)

6 Referential Integrity constraints ‘foreign keys’ – e.g.: create table takes( ssn char(9) not null, c-id char(5) not null, grade integer, primary key(ssn, c-id), foreign key ssn references student, foreign key c-id references class)

7 Referential Integrity constraints … foreign key ssn references student, foreign key c-id references class) Effect: expects that ssn exists in ‘student’ table blocks ops that violate that - how?? insertion? deletion/update?

8 Referential Integrity constraints … foreign key ssn references student on delete cascade on update cascade,...  eliminate all student enrollments other options (set to null, to default etc)

9 Weapons for Integrity Constraints: assertions create assertion check High overhead of testing and maintaining assertions triggers (~ assertions with ‘teeth’) on operation, if condition, then action The system executes it automatically as a side effect of a modification to the DB

10 Assertions - example The sum of all loan amounts for each branch must be less than the sum of all account balances at the branch create assertion sum-constraint check (not exists (select * from branch where (select sum(amount) from loan where loan.branch-name = branch.branch-name) >= (select sum(amount) from account where loan.branch-name = branch.branch-name)))

11 Triggers - example define trigger zerograde on update takes (if new takes.grade < 0 then takes.grade = 0)

12 Triggers - discussion more complicated: “managers have higher salaries than their subordinates” - a trigger can automatically boost mgrs salaries triggers: tricky (infinite loops…)

13 Triggers –when not to use Triggers were used earlier for: maintaining summary data (e.g. total salary of each department) replicating databases by recording changes to special relations (called change or delta relations) and having a separate process that applies the changes over to a replica There are better ways of doing these now: materialized view facilities to maintain summary data built-in support for replication encapsulation facilities are used instead of triggers (i.e., define methods to update fields and carry out actions as part of the update methods instead of through a trigger)

14 Overview Domain; Ref. Integrity constraints Assertions and Triggers Security Functional dependencies why definition Armstrong’s “axioms” closure and cover

15 Security protection from malicious attempts to steal or modify data Database system level Authentication and authorization mechanisms: allow specific users access only to required data We focus on authorization Operating system level Network level Physical level Human level

16 Authorization Forms of authorization on parts of the database: Read authorization - reading, but not modification Insert authorization - insertion of new data, but not modification of existing data Update authorization - modification, but not deletion of data Delete authorization - deletion of data

17 Authorization (Cont.) Forms of authorization to modify the database schema: Index authorization – creation, deletion of indices Resources authorization - creation of new relations Alteration authorization - addition or deletion of attributes in a relation Drop authorization - deletion of relations

18 Authorization and Views Users can be given authorization on views instead of authorization on the relations Ability of views to hide data enhances security A combination or relational-level security and view-level security Creation of view does not require resources authorization since no real relation is being created

19 Granting of Privileges Authorization graph: represents the passage of authorization from one user to another nodes  users root  database administrator Consider a graph for update authorization on loan An edge U i  U j indicates that user U i has granted update authorization on loan to U j. U1U1 U4U4 U2U2 U5U5 U3U3 DBA

20 Authorization Grant Graph Requirement: All edges in an authorization graph must be part of some path originating with the DBA If DBA revokes grant from U 1 : Grant must be revoked from U 4 since U 1 no longer has authorization Grant must not be revoked from U 5 since U 5 has another authorization path from DBA through U 2 Must prevent cycles of grants with no path from the root: DBA grants authorization to U 7 U 7 grants authorization to U 8 U 8 grants authorization to U 7 DBA revokes authorization from U 7 Must revoke grant U 7 to U 8 and from U 8 to U 7 since there is no path from DBA to U 7 or to U 8 anymore

21 Security Specification in SQL The grant statement is used to confer authorization grant on to is: a user-id public, which allows all valid users the privilege granted a role (… more later) Granting a privilege on a view does not imply granting any privileges on the underlying relations The grantor of the privilege must already hold the privilege on the specified item

22 Privileges in SQL select: allows read access to relation, or the ability to query using the view E.g.: grant users U 1, U 2, and U 3 select authorization on the branch relation: grant select on branch to U 1, U 2, U 3 insert: ability to insert tuples update: ability to update using the SQL update statement delete: ability to delete tuples references: ability to declare foreign keys when creating relations all privileges: used as a short form for all the allowable privileges

23 Privilege To Grant Privileges with grant option: allows a user who is granted a privilege to pass the privilege on to other users e.g.: grant select on branch to U 1 with grant option gives U 1 the select privileges on branch and allows U 1 to grant this privilege to others

24 Roles Permit common priviledges for a class of users can be specified just once by creating a corresponding “role” Privileges can be granted to or revoked from roles, just like user Roles can be assigned to users, and even to other roles SQL:1999 supports roles create role teller create role manager grant select on branch to teller grant update (balance) on account to teller grant all privileges on account to manager grant teller to manager grant teller to alice, bob grant manager to avi

25 Revoking Authorization in SQL The revoke statement is used to revoke authorization revoke on from [restrict|cascade] e.g.: revoke select on branch from U 1, U 2, U 3 cascade Revocation of a privilege from a user may cause other users also to lose that privilege; referred to as cascading of the revoke We can prevent cascading by specifying restrict: revoke select on branch from U 1, U 2, U 3 restrict With restrict, the revoke command fails if cascading revokes are required

26 Revoking Authorization in SQL (Cont.) may be all to revoke all privileges the revokee may hold If includes public all users lose the privilege except those granted it explicitly If the same privilege was granted twice to the same user by different grantees, the user may retain the privilege after the revocation All privileges that depend on the privilege being revoked are also revoked

27 Limitations of SQL Authorization SQL does not support authorization at a tuple level E.g., to restrict students to see only (the tuples storing) their own grades All end-users of an application (such as a web application) may be mapped to a single database user In above cases, the task of authorization falls on the application program, with no support from SQL Authorization done in application code, and may be dispersed all over an application Checking for absence of authorization loopholes becomes very difficult

28 Encryption Data may be encrypted for additional protection Properties of good encryption technique: Relatively simple to encrypt and decrypt data Encryption scheme depends not on the secrecy of the algorithm but on the secrecy of a parameter of the algorithm, called the encryption key Extremely difficult for an intruder to determine the encryption key

29 Encryption (Cont.) Data Encryption Standard (DES) substitutes characters and rearranges their order on the basis of an encryption key Key is provided to authorized users via a secure mechanism Scheme is no more secure than the key transmission mechanism since the key has to be shared Advanced Encryption Standard (AES) is a new standard replacing DES based on the Rijndael algorithm (also dependent on shared secret keys)

30 Encryption (Cont.) Public-key encryption - based on each user having two keys: public key – publicly published key used to encrypt data, but cannot be used to decrypt data private key – key known only to individual users, and used to decrypt data. Need not be transmitted to the site doing encryption. Encryption scheme is such that it is impossible or extremely hard to decrypt data given only the public key The RSA public-key encryption scheme is based on the hardness of factoring a very large number (100's of digits) into its prime components

31 Authentication Password based authentication is widely used, but is susceptible to sniffing on a network Challenge-response systems avoid transmission of passwords DB sends a (randomly generated) challenge string to user User encrypts string and returns result. DB verifies identity by decrypting result Can use public-key encryption system by DB sending a message encrypted using user’s public key, and user decrypting and sending the message back Digital signatures are used to verify authenticity of data E.g. use private key (in reverse) to encrypt data, and anyone can verify authenticity by using public key (in reverse) to decrypt data. Only holder of private key could have created the encrypted data. Digital signatures also help ensure nonrepudiation: sender cannot later claim to have not created the data

Download ppt "Temple University – CIS Dept. CIS616– Principles of Data Management V. Megalooikonomou Integrity Constraints (based on notes by Silberchatz,Korth, and."

Similar presentations

Chapter 6: Integrity and Security

Chapter 6: Integrity and Security
Chapter 6: Integrity and Security  Domain Constraints  Referential Integrity  Assertions  Triggers  Security  Authorization  Authorization in SQL.

Chapter 6: Integrity and Security  Domain Constraints  Referential Integrity  Assertions  Triggers  Security  Authorization  Authorization in SQL.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Relational Database. Relational database: a set of relations Relation: made up of 2 parts: − Schema : specifies the name of relations, plus name and type.

Relational Database. Relational database: a set of relations Relation: made up of 2 parts: − Schema : specifies the name of relations, plus name and type.
Database Management Systems, R. Ramakrishnan and J. Gehrke1 The Relational Model Chapter 3.

Database Management Systems, R. Ramakrishnan and J. Gehrke1 The Relational Model Chapter 3.
Carnegie Mellon Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications C. Faloutsos Integrity Constraints.

Carnegie Mellon Carnegie Mellon Univ. Dept. of Computer Science Database Applications C. Faloutsos Integrity Constraints.
SQL Lecture 10 Inst: Haya Sammaneh. Example Instance of Students Relation  Cardinality = 3, degree = 5, all rows distinct.

SQL Lecture 10 Inst: Haya Sammaneh. Example Instance of Students Relation  Cardinality = 3, degree = 5, all rows distinct.
©Silberschatz, Korth and Sudarshan6.1Database System Concepts Chapter 6: Integrity (and Security) Domain Constraints Referential Integrity Assertions Triggers.

©Silberschatz, Korth and Sudarshan6.1Database System Concepts Chapter 6: Integrity (and Security) Domain Constraints Referential Integrity Assertions Triggers.
Dr. Kalpakis CMSC 461, Database Management Systems URL: Integrity and Security.

Dr. Kalpakis CMSC 461, Database Management Systems URL: Integrity and Security.
Ch4 Database Security. Security  Security - protection from malicious attempts to steal or modify data.  Database system level Authentication and authorization.

Ch4 Database Security. Security  Security - protection from malicious attempts to steal or modify data.  Database system level Authentication and authorization.
©Silberschatz, Korth and Sudarshan6.1Database System ConceptsTriggers A trigger is a statement that is executed automatically by the system as a side effect.

©Silberschatz, Korth and Sudarshan6.1Database System ConceptsTriggers A trigger is a statement that is executed automatically by the system as a side effect.
Triggers A trigger is a statement that is executed automatically by the system as a side effect of a modification to the database. To design a trigger.

Triggers A trigger is a statement that is executed automatically by the system as a side effect of a modification to the database. To design a trigger.
1.1R. Meersman --Adapted from: Database System Concepts --Silberschatz, Korth, Sudarshan Chapter 6: Integrity and Security Domain Constraints Referential.

1.1R. Meersman --Adapted from: Database System Concepts --Silberschatz, Korth, Sudarshan Chapter 6: Integrity and Security Domain Constraints Referential.
CMPT 354, Simon Fraser University, Fall 2008, Martin Ester 28 Database Systems I The Relational Data Model.

CMPT 354, Simon Fraser University, Fall 2008, Martin Ester 28 Database Systems I The Relational Data Model.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
CMU SCS Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications C. Faloutsos Lecture#7 (cont’d): Rel. model - SQL part3.

CMU SCS Carnegie Mellon Univ. Dept. of Computer Science Database Applications C. Faloutsos Lecture#7 (cont’d): Rel. model - SQL part3.
©Silberschatz, Korth and Sudarshan6.1Database System Concepts Chapter 6: Integrity and Security Domain Constraints Referential Integrity Assertions Triggers.

©Silberschatz, Korth and Sudarshan6.1Database System Concepts Chapter 6: Integrity and Security Domain Constraints Referential Integrity Assertions Triggers.
SPRING 2004CENG 3521 The Relational Model Chapter 3.

SPRING 2004CENG 3521 The Relational Model Chapter 3.
Temple University – CIS Dept. CIS331– Principles of Database Systems V. Megalooikonomou Query by example (based on notes by Silberchatz,Korth, and Sudarshan.

Temple University – CIS Dept. CIS331– Principles of Database Systems V. Megalooikonomou Query by example (based on notes by Silberchatz,Korth, and Sudarshan.
1 Relational Model. 2 Relational Database: Definitions  Relational database: a set of relations  Relation: made up of 2 parts: – Instance : a table,

1 Relational Model. 2 Relational Database: Definitions  Relational database: a set of relations  Relation: made up of 2 parts: – Instance : a table,

Similar presentations

Ads by Google