RDBMS A relational database is a database that conforms to relational model theory. The software used to manage relational database is called a relational database management system.
RELATION, TUPLE AND ATTRIBUTE A relation is defined as a set of tuples that have the same attributes. An attribute is a specification that defines a property of an object. Collection of related attributes in a relation is a tuple.
DATABASE Database contains one or more relations. A database is an organized collection of data, today typically in digital form. Databases are usually too expensive. Thus at any point in time most of their content resides in nonvolatile storage. Even if for operational reason very large portions of them reside in volatile storage.
The content resides in file which is non volatile which cannot be used for efficient retrieval and management. For efficient retrieval and management, databases may store data in many data structure such as B+ Trees, Hash Tables and Heaps.
NOT THE REAL VIEW This is a relation. This structure is not permanent. All the data are stored only in files, for user convenience a relation is created.
INTERNAL OF DB Linked lists form’s the basis for the internal design of database. The structure of the attributes differ from one to another to link all these we require Heterogeneous Linked Lists. Heterogeneous Linked List is a linked list data- structure that is capable of storing data of different structures. void pointer is basically used in these types of linked list as we are not sure of which type of data needs to be stored. Void pointer is capable of storing pointer to any type as it is a generic pointer type.
INVERTED FILE inverted index (inverted file) is an index data structure storing a mapping from content, such as words or numbers, to its locations in a database file, or in a document or a set of documents. The purpose of an inverted index is to allow fast searches, which is used in DBMS for query processing.
TYPES OF INVERTED FILESTwo types, Record level inverted index Word level inverted index
A SAMPLE DB DESIGN All the tables in a Attributes can be database are stored in dynamically included as files and it is loaded well as deleted. So the into memory for tuple cannot be a node efficient manipulation with multiple data. Each and retrieval. A relation attributes forms a node. contains the set of tuples of same attributes.
NODE STRUCTURE FOR A DATABASE Database Pointer to Pointer to Next Relation Name Database
NODE STRUCTURE FOR A ATTRIBUTE Pointer to Value next attribute
NODE STRUCTURE FOR A RELATION Pointer to No of Pointer to Pointer toTable next attributes in last attribute first attributeName relation a tuple of last tuple of first tuple
NODE STRUCTURE FOR ROW-ID Pointer to next Pointer to first Row-ID Row-ID attribute of the tuple
NODE STRUCTURE FOR A RELATION THATPOINTS TO ROW-ID Pointer to Pointer Pointer Table next to first to last Name relation Row-ID Row-ID
DATABASE SECURITY Database Security - protection from malicious attempts to steal (view) or modify data.
LEVELS OF DATA SECURITY Human level: Corrupt/careless User Network/User Interface Database application program Database system Operating System
COMMON SECURITY IN RDBMS Authentication User connects to the RDBMS Authorization User gets access to the database or database schema objects to perform certain actions, based on the set of privileges assigned to the user. Auditing For monitoring suspicious (and otherwise) activity.
IDENTIFICATION AND AUTHENTICATION The first line of defense is authentication. Before accessing RDBMS we must submit sufficient information validated either by RDBMS itself, or by the operating system within which this database is installed. Once the identity is authenticated, we may proceed with the attempt to access the database resources, objects, and data.
AUTHORIZATION AND ACCESS CONTROL Once the user is authenticated and granted access to the database, RDBMS employs a complex, finely grained system of privileges (permissions) for the particular database objects. These privileges include permission to access, modify, destroy, or execute relevant database objects, as well as add, modify, and delete data.
ENCRYPTION Encryption provides an additional security layer, protecting the data from unauthorized viewing. Even if access to the database is obtained, it will not be easy to decipher encrypted data into a human readable form.
PHYSICAL/OS SECURITY Physical level Traditional lock-and-key security Solution Remote backup for disaster recovery Operating system level Protection from virus/worm attacks critical
SECURITY (CONT.) Network level: must use encryption to prevent Eavesdropping: unauthorized reading of messages Masquerading: pretending to be an authorized user or legitimate site, or sending messages supposedly from authorized users
NETWORK SECURITY All information must be encrypted to prevent eavesdropping Public/private key encryption widely used Handled by secure http - https:// Must prevent person-in-the-middle attacks Encrypting messages alone doesn’t solve this problem More on this in next slide
INJECTION ATTACKSAttacks targeting the databaseservers through malicious SQLqueries is collectively known asinjection attacks