Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx

Contents
1. Statement of Work (SOW) 3
1.1. OVERIVEW 3
1.2 Objectives of BANKONDJI database project 3
1.3 Scope of the Project 4
1.4 Database Goals, Expectations, and Deliverables5
1.5 Database Benefits 5
1.6 Hardware and Software Tools 5
1.7 SQL Usage and Style Guide 5
2.1 Business Rules. 6
2.2 Entity and Attribute Description 7
2.3 Relationship and Cardinality Description 10
2.4 Assumptions and Special Considerations 10
2.5 Entity Relationship Diagram 11
3) DDL-DML scripts 11
4) DDL-DML scripts output 22
5) Database Security 54
5.1) Security Plan 54
5.2) Security Policies 54
5.3) Security Procedures 55
5.3.1) Users and roles definition. 55
5.4) Security_Procedures_Script 56
5.5) Security_Procedures_Script_output 62
5.5) Verification of Security Implementation 71
Conclusion 79
1. Statement of Work (SOW)1.1. OVERIVEW
Relational databases are the foundations of the majority of
information systems and represent one of the most pervasive
technologies today. As a database consultant with SoftyWay Inc

(US based company), I have been assigned to develop a
database for the BANKONDJI video store which is a small
video store located in Douala, Cameroon. BANKONDJI has
been keeping records of videos and DVDs purchased from
distributors and rented to customers in stacks of invoices and
piles of rental forms for years. They have finally decided to
automate their record keeping with a relational database. This
database will allow BANKONDJI store to automatically manage
all customers’ and distributors’ transactions so as to have the
related timely reports.1.2 Objectives of BANKONDJI database
project
The number of customers as well as suppliers of BANKONDJI
store has tremendously grown and the actual manual
management of information system is very tedious.
Requirements for this project have been gathered as follow:
A video and a DVD are both copies of a movie that is rented
out. Several copies of each movie are rented. Therefore there
are several videos and DVDs for each movie title. In
BANKONDJI’s store inventory there are several thousand
videos and DVDs purchased from distributors. The video and
DVD prices are based on the quantity of their shipment and the
past business they have done with each company. The price of a
DVD for a movie might be different than the price of a video
for the same movie, even from the same distributor. Each
distributor provides different types of movies. A single
distributor may provide several different types of movies in
both video and DVD format. It is possible to obtain the same
movie from multiple distributors, and at different wholesale
prices. In addition to the distributor's serial number for the
item, each video and DVD has a unique identification number
that BANKONDJI staff assign in their inventory. Distributors
provide electronic catalogs to BANKONDJI and the information
from these catalogs must be included in the database.
Having all these requirements in mind, the objective of our
database is to allow BANKONDJI staff to keep track of all
rented/returned Video/DVD, all customers’ charges such as late

and damaged fees, failure to rewind fees, and taxes. They will
be able to get a report of which videos are returned late because
there are standard and late charges. Customers usually want to
rent movies based on actors or actresses, running length, type of
movie, rating, year released. Customers also want to know how
many videos they have rented in the last month, year, and so
forth. The database will allow BANKONDJI staff to supply this
information to their customers. The database will also
allow BANKONDJI staff to record only basic information on
customers in their database, such as name, address, telephone
numbers, etc. There must be no limit to the number of video
and/or DVD copies of a movie that BDNKONDJI can have in
their inventory. Video/DVD ID numbers, movie ID numbers,
and distributor ID numbers for videos, DVDs, and movies are
all different.
For the successful completion of our Database design and
implementation, we will start by submitting the Statement of
Work to BANKONDJI Management no letter 02/25/2018. Once
SOW gets approval from BANKONDJI Management, we will
create requirement definition document for our database project
and then use Entity Relationship assistant to create Entity
Relationship Diagram for our database no letter than
03/11/2018. After completing this phase, the next step will
consist of uing SQL DDL statements to create
tables/views/triggers and other required database objects for our
database. Also, queries (select statements on database
catalog/data dictionary such as user_objects and user_tables)
will be used to demonstrate all objects are created successfully.
This phase is meant to be completed by 04/01/2018. Once all
objects will have been created in the database, we will use SQL
INSERT statements (DML) to populate each table with sample
data. Then develop SQL SELECT statements to query various
tables. This phase will be completed by 04/15/2018. 1.3 Scope
of the Project
Upon completion of our project, we will have achieved the
following tasks which are within the scope of our project :

· Evalaution of the current BANKONDJI information system
management ;
· Requirements for the design of the new BANKONDJI
Information system ;
· Creation of the ERD for BANKONDJI database ;
· Creation of all BANKONDJI databse objects as defined in the
DRD
· Population of BANKONDJI database with sample data.
The following task is outside the scope of our project and will
not be done :
· Population of BANKONDJI database will old data contained
in the paper form. 1.4 Database Goals, Expectations, and
Deliverables
The design and implémentation of the BANKONDJI database
will be of tremendous help to the BANKONDJI staff as it will
allow them to be more productive. In fact, answer to customers’
queries will be done in a timely maner as they won’t have to
conduct their searches in archived forms so as to respond to
their customers. 1.5 Database Benefits
The goal of desiging and implementing BANKONDJI database
is to allow the store to automaticallly manage its transactions
and to provide timely responses to customers’ queries. The
database will also be usefull in tracking best movies rented out
so as to forcast on which type of movies to invest more. 1.6
Hardware and Software Tools
· Diagram Tool:
ER Assistant will be used to design the ERD of BANKONDJI
database
· Database:
Oracle 12c, using Virtual Desktop Application will be used in
our project
· Hardware and Software:
UMUC (VDA) Intel(R) Xeon ® . Operating System is Linux
will be used to design our project1.7 SQL Usage and Style
Guide
SQL (Structure Query Language) will be used for the DDL and

DML. For my DDL scripts, I will use SQL to translate
information captured in my ER diagram (created in ER
Assistant) into database table creation scripts. For my DML
scripts, I will use SQL to insert rows of data into my database
tables.
2.Requirements Definition For BANKONDJI Video Store
Database 2.1 Business Rules.
According to DRAKE Hay (Modeling Business Rules, January 1
2004), a business rule could be thought of as Term, Fact,
Derivation and Constraint that govern business in a company.
Term is the application of a single definition to a word or
phrase. Fact is the attribution of something to describe a thing.
Derivation is an attribute that is derived from other attributes or
system variables. Constraint is a condition that determines what
values an attribute or relationship can or must have. As stated in
the Statement of Work of my project, BANKONDJI store is a
company that rents movies to customers. The major business
rules of BANKONDJI store are outlined as follows:
1. A video and a DVD are both copies of a movie that is rented
out. Several copies of each movie are rented. Therefore there
are several videos and DVDs for each movie title.
1. In BANKONDJI’s store inventory there are several thousand
videos and DVDs purchased from distributors.
1. The video and DVD prices are based on the quantity of their
shipment and the past business they have done with each
company. The price of a DVD for a movie might be different
than the price of a video for the same movie, even from the
same distributor
1. Each distributor provides different types of movies. A single
distributor may provide several different types of movies in
both video and DVD format
1. It is possible to obtain the same movie from multiple
distributors, and at different wholesale prices
1. In addition to the distributor's serial number for the item,

each video and DVD has a unique identification number that
BANKONDJI staff assign in their inventory.
1. Distributors provide electronic catalogs to BANKONDJI and
the information from these catalogs must be included in the
database.
1. BANKONDJI staff to keep track of all rented/returned
Video/DVD, all customers’ charges such as late and damaged
fees, failure to rewind fees, and taxes.
1. Customers usually want to rent movies based on actors or
actresses, running length, type of movie, rating, year released.
2.2 Entity and Attribute Description
Based on business rules and requirements, following entities
have been identified for our database:
Entity name: MOVIE
Entity Description: This entity stores all the information related
to Movies that are available in BANKONDJI Store.
Movie has following attributes:
-Main attribute: MovieID (Primary key)
Attribute description: Unique id of the movie that is available in
the store.
-Attribute name: MovieTitle
Attribute description : Title of the movie.
- Attribute name: Duration
Attribute description : Length of the movie.
-Attribute name: Rating
Attribute description: Rating of the movie.
- Attribute name: YearReleased
Attribute description : Year in which movie is released.
Entity name: CUSTOMER
Entity Description: this entity stores information related to the
customer of that store.
CUSTOMER has following attributes:
-Main attribute: CustomerID (Primary key)
Attribute description: Unique id of the customer that is using
our services.

-Attribute name: LastName
Attribute description: Name of the customer.
-Attribute name: FirstName
Attribute description: First Name of the customer
-Attribute name: StreetAddress
Attribute description: Street Address of the customer
-Attribute name: ZipCode
Attribute description: Zip Code of the customer.
-Attribute name: PhoneNumber
Attribute description: Phone number of the customer.
Entity name: DISTRIBUTOR
Entity Description: This entity stores distributor details.
Distributor entity has following attributes:
-Main attribute: DistributorID (Primary Key)
Attribute description: Unique id of the distributor.
-Attribute name: LastName
Attribute description: Name of the distributor.
-Attribute name: FirstName
Attribute description: First Name of the distributor
-Attribute name: StreetAddress
Attribute description: Street Address of the distributor
-Attribute name: ZipCode
Attribute description: Zip Code of the distributor.
-Attribute name: PhoneNumber
Attribute description: Phone number of the distributor.
Entity name: DVD_VIDEO
Entity Description: This entity stores list of all movies format
available.
DVD_VIDEO entity has following attributes:
-Main attribute: DVDVideoID (Primary key)
Attribute description: Unique identification number of video or
DVD
-Attribute name: MovieFormat
Attribute description: Format of the movie i.e DVD or Video

-Attribute name: Price
Attribute description: Price of that video or DVD
-Attribute name: MovieID (Foreign key. Refers to MOVIE
table)
Attribute description: Movie contained in that video or DVD.
-Attribute name: DistributorID (Foreign key. Refer to
DISTRIBUTOR table)
Attribute description: Distributor of that video or DVD
Entity name: RENTAL
Entity Description: This entity stores all movies that are rented
out.
RENTAL entity has following attributes:
-Main attribute: RentID (Primary key)
Attribute description: Unique identification number of video or
DVD
-Attribute name: CheckOutDate
Attribute description: Date on which movie is rented out
-Attribute name: CheckInDate
Attribute description: Date in which that movie is returned.
-Attribute name: LateFee
Attribute description: Fee if movie is not returned on time.
-Attribute name: DamageFee
Attribute description: Fee if movie is damaged
-Attribute name: Taxes
Attribute description: Taxes applicable.
-Attribute name: CustomerID
Attribute description: Customer that rented out.
-Attribute name: DVDVideoID
Attribute description: DVD or video that is rented out.
2.3 Relationship and Cardinality Description
Based on business rules and requirements, the following

relationships have been identified between the entities:
· CUSTOMER rents movies.
Cardinality/Business rule: each RENTAL includes a
CUSTOMER. Each CUSTOMER may be involved in one or
more RENTALS.
· DVD or Videos are rented out.
Cardinality/Business rule: Each RENTAL includes a video or a
DVD. Each VIDEO may be involved in one or more RENTALS
· MOVIE is contained in a DVD or Video
Cardinality/Business rule: each MOVIE can have one or more
video or a DVD. Each VIDEO is related with one MOVIE.
· DISTRIBUTOR distributes DVDVideo
Cardinality/Business rule: Each DISTRIBUTOR can distribute
one or many DVD/Video. Each DVD/Video can be distributed
by only on DISTRIBUTOR
2.4 Assumptions and Special Considerations.
Our project requires having a minimum of 5 attributes for each
entity. All entities except DVD_VIDEO entity identified in
section 2 above have 5 attributes. DVD_VIDEO has 5 attributes
among which 2 attributes are referenced in Movie and
Distributor tables. Accordingly, this is a join table and cannot
meet the five-attribute minimum requirement.
2.5 Entity Relationship Diagram
3) DDL-DML scripts
Below is the DDL-DML script to create the Bankondji database
rem Connect to the datbase as sysdba and create the database
admisnitorator user
rem sqlplus sys/[email protected]:1521/orcl as sysdba
SPOOL DBST668_PROJECT_DDL_DML.log;
set echo on;
set serveroutput on;
set linesize 200;
set pagesize 150;
rem create user DBA responsible to create all objects and
manage BANKONDJI database

rem drop user DRAKE_XXX68
drop user DRAKE_XXX68 cascade;
create user DRAKE_XXX68 IDENTIFIED by XXXha_dav1968;
grant RESOURCE TO DRAKE_XXX68;
grant CREATE SESSION TO DRAKE1_XXX68;
grant CONNECT TO DRAKE_XXX68;
grant DBA to DRAKE_XXX68;
GRANT UNLIMITED TABLESPACE TO DRAKE_XXX68;
rem connect as DRAKE_XXX68 to create object of the
Bnakondji database.
connect DRAKE_XXX68/XXXha_dav1968 @orcl
/* Begin PART1: DDL SCRIPT */
--1.Drop Statements for All Objects as needed
/* Start Drop tables triggers and sequences */
/* Start Drop Tables */
DROP TABLE MOVIE CASCADE CONSTRAINTS;
DROP TABLE CUSTOMER CASCADE CONSTRAINTS;
DROP TABLE DISTRIBUTOR CASCADE CONSTRAINTS;
DROP TABLE DVD_VIDEO CASCADE CONSTRAINTS;
DROP TABLE RENTAL CASCADE CONSTRAINTS;
/* End drop Tables */
/* Start drop Sequences */
DROP SEQUENCE SEQ_MovieID;
DROP SEQUENCE SEQ_CustomerID;
DROP SEQUENCE SEQ_DistributorID;
DROP SEQUENCE SEQ_DVDVideoID;
DROP SEQUENCE SEQ_RentID;
/* End drop sequences */
/* Start drop Triggers */
--DROP TRIGGER MOVIE_TRG;
--DROP TRIGGER CUSTOMER_TRG;
--DROP TRIGGER DISTRIBUTOR_TRG;
--DROP TRIGGER DVDVIDEO_TRG;
--DROP TRIGGER RENTAL_TRG;

/* End drop triggers */
/* End drop tables sequences and triggers */
--2.Create/Alter Statements for All Tables and Constraints
/* Create Tables */
CREATE TABLE MOVIE (
MovieID NUMBER(10) PRIMARY KEY,
MovieTitle VARCHAR(40),
Duration NUMBER(2),
Rating NUMBER(3),
YearReleased NUMBER(4)
);
describe MOVIE;
CREATE TABLE CUSTOMER (
CustomerID NUMBER(10) PRIMARY KEY,
FirstName VARCHAR(25),
LastName VARCHAR(25),
StreetAddress VARCHAR(100),
PhoneNo VARCHAR(15),
ZipCode VARCHAR(5)
);
describe CUSTOMER
CREATE TABLE DISTRIBUTOR (
DistributorID NUMBER(10) PRIMARY KEY,
FirstName VARCHAR(25),
LastName VARCHAR(25),
StreetAddress VARCHAR(100),
PhoneNo VARCHAR(15),
ZipCode VARCHAR(5)
);
describe DISTRIBUTOR;
CREATE TABLE DVD_VIDEO (
DVDVideoID NUMBER(10) PRIMARY KEY,
MovieFormat VARCHAR(12),
Price NUMBER(8),
MovieID NUMBER(10),

DistributorID NUMBER(10),
CONSTRAINT MovieID_FK1 FOREIGN KEY (MovieID)
REFERENCES MOVIE (MovieID),
CONSTRAINT DistributorID_FK2 FOREIGN KEY
(DistributorID) REFERENCES DISTRIBUTOR
(DistributorID));
describe DVD_VIDEO;
CREATE TABLE RENTAL (
RentID NUMBER(10) PRIMARY KEY,
CheckOutDate Date DEFAULT SYSDATE,
CheckInDate Date DEFAULT SYSDATE,
LateFee NUMBER(8),
DamageFee NUMBER(8),
Taxes NUMBER(8),
CustomerID NUMBER(10),
DVDVideoID NUMBER(10),
CONSTRAINT CustomerID_FK1 FOREIGN KEY (CustomerID)
REFERENCES CUSTOMER (CustomerID),
CONSTRAINT DVDVideoID_FK2 FOREIGN KEY
(DVDVideoID) REFERENCES DVD_VIDEO (DVDVideoID));
describe RENTAL;
--3. Create Sequences
/* Create Sequences */
CREATE SEQUENCE SEQ_MovieID
start with 100
increment by 1;
CREATE SEQUENCE SEQ_CustomerID
start with 200
increment by 1;
CREATE SEQUENCE SEQ_DistributorID
start with 300
increment by 1;
CREATE SEQUENCE SEQ_DVDVideoID
start with 400
increment by 1;
CREATE SEQUENCE SEQ_RentID

start with 500
increment by 1;
--6. Add Auditing Columns to All Tables
/* Add audit columns to tables */
--Add Audit column on MOVIE table
ALTER TABLE MOVIE ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--Add Audit column to CUSTOMER table
ALTER TABLE CUSTOMER ADD
DATE_CREATED DATE,
DATE_MODIFIED DATE
);
--Add Audit column to DISTRIBUTOR table
ALTER TABLE DISTRIBUTOR ADD
DATE_CREATED DATE,
DATE_MODIFIED DATE
);
--Add Audit column to DVD_VIDEO table
ALTER TABLE DVD_VIDEO ADD
DATE_CREATED DATE,
DATE_MODIFIED DATE
);
--Add Audit column to RENTAL table

ALTER TABLE RENTAL ADD
DATE_CREATED DATE,
DATE_MODIFIED DATE
);
--7.Create Triggers on surrogate keys of the five tables
/* Start Create triggers */
--MOVIE Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER MOVIE_TRG
BEFORE INSERT OR UPDATE ON MOVIE
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.MovieID IS NULL THEN
:NEW.MovieID := SEQ_MOVIEID.NEXTVAL;
END IF;
IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY :=USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
END IF;
END;
/

--CUSTOMER Table
appropriate values
CREATE OR REPLACE TRIGGER CUSTOMER_TRG
BEFORE INSERT OR UPDATE ON CUSTOMER
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.CustomerID IS NULL THEN
:NEW.CustomerID := SEQ_CustomerID.NEXTVAL;
END IF;
IF INSERTING THEN
END IF;
END IF;
END;
/
--DSITRIBUTOR Table
appropriate values
CREATE OR REPLACE TRIGGER DISTRIBUTOR_TRG
BEFORE INSERT OR UPDATE ON DISTRIBUTOR
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.DistributorID IS NULL THEN
:NEW.DistributorID := SEQ_DistributorID.NEXTVAL;
END IF;

IF INSERTING THEN
:NEW.CREATED_BY := USER; END IF;
END IF;
END IF;
END;
/
--DVD_VIDEO Table
appropriate values
CREATE OR REPLACE TRIGGER DVDVIDEO_TRG
BEFORE INSERT OR UPDATE ON DVD_VIDEO
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.DVDVideoID IS NULL THEN
:NEW.DVDVideoID := SEQ_DVDVideoID.NEXTVAL;
END IF;
IF INSERTING THEN
END IF;

END IF;
END;
/
--RENTAL Table
appropriate values
CREATE OR REPLACE TRIGGER RENTAL_TRG
BEFORE INSERT OR UPDATE ON RENTAL
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.RentID IS NULL THEN
:NEW.RentID := SEQ_RentID.NEXTVAL;
END IF;
IF INSERTING THEN
END IF;
END IF;
END;
/
/* End Create triggers */
/* End PART1: DDL SCRIPT */
/* Begin Part2: DML SCRIPT */
/* Start Insert data into tables */
/* Start Insert DATA Into MOVIE Table */

INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Terikassam',2,70,1970);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Cinq Pour
Lenfer',3,80,2010);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Le Proces',2,90,1980);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'La Companie
Creole',4,50,2003);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Grand
Canion',3,80,1978);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'BaoBali',1,90,1983);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Titanic',3,95,1968);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Ready Player
One',4,50,2004);

INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Black
Panther',3,60,2012);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Khushi',2,85,1965);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Idiots',4,75,1992);
INSERT INTO MOVIE
VALUES (SEQ_MOVIEID.NEXTVAL,'Trois Idiots',3,78,2002);
/* End Insert DATA Into MOVIE TABLE */
select * from movie;
/* Start Insert Data into CUSTOMER Table */
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'DRAKE','XXXha','427
Beacon Hill Ter','240-441-8705','20878');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Carole','Ciewe','458 Sioux
Lane','241-444-4855','20775');
ode) VALUES

(SEQ_CustomerID.NEXTVAL,'Junior','Ndeni','456 E
Diamond Ave','250-210-9988','21090');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Samria','Monthe','555 W
Diamond Ave','703-456-9021','24980') ;
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Marie
Jeanne','Choualeu','589 Legacy Pride Drive','703-455-
0978','20701');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Nestor','Ndjomkam','455
Ndogpassi II','901-555-7874','21567');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Chantal','Francoise','536
Byemassi I','240-222-0987','20890');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Dylane','Nemadjeu','456
Catalpa Evenue','240-345-1098','20878');
ode) VALUES

(SEQ_CustomerID.NEXTVAL,'Alice','Madeko','555
Thayer Ave','571-234-8023','29789');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Justin','Kemogne','275
Colburn Terrace','301-777-9025','20782');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Gregoire','Kamsu','4990
Don Road','910-123-4567','25789');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Basile','Oyono','234 Ngoa
Ekele','571-444-0971','24098');
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Jena
Blaise','Kamga Toko','956 North EAST','310-210-4367',21770);
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Adeline','Ngako','234
Mvomeka','241-090-5678','23019');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Florentine','Djomkam','456

Dimako','456-100-2345','21890');
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Blaise','Kamga','556 North
EAST','210-210-4367',22770);
/* End Insert Data into CUSTOMER Table */
select * from customer;
/* Start Insert Data into DISTRIBUTOR Table */
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneN
o,ZipCode) VALUES (SEQ_DistributorID.NEXTVAL,'Jean
Pierre','Kamsukom','7505 Wisconsin Avenue','301-009-
1090','10015');
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES (SEQ_DistributorID.NEXTVAL,'Jean De
Dieu','Momo','234 Conneticut Ave','703-456-1231','20025');
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Bill','Gates','345 Los
Angeles','410-132-0099','23010');
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Ebenizer','Elong','423 Douala
Road','245-080-8900','20035');

Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Sylvain','Djeukam','555
Dallas Road','234-090-0001','22090');
Code) VALUES (SEQ_DistributorID.NEXTVAL,'Jean
Jacques','Ndam','525 Thayer Ave','240-575-0934','20910');
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Elie','Poundeu','324 Lala
Mission','234-089-1231','21789');
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Victor','Odunsi','125
Lagos Street','567-124-2345','10035');
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Robert','Garatt','345
London Drive','240-485-0478','20878');
INSERT INTO
DISTRIBUTOR(DistributorID,FirstName,LastName,StreetAddre
ss,PhoneNo,ZipCode) VALUES
(SEQ_DistributorID.NEXTVAL,'Benjamin','Zida','494 New
York Avenue','901-345-0910','10111');
INSERT INTO

(SEQ_DistributorID.NEXTVAL,'Chanakya','Golu','125
Conneticut Avenue','301-123-1290','30125');
INSERT INTO
(SEQ_DistributorID.NEXTVAL,'Chanakya Toko','Golu
Kana','209 Conneticut Avenue','201-123-1290','30127');
/* End Insert Data into DISTRIBUTOR Table */
select * from distributor;
/* Start Insert Data into DVD_VIDEO Table */
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',145,100,311);
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',200,100,311);

/* End Insert Data into DVD_VIDEO Table */
select * from dvd_video;
/* Start Insert Data into RENTAL Table */
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('05-JAN-18','DD-MM-
YY'),TO_DATE('28-FEB-18','DD-MM-YY'),25,0,2,215,400);
INSERT INTO RENTAL

YY'),TO_DATE('02-APR-18','DD-MM-YY'),10,0,3,200,410);
INSERT INTO RENTAL
INSERT INTO RENTAL
INSERT INTO RENTAL
(SEQ_RentID.NEXTVAL,TO_DATE('20-FEB-18','DD-MM-
YY'),TO_DATE('01-MAR-18','DD-MM-YY'),0,20,2,210,403);
INSERT INTO RENTAL
INSERT INTO RENTAL
(SEQ_RentID.NEXTVAL,TO_DATE('04-MAR-18','DD-MM-
INSERT INTO RENTAL

YY'),TO_DATE('03-JAN-18','DD-MM-YY'),0,0,2,208,408);
INSERT INTO RENTAL
INSERT INTO RENTAL
INSERT INTO RENTAL
INSERT INTO RENTAL
/* End Insert Data into RENTAL Table */
select * from rental;
/* End Insert data into tables */
/* End Part2: DML SCRIPT */
rem Database Catalog/Data Dictionary Queries
/* Data dictionary query */

purge recyclebin;
select substr(object_name,1,20) as name, object_type, status
from user_objects;
commit;
SPOOL OFF;4) DDL-DML scripts output
Below is the DDL-DML script output for the Bankondji
database
SQL> set serveroutput on;
SQL> set linesize 200;
SQL> set pagesize 150;
SQL>
SQL> rem create user DBA responsible to create all objects and
manage BANKONDJI database
SQL> rem drop user DRAKE_XXX68
SQL> drop user DRAKE_XXX68 cascade;
drop user DRAKE_XXX68 cascade
*
ERROR at line 1:
ORA-01918: user 'DRAKE_XXX68' does not exist
SQL> create user DRAKE_XXX68 IDENTIFIED by
XXXha_dav1968;
User created.
SQL> grant RESOURCE TO DRAKE_XXX68;
Grant succeeded.
SQL> grant CREATE SESSION TO DRAKE1_XXX68;
Grant succeeded.
SQL> grant CONNECT TO DRAKE_XXX68;
Grant succeeded.
SQL> grant DBA to DRAKE_XXX68;
Grant succeeded.
SQL> GRANT UNLIMITED TABLESPACE TO
DRAKE_XXX68;
Grant succeeded.
SQL>
SQL> rem connect as DRAKE_XXX68 to create object of the

Bnakondji database.
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl
Connected.
SQL>
SQL> /* Begin PART1: DDL SCRIPT */
SQL>
SQL> --1.Drop Statements for All Objects as needed
SQL> /* Start Drop tables triggers and sequences */
SQL>
SQL> /* Start Drop Tables */
SQL> DROP TABLE MOVIE CASCADE CONSTRAINTS;
DROP TABLE MOVIE CASCADE CONSTRAINTS
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> DROP TABLE CUSTOMER CASCADE CONSTRAINTS;
DROP TABLE CUSTOMER CASCADE CONSTRAINTS
*
ERROR at line 1:
SQL> DROP TABLE DISTRIBUTOR CASCADE
CONSTRAINTS;
DROP TABLE DISTRIBUTOR CASCADE CONSTRAINTS
*
ERROR at line 1:
SQL> DROP TABLE DVD_VIDEO CASCADE
CONSTRAINTS;
DROP TABLE DVD_VIDEO CASCADE CONSTRAINTS
*
ERROR at line 1:
SQL> DROP TABLE RENTAL CASCADE CONSTRAINTS;
DROP TABLE RENTAL CASCADE CONSTRAINTS
*
ERROR at line 1:

SQL> /* End drop Tables */
SQL>
SQL> /* Start drop Sequences */
SQL> DROP SEQUENCE SEQ_MovieID;
DROP SEQUENCE SEQ_MovieID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> DROP SEQUENCE SEQ_CustomerID;
DROP SEQUENCE SEQ_CustomerID
*
ERROR at line 1:
SQL> DROP SEQUENCE SEQ_DistributorID;
DROP SEQUENCE SEQ_DistributorID
*
ERROR at line 1:
SQL> DROP SEQUENCE SEQ_DVDVideoID;
DROP SEQUENCE SEQ_DVDVideoID
*
ERROR at line 1:
SQL> DROP SEQUENCE SEQ_RentID;
DROP SEQUENCE SEQ_RentID
*
ERROR at line 1:
SQL> /* End drop sequences */
SQL>
SQL> /* Start drop Triggers */
SQL> --DROP TRIGGER MOVIE_TRG;
SQL> --DROP TRIGGER CUSTOMER_TRG;
SQL> --DROP TRIGGER DISTRIBUTOR_TRG;
SQL> --DROP TRIGGER DVDVIDEO_TRG;

SQL> --DROP TRIGGER RENTAL_TRG;
SQL> /* End drop triggers */
SQL>
SQL> /* End drop tables sequences and triggers */
SQL>
SQL>
SQL> --2.Create/Alter Statements for All Tables and
Constraints
SQL>
SQL> /* Create Tables */
SQL>
SQL> CREATE TABLE MOVIE (
2 MovieID NUMBER(10) PRIMARY KEY,
3 MovieTitle VARCHAR(40),
4 Duration NUMBER(2),
5 Rating NUMBER(3),
6 YearReleased NUMBER(4)
7 );
Table created.
SQL>
SQL> describe MOVIE;
Name
Null? Type
--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
MOVIEID
NOT NULL NUMBER(10)
MOVIETITLE
VARCHAR2(40)
DURATION
NUMBER(2)
RATING
NUMBER(3)
YEARRELEASED
NUMBER(4)

SQL>
SQL> CREATE TABLE CUSTOMER (
2 CustomerID NUMBER(10) PRIMARY KEY,
3 FirstName VARCHAR(25),
4 LastName VARCHAR(25),
5 StreetAddress VARCHAR(100),
6 PhoneNo VARCHAR(15),
7 ZipCode VARCHAR(5)
8 );
Table created.
SQL>
SQL> describe CUSTOMER
Name
Null? Type
--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
CUSTOMERID
NOT NULL NUMBER(10)
FIRSTNAME
VARCHAR2(25)
LASTNAME
VARCHAR2(25)
STREETADDRESS
VARCHAR2(100)
PHONENO
VARCHAR2(15)
ZIPCODE
VARCHAR2(5)
SQL>
SQL> CREATE TABLE DISTRIBUTOR (
2 DistributorID NUMBER(10) PRIMARY KEY,
3 FirstName VARCHAR(25),
4 LastName VARCHAR(25),
5 StreetAddress VARCHAR(100),
6 PhoneNo VARCHAR(15),

7 ZipCode VARCHAR(5)
8 );
Table created.
SQL>
SQL> describe DISTRIBUTOR;
Name
Null? Type
--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
DISTRIBUTORID
NOT NULL NUMBER(10)
FIRSTNAME
VARCHAR2(25)
LASTNAME
VARCHAR2(25)
STREETADDRESS
VARCHAR2(100)
PHONENO
VARCHAR2(15)
ZIPCODE
VARCHAR2(5)
SQL>
SQL> CREATE TABLE DVD_VIDEO (
2 DVDVideoID NUMBER(10) PRIMARY KEY,
3 MovieFormat VARCHAR(12),
4 Price NUMBER(8),
5 MovieID NUMBER(10),
6 DistributorID NUMBER(10),
7 CONSTRAINT MovieID_FK1 FOREIGN KEY (MovieID)
REFERENCES MOVIE (MovieID),
8 CONSTRAINT DistributorID_FK2 FOREIGN KEY
(DistributorID) REFERENCES DISTRIBUTOR
(DistributorID));
Table created.

SQL>
SQL> describe DVD_VIDEO;
Name
Null? Type
--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
DVDVIDEOID
NOT NULL NUMBER(10)
MOVIEFORMAT
VARCHAR2(12)
PRICE
NUMBER(8)
MOVIEID
NUMBER(10)
DISTRIBUTORID
NUMBER(10)
SQL>
SQL> CREATE TABLE RENTAL (
2 RentID NUMBER(10) PRIMARY KEY,
3 CheckOutDate Date DEFAULT SYSDATE,
4 CheckInDate Date DEFAULT SYSDATE,
5 LateFee NUMBER(8),
6 DamageFee NUMBER(8),
7 Taxes NUMBER(8),
8 CustomerID NUMBER(10),
9 DVDVideoID NUMBER(10),
10 CONSTRAINT CustomerID_FK1 FOREIGN KEY
(CustomerID) REFERENCES CUSTOMER (CustomerID),
11 CONSTRAINT DVDVideoID_FK2 FOREIGN KEY
(DVDVideoID) REFERENCES DVD_VIDEO (DVDVideoID));
Table created.
SQL>
SQL> describe RENTAL;
Name
Null? Type

--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
RENTID
NOT NULL NUMBER(10)
CHECKOUTDATE
DATE
CHECKINDATE
DATE
LATEFEE
NUMBER(8)
DAMAGEFEE
NUMBER(8)
TAXES
NUMBER(8)
CUSTOMERID
NUMBER(10)
DVDVIDEOID
NUMBER(10)
SQL>
SQL> --3. Create Sequences
SQL> /* Create Sequences */
SQL>
SQL> CREATE SEQUENCE SEQ_MovieID
2 start with 100
3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_CustomerID
2 start with 200
3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_DistributorID
2 start with 300

3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_DVDVideoID
2 start with 400
3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_RentID
2 start with 500
3 increment by 1;
Sequence created.
SQL>
SQL>
SQL> --6. Add Auditing Columns to All Tables
SQL> /* Add audit columns to tables */
SQL>
SQL> --Add Audit column on MOVIE table
SQL> ALTER TABLE MOVIE ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
SQL> --Add Audit column to CUSTOMER table
SQL> ALTER TABLE CUSTOMER ADD
6 );
Table altered.
SQL>

SQL> --Add Audit column to DISTRIBUTOR table
SQL> ALTER TABLE DISTRIBUTOR ADD
6 );
Table altered.
SQL>
SQL> --Add Audit column to DVD_VIDEO table
SQL> ALTER TABLE DVD_VIDEO ADD
6 );
Table altered.
SQL>
SQL> --Add Audit column to RENTAL table
SQL> ALTER TABLE RENTAL ADD
6 );
Table altered.
SQL>
SQL>
SQL> --7.Create Triggers on surrogate keys of the five tables
SQL> /* Start Create triggers */
SQL> --MOVIE Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER MOVIE_TRG
2 BEFORE INSERT OR UPDATE ON MOVIE

3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.MovieID IS NULL THEN
7 :NEW.MovieID := SEQ_MOVIEID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
11 IF :NEW.DATE_CREATED IS NULL THEN
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
15 IF :NEW.DATE_MODIFIED IS NULL THEN
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --CUSTOMER Table
SQL> CREATE OR REPLACE TRIGGER CUSTOMER_TRG
2 BEFORE INSERT OR UPDATE ON CUSTOMER
3 FOR EACH ROW
4 BEGIN
6 IF :NEW.CustomerID IS NULL THEN
7 :NEW.CustomerID := SEQ_CustomerID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN

12 END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --DSITRIBUTOR Table
SQL> CREATE OR REPLACE TRIGGER DISTRIBUTOR_TRG
2 BEFORE INSERT OR UPDATE ON DISTRIBUTOR
3 FOR EACH ROW
4 BEGIN
6 IF :NEW.DistributorID IS NULL THEN
7 :NEW.DistributorID := SEQ_DistributorID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
12 END IF;
16 END IF;

17 END;
18 /
Trigger created.
SQL>
SQL> --DVD_VIDEO Table
SQL> CREATE OR REPLACE TRIGGER DVDVIDEO_TRG
2 BEFORE INSERT OR UPDATE ON DVD_VIDEO
3 FOR EACH ROW
4 BEGIN
6 IF :NEW.DVDVideoID IS NULL THEN
7 :NEW.DVDVideoID := SEQ_DVDVideoID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
12 END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --RENTAL Table
SQL> CREATE OR REPLACE TRIGGER RENTAL_TRG

2 BEFORE INSERT OR UPDATE ON RENTAL
3 FOR EACH ROW
4 BEGIN
6 IF :NEW.RentID IS NULL THEN
7 :NEW.RentID := SEQ_RentID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
12 END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL> /* End Create triggers */
SQL> /* End PART1: DDL SCRIPT */
SQL>
SQL>
SQL> /* Begin Part2: DML SCRIPT */
SQL> /* Start Insert data into tables */
SQL>
SQL> /* Start Insert DATA Into MOVIE Table */
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Terikassam',2,70,1970);
1 row created.
SQL>

(SEQ_MOVIEID.NEXTVAL,'Cinq Pour
Lenfer',3,80,2010);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Le Proces',2,90,1980);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'La Companie
Creole',4,50,2003);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Grand
Canion',3,80,1978);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'BaoBali',1,90,1983);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Titanic',3,95,1968);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Ready Player
One',4,50,2004);

1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Black
Panther',3,60,2012);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Khushi',2,85,1965);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Idiots',4,75,1992);
1 row created.
SQL>
(SEQ_MOVIEID.NEXTVAL,'Trois Idiots',3,78,2002);
1 row created.
SQL> /* End Insert DATA Into MOVIE TABLE */
SQL>
SQL> select * from movie;
MOVIEID MOVIETITLE DURATION
RATING YEARRELEASED CREATED_BY
DATE_CREA MODIFIED_BY DATE_MODI
---------- ---------------------------------------- ---------- ---------- --
---------- ------------------------------ --------- -----------------------
------- ---------
100 Terikassam 2 70
1970 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19
101 Cinq Pour Lenfer 3 80

102 Le Proces 2 90
103 La Companie Creole 4 50
104 Grand Canion 3 80
105 BaoBali 1 90
106 Titanic 3 95
107 Ready Player One 4 50
108 Black Panther 3 60
109 Khushi 2 85
110 Idiots 4 75
111 Trois Idiots 3 78
12 rows selected.
SQL>
SQL>
SQL> /* Start Insert Data into CUSTOMER Table */

SQL> INSERT INTO CUSTOMER
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'DRAKE','XXXha','427 Beacon
Hill Ter','240-441-8705','20878');
1 row created.
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Carole','Ciewe','458 Sioux
Lane','241-444-4855','20775');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Junior','Ndeni','456 E Diamond
Ave','250-210-9988','21090');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Samria','Monthe','555 W
Diamond Ave','703-456-9021','24980') ;
1 row created.
SQL>
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Marie
Jeanne','Choualeu','589 Legacy Pride Drive','703-455-
0978','20701');
1 row created.
SQL>

ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Nestor','Ndjomkam','455
Ndogpassi II','901-555-7874','21567');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Chantal','Francoise','536
Byemassi I','240-222-0987','20890');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Dylane','Nemadjeu','456 Catalpa
Evenue','240-345-1098','20878');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Alice','Madeko','555 Thayer
Ave','571-234-8023','29789');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Justin','Kemogne','275 Colburn
Terrace','301-777-9025','20782');
1 row created.
SQL>

ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Gregoire','Kamsu','4990 Don
Road','910-123-4567','25789');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Basile','Oyono','234 Ngoa
Ekele','571-444-0971','24098');
1 row created.
SQL>
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Jena
Blaise','Kamga Toko','956 North EAST','310-210-4367',21770);
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Adeline','Ngako','234
Mvomeka','241-090-5678','23019');
1 row created.
SQL>
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Florentine','Djomkam','456
Dimako','456-100-2345','21890');
1 row created.
SQL>
ode) VALUES

(SEQ_CustomerID.NEXTVAL,'Blaise','Kamga','556 North
EAST','210-210-4367',22770);
1 row created.
SQL> /* End Insert Data into CUSTOMER Table */
SQL>
SQL> select * from customer;
CUSTOMERID FIRSTNAME LASTNAME
STREETADDRESS
PHONENO ZIPCO
---------- ------------------------- ------------------------- ------------
---------------------------------------------------------------------------
------------- --------------- -----
CREATED_BY DATE_CREA MODIFIED_BY
DATE_MODI
------------------------------ --------- ------------------------------ ---
------
200 DRAKE XXXha 427
Beacon Hill Ter
240-441-8705 20878
DRAKE_XXX68 23-APR-19 DRAKE_XXX68
23-APR-19
201 Carole Ciewe 458 Sioux
Lane
241-444-4855 20775
23-APR-19
202 Junior Ndeni 456 E
Diamond Ave
250-210-9988 21090
23-APR-19
203 Samria Monthe 555 W
Diamond Ave

703-456-9021 24980
23-APR-19
204 Marie Jeanne Choualeu 589
Legacy Pride Drive
703-455-0978 20701
23-APR-19
205 Nestor Ndjomkam 455
Ndogpassi II
901-555-7874 21567
23-APR-19
206 Chantal Francoise 536
Byemassi I
240-222-0987 20890
23-APR-19
207 Dylane Nemadjeu 456 Catalpa
Evenue
240-345-1098 20878
23-APR-19
208 Alice Madeko 555 Thayer
Ave
571-234-8023 29789
23-APR-19
209 Justin Kemogne 275 Colburn
Terrace

301-777-9025 20782
23-APR-19
210 Gregoire Kamsu 4990 Don
Road
910-123-4567 25789
23-APR-19
211 Basile Oyono 234 Ngoa
Ekele
571-444-0971 24098
23-APR-19
212 Jena Blaise Kamga Toko 956 North
EAST
310-210-4367 21770
23-APR-19
213 Adeline Ngako 234 Mvomeka
241-090-5678 23019
23-APR-19
214 Florentine Djomkam 456
Dimako
456-100-2345 21890
23-APR-19
215 Blaise Kamga 556 North
EAST
210-210-4367 22770

23-APR-19
16 rows selected.
SQL>
SQL>
SQL> /* Start Insert Data into DISTRIBUTOR Table */
SQL> INSERT INTO DISTRIBUTOR
Pierre','Kamsukom','7505 Wisconsin Avenue','301-009-
1090','10015');
1 row created.
SQL>
Code) VALUES (SEQ_DistributorID.NEXTVAL,'Jean De
Dieu','Momo','234 Conneticut Ave','703-456-1231','20025');
1 row created.
SQL>
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Bill','Gates','345 Los
Angeles','410-132-0099','23010');
1 row created.
SQL>
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Ebenizer','Elong','423 Douala
Road','245-080-8900','20035');
1 row created.
SQL>

Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Sylvain','Djeukam','555 Dallas
Road','234-090-0001','22090');
1 row created.
SQL>
Jacques','Ndam','525 Thayer Ave','240-575-0934','20910');
1 row created.
SQL>
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Elie','Poundeu','324 Lala
Mission','234-089-1231','21789');
1 row created.
SQL>
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Victor','Odunsi','125 Lagos
Street','567-124-2345','10035');
1 row created.
SQL>
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Robert','Garatt','345 London
Drive','240-485-0478','20878');
1 row created.
SQL>
SQL> INSERT INTO

(SEQ_DistributorID.NEXTVAL,'Benjamin','Zida','494 New
York Avenue','901-345-0910','10111');
1 row created.
SQL>
SQL> INSERT INTO
(SEQ_DistributorID.NEXTVAL,'Chanakya','Golu','125
Conneticut Avenue','301-123-1290','30125');
1 row created.
SQL>
SQL> INSERT INTO
(SEQ_DistributorID.NEXTVAL,'Chanakya Toko','Golu
Kana','209 Conneticut Avenue','201-123-1290','30127');
1 row created.
SQL> /* End Insert Data into DISTRIBUTOR Table */
SQL>
SQL> select * from distributor;
DISTRIBUTORID FIRSTNAME LASTNAME
STREETADDRESS
PHONENO ZIPCO
------------- ------------------------- ------------------------- ---------
---------------------------------------------------------------------------
---------------- --------------- -----
DATE_MODI
------------------------------ --------- ------------------------------ ---
------
300 Jean Pierre Kamsukom 7505
Wisconsin Avenue
301-009-1090 10015

23-APR-19
301 Jean De Dieu Momo 234
Conneticut Ave
703-456-1231 20025
23-APR-19
302 Bill Gates 345 Los
Angeles
410-132-0099 23010
23-APR-19
303 Ebenizer Elong 423 Douala
Road
245-080-8900 20035
23-APR-19
304 Sylvain Djeukam 555 Dallas
Road
234-090-0001 22090
23-APR-19
305 Jean Jacques Ndam 525
Thayer Ave
240-575-0934 20910
23-APR-19
306 Elie Poundeu 324 Lala
Mission
234-089-1231 21789

23-APR-19
307 Victor Odunsi 125 Lagos
Street
567-124-2345 10035
23-APR-19
308 Robert Garatt 345 London
Drive
240-485-0478 20878
23-APR-19
309 Benjamin Zida 494 New
York Avenue
901-345-0910 10111
23-APR-19
310 Chanakya Golu 125
Conneticut Avenue
301-123-1290 30125
23-APR-19
311 Chanakya Toko Golu Kana 209
Conneticut Avenue
201-123-1290 30127
23-APR-19
12 rows selected.
SQL>

SQL>
SQL> /* Start Insert Data into DVD_VIDEO Table */
SQL> INSERT INTO DVD_VIDEO
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>

1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL> /* End Insert Data into DVD_VIDEO Table */
SQL>
SQL> select * from dvd_video;
DVDVIDEOID MOVIEFORMAT PRICE MOVIEID
DISTRIBUTORID CREATED_BY DATE_CREA
MODIFIED_BY DATE_MODI
---------- ------------ ---------- ---------- ------------- ----------------
-------------- --------- ------------------------------ ---------
400 DVD 145 100 311
23-APR-19
401 Video 200 100 311

23-APR-19
402 Video 500 101 300
23-APR-19
403 DVD 350 102 310
23-APR-19
404 Video 219 111 309
23-APR-19
405 DVD 672 110 304
23-APR-19
406 DVD 901 108 307
23-APR-19
407 Video 125 109 303
23-APR-19
408 DVD 879 104 308
23-APR-19
409 Video 210 105 302
23-APR-19
410 DVD 190 106 305
23-APR-19
11 rows selected.
SQL>
SQL>
SQL> /* Start Insert Data into RENTAL Table */
SQL> INSERT INTO RENTAL

1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>

1 row created.
SQL>
1 row created.
SQL>
YY'),TO_DATE('03-JAN-18','DD-MM-YY'),0,0,2,208,408);
1 row created.
SQL>
1 row created.
SQL>
1 row created.
SQL>

1 row created.
SQL>
1 row created.
SQL> /* End Insert Data into RENTAL Table */
SQL>
SQL> select * from rental;
RENTID CHECKOUTD CHECKINDA LATEFEE
DAMAGEFEE TAXES CUSTOMERID DVDVIDEOID
DATE_MODI
---------- --------- --------- ---------- ---------- ---------- ---------- -
--------- ------------------------------ --------- ------------------------
------ ---------
500 05-JAN-18 28-FEB-18 25 0 2
215 400 DRAKE_XXX68 23-APR-19
501 03-JAN-18 02-APR-18 10 0 3
200 410 DRAKE_XXX68 23-APR-19
502 01-JAN-18 01-FEB-18 0 10 4
213 401 DRAKE_XXX68 23-APR-19
503 15-JAN-18 17-FEB-18 14 0 5
214 402 DRAKE_XXX68 23-APR-19
504 20-FEB-18 01-MAR-18 0 20 2
210 403 DRAKE_XXX68 23-APR-19
505 19-FEB-18 03-MAR-18 0 0 3

209 405 DRAKE_XXX68 23-APR-19
506 04-MAR-18 01-APR-18 0 6 3
208 404 DRAKE_XXX68 23-APR-19
507 10-FEB-18 03-JAN-18 0 0 2
208 408 DRAKE_XXX68 23-APR-19
508 03-MAR-18 05-APR-18 0 35 5
203 407 DRAKE_XXX68 23-APR-19
509 04-MAR-18 04-APR-18 0 0 3
205 409 DRAKE_XXX68 23-APR-19
510 07-MAR-18 08-APR-18 20 0 4
206 406 DRAKE_XXX68 23-APR-19
511 07-MAR-18 08-APR-18 20 0 4
206 406 DRAKE_XXX68 23-APR-19
12 rows selected.
SQL> /* End Insert data into tables */
SQL> /* End Part2: DML SCRIPT */
SQL>
SQL> rem Database Catalog/Data Dictionary Queries
SQL> /* Data dictionary query */
SQL> purge recyclebin;
Recyclebin purged.
SQL> select substr(object_name,1,20) as name, object_type,
status from user_objects;
NAME
OBJECT_TYPE STATUS
---------------------------------------------------------------------------
----- ----------------------- -------
SYS_C0013021

INDEX VALID
CUSTOMER
TABLE VALID
MOVIE
TABLE VALID
SYS_C0013022
INDEX VALID
DISTRIBUTOR
TABLE VALID
SYS_C0013023
INDEX VALID
DVD_VIDEO
TABLE VALID
SYS_C0013024
INDEX VALID
RENTAL
TABLE VALID
SYS_C0013027
INDEX VALID
SEQ_MOVIEID
SEQUENCE VALID
SEQ_CUSTOMERID
SEQUENCE VALID
SEQ_DISTRIBUTORID
SEQUENCE VALID
SEQ_DVDVIDEOID
SEQUENCE VALID
SEQ_RENTID
SEQUENCE VALID
MOVIE_TRG
TRIGGER VALID
CUSTOMER_TRG
TRIGGER VALID
DISTRIBUTOR_TRG
TRIGGER VALID
DVDVIDEO_TRG

TRIGGER VALID
RENTAL_TRG
TRIGGER VALID
20 rows selected.
SQL> commit;
Commit complete.
SQL> SPOOL OFF;5) Database Security 5.1) Security Plan
The BANKONDJ database is a small database with only four
group of users : the Designer and Manager of the
database(DBA), the Store Manager who manages the
BANKONDJI store, the Accountant who oversees the finances
of BANKONDJI store and the customers who rent
DVDs/VIDEOP from the BANKONDJI store. There is of course
network and server security that is required but these are out of
scope of this document. Most of the data in the database is not
classified or confidenXXXl but there is some information such
as the customers’ phone numbers and mailing addresses that is
private. Also, customer’s rental information is quite sensitive as
it includes fees paid by customers. Because of this personal and
sensitive information, the security plan for this database
includes ensuring only authorized users can connect to the
database and that the rule of least privileges is applied when
granting privileges on the database objects.5.2) Security
Policies
In order to support the security plan, the security policy for this
database includes four main components: the use of roles, the
use of views when appropriate for controlling access to the data
and granting of privileges to view and table objects based on the
rule of least privileges, the use of Virtual Private Database
(VPD) to control access to data when external users
(Customers) access the database. DBA will be responsible for
creating the appropriate database roles, which will be granted
permissions to the database tables and/or views as appropriate
to perform the associated job functions. DBA will also be
responsible for creating new user accounts and passwords,

which must meet the approved username and password rules
outlined below :
· User Names must be at least six characters long and include at
least one uppercase letter and one number
· Passwords must be at least eight characters long, include one
uppercase letter and one number.
· Users will be required to change their passwords at least once
every 60 days.
Users will be granted create session privileges in order to be
able to connect to the database and then will be assigned to the
role that aligns with their job function. Since this is a small
database within a small company, the DBA is the one that
creates the tables and therefore as the owner, they are the only
one that can delete records from any of the tables.5.3) Security
Procedures
5.3.1) Users and roles definition.
The following tables, views, users and roles have been
identified:
TABLES
Table Name
Table Description
MOVIE
Stores Information on Movies
CUSTOMER
Stores information on CUSTOMERS
DISTRIBUTOR
Stores information on DISTRIBUTORS
DVD_VIDEO
Stores information on media format
RENTAL
Stores information on Movies that are rented out
VIEWS
View Name
View Description

VW_MOVIE
Displays basic MOVIE information without audit columns
VW_CUSTOMER_ZIPCODE_20878
displays information on customers who live in zipcode 20878
excluding audit column
VW_CUSTOMER_RENTAL
displays customer information in CUSTOMER and RENTAL
tables
VW_CUSTOMERS_WITH_NO_LATE_FEES
displays all the customers (without the audit columns)
rem that did not pay late fees for the movies they rented
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES
displays all the customers
rem (without the audit culumns)that did not pay fees for the
movies they rented
rem and who payed more than three dollars ($3) for tax
USERS
User Name
User Role
DRAKE_XXX68
Designer and Manager of the database(DBA)
NESTOR_den65
Store Manager
CAROLE_cie83
Accountant
SAMARIA_mon12
Customer
DYLANE_sec18
Security Manager
JUNIOR_XXX10
Customer
ROLES
Role Name

Role Function
database manager _role
DBA
Store_manager_role
accesses all tables of the database and create reports.
accountant_role
beside accessing all tables of the database and creating reports,
should be able to carry out updates in the RENTAL table
customer_role
customers should be able to view only their records in
CUSTOMER and RENTAL tables
Access Matrix
DATABASE OBJECTS/USERS
DRAKE_XXX68
NESTOR_den65
CAROLE_cie83
SAMARIA_mon12
JUNIOR_XXX10
MOVIE
I,S,U,D
S
S
Will Access records through VPD
CUSTOMER
I,S,U,D
S
S

DISTRIBUTOR
I,S,U,D
S
S
DVD_VIDEO
I,S,U,D
S
S
RENTAL
I,S,U,D
S
S,I,U
VW_MOVIE
I,S,U,D
S
VW_CUSTOMER_ZIPCODE_20878
I,S,U,D
S
VW_CUSTOMER_RENTAL
I,S,U,D
S

VW_CUSTOMERS_WITH_NO_LATE_FEES
I,S,U,D
S
AN_3_DOLlARS_TAXES
I,S,U,D
S
5.4) Security_Procedures_Script
rem connect to oracle database as sysdba: sqlplus
sys/[email protected]:1521/orcl as sysdba
SPOOL DBST668_PROJECT_DATABASE_SECURITY.log;
set echo on;
set serveroutput on;
set linesize 250;
set pagesize 150;
rem conneect as DBA to implement the security protion of the
project
shwo user
connect DRAKE_XXX68/XXXha_dav1968 @orcl;
rem Below are other users that should be able to connect to the
database
--connect DYLANE_sec18/[email protected];
--connect SAMARIA_mon12/[email protected];
--connect JUNIOR_XXX10/[email protected];
--connect NESTOR_den65/[email protected];
--connect CAROLE_cie83/[email protected];

/* Begin Part1:Database security Script */
/* Beging Create Database users,sessions and roles */
rem the DBA user has already been created and all roles and
privileges granted.
rem Ndeni Nestor is the store manager
rem Carole Ciewe is the accountant
rem Samaria Monthe is a customer
rem Junior Ndeni is a customer
rem Dylane is the security manager
rem drop all users
drop user NESTOR_den65;
drop user CAROLE_XXX83;
drop user SAMARIA_mon12;
drop user JUNIOR_XXX10;
drop user DYLANE_sec18;
rem create users
create user NESTOR_den65 IDENTIFIED BY NDENI_nes1965;
create user CAROLE_XXX83 IDENTIFIED BY
CIEWE_car1983;
create user SAMARIA_mon12 IDENTIFIED BY
MONTHE_sam2012;
create user JUNIOR_XXX10 IDENTIFIED BY
XXXHA_jun2010;
create user DYLANE_sec18 IDENTIFIED BY
CHOKO_dyl2018;
rem grant create session to users
grant create session to NESTOR_den65;
grant create session to CAROLE_XXX83;
grant create session to SAMARIA_mon12;
grant create session to JUNIOR_XXX10;

grant create session to DYLANE_sec18;
rem Begin create roles
drop role store_manager_role;
drop role accountant_role;
drop role customer_role;
create role store_manager_role;
create role accountant_role;
create role customer_role;
rem grant priviledge to roles on objects
rem store_manager_role
grant select on MOVIE to store_manager_role;
grant select on CUSTOMER to store_manager_role;
grant select on DISTRIBUTOR to store_manager_role;
grant select on DVD_VIDEO to store_manager_role;
grant select on RENTAL to store_manager_role;
rem accountant_role
grant select on CUSTOMER to accountant_role;
grant select on DISTRIBUTOR to accountant_role;
grant select on DVD_VIDEO to accountant_role;
grant select on RENTAL to accountant_role;
grant select on MOVIE to accountant_role;
grant insert on RENTAL to accountant_role;
grant update on RENTAL to accountant_role;
rem Begin grant role to users
rem Store Manager
grant store_manager_role to NESTOR_den65;
rem Accountant
grant accountant_role to CAROLE_XXX83;
rem Customers.

grant customer_role to SAMARIA_mon12;
grant customer_role to JUNIOR_XXX10;
/* End Create Database users,sessions and roles */
/* Begin Create view for database security and grant appropriate
privilege to the appropriate roles */
rem drop all views if they exist
drop view VW_MOVIE;
drop view VW_CUSTOMER_ZIPCODE_20878;
drop view VW_CUSTOMERS_WITH_NO_LATE_FEES;
drop view
AN_3_DOLlARS_TAXES;
rem Create view to display basic MOVIE information without
audit columns
CREATE OR REPLACE VIEW VW_MOVIE AS
SELECT MovieID, MovieTitle, Duration, Rating, YearReleased
FROM MOVIE;
rem Create view to display information on customers who live
in zip code 20878 excluding audit column
CREATE OR REPLACE VIEW
VW_CUSTOMER_ZIPCODE_20878 AS
SELECT
CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode FROM CUSTOMER
WHERE ZipCode='20878';
rem create VW_CUSTOMERS_WITH_NO_LATE_FEES view
that displays all the customers (without the audit columns)
rem that did not pay late fees for the movies they rented
VW_CUSTOMERS_WITH_NO_LATE_FEES AS
select

A.CUSTOMERID,A.FIRSTNAME,A.LASTNAME,A.STREETA
DDRESS,A.PHONENO,A.ZIPCODE from customer A
join rental b on b.CUSTOMERID=A.CUSTOMERID
where b.LATEFEE=0;
rem create
AN_3_DOLlARS_TAXES that displays all the customers
rem (without the audit culumns)that did not pay fees for the
movies they rented
rem and who payed more than three dollars ($3) for tax
AN_3_DOLlARS_TAXES AS
select
join rental b on b.CUSTOMERID=A.CUSTOMERID
where b.DAMAGEFEE=0
and b.TAXES>3;
rem grant select on the view created above to accountant_role;
grant select on VW_MOVIE to accountant_role;
grant select on VW_CUSTOMER_ZIPCODE_20878 to
accountant_role;
grant select on VW_CUSTOMERS_WITH_NO_LATE_FEES to
accountant_role;
grant select on
AN_3_DOLlARS_TAXES to accountant_role;
/* End Create view for database security and grant appropriate
privilege to the appropriate roles */
/* Beging create Virtual Private Database to allow Customers to

view their records in CUSTOMER and RENTAL tables */
rem connect as sysdba and EXECUTE ON DBMS_RLS TO THE
DBA (DRAKE_XXX68)
connect sys/[email protected]:1521/orcl as sysdba;
grant execute on dbms_rls to DRAKE_XXX68;
rem connect as DRAKE_XXX68 to create the VPD
connect DRAKE_XXX68/XXXha_dav1968 @orcl;
rem create the access policy table
drop table ACCESS_POLICY;
CREATE TABLE ACCESS_POLICY
( AM_NAME VARCHAR2(20) NOT NULL,
CUSTOMERID NUMBER NOT NULL,
ACCESS_TYPE CHAR(1) NOT NULL);
rem create the access right by loading the access policy table.
INSERT INTO ACCESS_POLICY VALUES
('SAMARIA_mon12', 203, 'S');
INSERT INTO ACCESS_POLICY VALUES
('JUNIOR_XXX10', 200, 'S');
rem Show the values from the the access policy table just
created.
SELECT * FROM ACCESS_POLICY;
rem As DRAKE_XXX68, create a policy function
rem THE POLICY CHECKS TO SEE IF THE USER
EXECUTING THE FUNCTION IS IN THE TABLE.
rem THIS FUNCTION RETURNS THE USERS THAT HAVE
THE RIGHT TO SELECT CUSTOMER INFORMATION in the
VW_CUSTOMER_RENTAL view.

create or replace function get_sel_customerid (p_schema in
varchar2, p_table in varchar2)
return varchar2
as l_retstr varchar2(2000);
begin
if (p_schema = user) then
l_retstr := null;
else
for cust_rec in
(
select customerid
from access_policy
where am_name = USER
and access_type = 'S'
) loop
l_retstr := l_retstr||','||cust_rec.customerid;
end loop;
l_retstr := ltrim(l_retstr,',');
l_retstr := 'CUSTOMERID IN ('||l_retstr||')';
end if;
return l_retstr;
end;
/
rem Start create the view on which the fucntion will be applied
rem create CUSTOMER view that displays customer
information in CUSTOMER and RENTAL tables
drop view VW_CUSTOMER_RENTAL;
CREATE OR REPLACE VIEW VW_CUSTOMER_RENTAL
AS
select a.CustomerID, a.FirstName, a.LastName,
a.StreetAddress, a.PhoneNo, a.ZipCode,
b.RentID, b.CheckOutDate, b.CheckInDate, b.LateFee,
b.DamageFee, b.Taxes from customer a

join rental b on b.CustomerID=a.CustomerID;
rem as DRAKE_XXX68 grant select privilege on
VW_CUSTOMER_RENTAL view to customer_role
grant select on VW_CUSTOMER_RENTAL to customer_role;
rem ADD POLICY FUNCTION
rem connect as security manager (DYLANE_sec18) in order to
the policy fucntion using the DBMS RLS Function
rem This operation connects the policy (cust_sle_policy) to the
view (DRAKE1_XXX68.VW_CUSTOMER_RENTAL) with a
function that returns the information needed in the where
clause.
rem We should keep in mind that this is the policy that applies
on who may perform the select operation.
begin
dbms_rls.add_policy (
object_schema => 'DRAKE_XXX68',
object_name => 'VW_CUSTOMER_RENTAL',
policy_name => 'CUST_SEL_POLICY',
function_schema => 'DRAKE_XXX68',
policy_function => 'GET_SEL_CUSTOMERID',
statement_types => 'SELECT',
update_check => TRUE
);
end;
/
/* End create Virtual Private Database to allow Customers to
view their records in CUSTOMER and RENTAL tables */
/* Start Part2: Test Database security Script */
rem connect as store manager and issue select commands on all
the tables.
connect NESTOR_den65/[email protected];

select * from DRAKE_XXX68.MOVIE;
select * from DRAKE_XXX68.CUSTOMER;
select * from DRAKE_XXX68.DISTRIBUTOR;
select * from DRAKE_XXX68.DVD_VIDEO;
select * from DRAKE_XXX68.RENTAL;
rem check that the store maneger cannot see any view
select * from DRAKE_XXX68.VW_MOVIE;
select * from
DRAKE_XXX68.VW_CUSTOMER_ZIPCODE_20878;
select * from DRAKE_XXX68.VW_CUSTOMER_RENTAL;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES_
AND_MORE_THAN_3_DOLlARS_TAXES;
rem connect as accountant (CAROLE_XXX83) and verify that
all views are acessible
rem note: accountant_role has been granted select privilege on
these views and the role has been granted to the user
CAROLE_cie83
rem the user should be able to access all the views.
connect CAROLE_XXX83/[email protected];
select * from DRAKE_XXX68.VW_MOVIE;
select * from
DRAKE_XXX68.VW_CUSTOMER_ZIPCODE_20878;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES_
AND_MORE_THAN_3_DOLlARS_TAXES;
rem as accounter issue update command on the RENTAL table
update DRAKE_XXX68.RENTAL
set latefee=30

where customerid=215;
rollback;
rem connect as customer SAMARIA (MARIA_mon12) and issue
select command on the VW_CUSTOMER_RENTAL view.
rem the user should be able to see only his record in the view.
connect SAMARIA_mon12/[email protected];
select * from DRAKE_XXX68.VW_CUSTOMER_RENTAL
/* End Part2: Test Database security Script */
spool off;
/* End Part2: Test Database security Script */
5.5) Security_Procedures_Script_output
SQL> set echo on;
SQL> set serveroutput on;
SQL> set linesize 250;
SQL> set pagesize 150;
SQL>
SQL> rem conneect as DBA to implement the security protion
of the project
SQL> show user
USER is "SYS"
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl;
Connected.
SQL> nect DRAKE_XXX68/XXXha_dav1968 @orcl;
SP2-0734: unknown command beginning "nect DRAKE..." - rest
of line ignored.
SQL>
SQL> rem Below are other users that should be able to connect
to the database
SQL> --connect DYLANE_sec18/[email protected];
SQL> --connect SAMARIA_mon12/[email protected];
SQL> --connect JUNIOR_XXX10/[email protected];
SQL> --connect NESTOR_den65/[email protected];
SQL> --connect CAROLE_cie83/[email protected];
SQL>
SQL>

SQL>
SQL>
SQL> /* Begin Part1:Database security Script */
SQL>
SQL> /* Beging Create Database users,sessions and roles */
SQL> rem the DBA user has already been created and all roles
and privileges granted.
SQL> rem Ndeni Nestor is the store manager
SQL> rem Carole Ciewe is the accountant
SQL> rem Samaria Monthe is a customer
SQL> rem Junior Ndeni is a customer
SQL> rem Dylane is the security manager
SQL>
SQL> rem drop all users
SQL> drop user NESTOR_den65;
User dropped.
SQL> drop user CAROLE_cie83;
drop user CAROLE_cie83
*
ERROR at line 1:
ORA-01918: user 'CAROLE_CIE83' does not exist
SQL> drop user SAMARIA_mon12;
User dropped.
SQL> drop user JUNIOR_XXX10;
User dropped.
SQL> drop user DYLANE_sec18;
User dropped.

SQL> drop user CAROLE_XXX83;
User dropped.
SQL>
SQL> rem create users
SQL> create user NESTOR_den65 IDENTIFIED BY
NDENI_nes1965;
User created.
SQL> create user CAROLE_XXX83 IDENTIFIED BY
CIEWE_car1983;
User created.
SQL> create user SAMARIA_mon12 IDENTIFIED BY
MONTHE_sam2012;
User created.
SQL> create user JUNIOR_XXX10 IDENTIFIED BY
XXXHA_jun2010;
User created.
SQL> create user DYLANE_sec18 IDENTIFIED BY
CHOKO_dyl2018;
User created.
SQL>
SQL> rem grant create session to users
SQL> grant create session to NESTOR_den65;

Grant succeeded.
SQL> grant create session to CAROLE_XXX83;
Grant succeeded.
SQL> grant create session to SAMARIA_mon12;
Grant succeeded.
SQL> grant create session to JUNIOR_XXX10;
Grant succeeded.
SQL> grant create session to DYLANE_sec18;
Grant succeeded.
SQL>
SQL>
SQL> rem Begin create roles
SQL> drop role store_manager_role;
Role dropped.
SQL>
SQL> drop role accountant_role;
Role dropped.
SQL> drop role customer_role;
Role dropped.
SQL>
SQL>

SQL> rem Begin create roles
SQL> drop role store_manager_role;
drop role store_manager_role
*
ERROR at line 1:
ORA-01919: role 'STORE_MANAGER_ROLE' does not exist
SQL> drop role accountant_role;
drop role accountant_role
*
ERROR at line 1:
ORA-01919: role 'ACCOUNTANT_ROLE' does not exist
SQL> drop role customer_role;
drop role customer_role
*
ERROR at line 1:
ORA-01919: role 'CUSTOMER_ROLE' does not exist
SQL>
SQL> create role store_manager_role;
Role created.
SQL> create role accountant_role;
Role created.
SQL> create role customer_role;
Role created.
SQL> rem grant priviledge to roles on objects

SQL> rem store_manager_role
SQL>
SQL> grant select on MOVIE to store_manager_role;
Grant succeeded.
SQL> grant select on CUSTOMER to store_manager_role;
Grant succeeded.
SQL> grant select on DISTRIBUTOR to store_manager_role;
Grant succeeded.
SQL> grant select on DVD_VIDEO to store_manager_role;
Grant succeeded.
SQL> grant select on RENTAL to store_manager_role;
Grant succeeded.
SQL>
SQL>
SQL> rem accountant_role
SQL> grant select on CUSTOMER to accountant_role;
Grant succeeded.
SQL> grant select on DISTRIBUTOR to accountant_role;
Grant succeeded.
SQL> grant select on DVD_VIDEO to accountant_role;
Grant succeeded.

SQL> grant select on RENTAL to accountant_role;
Grant succeeded.
SQL> grant select on MOVIE to accountant_role;
Grant succeeded.
SQL> grant insert on RENTAL to accountant_role;
Grant succeeded.
SQL> grant update on RENTAL to accountant_role;
Grant succeeded.
SQL>
SQL> rem Begin grant role to users
SQL> rem Store Manager
SQL> grant store_manager_role to NESTOR_den65;
Grant succeeded.
SQL>
SQL> rem Accountant
SQL> grant accountant_role to CAROLE_XXX83;
Grant succeeded.
SQL> rem Customers.
SQL> grant customer_role to SAMARIA_mon12;
Grant succeeded.
SQL> grant customer_role to JUNIOR_XXX10;

Grant succeeded.
SQL> /* End Create Database users,sessions and roles */
SQL> /* Begin Create view for database security and grant
appropriate privilege to the appropriate roles */
SQL> rem drop all views if they exist
SQL> drop view VW_MOVIE;
View dropped.
SQL> drop view VW_CUSTOMER_ZIPCODE_20878;
View dropped.
SQL> drop view VW_CUSTOMERS_WITH_NO_LATE_FEES;
View dropped.
SQL> drop view
AN_3_DOLlARS_TAXES;
View dropped.
SQL>
SQL> rem Create view to display basic MOVIE information
without audit columns
SQL> CREATE OR REPLACE VIEW VW_MOVIE AS
2 SELECT MovieID, MovieTitle, Duration, Rating,
YearReleased FROM MOVIE;
View created.
SQL>
SQL> rem Create view to display information on customers who

live in zip code 20878 excluding audit column
SQL> CREATE OR REPLACE VIEW
VW_CUSTOMER_ZIPCODE_20878 AS
2 SELECT
CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode FROM CUSTOMER
3 WHERE ZipCode='20878';
View created.
SQL>
SQL> rem create VW_CUSTOMERS_WITH_NO_LATE_FEES
view that displays all the customers (without the audit columns)
SQL> rem that did not pay late fees for the movies they rented
VW_CUSTOMERS_WITH_NO_LATE_FEES AS
2 select
3 join rental b on b.CUSTOMERID=A.CUSTOMERID
4 where b.LATEFEE=0;
View created.
SQL>
SQL> rem create
AN_3_DOLlARS_TAXES that displays all the customers
SQL> rem (without the audit culumns)that did not pay fees for
the movies they rented
SQL> rem and who payed more than three dollars ($3) for tax
AN_3_DOLlARS_TAXES AS
2 select

3 join rental b on b.CUSTOMERID=A.CUSTOMERID
4 where b.DAMAGEFEE=0
5 and b.TAXES>3;
View created.
SQL>
SQL>
SQL> rem grant select on the view created above to
accountant_role;
SQL> grant select on VW_MOVIE to accountant_role;
Grant succeeded.
SQL> grant select on VW_CUSTOMER_ZIPCODE_20878 to
accountant_role;
Grant succeeded.
SQL> grant select on
VW_CUSTOMERS_WITH_NO_LATE_FEES to
accountant_role;
Grant succeeded.
SQL> grant select on
AN_3_DOLlARS_TAXES to accountant_role;
Grant succeeded.
SQL> /* End Create view for database security and grant
appropriate privilege to the appropriate roles */
SQL>
SQL>

SQL>
SQL> /* Beging create Virtual Private Database to allow
Customers to view their records in CUSTOMER and RENTAL
tables */
SQL> rem connect as sysdba and EXECUTE ON DBMS_RLS
TO THE DBA (DRAKE_XXX68)
SQL>
SQL> connect sys/[email protected]:1521/orcl as sysdba;
Connected.
SQL> grant execute on dbms_rls to DRAKE_XXX68;
Grant succeeded.
SQL> rem connect as DRAKE_XXX68 to create the VPD
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl;
Connected.
SQL>
SQL>
SQL> rem create the access policy table
SQL> drop table ACCESS_POLICY;
Table dropped.
SQL>
SQL> CREATE TABLE ACCESS_POLICY
2 ( AM_NAME VARCHAR2(20) NOT NULL,
3 CUSTOMERID NUMBER NOT NULL,
4 ACCESS_TYPE CHAR(1) NOT NULL);
Table created.
SQL>
SQL>
SQL> rem create the access right by loading the access policy
table.
SQL> INSERT INTO ACCESS_POLICY VALUES

('SAMARIA_mon12', 203, 'S');
1 row created.
SQL> INSERT INTO ACCESS_POLICY VALUES
('JUNIOR_XXX10', 200, 'S');
1 row created.
SQL>
SQL>
SQL> rem Show the values from the the access policy table just
created.
SQL> SELECT * FROM ACCESS_POLICY;
AM_NAME CUSTOMERID A
-------------------- ---------- -
SAMARIA_mon12 203 S
JUNIOR_XXX10 200 S
SQL>
SQL> rem As DRAKE_XXX68, create a policy function
SQL> rem THE POLICY CHECKS TO SEE IF THE USER
EXECUTING THE FUNCTION IS IN THE TABLE.
SQL> rem THIS FUNCTION RETURNS THE USERS THAT
HAVE THE RIGHT TO SELECT CUSTOMER INFORMATION
in the VW_CUSTOMER_RENTAL view.
SQL>
SQL> create or replace function get_sel_customerid (p_schema
in varchar2, p_table in varchar2)
2 return varchar2
3 as l_retstr varchar2(2000);
4
5 begin
6 if (p_schema = user) then
7 l_retstr := null;

8 else
9 for cust_rec in
10 (
11 select customerid
12 from access_policy
13 where am_name = USER
14 and access_type = 'S'
15 ) loop
16 l_retstr := l_retstr||','||cust_rec.customerid;
17 end loop;
18 l_retstr := ltrim(l_retstr,',');
19 l_retstr := 'CUSTOMERID IN ('||l_retstr||')';
20 end if;
21 return l_retstr;
22 end;
23 /
Function created.
SQL>
SQL>
SQL> rem Start create the view on which the fucntion will be
applied
SQL> rem create CUSTOMER view that displays customer
information in CUSTOMER and RENTAL tables
SQL> drop view VW_CUSTOMER_RENTAL;
View dropped.
SQL>
SQL>
VW_CUSTOMER_RENTAL AS
2 select a.CustomerID, a.FirstName, a.LastName,
a.StreetAddress, a.PhoneNo, a.ZipCode,
3 b.RentID, b.CheckOutDate, b.CheckInDate, b.LateFee,

b.DamageFee, b.Taxes from customer a
4 join rental b on b.CustomerID=a.CustomerID;
View created.
SQL>
SQL> rem as DRAKE_XXX68 grant select privilege on
VW_CUSTOMER_RENTAL view to customer_role
SQL> grant select on VW_CUSTOMER_RENTAL to
customer_role;
Grant succeeded.
SQL>
SQL> rem ADD POLICY FUNCTION
SQL> rem connect as security manager (DYLANE_sec18) in
order to the policy fucntion using the DBMS RLS Function
SQL> rem This operation connects the policy (cust_sle_policy)
to the view (DRAKE1_XXX68.VW_CUSTOMER_RENTAL)
with a function that returns the information needed in the where
clause.
SQL> rem We should keep in mind that this is the policy that
applies on who may perform the select operation.
SQL>
SQL>
SQL>
SQL> begin
2 dbms_rls.add_policy (
3 object_schema => 'DRAKE_XXX68',
4 object_name => 'VW_CUSTOMER_RENTAL',
5 policy_name => 'CUST_SEL_POLICY',
6 function_schema => 'DRAKE_XXX68',
7 policy_function => 'GET_SEL_CUSTOMERID',
8 statement_types => 'SELECT',
9 update_check => TRUE
10 );

11 end;
12 /
PL/SQL procedure successfully completed.
SQL> /* End create Virtual Private Database to allow
Customers to view their records in CUSTOMER and RENTAL
tables */
SQL>5.5) Verification of Security Implementation
SQL> /* Start Part2: Test Database security Script */
SQL> rem connect as store manager and issue select commands
on all the tables.
SQL>
SQL> connect NESTOR_den65/[email protected];
Connected.
SQL> select * from DRAKE_XXX68.MOVIE;
MOVIEID MOVIETITLE DURATION
RATING YEARRELEASED CREATED_BY
DATE_CREA MODIFIED_BY DATE_MODI
---------- ---------------------------------------- ---------- ---------- --
---------- ------------------------------ --------- -----------------------
------- ---------
100 Terikassam 2 70
101 Cinq Pour Lenfer 3 80
102 Le Proces 2 90
103 La Companie Creole 4 50

104 Grand Canion 3 80
105 BaoBali 1 90
106 Titanic 3 95
107 Ready Player One 4 50
108 Black Panther 3 60
109 Khushi 2 85
110 Idiots 4 75
111 Trois Idiots 3 78
12 rows selected.
SQL> select * from DRAKE_XXX68.CUSTOMER;
CUSTOMERID FIRSTNAME LASTNAME
STREETADDRESS
PHONENO ZIPCO CREATED_BY
DATE_CREA
---------- ------------------------- ------------------------- ------------
---------------------------------------------------------------------------
------------- --------------- ----- ------------------------------ ---------

------------------------------ ---------
200 DRAKE XXXha 427
Beacon Hill Ter
240-441-8705 20878 DRAKE_XXX68 23-APR-
19
201 Carole Ciewe 458 Sioux
Lane
241-444-4855 20775 DRAKE_XXX68 23-APR-
19
202 Junior Ndeni 456 E
Diamond Ave
250-210-9988 21090 DRAKE_XXX68 23-APR-
19
203 SAMARIA Monthe 555 W
Diamond Ave
703-456-9021 24980 DRAKE_XXX68 23-APR-
19
204 Marie Jeanne Choualeu 589
Legacy Pride Drive
703-455-0978 20701 DRAKE_XXX68 23-APR-
19
205 Nestor Ndjomkam 455
Ndogpassi II
901-555-7874 21567 DRAKE_XXX68 23-APR-
19

206 Chantal Francoise 536
Byemassi I
240-222-0987 20890 DRAKE_XXX68 23-APR-
19
207 Dylane Nemadjeu 456 Catalpa
Evenue
240-345-1098 20878 DRAKE_XXX68 23-APR-
19
208 Alice Madeko 555 Thayer
Ave
571-234-8023 29789 DRAKE_XXX68 23-APR-
19
209 Justin Kemogne 275 Colburn
Terrace
301-777-9025 20782 DRAKE_XXX68 23-APR-
19
210 Gregoire Kamsu 4990 Don
Road
910-123-4567 25789 DRAKE_XXX68 23-APR-
19
211 Basile Oyono 234 Ngoa
Ekele
571-444-0971 24098 DRAKE_XXX68 23-APR-
19

212 Jena Blaise Kamga Toko 956 North
EAST
310-210-4367 21770 DRAKE_XXX68 23-APR-
19
213 Adeline Ngako 234 Mvomeka
241-090-5678 23019 DRAKE_XXX68 23-APR-
19
214 Florentine Djomkam 456
Dimako
456-100-2345 21890 DRAKE_XXX68 23-APR-
19
215 Blaise Kamga 556 North
EAST
210-210-4367 22770 DRAKE_XXX68 23-APR-
19
16 rows selected.
SQL>
SQL>
SQL> select * from DRAKE_XXX68.DISTRIBUTOR;
DISTRIBUTORID FIRSTNAME LASTNAME
STREETADDRESS
PHONENO ZIPCO CREATED_BY
DATE_CREA

------------- ------------------------- ------------------------- ---------
---------------------------------------------------------------------------
---------------- --------------- ----- ------------------------------ ------
---
------------------------------ ---------
300 Jean Pierre Kamsukom 7505
Wisconsin Avenue
301-009-1090 10015 DRAKE_XXX68 23-APR-
19
301 Jean De Dieu Momo 234
Conneticut Ave
703-456-1231 20025 DRAKE_XXX68 23-APR-
19
302 Bill Gates 345 Los
Angeles
410-132-0099 23010 DRAKE_XXX68 23-APR-
19
303 Ebenizer Elong 423 Douala
Road
245-080-8900 20035 DRAKE_XXX68 23-APR-
19
304 Sylvain Djeukam 555 Dallas
Road
234-090-0001 22090 DRAKE_XXX68 23-APR-
19

305 Jean Jacques Ndam 525
Thayer Ave
240-575-0934 20910 DRAKE_XXX68 23-APR-
19
306 Elie Poundeu 324 Lala
Mission
234-089-1231 21789 DRAKE_XXX68 23-APR-
19
307 Victor Odunsi 125 Lagos
Street
567-124-2345 10035 DRAKE_XXX68 23-APR-
19
308 Robert Garatt 345 London
Drive
240-485-0478 20878 DRAKE_XXX68 23-APR-
19
309 Benjamin Zida 494 New
York Avenue
901-345-0910 10111 DRAKE_XXX68 23-APR-
19
310 Chanakya Golu 125
Conneticut Avenue
301-123-1290 30125 DRAKE_XXX68 23-APR-
19

311 Chanakya Toko Golu Kana 209
Conneticut Avenue
201-123-1290 30127 DRAKE_XXX68 23-APR-
19
12 rows selected.
SQL> select * from DRAKE_XXX68.DVD_VIDEO;
DVDVIDEOID MOVIEFORMAT PRICE MOVIEID
DISTRIBUTORID CREATED_BY DATE_CREA
---------- ------------ ---------- ---------- ------------- ----------------
-------------- --------- ------------------------------ ---------
400 DVD 145 100 311
23-APR-19
401 Video 200 100 311
23-APR-19
402 Video 500 101 300
23-APR-19
403 DVD 350 102 310
23-APR-19
404 Video 219 111 309
23-APR-19
405 DVD 672 110 304
23-APR-19
406 DVD 901 108 307

23-APR-19
407 Video 125 109 303
23-APR-19
408 DVD 879 104 308
23-APR-19
409 Video 210 105 302
23-APR-19
410 DVD 190 106 305
23-APR-19
11 rows selected.
SQL>
SQL> select * from DRAKE_XXX68.RENTAL;
RENTID CHECKOUTD CHECKINDA LATEFEE
DAMAGEFEE TAXES CUSTOMERID DVDVIDEOID
DATE_MODI
---------- --------- --------- ---------- ---------- ---------- ---------- -
--------- ------------------------------ --------- ------------------------
------ ---------
500 05-JAN-18 28-FEB-18 25 0 2
215 400 DRAKE_XXX68 23-APR-19
501 03-JAN-18 02-APR-18 10 0 3
200 410 DRAKE_XXX68 23-APR-19
502 01-JAN-18 01-FEB-18 0 10 4
213 401 DRAKE_XXX68 23-APR-19
503 15-JAN-18 17-FEB-18 14 0 5

214 402 DRAKE_XXX68 23-APR-19
504 20-FEB-18 01-MAR-18 0 20 2
210 403 DRAKE_XXX68 23-APR-19
505 19-FEB-18 03-MAR-18 0 0 3
209 405 DRAKE_XXX68 23-APR-19
506 04-MAR-18 01-APR-18 0 6 3
208 404 DRAKE_XXX68 23-APR-19
507 10-FEB-18 03-JAN-18 0 0 2
208 408 DRAKE_XXX68 23-APR-19
508 03-MAR-18 05-APR-18 0 35 5
203 407 DRAKE_XXX68 23-APR-19
509 04-MAR-18 04-APR-18 0 0 3
205 409 DRAKE_XXX68 23-APR-19
510 07-MAR-18 08-APR-18 20 0 4
206 406 DRAKE_XXX68 23-APR-19
511 07-MAR-18 08-APR-18 20 0 4
206 406 DRAKE_XXX68 23-APR-19
12 rows selected.
SQL>
SQL> rem check that the store maneger cannot see any view
SQL>
SQL> select * from DRAKE_XXX68.VW_MOVIE;
select * from DRAKE_XXX68.VW_MOVIE
*
ERROR at line 1:

Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx

Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx

Recommended

Recommended

More Related Content

Similar to Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx

Similar to Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx (20)

More from melvinjrobinson2199

More from melvinjrobinson2199 (20)

Recently uploaded

Recently uploaded (20)

Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx