DB FOR RDBMS

RDBMS
A relational database is a database that conforms to relational model theory. The software used to manage relational database is called a relational database management system.

RELATION, TUPLE AND ATTRIBUTE

A relation is defined as a set of tuples that have the same attributes. An attribute is a specification that defines a property of an object. Collection of related attributes in a relation is a tuple.

DATABASE
Database contains one or more relations. A database is an organized collection of data, today typically in digital form. Databases are usually too expensive. Thus at any point in time most of their content resides in nonvolatile storage. Even if for operational reason very large portions of them reside in volatile storage.

The content resides in file which is non volatile which cannot be used for efficient retrieval and management. For efficient retrieval and management, databases may store data in many data structure such as B+ Trees, Hash Tables and Heaps.

NOT THE REAL VIEW

This is a relation. This structure is not permanent. All the data are stored only in files, for user convenience a relation is created.

INTERNAL OF DB

Linked lists forms the basis for the internal design of database. The structure of the attributes differ from one to another to link all these we require Heterogeneous Linked Lists. Heterogeneous Linked List is a linked list datastructure that is capable of storing data of different structures. void pointer is basically used in these types of linked list as we are not sure of which type of data needs to be stored. Void pointer is capable of storing pointer to any type as it is a generic pointer type.

INVERTED FILE

inverted index (inverted file) is an index data structure storing a mapping from content, such as words or numbers, to its locations in a database file, or in a document or a set of documents. The purpose of an inverted index is to allow fast searches, which is used in DBMS for query processing.

TYPES OF INVERTED FILES

Two types, Record level inverted index Word level inverted index

A SAMPLE DB DESIGN

All the tables in a database are stored in files and it is loaded into memory for efficient manipulation and retrieval. A relation contains the set of tuples of same attributes.

Attributes can be dynamically included as well as deleted. So the tuple cannot be a node with multiple data. Each attributes forms a node.

NODE STRUCTURE FOR A DATABASE

Database Name

Pointer to Next Database

Pointer to Relation

NODE STRUCTURE FOR A ATTRIBUTE

Value

Pointer to next attribute

NODE STRUCTURE FOR A RELATION

Table Name

Pointer to next relation

No of attributes in a tuple

Pointer to Pointer to last attribute first attribute of last tuple of first tuple

NODE STRUCTURE FOR ROW-ID

Row-ID

Pointer to next Row-ID

Pointer to first attribute of the tuple

NODE STRUCTURE FOR A RELATION THAT POINTS TO ROW-ID

Table Name

Pointer to next relation

Pointer to first Row-ID

Pointer to last Row-ID

DATABASE SECURITY

Database Security - protection from malicious attempts to steal (view) or modify data.

LEVELS OF DATA SECURITY

Human level: Corrupt/careless User Network/User Interface Database application program Database system Operating System

COMMON SECURITY IN RDBMS

Authentication
User connects to the RDBMS

Authorization
User gets access to the database or database schema objects to perform certain actions, based on the set of privileges assigned to the user.

Auditing
For monitoring suspicious (and otherwise) activity.

IDENTIFICATION AND AUTHENTICATION

The first line of defense is authentication. Before accessing RDBMS we must submit sufficient information validated either by RDBMS itself, or by the operating system within which this database is installed. Once the identity is authenticated, we may proceed with the attempt to access the database resources, objects, and data.

AUTHORIZATION AND ACCESS CONTROL

Once the user is authenticated and granted access to the database, RDBMS employs a complex, finely grained system of privileges (permissions) for the particular database objects. These privileges include permission to access, modify, destroy, or execute relevant database objects, as well as add, modify, and delete data.

ENCRYPTION

Encryption provides an additional security layer, protecting the data from unauthorized viewing. Even if access to the database is obtained, it will not be easy to decipher encrypted data into a human readable form.

PHYSICAL/OS SECURITY

Physical level

Traditional lock-and-key security Solution

Remote backup for disaster recovery

Operating system level

Protection from virus/worm attacks critical

SECURITY (CONT.)

Network level: must use encryption to prevent

Eavesdropping:

unauthorized reading of

messages Masquerading:
pretending

to be an authorized user or legitimate site, or sending messages supposedly from authorized users

NETWORK SECURITY

All information must be encrypted to prevent eavesdropping

Public/private key encryption widely used Handled by secure http - https://

Must prevent person-in-the-middle attacks Encrypting messages alone doesnt solve this problem More on this in next slide

INJECTION ATTACKS

Attacks targeting the database servers through malicious SQL queries is collectively known as injection attacks

THANK U