1 R. Ching, Ph.D. MIS California State University, Sacramento Week 14 November 28 Database SecurityDatabase Security Transaction Management and Concurrency.

1

R. Ching, Ph.D. • MIS • California State University, Sacramento

Week 14Week 14November 28November 28

• Database SecurityDatabase Security• Transaction Management and Concurrency ControlsTransaction Management and Concurrency Controls

• Distributed DatabaseDistributed Database• Data Warehouse, Data Marts and MMDBMSData Warehouse, Data Marts and MMDBMS

• OODBMSOODBMS

2


Database SecurityDatabase SecurityDatabase SecurityDatabase Security

Controls Controls (objectives for system)(objectives for system)Controls Controls (objectives for system)(objectives for system)

Database SecurityDatabase Security

• The protection of the database against threats using both The protection of the database against threats using both technical and administrative controlstechnical and administrative controls

• Database security aims to Database security aims to minimizeminimize losses caused by losses caused by anticipated events in a anticipated events in a cost-effectivecost-effective manner without manner without unduly constraining the usersunduly constraining the users

Organization PolicyOrganization PolicyOrganization PolicyOrganization Policy Threats:Threats: Theft and fraudTheft and fraud Loss of confidentialityLoss of confidentiality Loss of privacyLoss of privacy Loss of integrityLoss of integrity Loss of availabilityLoss of availability

Organizational ResourceOrganizational Resource

3


Countermeasures and Contingency PlansCountermeasures and Contingency PlansCountermeasures and Contingency PlansCountermeasures and Contingency Plans

ThreatsThreats

• Any situation or event, whether intentional or Any situation or event, whether intentional or unintentional, that will adversely affect a system and unintentional, that will adversely affect a system and consequently the organization.consequently the organization.

– Tangible losses (hardware, software, data)Tangible losses (hardware, software, data)

– Intangible losses (credibility, confidentiality)Intangible losses (credibility, confidentiality)

4


Threats and CountermeasuresThreats and Countermeasures

• Initiate countermeasures to overcome threatsInitiate countermeasures to overcome threats

– Consider the types of threat and their impact on the Consider the types of threat and their impact on the organizationorganization

• Cost-effectivenessCost-effectiveness

• FrequencyFrequency

• SeveritySeverity

5


Threats and CountermeasuresThreats and Countermeasures

• Objective is to achieve a balance between a reasonable Objective is to achieve a balance between a reasonable secure operation, which does not unduly hinder users, and secure operation, which does not unduly hinder users, and the costs of maintaining it.the costs of maintaining it.

• Risks are independent of the countermeasuresRisks are independent of the countermeasures

CountermeasuresCountermeasuresCountermeasuresCountermeasures

CostsCostsCostsCosts SecuredSecuredOperationsOperationsSecuredSecured

OperationsOperations

RisksRisks

6


CountermeasuresCountermeasures

• Computer-based vs. Non-computer-basedComputer-based vs. Non-computer-based

Implemented through Implemented through the operating system the operating system and/or DBMSand/or DBMS

Management policies Management policies and proceduresand procedures

7


Computer-Based ControlsComputer-Based Controls

• Computer-based controlsComputer-based controls

– AuthorizationAuthorization

– ViewsViews

– Backup (and recovery)Backup (and recovery)

– JournalingJournaling

– CheckpointingCheckpointing

– IntegrityIntegrity

– EncryptionEncryption

– Associated proceduresAssociated procedures

8


Computer-based Control: Computer-based Control:

Authorization or Access ControlsAuthorization or Access Controls

• Granting privileges which enables users and applications Granting privileges which enables users and applications to legitimately have access to a system or object (table, to legitimately have access to a system or object (table, view, application, procedure, etc.)view, application, procedure, etc.)

– Authentication ensures the user is who s/he claims Authentication ensures the user is who s/he claims her/himself to beher/himself to be

• Layers of access or penetration into a systemLayers of access or penetration into a system

– Ownership and privilegesOwnership and privileges

• Access to database(s)Access to database(s)

• Manipulation and definition of dataManipulation and definition of data

9


Authorization and AuthenticationAuthorization and Authentication

Operating SystemOperating System

DBMSDBMS

O/S UserO/S User

DBMS UserDBMS User

DatabaseDatabase DatabaseDatabase

TableTableObjects and PrivilegesObjects and Privileges

TableTable

GrantsGrants

10


Computer-based Control: Computer-based Control:

ViewsViews

• Virtual relation to support a user’s particular needsVirtual relation to support a user’s particular needs

– Restricts access and actionsRestricts access and actions

– Created upon demand of the userCreated upon demand of the user

Virtual relationVirtual relation

Base Base RelationsRelations

11


Computer-based Control:Computer-based Control:

TablesTables

SQL> grant select, update, delete on comp_products to SQL> grant select, update, delete on comp_products to scott;scott;

Grant succeeded.Grant succeeded.

SQL> revoke delete on comp_products from scott;SQL> revoke delete on comp_products from scott;

Revoke succeeded.Revoke succeeded.

User nameUser name

PrivilegePrivilege

TableTable

GRANT GRANT privilegeprivilege ON ON tabletable TO TO useruser;;REVOKE REVOKE privilegeprivilege ON ON tabletable FROM FROM useruser;;

GRANT GRANT privilegeprivilege ON ON tabletable TO TO useruser;;REVOKE REVOKE privilegeprivilege ON ON tabletable FROM FROM useruser;;

12


Transaction ManagementTransaction Management

What is a “transaction?”What is a “transaction?”

• An action or series of actions, carried out by a single user An action or series of actions, carried out by a single user or application program which reads or updates (changes) or application program which reads or updates (changes) the contents of the databasethe contents of the database

– RetrievalsRetrievals

– Updates (modifications)Updates (modifications)

– InsertionsInsertions

– DeletionsDeletions

13


What is a “transaction?”What is a “transaction?”

• CharacteristicsCharacteristics

– Atomicity (entirety of action)Atomicity (entirety of action)

– Consistency (from one consistent state to another)Consistency (from one consistent state to another)

– Isolation (independent of other transactions)Isolation (independent of other transactions)

– Durability (permanence)Durability (permanence)

14


Transaction ManagementTransaction Management

• Provide a means for maintaining the integrity of the Provide a means for maintaining the integrity of the databasedatabase

• Importance:Importance:

– In a multi-user environment, the order of transactions In a multi-user environment, the order of transactions actions must be maintained through actions must be maintained through concurrency concurrency controlcontrol

– In the event of a failure or destruction of data, data In the event of a failure or destruction of data, data must be reconstructed through must be reconstructed through database recover database recover

Data IntegrityData Integrity

15


Concurrency ControlConcurrency Control

• The process of managing simultaneous operations on the The process of managing simultaneous operations on the database without having them interfere with one anotherdatabase without having them interfere with one another

• Potential problems:Potential problems:

– Lost update problem (one update overrides another)Lost update problem (one update overrides another)

– Uncommitted dependency problem (intermediate results Uncommitted dependency problem (intermediate results of one update viewed by another before it has been of one update viewed by another before it has been committed)committed)

– Inconsistent analysis problem (data retrieved by one user Inconsistent analysis problem (data retrieved by one user updated by another before the end of the retrievals) updated by another before the end of the retrievals)

– Nonrepeatable read (retrieval results cannot be repeated)Nonrepeatable read (retrieval results cannot be repeated)

16


Concurrency ControlConcurrency Control

• Serializability - scheduling transactions to maximize Serializability - scheduling transactions to maximize concurrency and parallelism, yet preventing them from concurrency and parallelism, yet preventing them from interfering with one another and maintaining consistencyinterfering with one another and maintaining consistency

– Serial schedule - non-interleaved transactionsSerial schedule - non-interleaved transactionsTT11 T T22 T T33 ... ... T Tnn

– Nonserial schedule - interleaved transactionsNonserial schedule - interleaved transactionsTT11 TT33 ... ... TTnn

TT22 T T44 T T55 T T6 6 ... ... T Tn+1n+1Scheduler must resolve conflictScheduler must resolve conflict

ConflictConflict

17


Concurrency Control: Concurrency Control: Locking and TimestampingLocking and Timestamping

• Locking Locking

– Prevents simultaneous access or update of the same Prevents simultaneous access or update of the same datadata

• TimestampingTimestamping

– Ordering (prioritizing) transactions by their timestamp Ordering (prioritizing) transactions by their timestamp

18


Concurrency Controls: LockingConcurrency Controls: Locking

• Locking methods – lock denies other users from accessing Locking methods – lock denies other users from accessing the data while user accessing themthe data while user accessing them

– Shared vs. exclusive lockShared vs. exclusive lock

– ““Deadly embrace” or deadlock – when a user has a lock Deadly embrace” or deadlock – when a user has a lock on one data item and awaits another, and a second user on one data item and awaits another, and a second user awaits the data item locked by the first user and has a awaits the data item locked by the first user and has a lock on the data item sought by the firstlock on the data item sought by the first

Account balance (locked)Account balance (locked)

Account balance (waiting)Account balance (waiting)

Credit limit (waiting)Credit limit (waiting) Credit limit (locked)Credit limit (locked)

19


Concurrency Controls: TimestampingConcurrency Controls: Timestamping

• All transactions assigned a timestamp (unique identifier All transactions assigned a timestamp (unique identifier that indicates its relative starting time)that indicates its relative starting time)

• Smaller (older) timestamps are given prioritySmaller (older) timestamps are given priority

• Conflicts resolved through rollbacks and restartsConflicts resolved through rollbacks and restarts

– Transaction rolled back (to its beginning) and restarted Transaction rolled back (to its beginning) and restarted (reassigned a newer timestamp)(reassigned a newer timestamp)

20


TimestampingTimestamping

• ProblemsProblems

– A younger transaction writes a data item before an A younger transaction writes a data item before an older transaction accesses itolder transaction accesses it

– An older transaction needs to write a data item already An older transaction needs to write a data item already accessed by a younger transactionaccessed by a younger transaction

– An older transaction needs to write a data item already An older transaction needs to write a data item already written by a younger transactionwritten by a younger transaction

• Resolved through roll backs and restartsResolved through roll backs and restarts

21


Distributed DatabasesDistributed Databases

• Distributed database:Distributed database:A logically interrelated collection of shared data, A logically interrelated collection of shared data, physically distributed over a computer networkphysically distributed over a computer network

NetworkNetwork

Site 2Site 2

Site 3Site 3

Geographically DistributedGeographically Distributed

DDBMS – DDBMS – software system that software system that permits the management of the permits the management of the distributed database and makes the distributed database and makes the distribution transparent to the user.distribution transparent to the user.

TransparencyTransparency

Site 1Site 1

DatabaseDatabase

Local DBMSLocal DBMS

Global Data Global Data DictionaryDictionary


DDBMSDDBMSDDBMSDDBMS

Site 1Site 1

DatabaseDatabase





Site 1Site 1

DatabaseDatabase





Site 1Site 1

Heterogeneous Heterogeneous vs. vs.

HomogenousHomogenous

22


Site 1Site 1

DatabaseDatabase




DDBMS ArchitectureDDBMS Architecture

Site 2Site 2

DataDataCommunicationsCommunications

DatabaseDatabase




Local external schemaLocal external schemaLocal conceptual schemaLocal conceptual schema

Local internal schemaLocal internal schema

Local external schemaLocal external schemaLocal conceptual schemaLocal conceptual schema

Local internal schemaLocal internal schema

Global external schemaGlobal external schemaGlobal conceptual schemaGlobal conceptual schemaGlobal external schemaGlobal external schema

Global conceptual schemaGlobal conceptual schema

DDBMSDDBMSDDBMSDDBMS DDBMSDDBMSDDBMSDDBMS

23


Data AllocationData Allocation

• Centralized Centralized

• Partitioned (fragmented)Partitioned (fragmented)

– Vertical (by columns)Vertical (by columns)

– Horizontal (by rows)Horizontal (by rows)

– Mixed (by columns and rows)Mixed (by columns and rows)

• Complete replicationComplete replication

• Selective replication (hybrid)Selective replication (hybrid)

– Combination of partitioning, Combination of partitioning, replication and centralizationreplication and centralization

DistributedDistributed

24


Advantages to DistributingAdvantages to Distributing

• Reflects organizational (distributed) structureReflects organizational (distributed) structure

• Improved shareability and local autonomyImproved shareability and local autonomy

• Improved availabilityImproved availability

• Improved reliabilityImproved reliability

• Improved performanceImproved performance

• EconomicsEconomics

• Modular growthModular growth

• IntegrationIntegration

• Remaining competitive Remaining competitive

25


Disadvantages to DistributingDisadvantages to Distributing

• Complexity Complexity

• CostCost

• SecuritySecurity

• Integrity control more difficultIntegrity control more difficult

• Lack of standardsLack of standards

• Lack of experienceLack of experience

• Database design more complexDatabase design more complex

26


Considerations for FragmentingConsiderations for Fragmenting

• UsageUsage

– Fragmenting by subsetsFragmenting by subsets

• EfficiencyEfficiency

– Store data where they are Store data where they are used most frequentlyused most frequently

• ParallelismParallelism

– Parallel execution of a query (divided into subqueries) Parallel execution of a query (divided into subqueries) simultaneouslysimultaneously

• SecuritySecurity

– Store data away from site that do not require themStore data away from site that do not require them

27


Disadvantages to FragmentingDisadvantages to Fragmenting

• PerformancePerformance

– Increased retrieval timeIncreased retrieval time

• IntegrityIntegrity

– Difficult to maintain across multiple sitesDifficult to maintain across multiple sites

– What happens when two users need to update the same What happens when two users need to update the same data?data?

28



• DistributionDistribution– Users perceive the database as a single logical entityUsers perceive the database as a single logical entity

• Fragmentation transparencyFragmentation transparency• Location transparencyLocation transparency• Replication transparencyReplication transparency• Local mapping transparencyLocal mapping transparency

• TransactionTransaction– All distributed transactions maintain the distributed All distributed transactions maintain the distributed

database’s integrity and consistencydatabase’s integrity and consistency• Concurrency transparencyConcurrency transparency• Failure transparencyFailure transparency

The user should NOT be The user should NOT be aware of where the data aware of where the data reside or are allocatedreside or are allocated

29



• PerformancePerformance

– DDBMS must perform as if it were a centralized DDBMS must perform as if it were a centralized DBMSDBMS

• DBMSDBMS

– Hides the knowledge that the local DBMS may be Hides the knowledge that the local DBMS may be different (applicable to heterogeneous DDBMS)different (applicable to heterogeneous DDBMS)

30


Inte

rnal

Inte

rnal

Ext

erna

lE

xter

nal

Wel

l def

ined

Wel

l def

ined

Wid

eW

ide

Det

aile

dD

etai

led

Agg

rega

teA

ggre

gate

His

toric

alH

isto

rical

Fut

ure

Fut

ure

Qui

te o

ldQ

uite

old

Ver

y fr

eque

ntV

ery

freq

uent

Infr

eque

ntIn

freq

uent

Hig

hH

igh

Low

Low

Management Management ControlControl

Operational Operational ControlControl

StrategicStrategicPlanningPlanning

Hig

hly

curr

ent

Hig

hly

curr

ent

Leve

l of

Agg

rega

tion

Leve

l of

Agg

rega

tion

Sou

rce

Sou

rce

Sco

peS

cope

Tim

e H

oriz

onT

ime

Hor

izon

Cur

renc

yC

urre

ncy

Fre

quen

cy o

f U

seF

requ

ency

of

Use

Req

uire

d A

ccur

acy

Req

uire

d A

ccur

acy

Robert Anthony’s Taxonomy of Managerial Robert Anthony’s Taxonomy of Managerial Information RequirementsInformation Requirements

Information RequirementsInformation Requirements

Information requirements change Information requirements change between levels of managementbetween levels of management

31


Inte

rnal

Inte

rnal

Ext

erna

lE

xter

nal

Wel

l def

ined

Wel

l def

ined

Wid

eW

ide

Det

aile

dD

etai

led

Agg

rega

teA

ggre

gate

His

toric

alH

isto

rical

Fut

ure

Fut

ure

Qui

te o

ldQ

uite

old

Ver

y fr

eque

ntV

ery

freq

uent

Infr

eque

ntIn

freq

uent

Hig

hH

igh

Low

Low

Management Management ControlControl

Operational Operational ControlControl

StrategicStrategicPlanningPlanning

Hig

hly

curr

ent

Hig

hly

curr

ent

Leve

l of

Agg

rega

tion

Leve

l of

Agg

rega

tion

Sou

rce

Sou

rce

Sco

peS

cope

Tim

e H

oriz

onT

ime

Hor

izon

Cur

renc

yC

urre

ncy

Fre

quen

cy o

f U

seF

requ

ency

of

Use

Req

uire

d A

ccur

acy

Req

uire

d A

ccur

acy

Robert Anthony’s Taxonomy of Managerial Robert Anthony’s Taxonomy of Managerial Information RequirementsInformation Requirements

Information RequirementsInformation Requirements

Transaction-Transaction-based based

databasesdatabases

•Relational (Oracle, DB2, SQL7Relational (Oracle, DB2, SQL7•Hierarchical (IMS)Hierarchical (IMS)•Network (Image)Network (Image)

32


Data WarehousingData Warehousing

• A subject-oriented, integrated, time-variant, and non-A subject-oriented, integrated, time-variant, and non-volatile collection of data in support of management’s volatile collection of data in support of management’s decision-making process. decision-making process.

Internal dataInternal data(within the organization)(within the organization)

External dataExternal data

•Report generatorsReport generators•EISEIS•OLAPOLAP•Data miningData mining

Decision-makingDecision-makingDecision-makingDecision-makingTime-variantTime-variant ToolsTools

Ad hoc queriesAd hoc queries

InformationInformation

Competitive or Strategic AdvantageCompetitive or Strategic Advantage

Summarized dataSummarized data

33


Data Warehousing CharacteristicsData Warehousing Characteristics

• Subject-oriented - Organized around the major business Subject-oriented - Organized around the major business subjects or entities, such as customers, order or productssubjects or entities, such as customers, order or products

• Integrated - Operational (internal) data and external data are Integrated - Operational (internal) data and external data are integrated into the data warehouse to provide a single integrated into the data warehouse to provide a single unified database for decision supportunified database for decision support

• Time-variant - Use time stamps to represent historical data. Time-variant - Use time stamps to represent historical data. Data warehouses consist of a long series of snapshots, each Data warehouses consist of a long series of snapshots, each of which represents operational data captured at a point in of which represents operational data captured at a point in timetime

• Nonvolatile - New data are appended, rather than replaced, Nonvolatile - New data are appended, rather than replaced, so that historical data are preservedso that historical data are preserved

34


HighlyHighlysummarized datasummarized data

Load

Man

ager

Load

Man

ager

Load

Man

ager

Load

Man

ager

InflowInflowInflowInflow

DownflowDownflowDownflowDownflowWarehouse ManagerWarehouse ManagerWarehouse ManagerWarehouse Manager

Archive/backup dataArchive/backup data

OutflowOutflowOutflowOutflowQuery M

anagerQ

uery Manager

Query M

anagerQ

uery Manager

Lightly Lightly summarized datasummarized data

UpflowUpflow

OutflowOutflowOutflowOutflow

OutflowOutflowOutflowOutflow

Meta-Meta-datadata

Meta-flowMeta-flow

Detailed dataDetailed data

Warehouse ManagerWarehouse ManagerWarehouse ManagerWarehouse Manager

End-user End-user toolstools

Data WarehouseData Warehouse

External External sourcessources

35


Summarized Summarized datadata

Multi-Multi-dimension dimension databasedatabase

Summarized Summarized datadata

Relational Relational databasedatabaseOracle9iOracle9i

Oracle Oracle ExpressExpress

ExtractionExtraction

End-user tools:End-user tools:• ReportingReporting• EISEIS• OLAPOLAP• Data miningData mining

• A A subsetsubset of a data warehouse that supports the of a data warehouse that supports the requirements of a particular department or business requirements of a particular department or business functionfunction


Data MartData Mart

36


ImplementationImplementation

• Build data warehouse firstBuild data warehouse first

• Build data marts firstBuild data marts first

• Build both in parallelBuild both in parallel


Data MartsData Marts

ArchitectureArchitecture

Developed and implemented in parallelDeveloped and implemented in parallel

37


Multi-dimensional Database (MDDBMS)Multi-dimensional Database (MDDBMS)

ProductsProducts

Geographic locationsGeographic locations

Sales medium Sales medium (e.g., retail, (e.g., retail,

Internet, mail Internet, mail order)order)

Time is an implied dimensionTime is an implied dimension

38


Multi-dimensional Database (MDDBMS)Multi-dimensional Database (MDDBMS)

ProductsProducts

Geographic locationsGeographic locations

Sales mediumSales medium

ComputersComputers

PrintersPrinters

ScannersScanners

CamerasCameras

Califo

rnia

Califo

rnia

Nevad

a

Nevad

aOre

gon

Ore

gon

RetailRetailMailMail

InternetInternet

For example…For example…

39


Multi-dimensional Database (MDDBMS)Multi-dimensional Database (MDDBMS)Working with Two DimensionsWorking with Two Dimensions

Total Total RevenueRevenue

Repeated for Repeated for each yeareach year

‘‘9999‘‘9999

‘‘9696‘‘9696

‘‘9595‘‘9595

‘‘9797‘‘9797

‘‘9898‘‘9898

Q1Q1Q1Q1

Q2Q2Q2Q2

Q3Q3Q3Q3

Q4Q4Q4Q4

AprilAprilAprilApril

JuneJuneJuneJune

MayMayMayMay

InternetInternetInternetInternet

Mail Mail OrderOrderMail Mail

OrderOrder

RetailRetailRetailRetail

EntertainmentEntertainmentEntertainmentEntertainment

AudioAudioAudioAudio

VisualVisualVisualVisual

CD/DVDCD/DVDCD/DVDCD/DVD

ElectronicsElectronicsElectronicsElectronics

ReceiversReceiversReceiversReceivers

SpeakersSpeakersSpeakersSpeakers


Repeated for Repeated for each quartereach quarter Repeated for Repeated for

each mediumeach medium

40


Multi-dimensional Database (MDDBMS)Multi-dimensional Database (MDDBMS)Working with Three DimensionsWorking with Three Dimensions

Total Total RevenueRevenue

‘‘9999‘‘9999

‘‘9696‘‘9696

‘‘9595‘‘9595

‘‘9797‘‘9797

‘‘9898‘‘9898

Q1Q1Q1Q1

Q2Q2Q2Q2

Q3Q3Q3Q3

Q4Q4Q4Q4

InternetInternetInternetInternet

Mail Mail OrderOrderMail Mail

OrderOrder

RetailRetailRetailRetail

EntertainmentEntertainmentEntertainmentEntertainment

AudioAudioAudioAudio

VisualVisualVisualVisual

CD/DVDCD/DVDCD/DVDCD/DVD

ElectronicsElectronicsElectronicsElectronics

ReceiversReceiversReceiversReceivers



N. AmericaN. AmericaN. AmericaN. America

AisaAisaAisaAisa

USAUSAUSAUSA

EuropeEuropeEuropeEurope

41


Oracle ExpressOracle ExpressDimensionsDimensions

Retail sales Retail sales dimensiondimension


Time dimensionTime dimensionTime dimensionTime dimension

42




Distribution channels dimensionDistribution channels dimensionDistribution channels dimensionDistribution channels dimension

43


Data Warehousing Configuration: Data Warehousing Configuration: Star SchemaStar Schema

Fact TableFact TableFact TableFact Table

Dimension TableDimension TableDimension TableDimension Table




Time is an implied dimensionTime is an implied dimension

(Product line)(Product line) (Geographic divisions)(Geographic divisions)

(Sales staff)(Sales staff)

(Sales medium)(Sales medium) What products sold well in What products sold well in different regions of the country different regions of the country

through e-commerce (list by through e-commerce (list by quarters)?quarters)?

Which sales staff produced Which sales staff produced the highest level of sales for a the highest level of sales for a

particular product line in particular product line in California?California?

What this the growth rate for the What this the growth rate for the past 5 years in retail sales of a past 5 years in retail sales of a

particular product line by region?particular product line by region?

Which sales mode is Which sales mode is becoming more effective becoming more effective for certain products in for certain products in

particular regions?particular regions?

44


OODBMSOODBMS

DataDataDataData

MethodMethod

MethodMethod Method

Method

MethodMethod

OIDOID

KeyKeyAt

tribu

te-2

Attri

bute

-2At

tribu

te-3

Attri

bute

-3Fo

reig

n ke

y

Fore

ign

key

Attri

bute

-5

Attri

bute

-5

EntitiesEntities

MessageMessage

VS.VS.

45


Object-Oriented ConceptsObject-Oriented Concepts

DataDataDataData

MethodMethod

MethodMethod Method

Method

MethodMethod

Attributes or instance variablesAttributes or instance variables• SimpleSimple• ComplexComplex• ReferenceReference

Methods (function) Methods (function) determine the determine the behaviorbehavior

of the objectof the object

MessageMessage

OIDOID

Object Identifier Object Identifier • System generatedSystem generated• UniqueUnique• InvariantInvariant• Independent of Independent of

attribute valuesattribute values• Invisible to the Invisible to the

useruser• External call to External call to

the objectthe object• Activates a Activates a

methodmethod

46


Relational vs. Object-RelationalRelational vs. Object-Relational

RelationalRelationalTableTable

RelationalRelationalTableTable

Object Object TableTable

Object Object TableTableBuilt-in Data Built-in Data

TypesTypesBuilt-in Data Built-in Data

TypesTypes

ObjectObjectTablesTablesObjectObjectTablesTables

Built-in Data Built-in Data TypesTypes

Built-in Data Built-in Data TypesTypes

Abstract Data Abstract Data TypesTypes

Abstract Data Abstract Data TypesTypes

RelationalRelationalViewView

RelationalRelationalViewView

TablesTablesTablesTables ViewsViewsViewsViews

Object ViewsObject ViewsObject ViewsObject Views

David A. Anstey, 1997David A. Anstey, 1997

47


Data TypesData Types

• Built-inBuilt-in

– Character (char, varchar2)Character (char, varchar2)

– Number (integer, decimal, number)Number (integer, decimal, number)

– DateDate

– Raw and long rawRaw and long raw

– RowIDRowID

– LOB (CLOB, BLOB)LOB (CLOB, BLOB)

48


ADTs (Abstract Data Types)ADTs (Abstract Data Types)

• User-defined data typesUser-defined data types

• Composed of simple or built-in data typesComposed of simple or built-in data types

• Types: object types and collection (aggregate) typesTypes: object types and collection (aggregate) types

ADTADTADTADT

Built-inBuilt-inBuilt-inBuilt-in Built-inBuilt-inBuilt-inBuilt-inBuilt-inBuilt-inBuilt-inBuilt-in

TableTableTableTableObject typeObject type

49


SQL> create or replace type contact_addresses as varray(4) of varchar2(30);SQL> create or replace type contact_addresses as varray(4) of varchar2(30); 2 /2 /

Type created.Type created.

SQL> create or replace type contact_zip_codes as varray(4) of char(8);SQL> create or replace type contact_zip_codes as varray(4) of char(8); 2 /2 /


New Data Type: VARRAYNew Data Type: VARRAY

• Single dimension arrays of fixed lengthsSingle dimension arrays of fixed lengths

50


Object TypesObject Types

• Three components:Three components:

– Name - unique identifier of the objectName - unique identifier of the object

– Attributes - describes the object through built-in and Attributes - describes the object through built-in and abstract data typesabstract data types

– Method - dictates the behavior of the objectMethod - dictates the behavior of the object

SQL> create type students as objectSQL> create type students as object 2 (student_ID char(9),2 (student_ID char(9), 3 student_information personal_information);3 student_information personal_information); 4 /4 /


51


SQL> create or replace type SQL> create or replace type contact_addressescontact_addresses as varray(4) of varchar2(30); as varray(4) of varchar2(30); 2 /2 /


SQL> create or replace type SQL> create or replace type contact_zip_codescontact_zip_codes as varray(4) of char(8); as varray(4) of char(8); 2 /2 /


SQL> create or replace SQL> create or replace type personal_informationtype personal_information as as objectobject 2 (first_name varchar2(20),2 (first_name varchar2(20), 3 middle_name varchar2(20),3 middle_name varchar2(20), 4 last_name varchar2(30),4 last_name varchar2(30), 5 address contact_addresses,5 address contact_addresses, 6 zip_code contact_zip_codes);6 zip_code contact_zip_codes); 7 /7 /


Embedding a user-defined data typeEmbedding a user-defined data type

Data nameData name Data typeData type

ADTADT

52


SQL> create or replace type SQL> create or replace type personal_informationpersonal_information as object as object 2 (first_name varchar2(20),2 (first_name varchar2(20), 3 middle_name varchar2(20),3 middle_name varchar2(20), 4 last_name varchar2(30),4 last_name varchar2(30), 5 address contact_addresses,5 address contact_addresses, 6 zip_code contact_zip_codes);6 zip_code contact_zip_codes); 7 /7 /


SQL> create table employeesSQL> create table employees 2 (employee_id char(6) primary key,2 (employee_id char(6) primary key, 3 employee_address 3 employee_address personal_informationpersonal_information););

Table created.Table created.

SQL> create table vendorsSQL> create table vendors 2 (vendor_id char(5) primary key,2 (vendor_id char(5) primary key, 3 employee_address 3 employee_address personal_informationpersonal_information););


ADT (ADT (user-defineduser-defined))

Embedding an ADTEmbedding an ADT

53


SQL> describe employees;SQL> describe employees; Name Null? TypeName Null? Type -------------------------------- -------- ------------------------------------------------------ -------- ---------------------- EMPLOYEE_ID NOT NULL CHAR(6)EMPLOYEE_ID NOT NULL CHAR(6) EMPLOYEE_ADDRESS PERSONAL_INFORMATIONEMPLOYEE_ADDRESS PERSONAL_INFORMATION

SQL> describe vendors;SQL> describe vendors; Name Null? TypeName Null? Type -------------------------------- -------- ------------------------------------------------------ -------- ---------------------- VENDOR_ID NOT NULL CHAR(5)VENDOR_ID NOT NULL CHAR(5) EMPLOYEE_ADDRESS PERSONAL_INFORMATIONEMPLOYEE_ADDRESS PERSONAL_INFORMATION

Table with ADTTable with ADT

ADTsADTsVendor_IDVendor_ID

(Employee_ID)(Employee_ID)

Employee_addressEmployee_address

54


Creating an Object TableCreating an Object Table

SQL> create or replace type personnel as SQL> create or replace type personnel as objectobject 2 (employee_id char(7),2 (employee_id char(7), 3 manager personal_information,3 manager personal_information, 4 rank varchar2(5));4 rank varchar2(5)); 5 /5 /


SQL> create table managers of SQL> create table managers of personnelpersonnel;;


SQL> describe managers;SQL> describe managers; Name Null? TypeName Null? Type ------------------------------- -------- ---------------------------------------------------- -------- --------------------- EMPLOYEE_ID CHAR(7)EMPLOYEE_ID CHAR(7) MANAGER PERSONAL_INFORMATIONMANAGER PERSONAL_INFORMATION RANK VARCHAR2(5)RANK VARCHAR2(5)

ADTADT

55


Creating an Object TableCreating an Object Table

SQL> create or replace type personnel as SQL> create or replace type personnel as objectobject 2 (employee_id char(7),2 (employee_id char(7), 3 manager personal_information,3 manager personal_information, 4 rank varchar2(5));4 rank varchar2(5)); 5 /5 /


SQL> create table managers of SQL> create table managers of personnelpersonnel;;


SQL> describe managers;SQL> describe managers; Name Null? TypeName Null? Type ------------------------------- -------- ---------------------------------------------------- -------- --------------------- EMPLOYEE_ID CHAR(7)EMPLOYEE_ID CHAR(7) MANAGER PERSONAL_INFORMATIONMANAGER PERSONAL_INFORMATION RANK VARCHAR2(5)RANK VARCHAR2(5)

ADTADT

ADTADT

SQL> describe personal_information;SQL> describe personal_information; Name Null? TypeName Null? Type --------------- ------- ------------------------------------ ------- --------------------- FIRST_NAME VARCHAR2(20)FIRST_NAME VARCHAR2(20) MIDDLE_NAME VARCHAR2(20)MIDDLE_NAME VARCHAR2(20) LAST_NAME VARCHAR2(30)LAST_NAME VARCHAR2(30) ADDRESS CONTACT_ADDRESSESADDRESS CONTACT_ADDRESSES ZIP_CODE CONTACT_ZIP_CODESZIP_CODE CONTACT_ZIP_CODES

ADTADT

SQL> describe personal_information;SQL> describe personal_information; Name Null? TypeName Null? Type --------------- ------- ------------------------------------ ------- --------------------- FIRST_NAME VARCHAR2(20)FIRST_NAME VARCHAR2(20) MIDDLE_NAME VARCHAR2(20)MIDDLE_NAME VARCHAR2(20) LAST_NAME VARCHAR2(30)LAST_NAME VARCHAR2(30) ADDRESS CONTACT_ADDRESSESADDRESS CONTACT_ADDRESSES ZIP_CODE CONTACT_ZIP_CODESZIP_CODE CONTACT_ZIP_CODES

56


Object ReusabilityObject Reusability

SQL> create table executives of SQL> create table executives of personnelpersonnel;;


SQL> describe executives;SQL> describe executives; Name Null? TypeName Null? Type -------------------------------- -------- -------------------------------- -------- -------------------------------------------- EMPLOYEE_ID CHAR(7)EMPLOYEE_ID CHAR(7) MANAGER PERSONAL_INFORMATIONMANAGER PERSONAL_INFORMATION RANK VARCHAR2(5)RANK VARCHAR2(5)

• Create a second table using PERSONNELCreate a second table using PERSONNEL

57


Object TablesObject Tables

ExecutivesExecutivesExecutivesExecutives ManagersManagersManagersManagersTablesTables

PersonnelPersonnelPersonnelPersonnelObject typeObject type

Personal InformationPersonal InformationPersonal InformationPersonal Information

Contact_zip_codesContact_zip_codesContact_zip_codesContact_zip_codesContact_addressesContact_addressesContact_addressesContact_addresses ADTADT

ADTADT

Built-in Built-in Data TypeData Type

Employee_IDEmployee_IDEmployee_IDEmployee_ID

58


MethodsMethods

SQL> create or replace type transactionsSQL> create or replace type transactions 2 (trans_id number,2 (trans_id number, 3 trans_date date)3 trans_date date) 4 map member function get_date4 map member function get_date 5 return date is5 return date is 6 begin6 begin 7 select sysdate from dual;7 select sysdate from dual; 8 end;8 end; 9 );9 ); 10 /10 /

FunctionFunction

Map method:Map method:

59


1 R. Ching, Ph.D. MIS California State University, Sacramento Week 14 November 28 Database SecurityDatabase Security Transaction Management and Concurrency.

Documents

sacramento threats

system database security

confidentiality slide

procedures slide

sacramento week

countermeasures objective

access controls

mmdbms oodbmsoodbms