Roll No. Total No.

of Pages :

Total No. of Questions : 09

B.Tech. (CSE) (Sem.–5)

DATABASE MANAGEMENT SYSTEMS
Subject Code : BTCS-501-18
M.Code : 78320
Date of Examination : 14-06-2024

Time : 3 Hrs. Max. Marks : 60

INSTRUCTIONS TO CANDIDATES :

1. SECTION-A is COMPULSORY consisting of TEN questions carrying TWO marks

each.
2. SECTION-B contains FIVE questions carrying FIVE marks each and students have
to attempt any FOUR questions.
3. SECTION-C contains THREE questions carrying TEN marks each and students
have to attempt any TWO questions.

SECTION-A:

1. Define integrity constraints.

Integrity constraints are rules enforced on data in a database to ensure accuracy and
consistency. They prevent invalid data entry and maintain the integrity of the database.
Common types of integrity constraints include:

• Primary Key Constraint: Ensures uniqueness of a column.

• Foreign Key Constraint: Enforces referential integrity between tables.
• Check Constraint: Validates data against a condition.
• Not Null Constraint: Ensures a column cannot have null values.

2. What do you mean by lossless decomposition of a relation?

Lossless decomposition is the process of breaking down a relation (table) into two or more
smaller relations while ensuring no data is lost and the original relation can be reconstructed
using a natural join.
Example:
If R(A, B, C) is decomposed into R1(A, B) and R2(B, C), it is lossless if R1 ⋈ R2 = R.
3. What are the characteristics of the 3-tier architecture of a database?

The 3-tier architecture separates the database system into three layers:

1. Presentation Layer: The user interface, such as web browsers or apps.

2. Application Layer: Business logic and processing, typically servers handling
requests.
3. Data Layer: The database itself, where data is stored and managed.
Characteristics: Scalability, flexibility, security, better performance, and separation
of concerns.

4. Define the isolation property of transactions.

Isolation ensures that transactions are executed independently without interference from other
transactions. It prevents concurrent transactions from affecting each other’s intermediate
states.

• Achieved using locking and concurrency control techniques.

• Forms part of the ACID properties (Atomicity, Consistency, Isolation, Durability).

5. What is tertiary storage?

Tertiary storage refers to a storage system used for archival purposes, providing large
capacity at a low cost.
Examples: Magnetic tapes, optical discs.
It is slower compared to primary (RAM) and secondary storage (HDD/SSD) and is typically
used for backups or rarely accessed data.

6. Define authorization.

Authorization is the process of granting or denying specific permissions to users or systems

to access resources in a database.

• Managed through roles, privileges, or access control lists.

• Example: A user might be authorized to read data but not to delete it.

7. List down the advantages of DDBMS (Distributed Database Management System).

• Improved Reliability: Data replication enhances fault tolerance.

• Better Performance: Data is closer to users, reducing access time.
 • Scalability: Easily add new nodes to the system.
• Local Autonomy: Sites can operate independently.
• Reduced Communication Costs: Local queries minimize the need for remote data
access.

8. Define a serializable schedule.

A serializable schedule is one that ensures concurrent transaction execution results in a state
equivalent to transactions executed serially (one after the other).

• Prevents issues like data anomalies.

• Achieved through concurrency control methods like locking or timestamping.

9. What is query optimization?

Query optimization is the process of improving the efficiency of SQL queries to reduce
execution time and resource usage.
Steps:

1. Parse the query and generate a query tree.

2. Explore different query execution plans.
3. Select the most cost-effective plan.
Techniques: Indexing, join reordering, query rewriting.

10. What is SQL injection?

SQL injection is a type of security attack where malicious SQL statements are inserted into
input fields to manipulate or exploit a database.
Example:

SELECT * FROM Users WHERE Username = 'admin' --' AND Password = 'xyz';

Prevention Methods:

• Use prepared statements and parameterized queries.

• Validate and sanitize user input.
• Implement proper error handling.
 SECTION-B:

1. What are the benefits of extended features of the ER model? Draw any ER model
using extended features.

Benefits of Extended ER Model Features:

The Extended Entity-Relationship (EER) model includes features that enhance the traditional
ER model. These features support complex database requirements:

1. Generalization: Combines multiple entities into a higher-level entity.

o Example: "Student" and "Faculty" generalized to "Person."
2. Specialization: Divides an entity into sub-entities with additional attributes.
o Example: "Employee" specialized into "Manager" and "Engineer."
3. Aggregation: Treats a relationship as an entity to establish relationships between
relationships.
o Example: A relationship "Supplies" between "Supplier" and "Product"
aggregated to link with "Warehouse."
4. Inheritance: Sub-entities inherit attributes and relationships of parent entities.
o Example: A "Manager" inherits attributes from "Employee."

Example ER Diagram with Extended Features:

• Entities: Employee, Manager (specialization of Employee), Project.

• Relationships: Works_On, Manages.
• Generalization: Combine Hourly_Employee and Salaried_Employee into Employee.
• Aggregation: Use the relationship between Employee and Project in a new
relationship with Budget.

2. Explain the difference between Cartesian product and natural join with an example.

Cartesian Product:

• Combines every row of one table with every row of another table.
• Results in an exhaustive pairing of rows, leading to a large dataset.
• Syntax: SELECT * FROM Table1, Table2;
• Example:
Tables:
o Table1: A = {1, 2}
o Table2: B = {x, y}
Cartesian product: {(1, x), (1, y), (2, x), (2, y)}

Natural Join:

• Combines tables based on common attributes (matching column names and values).
• Filters out rows that do not match the join condition.
 • Syntax: SELECT * FROM Table1 NATURAL JOIN Table2;
• Example:
Tables:
o Table1: {(ID: 1, Name: John), (ID: 2, Name: Jane)}
o Table2: {(ID: 1, Age: 25), (ID: 3, Age: 30)}
Natural join: {(ID: 1, Name: John, Age: 25)}

3. What is hashing? How does it work?

Hashing:
Hashing is a data indexing technique where a hash function converts input (key) into a fixed-
size integer value called a hash code or hash value.
How It Works:

1. Hash Function: Generates hash values from keys.

o Example: h(key) = key mod 10.
2. Hash Table: Stores the data at positions determined by hash values.
o Example: Store data for key 42 at index h(42) = 42 mod 10 = 2.
3. Collision Handling: Occurs when two keys produce the same hash value. Techniques
include:
o Chaining: Use a linked list to store multiple items in the same slot.
o Open Addressing: Use probing to find the next available slot.

Advantages:

• Fast data retrieval for large datasets.

• Efficient for key-based access.

4. What do you mean by locks in transaction processing? How are locks implemented?

Locks in Transaction Processing:

Locks are mechanisms to control concurrent access to database resources and ensure
consistency and isolation.
Types of Locks:

1. Shared Lock (S): Allows multiple transactions to read but not write.
2. Exclusive Lock (X): Allows a transaction to read and write, preventing other
transactions from accessing.

Implementation of Locks:

• Two-Phase Locking Protocol: Ensures serializability:

1. Growing Phase: Transactions acquire locks.
2. Shrinking Phase: Transactions release locks.
• Deadlock Prevention: Implement timeout or priority-based schemes.
Example:
Transaction A reads data with a shared lock; Transaction B cannot write to the same data
until A releases the lock.

5. Explain the mandatory access control system.

Mandatory Access Control (MAC):

MAC is a strict access control policy in which access permissions are determined by a
centralized authority based on classification levels and labels assigned to users and data.
Features:

1. Labels: Data and users are classified into categories (e.g., Confidential, Secret).
2. Policy Enforcement: Central authority defines access policies.
3. No User Modification: Users cannot modify access permissions.

How It Works:

• Each object (file, database record) has a security label.

• Users can only access objects if their clearance level matches or exceeds the object’s
classification.

Example:

• A user with "Secret" clearance can access "Confidential" and "Secret" data but not
"Top Secret" data.

Advantages:

• High security, ideal for military or government databases.

• Prevents unauthorized access and data leakage.

SECTION-C

1. a) Explain referential integrity constraints.

Referential Integrity Constraints

Referential integrity ensures that relationships between tables remain consistent. Specifically,
it ensures that a foreign key in one table always refers to a valid primary key in another table.
For example, in a database with tables Orders and Customers, every order in the Orders
table must reference an existing customer in the Customers table.

Key Aspects:
 1. Foreign Key: The column in the child table that references the primary key in the
parent table.
o Example: In the Orders table, the CustomerID column is a foreign key
referencing the CustomerID column in the Customers table.
2. Actions on Referential Integrity:
o CASCADE: If a referenced record is deleted or updated, all dependent records
are deleted or updated.
o SET NULL: Sets the foreign key to NULL if the referenced record is deleted.
o RESTRICT/NO ACTION: Prevents deletion or updating of referenced
records.

Example Schema:

CREATE TABLE Customers (

CustomerID INT PRIMARY KEY,
Name VARCHAR(50)
);

CREATE TABLE Orders (

OrderID INT PRIMARY KEY,
CustomerID INT,
FOREIGN KEY (CustomerID) REFERENCES Customers(CustomerID) ON DELETE
CASCADE
);

Importance:

• Prevents orphaned records in the child table.

• Maintains consistency and reliability in relational databases.

1. b) Explain the characteristics and drawbacks of the network database model.

Network Database Model

The network model organizes data in a graph structure using records (nodes) and links
(edges). It allows multiple parent-child relationships, unlike the hierarchical model.

Characteristics:

1. Record-Based Structure: Data is stored as records connected by links.

2. Many-to-Many Relationships: Allows multiple parent and child nodes.
o Example: A Course can have multiple Students, and a Student can enroll in
multiple Courses.
3. Navigation: Data is accessed by traversing links.
4. Set Type Relationships: A set consists of an owner (parent) and members (children).

Advantages:

1. Efficiency: Direct links enable fast data retrieval for complex queries.
2. Flexibility: Supports complex relationships, such as many-to-many.
3. Data Integrity: Parent-child relationships maintain referential integrity.
Drawbacks:

1. Complexity: Traversing and maintaining links can be complicated.

2. Lack of Independence: Changes to the structure can require application
modifications.
3. Difficult to Query: Lacks user-friendly query languages like SQL.
4. Scalability Issues: Adding new records or relationships is challenging.

2. What is concurrency control in databases? Explain various conflicts of concurrency

control with an example.

Concurrency Control
Concurrency control ensures that multiple transactions can execute simultaneously without
violating data consistency and integrity.

• Purpose: Avoid problems such as lost updates, dirty reads, and uncommitted data
dependencies.
• Techniques: Locking, timestamp ordering, and optimistic concurrency control.

Conflicts in Concurrency Control:

1. Lost Update: Occurs when two transactions simultaneously update the same data,
and one update overwrites the other.
o Example:
▪ Transaction A reads balance = 100.
▪ Transaction B reads balance = 100.
▪ A adds 50 → balance = 150.
▪ B deducts 30 → balance = 70. (overwrites A's update).
2. Dirty Read: A transaction reads data modified by another transaction that is not yet
committed.
o Example:
▪ Transaction A updates balance = 150 but hasn’t committed.
▪ Transaction B reads balance = 150.
▪ If A rolls back, B has read invalid data.
3. Uncommitted Dependency: A transaction depends on uncommitted changes made
by another transaction.
o Example:
▪ Transaction A updates salary = 1000.
▪ Transaction B calculates tax based on the new salary.
▪ A rolls back; B's calculation is invalid.
4. Deadlock: Two or more transactions wait indefinitely for each other to release
resources.
o Example:
▪ Transaction A locks row X, waits for row Y.
▪ Transaction B locks row Y, waits for row X.

Concurrency Control Techniques:

 • Lock-Based Protocols:
o Shared Lock (S): Allows read-only access.
o Exclusive Lock (X): Allows read and write.
• Timestamp Ordering Protocols: Ensures transactions execute in timestamp order.
• Optimistic Methods: Assumes minimal conflicts, validates transactions at commit
time.

3. a) Discuss data allocation in distributed databases.

Data Allocation in Distributed Databases

In a Distributed Database Management System (DDBMS), data is stored across multiple
sites. Data allocation refers to the strategy of distributing data across these sites to optimize
performance, availability, and reliability.

Types of Data Allocation:

1. Centralized Allocation: All data is stored at a single site.

o Advantage: Simple management.
o Disadvantage: High latency for remote users.
2. Fragmentation: Divides data into fragments stored at different sites.
o Horizontal Fragmentation: Rows are divided based on criteria.
▪ Example: Customers in the USA vs. Europe.
o Vertical Fragmentation: Columns are divided.
▪ Example: Names at one site, contact details at another.
o Hybrid Fragmentation: Combines horizontal and vertical fragmentation.
3. Replication: Copies of data are stored at multiple sites.
o Advantage: High availability and fault tolerance.
o Disadvantage: Synchronization overhead.
4. Partitioning: Divides data into non-overlapping segments stored at different sites.

Factors Influencing Data Allocation:

• Data access patterns.

• Communication costs.
• Fault tolerance requirements.
• Query performance optimization.

3. b) Discuss intrusion detection in databases.

Intrusion Detection in Databases

Intrusion detection involves identifying unauthorized access or malicious activities within a
database system.

Types of Intrusion Detection Systems (IDS):

1. Host-Based IDS: Monitors database activities on the host machine.

 2. Network-Based IDS: Monitors database-related traffic in the network.

Techniques for Intrusion Detection:

1. Signature-Based Detection: Uses known patterns of malicious activities to identify

intrusions.
o Example: Detecting SQL injection patterns.
2. Anomaly-Based Detection: Monitors deviations from normal behavior.
o Example: Unusual query execution frequency.
3. Hybrid Approach: Combines signature and anomaly-based methods.

Common Database Threats:

• SQL Injection.
• Privilege Escalation.
• Unauthorized Data Access.

Prevention Measures:

• Implement strong authentication and authorization.

• Use database firewalls and IDS tools like IBM Guardium or Imperva.
• Encrypt sensitive data to prevent misuse.