SECOND TERM DATA

PROCESSING NOTE FOR

SSS 2
SCHEME OF WORK

(1) Tests/introduction to Relational model

(2) Relational models
(3) Relational models II
(4) Relational models III
(5) Database security
(6) Role of data base administrator in data base security
(7) Mid Term Break/ Test & Project
(8) File organization I
(9) File organization II
(10) File organization III
(11) Presentation Packages I
(12) Presentation Packages II
(13) REVISION /Examination
 RELATIONAL MODEL

Relational model: In this model, data record is organised in two-dimensional

tables called relations. The tables or relations are related to each other. Each table
is made up of rows and columns and a table stores records about a particular
subject. Relational data models are used in IBM’s DB2, Informix, Oracle, Sybase,
Paradox, FoxBase, Teradata).

CREATING AND MODIFYING RELATIONS USING SQL

SQL stands for structured Query Language.

SQL is a standard database language for storing, manipulating and retrieving data
stored in relational database.

The relational database management systems are: MySQL, MS Access, Oracle,

Sybase, Informix, Postgres and SQL server

Uses of SQL statements or command

(1) Querying data

(2) Inserting, updating and deleting rows in a table
(3) Creating, replacing, altering, and dropping object
(4) Controlling access to the database and its objects
(5) Guaranteeing database consistency and integrity

SQL statements or command

(1) Data Definition Language (DDL) statements

(i) CREATE
(ii) ALTER
(iii) DROP
(iv) RENAME
 (2) Data Manipulation Language (DML) statements
(i) SELECT
(ii) INSERT
(iii) UPDATE
(iv) DELETE
(v) MERGE

(3) Data Control Language (DDL) statements

(i) GRANT
(ii) REVOKE
(iii) DENY

Writing SQL statements

You can construct valid statements that are both easy to read and edit by using the
following simple rules and guidelines below

(1) SQL statement are not case sensitive

(2) SQL statement can be entered on one or many lines
(3) Keywords cannot be abbreviated or split across lines
(4) Indents are used to enhance readability
(5) SQL statements can be terminated by semicolon(;) when you execute
multiple SQL statements
(6) Clauses are usually placed on separate lines for readability and ease
editing.

Creating table using SQL

Creating a basic table involves naming the table and defining its columns and
column’s data type.

The CREATE TABLE statement is used to create a new table in an existing database

Syntax:
CREATE TABLE Table_Name(

Column_Name1 data_type, Column_Name2 data_type, Column_Name3 data_type);

Example:

CREATE TABLE Students(

Student_id Varchar(20), Surname text, First_Name text);

Example 2

Syntax:

CREATE TABLE Table_Name(

Column1 datatype,

Column2 datatype,

Column3 datatype,

Column4 datatype,

Column5 datatype,);

Example:

CREATE TABLE Customers(

ID INT,

NAME VARCHAR(20),

AGE INT,

ADDRESS CHAR(25),

SALARY DECIMAL(18,2));

Consider the table below by writing SQL statement to create the table below
Employee_id Surname First_Name DOB State

Employee table

DROP TABLE

The SQL DROP TABLE statement is used to remove a table definition and all data,
indexes, triggers, constraints, and permission specifications for that table.

Syntax:

DROP TABLE Table_name

Example:

DROP TABLE Customers;

ALTER TABLE

Syntax:

ALTER TABLE Table_Name

ADD Column_Name;

Example:

ALTER TABLE Customer

ADD Phone_number;

MODIFYING RELATIONS USING SQL

INSERT Query

The INSERT statement is used to add new rows of data to a table in the database.

Syntax:

INSERT INTO Table_Name

VALUES (value1, value2, value3);

Where

Table_Name is the name of the table in which row is to be inserted

[INTO] is an optional keyword used between INSERT and the target table.’

<values> specifies the values for columns of the table

Examples 1:

INSERT INTO EmployeeTable

VALUES(111, ‘Balogun’, ‘Olufemi’, ‘26/5/2000’, ‘Lagos’)

Example 2:

INSERT INTO Customers

VALUES(1, ‘John’, 32, ‘1 Muritala Muhamed’, 2500.00);

UPDATE Query

The UPDATE statement is used to modify the existing data in a table

Syntax:

UPDATE Table_Name

SET Column_Name = value

WHERE [search condition]

Where,

Table_Name is the name of the table where records are to be updated.

Column_Name is the name of the column in the table which record is to be updated.

<Value> Specifies the new value for the modified column.

<search condition> Specifies the condition to be met for the rows to be updated.
Example 1:

UPDATE EmployeeTable

SET First_Name = ‘Festus’

WHERE Employee_id = 111;

Example 2:

UPDATE Customers

SET ADDRESS = ‘Sabo Yaba’

WHERE ID = 6;

DELETE Query

The DELETE statement is used to remove existing rows from a table

Syntax:

DELETE FROM Table_Name

WHERE [search condition]

Example 1:

DELETE FROM EmployeeTable

WHERE Employee_id = 111;

Example 2:

DELETE FROM Customers

WHERE ID = 6;

INTEGRITY CONSTRAINT OVER RELATION

There is number of means to achieve this but one of the commonly used and
preferred methods is to use constraints.
Constraints

Constraints are the rules enforced on data columns on table. These are used to
limit the type of data that can go into a table.

OR

A constraint is a property assigned to a column or set of columns in a table to

prevent certain types of inconsistent data value from being entered.

Categories of constraints

(1) Column level constraints

(2) Table level constraints

Types of constraints

(1) PRIMARY KEY

(2) UNIQUE
(3) FOREIGN KEY
(4) CHECK
(5) NOT NULL
(6) INDEX
(7) DEFAULT

Defining constraints

PRIMARY KEY constraints uniquely identified each rows/records in a database

table

Syntax:

CREATE TABLE Table_Name(

Column_Name data_type PRIMARY KEY, Column_List)

Example 1:

CREATE TABLE Table_Name(

Student_id INT PRIMARY KEY, Surname text, First_Name text);

Example 2:

CREATE TABLE Customers(

ID INT,

NAME VARCHAR(20),

AGE INT,

ADDRESS CHAR(25),

SALARY DECIMAL(18,2)

PRIMARY KEY(ID));

FOREIGN KEY CONSTRAINTS

A foreign key is a field in a relational table that matches or point to a primary key
of another table.

A foreign key is a key used to link two tables together. This is sometimes called a
referencing key.

Example:

Consider the structure of the two tables as follows:

StudentID Name Age Address

Students table

CourseID StudentID CourseName CourseInstructor

Course table
CREATE TABLE Students(

StudentID INT PRIMARY KEY,

Name VARCHAR(20),

Age INT,

Address CHAR(25));

CREATE TABLE Course(

CourseID INT PRIMARY KEY

CourseName TEXT,

FOREIGN KEY REFERENCES Students(StudentID),

CourseInstructor VARCHAR(20));

CHECK Constraint

The CHECK constraint enables a condition to check the value being entered into a
column.

Example:

CREATE TABLE Customers(

ID INT,

NAME VARCHAR(20),

AGE INT CHECK(AGE>=18),

ADDRESS CHAR(25),

SALARY DECIMAL(18,2)

PRIMARY KEY(ID));
UNIQUE Constraint

The UNIQUE constraint is used to prevent two records from having identical values
in a particular column. It ensures that only unique values are entered in a column or
set of columns.

Example:

CREATE TABLE EmployeeTable(

Employee_id INT PRIMARY KEY,

Surname text,

First_Name text,

Mobile_Number UNIQUE);

NOT NULL Constraint

The NOT NULL Constraint enforces that the column will not accept null values.

A NULL is not the same as no data, rather, it represents unknown data.

Example:

CREATE TABLE Customers(

ID INT NOT NULL,

NAME VARCHAR(20) NOT NULL,

AGE INT NOT NULL,

ADDRESS CHAR(25),

SALARY DECIMAL(18,2),

PRIMARY KEY(ID));
DEFAULT Constraint

The DEFAULT constraint provides a default value to a column when the INSERT
INTO statement does not provide a specific value.

Example:

The following SQL creates a new table called CUSTOMERS and adds five columns.
Here SALARY column is set to 7000.00 by default, so in case INSERT INTO
statement does not provide a value for this column then by default this column
would be set to 7000.00

CREATE TABLE Customers(

ID INT NOT NULL,

NAME VARCHAR(20) NOT NULL,

AGE INT NOT NULL,

ADDRESS CHAR(25),

SALARY DECIMAL(18,2) DEFAULT 7000.00,

PRIMARY KEY(ID));

QUERYING RELATIONAL DATA

SELECT Statement

The SELECT statement is used to fetch or retrieve data from the database and
enables the selection of one or many rows or columns from a table.

Syntax:

SELECT column1, column2, column3

FROM Table_Name;

Example:

Consider Customers table having following records:

ID NAME AGE ADDRESS SALARY
1 John 35 Lagos 2000.00
2 Deborah 28 Abuja 1500.00
3 Taiwo 25 Rivers 2000.00
4 Lola 28 Ogun 6500.00
5 Sola 30 Lagos 8500.00
6 Seun 23 Lagos 9000.00

Selecting all columns

If you want to select the entire field in a Customers table then use the following
query:

SELECT * FROM Customers:

Selecting specific columns

Following is an example which would fetch ID, NAME, and SALARY fields of the
customers available in Customers table:

Example:

SELECT ID, NAME, SALARY

FROM Customers;

This would produce following result:

ID NAME SALARY
1 John 2000.00
2 Deborah 1500.00
3 Taiwo 2000.00
4 Lola 6500.00
5 Sola 8500.00
6 Seun 9000.00

WHERE Clause
The SQL WHERE clause is used to specify a condition while fetching the data from
single or joining with multiple tables.

The WHERE clause can be used in SELECT, UPDATE, DELETE statement etc.

Syntax:

SELECT column1 column2 column3

FROM Table_Name;

WHERE [condition]

DATABASE SECURITY
Database security concerns the use of a broad range of information security controls
to protect databases (potentially including the data, the database applications or
stored functions, the database system, the database servers and the associated
network links) against compromises of their confidentiality, integrity and
availability.

Security risk to database system

1) Unauthorized or unintended activity or misuse by authorized database users,

database administrators, or network/system managers or by unauthorized users
or hackers.

2) Malware infections causing incidents such as unauthorized access, leakage or

disclosure of personal or proprietary data, deletion of or damage to the data or
programs, interruption or denial of authorized access to the database.

3) Overloads, performance constraints and capacity issues resulting in the inability

of authorized users to use databases as intended.
4) Physical damage to database servers caused by computer room fires or floods,
overheating, lightening, accidental liquid spill, static discharge/ electronic
breakdowns/equipment failures and obsolescence.
5) Design flaws and programming bugs in databases and the associated programs
and systems, creating various security vulnerabilities, data loss/corruption,
performance degradation etc.
6) Data corruption or loss caused by the entry of invalid data or command, mistakes

in database or system administration processes, sabotage/criminal damage etc.

Data security
Data security is the protection and safety of data from destruction, corruption or
unauthorized access to computers, databases and websites.
Data risk assessment is the process of determining the safety of stored data
Importance of data security
Data security is important for most business and even home computer users. Client
information, payment information, personal files, bank account details. All of these
information can be hard to replace and potentially dangerous if it falls into the
wrong hands.
Data lost due to disasters such as a flood or fire is crushing, but losing it to hackers
or a malware infection can have much greater consequences.

Types of security control on the data

(1) Access control: Access control is the selective restriction of access to a place
or other resource. The act of accessing may mean consuming, entering, or using.
Permission to access a resource is called authorization.
(2) Auditing: Auditing involves observing a database so as to be aware of the
actions of database users. Database administrator and consultants often set up
auditing for security purpose, for example, to ensure that those without the
permission to access information do not access it.

(3) Authentication: Authentication is another part of data security that encounter

with everyday computer usage. Just think about when you log into your email or
blog account. That single sign-in process is a form authentication that allows you to
log into applications, file, folders and even an entire computer system.
(4) Encryption: Encryption has become a critical security feature for thriving
networks and active home users alike. This security mechanism uses mathematical
schemes and algorithms to scramble data into unreadable text. It can only be
decoded or decrypted by the party that possesses the associated key.

Access control methods in database security

1) Username and password
2) Role based Access control
3) Mandatory Access control
4) Rule based Access control
5) Discretional Access control
6) Organisation based Access control
7) Responsibility based Access control
8) Identity based Access control
9) Biometric verification/Facial Recognition/voice
10) Recognition/Eyes/iris/Retina recognition/Finger Print Recognition
11) Prove/Metal protector
12) Personal identification Number (PIN)

INTEGRITY CONTROLS

Backup: A backup, or the process of backing up, refers to the copying and
archiving of computer data so it may be used to restore the original after a data loss
event. Backups have two distinct purposes. The primary purpose is to recover data
after its loss, be it by data deletion or corruption.
Application security: Application security is the use of software, hardware, and
procedural methods to protect applications from external threats.
Role of the database administrator in data security
A database administrator is the person responsible for the installation,
configuration, upgrade, administration, monitoring and maintenance of databases in
an organization.

Roles
(1) Installation and upgrading the database server and application tools
(2) Maintaining users
 (3) Managing data integrity
(4) Database recovery
(5) Allocating system storage and planning future storage requirements for the
database system
(6) Modifying the database structure as necessary from information given by
application developers
(7) Managing data security and privacy
(8) Ensuring compliance with database vendor license agreement
(9) Controlling and monitoring user access to the database
(10) Monitoring and optimizing the performance of the database
(11) Planning for backup and recovery of database information
(12) Maintaining archived data
(13) Backing up and restoring databases
(14) Contacting database vendor for technical support
(15) Generating various reports/output
(16) Creating users/ID (credentials)
(17) Deleting users

CRASH RECOVERY
Crash recovery is used to recover from a failure either when a single-instance
database crashes.
The goal of crash and instance recovery is to restore the data block changes located
in the cache of the dead instance.
Crash recovery is the process by which the database is moved back to a consistent
and usable state. This is done by rolling back incomplete transactions and
completing committed transactions that were still in memory when the crash
occurred.

Conditions that can result in transaction failure include:

(1) A power failure on the machine
(2) A hardware failure such as memory corruption, or disk, CPU, or network
failure.
 (3) A serious operating system error that causes database to go down.

Introduction to ARIES
Algorithms for Recovery and Isolation Exploiting Semantics (ARIES) are designed to
work with a no-force, steal database approach; it is used by IBM DB2, Microsoft SQL
server and many other database systems.
Three main principles lie behind ARIES are:
(1) Write ahead logging
(2) Repeat history during Redo
(3) Logging changes during Undo

Write ahead logging: Any change to an object is first recorded in the log, and the
log must be written to stable storage before changes to the object are written to
disk.
Repeat history during Redo: On restart after a crash, ARIES retraces the actions
of a database before the crash and brings the system back to the exact state that it
was in before the crash
Logging changes during Undo: Changes made to the database while undoing
transactions are logged to ensure such an action is not repeated in the event of
repeated restarts.

Recovery Procedure after Crash

The recovery works in three phases
(1) Analysis Phase: The first phase, Analysis, computes all the necessary
information from the log file.
(2) REDO Phase: The Redo phase restores the database to the exact state at the
crash, including all the changes of uncommitted transactions that were running at
that point in time.
(3) UNDO phase: The undo phase then undoes all uncommitted changes, leaving
the database in a consistent state.
Other recovery related to data
Check pointing: Check pointing is basically consists of storing a snapshot of the
current application state, and later on, use it for restarting the execution in case of
failure. A checkpoint record is written into the log periodically at that point when the
system writes out to the database on disk all DBMS buffers that have been
modified. Checkpoints are reuse of primary and secondary log files.

Media recovery
Media recovery deals with failure of the storage media holding the permanent
database, in particular disk failures. The traditional database approach for media
recovery uses archive copies (dumps) of the database as well as archive logs.
Archive copies represent snapshots of the database and are periodically taken.
The archive log contains the log records for all committed changes which are not yet
reflected in the archive copy. In the event of a media failure, the current database
can be reconstructed by using the latest archive copy and redoing all changes in
chronological order from the archive log.