Chapter V

Database Security and Transaction

Processing
Contents
- Database Security: Introduction to database security, Data security
Requirements, Types of Database Users- Creating, altering and Deleting
Users
-Protecting the Data within database: Database privileges: system
privileges and object privileges, Granting and Revoking Privileges: Grant
and Revoke command.
-Transaction: Concept, Properties and states of transaction.
-Database backup: Types of Failures, Causes of failures, database
backup introduction, types of database backups Physical and Logical.
-Database Recovery: Recovery concepts, Recovery Techniques- Roll
1
forward and rollback
Introduction
Database Security

2
 What Is Database Security?

Database:
It is a collection of information stored in a computer.
Security:
It is being free from danger.
Database Security:
It is the mechanisms that protect the database against
intentional or accidental thr eats.
3
 Three Main Aspects

1. Secrecy
2. Integrity
3. Availability

4
 Secrecy
 It is protecting the database from unauthorized
users.
 Ensures that users are allowed to do the things
they are trying to do.

 For examples,
 The employees sh ould not see the salaries of their
managers.
5
 Integrity
 Protecting the database from authorized
users.

 Ensures that what users are trying to do is

correct.

 For examples,
• An employee should be able to modif y
his or her own information. 6
 Availability
 Authorized users should be able to access
data for Legal purposes as necessary

 For examples,
 Payment orders regarding taxes should be

made on time by the tax law. 7

Security
Problems
Database Security

8
 What is a Threat?

Threat: it can be defined as a hostile agent

that, either casually or by using:
 specialized technique
 modify
 delete the information managed by a D
BMS
9
 Two Kinds of Threat
1. Non-fraudulent Threat
 Natural or accidental disasters.
 Errors or bugs in hardware or software.
 Human errors.

2. fraudulent Threat
 Authorized users
• Those who abuse their privileges and authority.
 Hostile agents
• Those improper users (outsider or insiders).
• who attack the software and/or hardware system, or read or
write data in a database.
10
Database Protection Requirements

1. Protection from Improper Access

2. Protection from Inference
3. Integrity of the Database
4. User Authentication
5. Multilevel Protection
6. Confinement
7. Management and Protection of Sensitive Data
11
Transaction
state
&
Propertie
s
Transaction
state
&
Propertie
s
 TRANSACT
Transaction is a unit of program execution
ION
that accesses and possibly
updates various data items.
Usually, a transaction is initiated by a user program written in
a high-level data-manipulation language or programming
language (for example, SQL,COBOL, C, C++, or Java),
where it is delimited by statements (or function calls) of the
form begin transaction and end transaction.

The transaction consists of all operations

executed between the begin transaction and
end transaction.
 Transaction
Toproperties
ensure integrity of the data, we require
that the database system maintain the
following properties of the transactions:-

●Atomicity
●Consistency
●Isolation
●Durability
● Atomicity. Either all operations of the
transaction are reflected properly in the database,
or none are.

● Consistency. Execution of a transaction in

isolation (that is, with no other transaction
executing concurrently) preserves the consistency
of the database.
●Isolation:- Even though multiple transactions
may execute concurrently, the system guarantees
that, for every pair of transactions Ti and Tj , it
appears to Ti that either Tj finished execution
before Ti started, or Tj started execution after Ti
finished. Thus, each transaction is unaware of
other transactions executing concurrently in the
system.

● Durability:- After a transaction completes

successfully, the changes it has made to the
database persist, even if there are system failures.
 Transaction state
A transaction must be in one of the following
states:
● Active:- the initial state, the transaction stays in
this state while it is executing.

● Partially committed:- after the final statement

has been executed.

● Failed:-after the discovery that normal execution

can no longer proceed.
 Transaction
state
● Aborted:- after the transaction has been rolled back
and the database has been restored to its state prior to
the start of the transaction.

● Committed :- after successful

completion.
 Partially
committe committed
d

activ
e

faile aborted
d

figure: state diagram of

transaction
● It can restart the transaction, but only if the
transaction was aborted as a result of some
hardware or software error that was not created
through the internal logic of the transaction. A
restarted transaction is considered to be a new
transaction.

● It can kill the transaction. It usually does so because

of some internal logical error that can be corrected
only by rewriting the application program, or because
the input was bad, or because the desired data were
not found in the database.
What is Backup and Recovery?

• Backup is a copy of data from your database that

can be used to reconstruct that data.
• Recovery is carried out through archive
records or known as Archive System .
• In general, backup and recovery refers to the
various strategies and procedures involved in
protecting your database against data loss and
reconstructing the database after any kind of data
loss.
• Goal of the database administrator
• What is Backup and Recovery
• Types of backup
• Categories of Failure
• Configuring for Recoverability
• Different between no archive log mode and
archive log mode
 Back
• A backup is a copyup
of data from your database
that can be used to reconstruct that data.
• Backups can be divided into physical
backups
and logical backups.
 Physical
Backups
• Physical backups are backups of the physical files
used in storing and recovering database, such as
data files, control files, and archived redo logs.
• Every physical backup is a copy of files storing
database information to some other location,
whether on disk or some offline storage
 Logical
Backups
• Logical backups contain logical data (for
tables or stored procedures) exported from a
example,

database with an Oracle export utility and stored in

a binary file, for later re-importing into a database
using the corresponding Oracle import utility.
• Physical backups are the foundation of any backup
Physical Backups
and recovery strategy.
and
• Logical backups are a useful supplement to
physical backups in many circumstances but are not
Logical
sufficient protection against data loss without
physical backups.
Backups
4. Backward Recovery (Rollback)
• DBMS backs out of or undo unwanted changes
to the DB – before images captured
• Reverse the changes made by transactions that
have aborted or terminated abnormally

CISB314 Database II 28
• Example: Transfer RM100 from CUSTOMER A
account to CUSTOMER B account
• Program reads the record for customer A and
subtracts
RM100 from the account balance
• Program reads the record for customer B and adds RM100
to the account balance
• Program writes the updated record for customer A to the
database
• In attempting to write the record for customer B, program
encounters an error condition and cannot write the record
• An UNDO command – recovery manager to apply the
before
image for record customer A to restore account balance
to its original value CISB314 Database II 29
5. Forward Recovery (Rollforward)
• A technique that starts with an earlier copy of the database.
After images are applied to the database and the database
is quickly moved forward to a later state.
• Much faster than Restore/Rerun:
• The time consuming logic of reprocessing each
transaction does not have to be repeated
• Only the most recent after-images need to be applied. DB
record may have series of after image – most recent (good)
after image is required for rollback

CISB314 Database II 30
CISB314 Database II 31
 Achievement of unit

• Provide security to the given database by

assigning various privileges to the user.

•Create and manage the given database users.

•Explain the importance of Transaction.

•Explain advantages of database backup and

recovery in the database.