DATABASE MANAGMENT SYSTEM

Contents
Part 1: Produce a presentation slides which analyze different types of database management
system. ........................................................................................................................................5

• Compare and contrast the different types of database models. ..............................................5

• Assess how relational database models and the process of normalization can provide reliable
and efficient data structures. ........................................................................................................5

• Critically evaluate different database management systems available in relation to open

source and vendor-specific platforms, justifying the criteria used in the evaluation......................5

Introduction:............................................................................................................................5

Database models:.................................................................................................................5

Comparison between the hierarchical, network and relational models: .................................8

Normalization ....................................................................................................................... 11

Justification ........................................................................................................................... 18

Screenshots of the presentation slides: ............................................................................... 19

Conclusion: ........................................................................................................................... 26

Part 2: Design a database management system using a relational model to meet client requirements
and develop a database management system using a suitable platform. ...................................... 27

• Produce a design for a relational database management system to meet client requirements
27

• Analyze how the design will optimize system performance. .............................................. 27

• Develop a fully functional system which meets client and system requirements, using an open
source language (with an application software e.g. MySQL with front end Microsoft Access)... 27

• Test the system for functionality and performance. ............................................................ 27

ANUP SAPKOTA(4TH SEM) 1

 DATABASE MANAGMENT SYSTEM

• Implement effective features in the solution to handle concurrency, security, user

authorizations and data recovery. .............................................................................................. 27

• Critically evaluate the effectiveness of the system design and development against client and
system requirements. ................................................................................................................. 27

Introduction:.......................................................................................................................... 27

Anomalies: ........................................................................................................................ 28

Example of anomaly .......................................................................................................... 29

Normalization table of Assignment management: .............................................................. 30

DFD (Data Flow Diagram): ............................................................................................... 33

ER Diagram: ..................................................................................................................... 36

Data dictionaries:............................................................................................................... 36

How ER, Normalization help to reduce anomaly and redundancy? .................................... 39

Screenshot of program: ...................................................................................................... 42

Database creation and making Connection:........................................................................ 45

Connecting It to the IDE: ................................................................................................... 46

Codding of the particular forms and Operations: ................................................................ 49

Creation of User: ............................................................................................................... 50

Students Management: ...................................................................................................... 51

Teachers Management: ...................................................................................................... 52

Assignments Management: ................................................................................................ 54

Testing: ............................................................................................................................. 55

Importance of Testing:....................................................................................................... 55

Types of software testing: .................................................................................................. 57

ANUP SAPKOTA(4TH SEM) 2

 DATABASE MANAGMENT SYSTEM

White Box Testing: ........................................................................................................... 57

Black Box Testing: ............................................................................................................ 57

Difference between White Box and Black Box testing: ...................................................... 58

Concurrency Control: ........................................................................................................ 65

Potential problems of Concurrency: ................................................................................... 65

Why use Concurrency method? ......................................................................................... 66

Types of Concurrency control Protocols are: ..................................................................... 66

Used protocol for development of project: ......................................................................... 69

Creating user and grant permission: ................................................................................... 70

Database security: ............................................................................................................. 71

Comparing system design and system analysis against system and user requirement ......... 77

Part 3: Create a lab report: Demonstrate the system administration and management tools available
on the chosen platform .............................................................................................................. 85

• Demonstrate the tools available in the system to monitor and optimize system performance,
and examine the audit logs. ....................................................................................................... 85

• Demonstrate the tools available in the system to manage security and authorizations. ........ 85

• Assess the effectiveness of the system administration and management tools available on the
platform identifying any shortcomings of the tools. ................................................................... 85

• Assess any future improvements that may be required to ensure the continued effectiveness
of the database system. .............................................................................................................. 85

Lab Report on: Demonstrating the system administration and management tools available 86

Title: ................................................................................................................................. 86

Introduction:...................................................................................................................... 86

ANUP SAPKOTA(4TH SEM) 3

 DATABASE MANAGMENT SYSTEM

Materials: .......................................................................................................................... 86

Data: ................................................................................................................................. 87

Conclusion: ......................................................................................................................... 106

References: ............................................................................................................................. 108

ANUP SAPKOTA(4TH SEM) 4

 DATABASE MANAGMENT SYSTEM

Part 1: Produce a presentation slides which analyze different types of database management
system.

• Compare and contrast the different types of database models.

• Assess how relational database models and the process of normalization can provide
reliable and efficient data structures.

• Critically evaluate different database management systems available in relation to

open source and vendor-specific platforms, justifying the criteria used in the
evaluation.
Introduction:
In order to achieve the criteria of part 1. I am firstly going to explain different database models
like ER, Object Oriented, Relational Model, hierarchical database model and network model and
conclude writing similar and dissimilar fact regarding all models. As well as I am going to explain
what is relational database model & relational properties. Explain every phases of Normalization
with an example. At last conclude, how normalization help to design & develop reliable, efficient,
error free, less redundant and less prone to error and finally I am going to continue the fact of P1
and justify my answer on the basic of 8 Key Considerations When Choosing a DBMS.
Database models:
(SearchSQLServer 2019) A database model is a type of data model that determines the logical
structure of a database and fundamentally determines in which manner data can be stored,
organized and manipulated. The most popular example of a database model is the relational model,
which uses a table-based format. The different types of the database models are as follows:
• Object Oriented
• Relational Model
• Hierarchical Database Model
• Network Model

ANUP SAPKOTA(4TH SEM) 5

 DATABASE MANAGMENT SYSTEM

A. Object Oriented:
(SearchSQLServer 2019) This model defines a database as a collection of objects, or
reusable software elements, with associated features and methods. There are several kinds
of object-oriented databases: A multimedia database incorporates media, such as images,
that could not be stored in a relational database. A hypertext database allows any object to
link to any other object. It’s useful for organizing lots of disparate data, but it’s not ideal
for numerical analysis.
The object-oriented database model is the best known post-relational database model, since
it incorporates tables, but isn’t limited to tables. Such models are also known as hybrid
database models.

B. Relational Model:
(SearchSQLServer 2019) The most common model, the relational model sorts data into
tables, also known as relations, each of which consists of columns and rows. Each column
lists an attribute of the entity in question, such as price, zip code, or birth date. Together,
the attributes in a relation are called a domain. A particular attribute or combination of
attributes is chosen as a primary key that can be referred to in other tables, when it’s called
a foreign key.

ANUP SAPKOTA(4TH SEM) 6

 DATABASE MANAGMENT SYSTEM

Each row, also called a tuple, includes data about a specific instance of the entity in
question, such as a particular employee.
The model also accounts for the types of relationships between those tables, including one-
to-one, one-to-many, and many-to-many relationships. Here’s an example

C. Hierarchical Database Model:

(SearchSQLServer 2019) The hierarchical model organizes data into a tree-like structure,
where each record has a single parent or root. Sibling records are sorted in a particular
order. That order is used as the physical order for storing the database. This model is good
for describing many real-world relationships.

ANUP SAPKOTA(4TH SEM) 7

 DATABASE MANAGMENT SYSTEM

D. Network Model:
(SearchSQLServer 2019) The network model builds on the hierarchical model by allowing
many-to-many relationships between linked records, implying multiple parent records.
Based on mathematical set theory, the model is constructed with sets of related records.
Each set consists of one owner or parent record and one or more member or child records.
A record can be a member or child in multiple sets, allowing this model to convey complex
relationships.

Comparison between the hierarchical, network and relational models:

Hierarchical Model Network Model Relational Model

ANUP SAPKOTA(4TH SEM) 8

 DATABASE MANAGMENT SYSTEM

A structure of data organized A database model that allows A database model to manage
in a tree like model using multiple records to be linked data as tuples grouped into
parent, child relationships. to the same owner file. relations (tables).
Arrange data in a tree similar Organizes data in a graph Arrange data in tables
structure. structure
Represents "one to many" Represents "many to many" Represents both "one to
relationship. relationship. many" and "many to many"
relationship.
Difficult to access data Easier to access data Easier to access data
Less flexible Flexible Flexible
Comparison between Object oriented and Relational model:
(SearchSQLServer 2019) To the best of my knowledge, a relational database stores data in a table
which consists of rows and columns. In a table, it requires a primary key to identify difference
records. It represents the relationship of each data entries by column or attributes which we called
it as a foreign key. When we design a relational data model such as the ER model, we only consider
the relationship between data or we called entities. Because in the relational database, the data is
stored in a separate table, when we want to do query processing, we need to join those table
together which can have high cost if the size of data in each table is large.
However, a relational database cannot represent data in reality very well because data in the real
world is more complex and cannot be represented with the relationship only. So, the object-
oriented database emerged.
An object-oriented database applies the same concept as object-oriented programming like Java.
It can represent more complex data because it encapsulates the inheritance concept and operation
of the data object. Each data will be stored as an object. By using an object-oriented database, it
will enhance data complexity but the search capability will be low.

ANUP SAPKOTA(4TH SEM) 9

 DATABASE MANAGMENT SYSTEM

Relational Database Model

(SearchSQLServer 2019) The 'Relational Database Model is the most common model in industry
today. A relational database is based on the relational model developed by E.F. Codd. A relational
database allows the definition of data structures, storage and retrieval operations and integrity
constraints. In such a database the data and relations between them are organized into tables. A
table is a collection of records and each record in a table contains the same fields. The contents of
a table can be permanently saved for future use.
Properties of the relational database model
Properties of Relational Tables:
1. Data is presented as a collection of relations.
2. Each relation is depicted as a table.
3. Columns are attributes that belong to the entity modeled by the table (ex. In a student table,
you could have name, address, student ID, major, etc.).
4. Each row ("tuple") represents a single entity (ex. In a student table, John Smith, 14 Oak St,
9002342, Accounting, would represent one student entity).
5. Every table has a set of attributes that taken together as a "key" (technically, a "super key")
uniquely identifies each entity (Ex. In the student table, “student ID” would uniquely
identify each student – no two students would have the same student ID)
Normalization:
(SearchSQLServer 2019) Normalization is a database design technique which organizes tables in
a manner that reduces redundancy and dependency of data.
It divides larger tables to smaller tables and links them using relationships.
The evolution of Normalization theories is illustrated below-

Database Normalization Examples:

As given in the scenario the database of assignment submission including all the information.
Without any normalization, all information is stored in one table as shown below.

ANUP SAPKOTA(4TH SEM) 10

 DATABASE MANAGMENT SYSTEM

Normalization
(SearchSQLServer 2019) Database normalization is the process of organizing data into tables in
such a way that the results of using the database are always unambiguous and as intended. Such
normalization is intrinsic to relational database theory. It may have the effect of duplicating data
within the database and often results in the creation of additional tables.
By normalizing database, we can arrange data into tables and columns ensuring each table
contains only related data. If data is not directly related, we have to create a new table for the data.
For example, if there is a customer table we would normally create product table for the number
of product they have order another table is created to store each order made by customer which is
linked by their primary key which helps to easily update, delete and search relevant data in
database across table.
Benefits of Normalization
- Minimizes data redundancy (duplicate data).
- Minimizes null values.
- Results in a more compact database (due to less data redundancy/null values).
- Minimizes/avoids data modification issues.
- Simplifies queries.
- The database structure is cleaner and easier to understand. we can learn a lot about a relational
database just by looking at its schema.
- We can extend the database without necessarily impacting the existing data.
- Searching, sorting, and creating indexes can be faster, since tables are narrower, and more rows
fit on a data page.

ANUP SAPKOTA(4TH SEM) 11

 DATABASE MANAGMENT SYSTEM

Example of normalized database

The beside schema table separate the database table into three different table which have their own
data to be stored they are as: Assignment, student and teacher table. As RDMS help us to find the
relation between table we can find out which table represent which table due to its key’s.
If we de-normalize the above table we get:
Id Teacher Name Assignment Date Released Student name
1 Navaraj Bhandari Database 29th Sep 2019 Anoop
2 Navaraj Bhandari Project Management 29th Sep 2019 Anoop
3 Binod Saha Programming 29th Sep 2019 Anoop
4 Rahul Kumar Java 29th Sep 2019 Anoop

In the above database there is repeat of teacher name and student name which result to require
more storage space then normalized database. But it can also lead in the problem for inserting,
deleting and updating of the database.
Basically, it can result into the following three anomalies (these are the problem that can occur due
to the poorly planned, unnormalized database where all the data are stored into the single table):
Update anomaly: If we need to update teacher’s name, we’ll need to update multiple rows. This
could result in errors. If we update some rows, but not others, we’ll end up with inaccurate data.
This is known as an update anomaly.
Insertion anomaly: It is possible that some teacher has not released assignment so in this case we
cannot add teacher name unless we set three field null. When the teacher finally releases an
ANUP SAPKOTA(4TH SEM) 12
 DATABASE MANAGMENT SYSTEM

assignment, we might insert a new row, but in this case, we’ll end up with two rows for that artist
– one of which is pretty much useless, and could cause confusion. While we could write scripts in
an attempt to deal with this scenario, it’s not an ideal situation, and the scripts themselves could
contain errors.
Deletion anomaly: If we need to delete an assignment, we cannot do it without deleting the
teacher. If a teacher has only one assignment and we delete that assignment we will end of deleting
teacher from our database. we won’t have any record relating to that teacher.
So, we have to normalize the database carefully for avoiding such anomalies in our database.
Levels of Normalization
1. UNF (Unnormalized Form):
A database is in UNF if it is not normalized at all.
Teachers Student Subject Credit Release Date Deadline Submitted date
Name Name Name
Nawarj Subash DBMS 4 25thseptember, 28thDecember,2019 28thDecember,2019
Bhandari Lama, 2019
Subash
Dhakal
Binod Samrit Programming 5 25thseptember, 28thDecember,2019 28thDecember,2019
Saha Basnet 2019
Rahul Susan Java 4 25thseptember, 28thDecember,2019 28thDecember,2019
Kumar Thapa, 2019
Saurav
Adhikari
Savita Suresh AI 5 25thseptember, 28thDecember,2019 28thDecember,2019
Havalkod Dhakal 2019

The above database table is not normalized at as there are multiple data in the student name
attribute. So, we have to take it to the First Normal Form for normalizing.

ANUP SAPKOTA(4TH SEM) 13

 DATABASE MANAGMENT SYSTEM

2. 1NF (First Normal Form):

A table is said to be in a normal form when each attribute of the tables contains only one value. Or
also we can say the table does not have any repeating groups. The data stored in the table should
have unique names. In the table each product has unique id and the values are atomic in the sense
that it can be normalized in the smaller table
Rules:
• All the columns in a table should have unique names.
• It should only have single valued attributes.
Teachers Student Subject Credit Release Date Deadline Submitted date
Name Name Name
Nawarj Subash DBMS 4 25thseptember, 28thDecember,2019 28thDecember,2019
Bhandari Lama 2019

Binod Samrit Programming 5 25thseptember, 28thDecember,2019 28thDecember,2019

Saha Basnet 2019
Rahul Susan Java 4 25thseptember, 28thDecember,2019 28thDecember,2019
Kumar Thapa 2019
Savita Suresh AI 5 25thseptember, 28thDecember,2019 28thDecember,2019
Havalkod Dhakal 2019

As the above table is normalized each product has unique id and none of the attribute contains
multi values which states that the table is in first normal form.

3. 2NF (Second Normal Form):

For the table to be in second normal form i.e. in 2nf the table should be in first normal form and
more often the table should not have partial dependency. That means the other non-keys columns
are dependent on the primary key. If we want to search for the teacher details firstly, we have to
know about the teacher ID.

ANUP SAPKOTA(4TH SEM) 14

 DATABASE MANAGMENT SYSTEM

Rules:
• It should be in first normal form
• Should not have partial dependency
Teacher ID Teacher Name Subject ID Receive Date Feedback Date
01 Nawaraj Bhandari 110 29thDecember,2019 20thJanuary,220
02 Binod Saha 111 29thDecember,2019 20thJanuary,220
03 Rahul Kumar 112 29thDecember,2019 20thJanuary,220
04 Savita Havalkod 113 29thDecember,2019 20thJanuary,220

Student Student Subject ID Credit Release Date Deadline Submitted date

ID Name
1000 Subash 110 4 25thseptember, 28thDecember,2019 28thDecember,2019
Lama 2019

1001 Samrit 111 5 25thseptember, 28thDecember,2019 28thDecember,2019

Basnet 2019
1002 Susan 112 4 25thseptember, 28thDecember,2019 28thDecember,2019
Thapa 2019
1003 Suresh 113 5 25thseptember, 28thDecember,2019 28thDecember,2019
Dhakal 2019

From the above table I have removed all the columns that are not dependent on primary key which
illustrates that the table is in second normal form.
4. 3NF (Third Normal Form):
A table is said to be in third normal form if the relation fulfills the requirement of the second
normal form along with this if the transitive dependency is removed from the table. More on third
normalization is done in the database mostly to reduce the data independency in the databases also
the attributes which are not dependent on primary keys are removed from the table.

ANUP SAPKOTA(4TH SEM) 15

 DATABASE MANAGMENT SYSTEM

Rules:
• It is in the Second Normal form
• There shouldn’t be Transitive Dependency
Teacher ID Teacher Name Receive Date Feedback Date
01 Nawaraj Bhandari 29thDecember,2019 20thJanuary,220
02 Binod Saha 29thDecember,2019 20thJanuary,220
03 Rahul Kumar 29thDecember,2019 20thJanuary,220
04 Savita Havalkod 29thDecember,2019 20thJanuary,220

Student Student Release Date Deadline Submitted Date

ID Name
1000 Subash Lama 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1001 Samrit Basnet 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1002 Susan Thapa 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1003 Suresh Dhakal 25thseptember, 2019 28thDecember,2019 28thDecember,2019

Subject ID Subject Name

1000 DBMS
1001 Programming
1002 Java
1003 AI

In the above table all the transitive dependency in the table data are removed hence that the above
table is in third normalization.

ANUP SAPKOTA(4TH SEM) 16

 DATABASE MANAGMENT SYSTEM

(Tutorialspoint.com 2019) Database is the organized collection of data that are stored and access
electronically from a computer system. For the storing of data from the generation different types
of database like network, hierarchical, relational database are used on the basis of requirement of
the project.
Having different types of database management, I prefer to use relational database management
for my project. As relational database is a type of database that stores and provides access to data
points that are related to one another. The relational model means that the logical data structures
the data tables, views, and indexes are separate from the physical storage structures. The reason
behind choosing RDMS is due to its security reason. All the database has their own benefits in
their own field. In RDMS data are stored in multiple table which make user to access data easier.
Those table are connected with each other by the help of primary key and foreign key. The base
of forming relational database table is normalization so that it avoids data redundancy and data
duplication in database.
• Data Model:
Data model is the logical structure of a database, defining how data is connected to each other
and how they are processed and stored inside the system. For that type of modeling RDMS
provide clear view of data flow in the system.
• Data consistency and data security:
The most valuable thing for any project is providing data security. In the term of RDMS data
are encrypted and higher security like data encapsulation, data protection, data hiding is used
for protection of data.
• Manageability:
For starters, an RDB is easy to manipulate. Each table of data can be updated without disrupting
the others. We can also share certain sets of data with one group, but limit their access to others
such as confidential information about employees.
• Flexibility:
If you need to update your data, you only have to do it once – so no more having to change
multiple files one at a time.

ANUP SAPKOTA(4TH SEM) 17

 DATABASE MANAGMENT SYSTEM

And it’s pretty simple to extend your database. If your records are growing, a relational
database is easily scalable to grow with your data.
• Avoid Errors: There’s no room for mistakes in a relational database because it’s easy to check
for mistakes against the data in other parts of the records. And since each piece of information
is stored at a single point, you don’t have the problem of old versions of data clouding the
picture.
• Implementation of service cost: As RDMS is use for higher level project and middle level
project which budget is higher for the completion of the project. So, the implementation of
RDMS cost is higher.
Justification
Tutorialspoint.com 2019) Relational database management is the better and right database system
for any kind of project because the data are stored in the form of structured data in rows and
columns. If we use RDMS for the data storage we can have more security of data. In the RDMS
the data that need to be store are stored ion the table. By the use of RDMS we can create multiple
user. In the case of my project assignment submission we have to create a different user for
different teacher which is only possible in RDMS. The main fact of using RDMS for storing of
data is due to ACID (Atomicity, Consistency, Isolation and Durability).
Comparison between DBMS and RDBMS:
DBMS RDBMS
DBMS applications store data as file. RDBMS applications store data in a tabular
form.
Data is generally stored in either a hierarchical The tables have an identifier called primary
form or a navigational form. key and the data values are stored in the form
of tables.
Normalization is not present. Normalization is present.
Does not support distributed database. Supports distributed database.

ANUP SAPKOTA(4TH SEM) 18

 DATABASE MANAGMENT SYSTEM

Uses file system to store data, so there will be Data values are stored in the form of tables, so
no relation between the tables. a relationship between these data values will
be stored in the form of a table as well.
Examples of DBMS are file systems, xml etc. Example of RDBMS are MySQL, postgre,
SQL server, oracle etc.

Screenshots of the presentation slides:

ANUP SAPKOTA(4TH SEM) 19

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 20

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 21

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 22

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 23

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 24

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 25

 DATABASE MANAGMENT SYSTEM

Conclusion:
In this part I had Compared and contrast the different types of database models as well as I had
shown how relational database models and the process of normalization can provide reliable and
efficient data structures and finally I had critically evaluated different database management
systems available in relation to open source and vendor-specific platforms, justifying the criteria
used in the evaluation.

ANUP SAPKOTA(4TH SEM) 26

 DATABASE MANAGMENT SYSTEM

Part 2: Design a database management system using a relational model to meet client
requirements and develop a database management system using a suitable platform.

• Produce a design for a relational database management system to meet client

requirements

• Analyze how the design will optimize system performance.

• Develop a fully functional system which meets client and system requirements, using
an open source language (with an application software e.g. MySQL with front end
Microsoft Access)

• Test the system for functionality and performance.

• Implement effective features in the solution to handle concurrency, security, user

authorizations and data recovery.

• Critically evaluate the effectiveness of the system design and development against
client and system requirements.
Introduction:
In this part I am going to produce a design for a relational database management system to meet
client requirements as well as I am going to analyze how the design will optimize system
performance also I am going to develop a fully functional system which meets client and system
requirements, using an open source language (with an application software e.g. MySQL with front
end Microsoft Access) as well as I am going to test the system for functionality and performance
and finally I am going to implement effective features in the solution to handle concurrency,
security, user authorizations and data recovery and critically evaluate the effectiveness of the
system design and development against client and system requirements.

ANUP SAPKOTA(4TH SEM) 27

 DATABASE MANAGMENT SYSTEM

Anomalies:
Jhigh.co.uk. (2019) Anomalies are problems that can occur in poorly planned, un-normalized
databases where all the data is stored in one table (a flat-file database). or we can say these are the
problem that can occur due to the poorly planned, unnormalized database where all the data are
stored into the single table.
For example: if there is no declaration of any foreign constraint then values can be added to the
primary table that have no relationship to the values of table.
There are three different types of the Anomalies they are:
• Update Anomalies:
Jhigh.co.uk. (2019) It happens when the person charged with the task of keeping all the
records current and accurate, is asked, for example, to change an employee’s title due to a
promotion. If the data is stored redundantly in the same table, and the person misses any
of them, then there will be multiple titles associated with the employee. The end user has
no way of knowing which is the correct title.
• Insertion Anomalies:
Jhigh.co.uk. (2019) It happens when inserting vital data into the database is not possible
because other data is not already there. For example, if a system is designed to require that
a customer be on file before a sale can be made to that customer, but you cannot add a
customer until they have bought something, then you have an insert anomaly. It is the
classic "catch-22" situation.
• Deletion Anomalies:
Jhigh.co.uk. (2019) It happens when the deletion of unwanted information causes desired
information to be deleted as well. For example, if a single database record contains
information about a particular product along with information about a salesperson for the
company and the salesperson quits, then information about the product is deleted along
with salesperson information.

ANUP SAPKOTA(4TH SEM) 28

 DATABASE MANAGMENT SYSTEM

Example of anomaly

The beside schema table discrete the database table into three dissimilar table which have their
own data to be kept they are as: Assignment, student and teacher table. As RDMS benefit us to
find the relation between table we can find out which table represent which table due to its key’s.
If we de-normalize the above table we get:
Id Teacher Name Assignment Date Released Student name
1 Navaraj Bhandari Database 29th Sep 2019 Anoop
2 Navaraj Bhandari Project Management 29th Sep 2019 Anoop
3 Binod Saha Programming 29th Sep 2019 Anoop
4 Rahul Kumar Java 29th Sep 2019 Anoop
In the above database there is repeat of teacher name and student name which result to require
more storage space then normalized database. But it can also lead in the problem for inserting,
deleting and updating of the database.

ANUP SAPKOTA(4TH SEM) 29

 DATABASE MANAGMENT SYSTEM

• Update anomaly: If we need to update teacher’s name, we’ll need to update multiple rows.
This could result in errors. If we update some rows, but not others, we’ll end up with
inaccurate data. This is known as an update anomaly.
• Insertion anomaly: It is possible that some teacher has not released assignment so in this
case we cannot add teacher name unless we set three field null. When the teacher finally
releases an assignment, we might insert a new row, but in this case, we’ll end up with two
rows for that artist – one of which is pretty much useless, and could cause confusion. While
we could write scripts in an attempt to deal with this scenario, it’s not an ideal situation,
and the scripts themselves could contain errors.
• Deletion anomaly: If we need to delete an assignment, we cannot do it without deleting the
teacher. If a teacher has only one assignment and we delete that assignment we will end of
deleting teacher from our database. we won’t have any record relating to that teacher.
Importance of anomaly detection:
Jhigh.co.uk. (2019) Some of the importance of anomaly detection are:
1. Help to reduce the data redundancy and dependency in the database.
2. Provide more flexibility in the database.
3. Helps us to save the time.
4. Insertion, updating and deletion of the data in the database table will be easier.
Normalization table of Assignment management:
• UNF (unnormalized form)
Teachers Student Subject Credit Release Date Deadline Submitted date
Name Name Name
Nawarj Subash DBMS 4 25thseptember, 28thDecember,2019 28thDecember,2019
Bhandari Lama, 2019
Subash
Dhakal
Binod Samrit Programming 5 25thseptember, 28thDecember,2019 28thDecember,2019
Saha Basnet 2019

ANUP SAPKOTA(4TH SEM) 30

 DATABASE MANAGMENT SYSTEM

Rahul Susan Java 4 25thseptember, 28thDecember,2019 28thDecember,2019

Kumar Thapa, 2019
Saurav
Adhikari
Savita Suresh AI 5 25thseptember, 28thDecember,2019 28thDecember,2019
Havalkod Dhakal 2019

• 1NF (First Normal Form)

Teachers Student Subject Credit Release Date Deadline Submitted date
Name Name Name
Nawarj Subash DBMS 4 25thseptember, 28thDecember,2019 28thDecember,2019
Bhandari Lama 2019

Binod Samrit Programming 5 25thseptember, 28thDecember,2019 28thDecember,2019

Saha Basnet 2019
Rahul Susan Java 4 25thseptember, 28thDecember,2019 28thDecember,2019
Kumar Thapa 2019
Savita Suresh AI 5 25thseptember, 28thDecember,2019 28thDecember,2019
Havalkod Dhakal 2019

• 2NF (Second Normal Form)

• Teacher Teacher Name Subject ID Receive Date Feedback Date
ID
01 Nawaraj 110 29thDecember,2019 20thJanuary,220
Bhandari
02 Binod Saha 111 29thDecember,2019 20thJanuary,220
03 Rahul Kumar 112 29thDecember,2019 20thJanuary,220
04 Savita Havalkod 113 29thDecember,2019 20thJanuary,220

ANUP SAPKOTA(4TH SEM) 31

 DATABASE MANAGMENT SYSTEM

Student Student Subject ID Credit Release Date Deadline Submitted date

ID Name
1000 Subash 110 4 25thseptember, 28thDecember,2019 28thDecember,2019
Lama 2019

1001 Samrit 111 5 25thseptember, 28thDecember,2019 28thDecember,2019

Basnet 2019
1002 Susan 112 4 25thseptember, 28thDecember,2019 28thDecember,2019
Thapa 2019
1003 Suresh 113 5 25thseptember, 28thDecember,2019 28thDecember,2019
Dhakal 2019

• 3NF (Third Normal Form)

• Teacher ID Teacher Name Receive Date Feedback Date
01 Nawaraj Bhandari 29thDecember,2019 20thJanuary,220
02 Binod Saha 29thDecember,2019 20thJanuary,220
03 Rahul Kumar 29thDecember,2019 20thJanuary,220
04 Savita Havalkod 29thDecember,2019 20thJanuary,220

Student Student Release Date Deadline Submitted Date

ID Name
1000 Subash Lama 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1001 Samrit Basnet 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1002 Susan Thapa 25thseptember, 2019 28thDecember,2019 28thDecember,2019
1003 Suresh Dhakal 25thseptember, 2019 28thDecember,2019 28thDecember,2019

ANUP SAPKOTA(4TH SEM) 32

 DATABASE MANAGMENT SYSTEM

Subject ID Subject Name

1000 DBMS
1001 Programming
1002 Java
1003 AI

DFD (Data Flow Diagram):

(Lucidchart, 2018) Also known as DFD, Data flow diagrams are used to graphically represent the
flow of data in a business information system. DFD describes the processes that are involved in a
system to transfer data from the input to the file storage and reports generation.
Data flow diagrams can be divided into logical and physical. The logical data flow diagram
describes flow of data through a system to perform certain functionality of a business. The physical
data flow diagram describes the implementation of the logical data flow. According to the
requirement of the scenario I will be discussing 3 types of DFD.
1. Zero level DFD:
(Lucidchart, 2018) DFD Level 0 is also called a Context Diagram. It’s a basic overview of
the whole system or process being analyzed or modeled. It’s designed to be an at-a-glance
view, showing the system as a single high-level process, with its relationship to external
entities. It should be easily understood by a wide audience, including stakeholders, business
analysts, data analysts and developers.

ANUP SAPKOTA(4TH SEM) 33

 DATABASE MANAGMENT SYSTEM

2. 1 Level DFD:
(Lucidchart, 2018) The Level 0 DFD is broken down into more specific, Level 1 DFD.
Level 1 DFD depicts basic modules in the system and flow of data among various modules.
Level 1 DFD also mentions basic processes and sources of information.
• It provides a more detailed view of the Context Level Diagram.
• Here, the main functions carried out by the system are highlighted as we break into
its sub-processes.

ANUP SAPKOTA(4TH SEM) 34

 DATABASE MANAGMENT SYSTEM

3. 2 Level DFD:
(Lucidchart, 2018) A level 2 data flow diagram (DFD) offers a more detailed look at the
processes that make up an information system than a level 1 DFD does. It can be used to
plan or record the specific makeup of a system.

ANUP SAPKOTA(4TH SEM) 35

 DATABASE MANAGMENT SYSTEM

ER Diagram:
(Lucidchart, 2018) An entity relationship diagram (ERD) shows the relationships of entity sets
stored in a database. An entity in this context is an object, a component of data. An entity set is a
collection of similar entities. These entities can have attributes that define its properties.
By defining the entities, their attributes, and showing the relationships between them, an ER
diagram illustrates the logical structure of databases.
The entity relation diagram for assignment management system is shown below in the design:

Data dictionaries:
(Lucidchart, 2018) A data dictionary contains metadata i.e. data about the database. The data
dictionary is very important as it contains information such as what is in the database, who is
allowed to access it, where is the database physically stored etc. The users of the database normally
don't interact with the data dictionary, it is only handled by the database administrators.

ANUP SAPKOTA(4TH SEM) 36

 DATABASE MANAGMENT SYSTEM

The data dictionary in general contains information about the following:

• Names of all the database tables and their schemas.
• Details about all the tables in the database, such as their owners, their security constraints,
when they were created etc.
• Physical information about the tables such as where they are stored and how.
• Table constraints such as primary key attributes, foreign key information etc.
• Information about the database views that are visible.
The Data dictionaries of assignment management system is:
Table name Column name Data type Key status Reason for
deceleration

User User name Varchar(50) User to be

known by their
name.
Password Varchar(50) In order to
provide the
authentication to
the user.
Student Student_Id Int Primary Key To provide
unique
identification to
student
Student_Name Varchar(50) To know student
with name
Semester Varchar(50) To know the
student class
Submitted_Date Date and time To know the date
of submission

ANUP SAPKOTA(4TH SEM) 37

 DATABASE MANAGMENT SYSTEM

Teacher Teacher_Id Int Primary key To provide

unique
identification to
teacher
Teacher_Name Varchar(50) To know the
identification of
teacher
Qualification Varchar(50) To know the
ability of teacher
Received_Date Date To know the date
of received
Assigment_Id Int Foreign Key To know the
specific
assignment of
particular
teacher
Assigment Assignment_Id Int Primary Key To provide
unique
identification to
assignment
Student_Id Int Foreign Key To know the
detail of student
Teacher_Id Int Foreign Key To know the
detail of teacher
Released_Date Date To declare the
date of release
Deadline Date The date where
the assigment

ANUP SAPKOTA(4TH SEM) 38

 DATABASE MANAGMENT SYSTEM

has to be
submitted

How ER, Normalization help to reduce anomaly and redundancy?

Entity Relation Diagram (ERD) is the graphical representation or the structural diagram of the data
use in database design. The importance of having Entity relation diagram for the any app
development are:
- Provides better knowledge and understanding to the analyst and designer to be contained in
the database.
- It works as the documentation tool.
- ERD is used to communicate to the logical structure of the database to the user.
The term normalization means to make normal in terms of causing something to conform to a
standard, or to introduce consistency with respect to style and content. In terms of relational
database modeling, that consistency becomes a process of removing duplication in data. Removal
of duplication tends to minimize redundancy and minimization of redundancy implies getting rid
of unneeded data present in particular tables.
In reality, normalization usually manages to divide information into smaller, more manageable
parts. The most obvious redundancies can usually be removed without involving math.
Commercially speaking, the primary objectives of normalization are usually to save space and
organize data for usability and manageability, without sacrificing performance. This process can
present a challenge and solved through trial and error. Additionally, the demands of 1) intensely
busy applications and 2) end-user needs can tend to necessitate breaking the rules of normalization
in many ways to meet performance requirements. Rules are usually broken simply by not applying
every possible layer of normalization. Normal Forms beyond 3rd Normal Form are often ignored
and sometimes even 3rd Normal Form itself is discounted.
Normalization can be described as an introduction of granularity, removal of duplication, or
minimizing of redundancy, or simply the introduction of tables, all of which place data into a better
organized state.

ANUP SAPKOTA(4TH SEM) 39

 DATABASE MANAGMENT SYSTEM

Some of the point that help to reduce anomaly and redundancy are:
1. Query optimization:
The query optimizer attempts to determine the most efficient way to execute a given query by
considering the possible query plans. The goal of query optimization is to reduce the system
resources required to fulfill a query, and ultimately provide the user with the correct result set
faster. By making query flexible one query will result to more versatile data result. By doing
those kinds of stuff we can manage our database easier. There will not be messy code and
easier for developer to understand so that by optimizing the query we can reduce the anomaly
by not getting confuse in the data flow of the database while fetching the data for the tester and
user.
2. Data defragmentation:
Dividing the whole table data into smaller chunks and storing them in different DBs in the
DDBMS is called data fragmentation. Data fragmentation helps to manage the data in the
database. due to the help of fragmentation we can insert different data in different table. In
order to avoid anomaly, we can defragment those data to know whether the different data had
separate table or not. If we defragment the data, we can also get rid of the data duplication and
the dependency of the data to another table. Another importance is it provide security to the
database by not letting to give unauthorized access providing valid detail of the data. We can
access the same data from different location which is possible due to data fragmentation so it
is important factor in the database design and development that helps to reduce anomaly and
dependency of the data.
3. Data de-normalization:
Denormalization is a database optimization technique in which we add redundant data to one
or more tables. This can help us avoid costly joins in a relational database. Normalization is
the process of managing data in the database by dividing the table in the smaller form.
Denormalization does not mean not doing normalization. It is an optimization technique that
is applied after doing normalization. By normalizing database, we can arrange data into tables
and columns ensuring each table contains only related data. If data is not directly related, we

ANUP SAPKOTA(4TH SEM) 40

 DATABASE MANAGMENT SYSTEM

have to create a new table for the data. For the well managed database normalization is the key
process by normalizing the data we can remove data redundancy and duplication of the data.
A well normalized database should be denormalized to know whether the anomaly act or not.
We can easily find out that by insertion, deletion and updating of the database.
4. Data security and data management:
The major thing we need to do while designing the database of the project is providing data
security and data management. If the database is not secure then the breaching of the
unauthorized person should interrupt the database. For the better security of the database we
need to provide authentication and also providing different roles for the database handling. The
data should be well managed by using different data management process like Entity relation
diagram, Normalization, Use-case diagram, Activity diagram etc. for better understanding of
the data flow on the database for the database designer and analyst.

ANUP SAPKOTA(4TH SEM) 41

 DATABASE MANAGMENT SYSTEM

Screenshot of program:
Login Form

User
Managemen
t form

ANUP SAPKOTA(4TH SEM) 42

 DATABASE MANAGMENT SYSTEM

Student
Managemen
t Form

tori

Teacher
management
Form

ANUP SAPKOTA(4TH SEM) 43

 DATABASE MANAGMENT SYSTEM

Assignment
management
Form

ANUP SAPKOTA(4TH SEM) 44

 DATABASE MANAGMENT SYSTEM

Database creation and making Connection:

Database
creation in
SQL
developer

Login Table Create table Login (username varchar (50), password varchar (50));
Teacher create table teacher
Table (Teacher_Id int primary key,
Teacher_Name varchar (50),
Qualification varchar (50),
Received_Date Date,
Assignment_Id int);
User Table Create table user (Username varchar (50), password varchar (50));
Subject create table subject
Table (Assignment_Id int primary key,
Released_Date date,
Deadline date);

ANUP SAPKOTA(4TH SEM) 45

 DATABASE MANAGMENT SYSTEM

Student create table student

Table (Student_Id int primary key,
Student_Name varchar (50),
Semester varchar (50),
Submitted_Date Date);

Connecting It to the IDE:

Making the
Database
connection
of
Assignment

ANUP SAPKOTA(4TH SEM) 46

 DATABASE MANAGMENT SYSTEM

Declaring
Username
and
Password

ANUP SAPKOTA(4TH SEM) 47

 DATABASE MANAGMENT SYSTEM

Connection
Name

Connection import java.sql.Connection;

Class import java.sql.DriverManager;
Declaration import java.sql.SQLException;
import javax.swing.JOptionPane;
public class ConnectionClass {
public String DriverName(){
return "oracle.jdbc.OracleDriver";
}
public String Connection(){
return "jdbc:oracle:thin:@localhost:1521:XE";
}
public String User(){

ANUP SAPKOTA(4TH SEM) 48

 DATABASE MANAGMENT SYSTEM

return "system";
}
public String Password(){
return "champ";
}
}

Codding of the particular forms and Operations:

For
Login

ANUP SAPKOTA(4TH SEM) 49

 DATABASE MANAGMENT SYSTEM

Creation of User:
Add

Update

Delete

ANUP SAPKOTA(4TH SEM) 50

 DATABASE MANAGMENT SYSTEM

Students Management:
Add

Updat
e

ANUP SAPKOTA(4TH SEM) 51

 DATABASE MANAGMENT SYSTEM

Delete

Teachers Management:
Add

ANUP SAPKOTA(4TH SEM) 52

 DATABASE MANAGMENT SYSTEM

Updat
e

Delete

ANUP SAPKOTA(4TH SEM) 53

 DATABASE MANAGMENT SYSTEM

Assignments Management:
Add

Updat
e

Delete

ANUP SAPKOTA(4TH SEM) 54

 DATABASE MANAGMENT SYSTEM

Testing:
(Software Testing Material. 2015) Software testing is defined as an activity to check whether the
actual results match the expected results and to ensure that the software system is Defect free. It
involves execution of a software component or system component to evaluate one or more
properties of interest.
Software testing also helps to identify errors, gaps or missing requirements in contrary to the actual
requirements. It can be either done manually or using automated tools. Some prefer saying
Software testing as a White Box and Black Box Testing.
Importance of Testing:
(Software Testing Material. 2015)Some of the valuable point why it is necessary for the program
to be test are listed below:
• Cost effectiveness:
Testing has many benefits and one of the most important ones is cost-effectiveness. Having
testing in your project can save money in the long run. Software development consists of
many stages and if bugs are caught in the earlier stages it costs much less to fix them. That
is why it’s important to get testing done as soon as possible. Getting testers or QA’s who
are technically educated and experienced for a software project is just like an investment
and your project will benefit budget-wise.
• Security:
Another important point to add is security. This is probably the most sensitive and yet most
vulnerable part.
There have been many situations where user information has been stolen or hackers have
gotten to it and used it for their benefit. That is the reason people are looking for trusted
products that they can rely on. As a user of many products and apps, I am always looking
for products that I would give my information to with confidence and know that it will be
safe; perhaps so do you. Our personal information and what we do with it should stay as
private as possible, especially using services where it is a vulnerability to us, for example,
banking information, security details etc.

ANUP SAPKOTA(4TH SEM) 55

 DATABASE MANAGMENT SYSTEM

How testing can help your product security:

-The user gets a trustworthy product;
-Keeps user’s personal information and data safe;
-Vulnerability free products;
-Problems and risks are eliminated beforehand;
-Saves a lot of troubles later on;
• Product Quality:
In order to make our product vision come to life, it has to work as planned. Following
product requirements is imperative, to an extent, because it helps you get the wanted end
results.
Products always serve users in some ways, so it’s very important that it brings the value it
promises, hence it should work properly to ensure great customer experience. Development
of an app, for example, has many processes included and testing gets a glimpse of every
bit – it checks if the apps graphics are aligned properly, tests the main functionality, checks
if menus are intuitive, etc. After developers fix issues, sometimes another issue may appear
unexpectedly somewhere else, that’s just how testing goes sometimes, so it’s great to find
those issues to be resolved and be a part of quality product being delivered to marketplace.
Device compatibility is also checked for the product, for example, an app’s compatibility
on many devices and operating systems. Testing companies usually have many devices and
tools available to cover as many testing scenarios as possible.
• Customer Satisfaction:
The ultimate goal for a product owner is to give the best customer satisfaction. Reasons
why apps and software should be tested is to bring the best user experience possible. Being
the best product in this saturated market will help you gain trustworthy clients which will
have great long-term effects. Once users will have amazing customer experience they will,
without a doubt, tell their friends and word to mouth will make it advertise itself, but this
works both ways.

ANUP SAPKOTA(4TH SEM) 56

 DATABASE MANAGMENT SYSTEM

Customer trust is not easy to earn, especially if your product is glitching and functioning
only 60% of the time. We are a user of many products and perhaps have had horrible
experiences that made you delete the app and tell others not to use it. These days the market
is so saturated that first impression is important, otherwise users will find another product
that meets his needs.
Types of software testing:
Basically, there are two different types of the software testing which are as follows:
• White Box testing
• Black Box testing
White Box Testing:
(Guru99.com 2019) White box testing techniques analyze the internal structures the used data
structures, internal design, code structure and the working of the software rather than just the
functionality as in black box testing. It is also called glass box testing or clear box testing or
structural testing.
Working process of white box testing:
i. Input: Requirements, Functional specifications, design documents, source code.
ii. Processing: Performing risk analysis for guiding through the entire process.
iii. Proper test planning: Designing test cases so as to cover entire code. Execute rinse-repeat
until error-free software is reached. Also, the results are communicated.
iv. Output: Preparing final report of the entire testing process.
Black Box Testing:
(Guru99.com 2019) Black Box Testing, also known as Behavioral Testing, is a software testing
method in which the internal structure/design/implementation of the item being tested is not known
to the tester. These tests can be functional or non-functional, though usually functional.
This method is named so because the software program, in the eyes of the tester, is like a black
box; inside which one cannot see. This method attempts to find errors in the following categories:
i. Incorrect or missing functions
ii. Interface errors

ANUP SAPKOTA(4TH SEM) 57

 DATABASE MANAGMENT SYSTEM

iii. Errors in data structures or external database access

iv. Behavior or performance errors
v. Initialization and termination errors
Difference between White Box and Black Box testing:
White Box testing Black Box testing
It is a way of testing the software in which the It is a way of software testing in which the
tester has knowledge about the internal internal structure or the program or the code is
structurer the code or the program of the hidden and nothing is known about it.
software.
It is mostly done by software developers. It is mostly done by software testers.
Knowledge of implementation is required. No knowledge of implementation is needed.
It is the inner or the internal software testing. It can be referred as outer or external software
testing.
It is structural test of the software. It is functional test of the software.
It is most time consuming. It is least time consuming.
It is also called as clear box testing. It is also called closed testing.
Example: by input to check and verify loops

a) Functional Testing:
(Guru99.com 2019) FUNCTIONAL TESTING is a type of software testing whereby the
system is tested against the functional requirements/specifications.
Functions (or features) are tested by feeding them input and examining the output.
Functional testing ensures that the requirements are properly satisfied by the application.
This type of testing is not concerned with how processing occurs, but rather, with the results
of processing. It simulates actual system usage but does not make any system structure
assumptions.
Typically, functional testing involves the following steps:
-Identify functions that the software is expected to perform.

ANUP SAPKOTA(4TH SEM) 58

 DATABASE MANAGMENT SYSTEM

-Create input data based on the function’s specifications.

-Determine the output based on the function’s specifications.
-Execute the test case.
-Compare the actual and expected outputs.
The level of testing that can be included in the functional testing are discussed below:
• Unit testing:
(Guru99.com 2019) UNIT TESTING is a level of software testing where individual units/
components of a software are tested. The purpose is to validate that each unit of the
software performs as designed. A unit is the smallest testable part of any software. It
usually has one or a few inputs and usually a single output. In procedural programming, a
unit may be an individual program, function, procedure, etc. In object-oriented
programming, the smallest unit is a method, which may belong to a base/ super class,
abstract class or derived/ child class. (Some treat a module of an application as a unit. This
is to be discouraged as there will probably be many individual units within that module.)
Unit testing frameworks, drivers, stubs, and mock/ fake objects are used to assist in unit
testing.
Date tested Data values Input values Expected Actual Remarks
output output

2019/12/25 Integer Student_id The value Integer Sucessful

should be string was
numeric not in
correct
format

ANUP SAPKOTA(4TH SEM) 59

 DATABASE MANAGMENT SYSTEM

tori

In the above testing student id should be in integer format but the input type is varchar so that
we got error due to wrong data input.

Date tested Data values Input values Expected Actual Remarks

output output

2019/12/25 Valid Username The value Invalid Sucessful

recommendation and should be username
Password valid

ANUP SAPKOTA(4TH SEM) 60

 DATABASE MANAGMENT SYSTEM

In the above testing the username and password that I have provided was incorrect due to which
the authentication was failed.

• Integration testing:
(Guru99.com 2019) Integration testing is a level of software testing where individual units
are combined and tested as a group. The purpose of this level of testing is to expose faults
in the interaction between integrated units. Test drivers and test stubs are used to assist in
Integration Testing.

ANUP SAPKOTA(4TH SEM) 61

 DATABASE MANAGMENT SYSTEM

Integration testing is a component of Extreme Programming (XP), a pragmatic method of

software development that takes a meticulous approach to building a product by means of
continual testing and revision.

Date tested Data values Input values Expected Actual Remarks

output output

2019/12/25 Int Username The value Invalid Sucessful

should be in datatype
Integer

ANUP SAPKOTA(4TH SEM) 62

 DATABASE MANAGMENT SYSTEM

In the above testing the I have inserted the username in terms of varchar but it has to be in Integer
due to which data type error has been found.

b) Non-functional testing:
(Guru99.com 2019) Non-functional testing is defined as a type of Software testing to check
non-functional aspects (performance, usability, reliability, etc.) of a software application.
It is designed to test the readiness of a system as per nonfunctional parameters which are
never addressed by functional testing.
An excellent example of non-functional test would be to check how many people can
simultaneously login into a software.
Non-functional testing is equally important as functional testing and affects client
satisfaction.
- Performance testing: Performance testing is the process of determining the speed,
responsiveness and stability of a computer, network, software program or device under a
workload. For the performance testing of the software I will be having stress testing which
provide the error information on the time of the system failure. For stress testing to be
successful, a system should display an appropriate error message while it is under extreme
conditions.
- Compatibility Testing: Compatibility Testing is a type of Software testing to check
whether your software is capable of running on different hardware, operating systems,
applications, network environments or Mobile devices.
- Accessibility Testing: Accessibility Testing is defined as a type of Software Testing
performed to ensure that the application being tested is usable by people with disabilities
like hearing, color blindness, old age and other disadvantaged groups. It is a subset of
Usability Testing.

ANUP SAPKOTA(4TH SEM) 63

 DATABASE MANAGMENT SYSTEM

Non-Functional testing Examples:

SN Test Case Domain Result
1 Application load time should not be Performance Testing Successful
more than 5 secs up to 1000 users
accessing it simultaneously.
2 Software should be installable on all Compatibility Successful
versions of Windows and Mac Testing
3 All student id should be unique Accessibility testing. Successful

ANUP SAPKOTA(4TH SEM) 64

 DATABASE MANAGMENT SYSTEM

Concurrency Control:
(Guru99.com 2019) Concurrency control is the procedure in DBMS for managing simultaneous
operations without conflicting with each another. Concurrent access is quite easy if all users are
just reading data. There is no way they can interfere with one another. Though for any practical
database, would have a mix of reading and WRITE operations and hence the concurrency is a
challenge.
Concurrency control is used to address such conflicts which mostly occur with a multi-user system.
It helps you to make sure that database transactions are performed concurrently without violating
the data integrity of respective databases.
Therefore, concurrency control is a most important element for the proper functioning of a system
where two or multiple database transactions that require access to the same data, are executed
simultaneously.
Potential problems of Concurrency:
Here, are some issues which you will likely to face while using the Concurrency Control method:
a) Lost Updates:
It occurs when multiple transactions select the same row and update the row based on the
value selected
b) Uncommitted dependency:
These issues occur when the second transaction selects a row which is updated by another
transaction (dirty read)
c) Non-Repeatable Read:
It occurs when a second transaction is trying to access the same row several times and reads
different data each time.
d) Incorrect Summary issue: It occurs when one transaction takes summary over the value of
all the instances of a repeated data-item, and second transaction update few instances of
that specific data-item. In that situation, the resulting summary does not reflect a correct
result.

ANUP SAPKOTA(4TH SEM) 65

 DATABASE MANAGMENT SYSTEM

Why use Concurrency method?

(Guru99.com 2019) Reasons for using Concurrency control method is DBMS:
• To apply Isolation through mutual exclusion between conflicting transactions
• To resolve read-write and write-write conflict issues
• To preserve database consistency through constantly preserving execution obstructions
• The system needs to control the interaction among the concurrent transactions. This control
is achieved using concurrent-control schemes.
• Concurrency control helps to ensure serializability.
Example:
Assume that two student who submitted same subject assignment at the same time. Without
concurrency control, it is possible that both students will end up submitting a assignment.
However, concurrency control method does not allow this to happen. Both students can still access
information written in the assignment management database. But concurrency control only
provides a student to submit the assignment who has done at first.
Types of Concurrency control Protocols are:
1) Lock-based Protocols:
(Guru99.com 2019) A lock is a data variable which is associated with a data item. This
lock signifies that operations that can be performed on the data item. Locks help
synchronize access to the database items by concurrent submission.
All lock requests are made to the concurrency-control manager. submission proceed only
once the lock request is granted.
Binary Locks: A Binary lock on a data item can either locked or unlocked states.
Shared/exclusive: This type of locking mechanism separates the locks based on their uses.
If a lock is acquired on a data item to perform a write operation, it is called an exclusive
lock.

ANUP SAPKOTA(4TH SEM) 66

 DATABASE MANAGMENT SYSTEM

• Shared Lock (S):

(Guru99.com 2019) A shared lock is also called a Read-only lock. With the shared lock,
the data item can be shared between transactions. This is because we will never have
permission to update data on the data item.
For example, consider a case where two teachers are reading the assignment of a student.
The database will let them read by placing a shared lock. However, if another teachers
wants to update that student assignment, shared lock prevent it until the reading process is
over.
• Exclusive Lock (X):
(Guru99.com 2019) With the Exclusive Lock, a data item can be read as well as written.
This is exclusive and can't be held concurrently on the same data item. X-lock is requested
using lock-x instruction. Teachers may unlock the data item after finishing the 'write'
operation.
For example, when a teacher wants to update that student assignment. They can allow this
process by placing X lock on it. Therefore, when the second teachers want to read or write
the assignment of student, exclusive lock prevent this operation.
• Simplistic lock protocol:
(Guru99.com 2019) This type of lock-based protocols allows transactions to obtain a lock
on every object before beginning operation. Transactions may unlock the data item after
finishing the 'write' operation.
• Pre- claiming protocol:
(Guru99.com 2019) Pre-claiming lock protocol helps to evaluate operations and create a
list of required data items which are needed to initiate an execution process. In the situation
when all locks are granted, the transaction executes. After that, all locks release when all
of its operations are over.
2) Two Phase Locking (2PL) Protocol:

ANUP SAPKOTA(4TH SEM) 67

 DATABASE MANAGMENT SYSTEM

(Guru99.com 2019) Two-Phase locking protocol which is also known as a 2PL protocol.
It is also called P2L. In this type of locking protocol, the transaction should acquire a lock
after it releases one of its locks.
This locking protocol divides the execution phase of a transaction into three different parts.
-In the first phase, when the transaction begins to execute, it requires permission for the
locks it needs.
-The second part is where the transaction obtains all the locks. When a transaction releases
its first lock, the third phase starts.
-In this third phase, the transaction cannot demand any new locks. Instead, it only releases
the acquired locks.
It is true that the 2PL protocol offers serializability. However, it does not ensure that deadlocks do
not happen
-Centralized 2PL
In Centralized 2 PL, a single site is responsible for lock management process. It has only one lock
manager for the entire DBMS.
-Primary copy 2PL
Primary copy 2PL mechanism, many lock managers are distributed to different sites. After that, a
particular lock manager is responsible for managing the lock for a set of data items. When the
primary copy has been updated, the change is propagated to the slaves.
-Distributed 2PL
In this kind of two-phase locking mechanism, Lock managers are distributed to all sites. They are
responsible for managing locks for data at that site. If no data is replicated, it is equivalent to
primary copy 2PL. Communication costs of Distributed 2PL are quite higher than primary copy
2PL

3) Timestamp-based Protocols:
The timestamp-based algorithm uses a timestamp to serialize the execution of concurrent
transactions. This protocol ensures that every conflicting read and write operations are

ANUP SAPKOTA(4TH SEM) 68

 DATABASE MANAGMENT SYSTEM

executed in timestamp order. The protocol uses the System Time or Logical Count as a
Timestamp.
The older transaction is always given priority in this method. It uses system time to
determine the time stamp of the transaction. This is the most commonly used concurrency
protocol.
Lock-based protocols help you to manage the order between the conflicting transactions
when they will execute. Timestamp-based protocols manage conflicts as soon as an
operation is created.
4) Validation based protocol:
Validation phase is also known as optimistic concurrency control technique. In the
validation-based protocol, the transaction is executed in the following three phases:
- Read phase: In this phase, the transaction T is read and executed. It is used to read the
value of various data items and stores them in temporary local variables. It can perform all
the write operations on temporary variables without an update to the actual database.
- Validation phase: In this phase, the temporary variable value will be validated against the
actual data to see if it violates the serializability.
- Write phase: If the validation of the transaction is validated, then the temporary results
are written to the database or system otherwise the transaction is rolled back.
Used protocol for development of project:
(Guru99.com 2019) For better development of the project I will be using validation based control
as in this phase firstly the data are sent for the validation on read only phase where the data came
from the interface is stored in the temporary variable after that it was validate with the actual data
in the database when they both match then the performance or request can be executed.
In the assignment management system for admin login first the data insert into the GUI of login is
store in the temporary login file which will validate it to the actual data that database has stored in
the login table. If the both data match to the each other than the request to open the database will
be completed opening the database of the assignment management system.

ANUP SAPKOTA(4TH SEM) 69

 DATABASE MANAGMENT SYSTEM

Creating user and grant permission:

(Guru99.com 2019) When we start the Oracle always it begins by connecting to server where
oracle is hosted, then we have to connect using System account.
As the system account is one of the predefined administrative accounts generated automatically
when oracle is installed.

Creating User CREATE USER student identified BY

Once we are connected to the system, I will student_id;
create the user using CREATE USER “I have created student account that is
command. identified by the specified student_id”
Grant Statement With our new student account created, we can
now begin adding privileges to the account
using the GRANT statement. GRANT is a very
powerful statement with many possible
options, but the core functionality is to manage
the privileges of both users and roles
throughout the database.
Providing roles GRANT CONNECT TO student;
Typically, first want to assign privileges to the In some cases, to create a more powerful user
user through attaching the account to various we can also consider adding the RESOURCE
roles, starting with the CONNECT role: role (allowing the user to create named types
for custom schemas) or even the DBA role,
which allows the user to not only create custom
named types but alter and destroy them as well.
GRANT CONNECT, resource, dba TO
student;
Assigning privileges For this we have to use GRANT CREATE
SESSION combining with privileges using

ANUP SAPKOTA(4TH SEM) 70

 DATABASE MANAGMENT SYSTEM

Next, we have to ensure the user privileges to GRANT ANY PRIVILEGES GRANT
connect to the database CREATE SESSION GRANT ANY
privilege TO student;
Table privileges if we want our student user to have the ability
Generally providing these privileges for the to perform SELECT, UPDATE, INSERT, and
newer version of oracle is not necessary but DELETE capabilities on the student able, we
some time it is required. might execute the following GRANT
statement
GRANT
SELECT, INSERT, UPDATE, DELETE
ON
Schema.student
TO Student;
The above query ensure that student can
perform the four-basic operation on the student
table.
I have presented the above table on how we can deliver the privileges and authorization for the
user on the database. Now I will provide security on the database which I will be discussing below:
Database security:
(Guru99.com 2019) Database security covers and enforces security on all aspects and components
of databases. This includes:
-Data stored in database
-Database server
-Database management system (DBMS)
-Other database workflow applications
Database security is generally planned, implemented and maintained by a database administrator
and or other information security professional.
For securing of the database following database security I have to implement, they are as:

ANUP SAPKOTA(4TH SEM) 71

 DATABASE MANAGMENT SYSTEM

1. Access authorization:
(SearchSecurity 2019 Authentication is the process of validating credential like username,
password, etc to verify the user identity. Access authorizations may allow general access
to a service or access to all records of a particular type, but more often, access will be
restricted based on the context of the collaboration.
Example: If the student or teacher will put the wright user name or password then they will
be allowed to access the particular file else they can’t access the particular file.
2. Access Control:
(SearchSecurity 2019 Access control is a security technique that regulates who or what can
view or use resources in a computing environment. It is a fundamental concept in security
that minimizes risk to the business or organization.
There are two types of access control: physical and logical. Physical access control limits
access to campuses, buildings, rooms and physical IT assets. Logical access control limits
connections to computer networks, system files and data.
3. Views:
(SearchSecurity 2019 A database view is a searchable object in a database that is defined
by a query. Though a view doesn’t store data, some refer to a view as “virtual tables,” you
can query a view like a table. A view can combine data from two or more table, using joins,
and also just contain a subset of information. This makes them convenient to abstract, or
hide, complicated queries. Just as a function (in programming) can provide abstraction, so
can a database view. In another parallel with functions, database users can manipulate
nested views, thus one view can aggregate data from other views. Without the use of views,
the normalization of databases above second normal form would become much more
difficult. Views can make it easier to create lossless join decomposition.
4. Data integrity:
(SearchSecurity 2019 Data integrity is the overall completeness, accuracy and consistency
of data. This can be indicated by the absence of alteration between two instances or between
two updates of a data record, meaning data is intact and unchanged. The concept of data

ANUP SAPKOTA(4TH SEM) 72

 DATABASE MANAGMENT SYSTEM

integrity ensures that all data in a database can be traced and connected to other data. This
ensures that everything is recoverable and searchable. Having a single, well-defined and
well-controlled data integrity system increases stability, performance, reusability and
maintainability
5. Backup and recovery of data:
(SearchSecurity 2019 Backup and recovery describe the process of creating and storing
copies of data that can be used to protect organizations against data loss. This is sometimes
referred to as operational recovery. Recovery from a backup typically involves restoring
the data to the original location, or to an alternate location where it can be used in place of
the lost or damaged data.
A proper backup copy is stored in a separate system or medium, such as tape, from the
primary data to protect against the possibility of data loss due to primary hardware or
software failure.
Screenshot that are related to backup and recovery of data are:
Run backup file Backup.bat in the folder
C:\oraclexe\app\oracle\product\11.2.0\server\bin

ANUP SAPKOTA(4TH SEM) 73

 DATABASE MANAGMENT SYSTEM

Wait until the backup by RMAN tool is complete

As a result of the execution a backup file with an

extension. BKP will be generate in the folder
with the name of the data of creating

ANUP SAPKOTA(4TH SEM) 74

 DATABASE MANAGMENT SYSTEM

For restoring of the data:

Run Restore file Restore.bat in the folder
C:\oraclexe\app\oracle\product\11.2.0\server\bin

Wait until the restore operation, by RMAN tool is

complete

ANUP SAPKOTA(4TH SEM) 75

 DATABASE MANAGMENT SYSTEM

Finally, we can restore the data as shown in the

above description

ANUP SAPKOTA(4TH SEM) 76

 DATABASE MANAGMENT SYSTEM

Comparing system design and system analysis against system and user requirement
(SearchSecurity 2019 Systems development is systematic process which includes phases such as
planning, analysis, design, deployment, and maintenance. Here, in this tutorial, we will primarily
focus on −
-Systems analysis
-Systems design
• System Analysis:
It is a process of collecting and interpreting facts, identifying the problems, and
decomposition of a system into its components.
System analysis is conducted for the purpose of studying a system or its parts in order to
identify its objectives. It is a problem-solving technique that improves the system and
ensures that all the components of the system work efficiently to accomplish their purpose.
Analysis specifies what the system should do.
• System Design:
It is a process of planning a new business system or replacing an existing system by
defining its components or modules to satisfy the specific requirements. Before planning,
you need to understand the old system thoroughly and determine how computers can best
be used in order to operate efficiently.
System Design focuses on how to accomplish the objective of the system.
System Analysis and Design (SAD) mainly focuses on −
-Systems
-Processes
-Technology
(EDUCBA.com 2019) Differentiating system analysis and system design in the below
table:

ANUP SAPKOTA(4TH SEM) 77

 DATABASE MANAGMENT SYSTEM

System Design System Analysis

This process starts from each scratch and This is a post process which is used when
utilizes all our new ideas the design is complete and ready for
analysis
Design includes collection of raw data, Analysis includes processing, execution,
requirement, need, and planning. bug fixing and making reports.
Errors may come while creating but Basically, it resembles removing error
couldn’t fix at the start. from the existing model.
In design the maximum time goes before The time consumed in analyzing is less
the initiation of works. than time consumed by design.
The tools used is different as the work The software’s used is different than the
performed by them is different. tools used for designing.
Pre planning is most important task and Pre planning is not compulsion but yes
discussion about pre planning is done discussion on result does matter
Single but large screen is more than Multiple screens are required for analysis
enough in this case as just detailing is the to check and fix bug.
main job

I. Planning:
(SearchSecurity 2019 Planning is the process of thinking about the activities required to achieve a
desired goal. It is the first and foremost activity to achieve desired results. It involves the creation
and maintenance of a plan, such as psychological aspects that require conceptual skills.
For the development of the assignment management system I have plan to use following things:
- Oracle for the back end of the project to store the data
- Java programing language for the interface designing and coding
- Visio tools for the designing
- Faculty teacher as the mentor for the development of the project

ANUP SAPKOTA(4TH SEM) 78

 DATABASE MANAGMENT SYSTEM

II. Requirement analysis:

(SearchSecurity 2019 After making plan for the project I have to analyze the requirement
of the project that includes the following as I have divided it into two parts they are as;
• System requirement:
For the development of the assignment management system I will be using java
programming language with IDE of NetBeans:
Items Requirements
Hardware - Memory of 8 GB RAM or more
- Monitor resolution of 1080 x 760 or
higher
- Intel Pentium 4 or AMD Athlon 2.5 GHz
(or faster)
- 2 GB (or more) available hard disk space
Software - Java SE JDK v6.0
- Java Servlet Container (Free Servlet
Container available)
- Supported Database and library that
supports the database connection with
Java.
- SQL developer v17.2
Operating system -Windows 10

• User requirement:
Requirements Use
Log in Fully authenticate and validate login panel
for the login who manage the database of
assignment management system

ANUP SAPKOTA(4TH SEM) 79

 DATABASE MANAGMENT SYSTEM

Student management Should be able to add, edit and delete

student
Teacher Management Should have access to student assignment
such that the system can generate report of
the assignment received and feedback date
Assignment Management Should be able to add, edit and delete
assignment submitted by the student that
need to be shown to the teacher
III. Designing:
(SearchSecurity 2019 The designing of the assignment management includes how our
assignment management work in a descriptive picture format that can be understandable
for the any developer and programmer. For the designing of the assignment management I
have used Visio tools including the design of Entity Relation diagram, Relation diagram
they are shown below:
0 level
DFD

ANUP SAPKOTA(4TH SEM) 80

 DATABASE MANAGMENT SYSTEM

1 level
DFD

2 level
DFD

ANUP SAPKOTA(4TH SEM) 81

 DATABASE MANAGMENT SYSTEM

ER
diagra
m

IV. Testing:
(SearchSecurity 2019 Testing is defined as an activity to check whether the actual results
match the expected results and to ensure that the software system is Defect free. I have
already done the different types of testing along with the output in the above questions.
V. Implementation:
(SearchSecurity 2019 After finishing the testing process the time is for the implementation
process. It is necessary to launch the application in the ISMT college. After launching the
application, I can get the feedback from the different person. The feedback that I have got
are as:
VI. Feedbacks:
(SearchSecurity 2019 As the application was tested by the different persons of the ISMT
college the feedback of the particular person are as follows:

ANUP SAPKOTA(4TH SEM) 82

 DATABASE MANAGMENT SYSTEM

Date:2019/12/27
The project is excellent it helps the college to manage the assignment in the appropriate
format. Student can easily submit the assignment as well as the teacher can evaluate the
assignment easily and can provide the feedback of the assignment to the particular
students.
-Nawaraj Bhandari (Teacher of DBMS)

Date:2019/12/27
The application is good. It is easy to access. It consumes the less time. The management
of the assignment is easier. The junior student can use the assignment of the senior
student as reference. The software is mesmerizing and heart taking due to its color
combination and development as it easily attracts the eye of the user.
-Rahul kumar (teacher of Java)

Date:2019/12/27
The application is good but for the development of the project there has been used of
core java which is not use in the meantime, which make the system vulnerable and attack
of the malicious code in the software. So, I suggest to use some of the best framework
like Spring MVC, JSF or Grails as per the need of the project for the development
-Binod Saha (Teacher of programming)
After collecting those feedback from the teacher’s expert at different field I have evaluated
that I have done the greater work but I would have done more better if I had upgrade little
bit work in terms of security as a whole, I found my application to be good.
Conclusion:
As requirement of the scenario in this part I had Produced a design for a relational database
management system to meet client requirements as well as I had developed a fully functional
system which meets client and

ANUP SAPKOTA(4TH SEM) 83

 DATABASE MANAGMENT SYSTEM

system requirements, using an open source language (with an application software e.g. MySQL
also I had analyzed how the design will optimize system performance and I had implemented
effective features in the solution to handle concurrency, security, user authorizations and data
recovery and finally I had Critically evaluated the effectiveness of the system design and
development against client and system requirements.

ANUP SAPKOTA(4TH SEM) 84

 DATABASE MANAGMENT SYSTEM

Part 3: Create a lab report: Demonstrate the system administration and management tools
available on the chosen platform

• Demonstrate the tools available in the system to monitor and optimize system
performance, and examine the audit logs.

• Demonstrate the tools available in the system to manage security and authorizations.

• Assess the effectiveness of the system administration and management tools available
on the platform identifying any shortcomings of the tools.

• Assess any future improvements that may be required to ensure the continued
effectiveness of the database system.

ANUP SAPKOTA(4TH SEM) 85

 DATABASE MANAGMENT SYSTEM

Lab Report on: Demonstrating the system administration and management tools available
Date:2019/12/28
Submitted by: Anup Sapkota
Submitted to: Nawaraj Bhandari
Title:
The title on which I am going to make the lab reports are as follows:
• Demonstrating the tools available in the system to monitor and optimize
system performance, and examine the audit logs.
• Demonstrating the tools available in the system to manage security and
authorizations.
• Assessing the effectiveness of the system administration and management
tools available on the platform identifying any shortcomings of the tools.
• Assessing any future improvements that may be required to ensure the
continued effectiveness of the database system.

Introduction:
The main purpose of my experiment is to demonstrate the system administration and
management tools available. In this experiment I am going to demonstrate the tools available in
the system to monitor and optimize system performance, and examine the audit logs as well as
I am going to demonstrate the tools available in the system to manage security and authorizations
as well as I am going to assess the effectiveness of the system administration and management
tools available on the platform identifying any shortcomings of the tools and finally I am going
to access any future improvements that may be required to ensure the continued effectiveness
of the database system.
Materials:
To do the experiment I am going to use the internet as well as my programs as a material. Also,
I am going to use some screenshots of my programs to demonstrate the experiment.

ANUP SAPKOTA(4TH SEM) 86

 DATABASE MANAGMENT SYSTEM

Data:
Audit log:
(Audit Log 2004) “An audit trail (also called audit log) is a security-relevant chronological
record, set of records, and/or destination and source of records that provide documentary
evidence of the sequence of activities that have affected at any time a specific operation,
procedure, or event.”
An audit log in its most primitive form would be a pen and paper a person would use to make
entries to accompany changes made to a system. Signing your kids in and out of daycare would
be an example of an audit log. To track the log of the database we can have it from the database
DBA which I will show down below:

• Increased Security|:
Having detailed audit logs can protect a business from liability during legal battles. They
also help companies monitor data for any potential security breaches or internal misuses
of information. They are also a great way to ensure that proper document protocols are
followed consistently, and to prevent (and track down) fraud.
• Risk Management:

ANUP SAPKOTA(4TH SEM) 87

 DATABASE MANAGMENT SYSTEM

Audit logs can play an important part in a business’ overall risk management strategy,
demonstrating to customers, business partners and regulators that an organization has
made a thorough effort to protect against and prevent potential problems before they
occur.
• Demonstrate Compliance
Organizations must comply with tax regulations and federal laws such as the Sarbanes-
Oxley act and the Gramm-Leach-Bliley Act, in addition to industry-specific regulations.
Audit logs can be used as proof of regulatory compliance during an audit and can help
a company fulfill its record-keeping requirements for compliance purposes.

• Detailed Insight:
Because an audit log tracks how long and how frequently individual users access a
document, it can be used to gain insight into which investors or potential partners are
most interested in a business, enabling the company to be more strategic with its
negotiations.
Tracking all user activities with an audit log can offer both startups and established
companies the insight and oversight abilities they need to increase efficiency and
security in a reliable, provable way.
Audit logs are a special procedure which execute in specific event, also called trigger
(Essentialsql.com. 2019) A database trigger is special stored procedure that is run when specific
actions occur within a database. Most triggers are defined to run when changes are made to a
table’s data. Triggers can be defined to run instead of or after DML (Data Manipulation
Language) actions such as INSERT, UPDATE, and DELETE.
Triggers help the database designer ensure certain actions, such as maintaining an audit file, are
completed regardless of which program or user makes changes to the data.
The programs are called triggers since an event, such as adding a record to a table, fires their
execution. The programs are called triggers since an event, such as adding a record to a table,
fires their execution.

ANUP SAPKOTA(4TH SEM) 88

 DATABASE MANAGMENT SYSTEM

Events:
The triggers can occur AFTER or INSTEAD OF a DML action. Triggers are associated with
the database DML actions INSERT, UPDATE, and DELETE. Triggers are defined to run when
these actions are executed on a specific table.
Trigger creation of database:
Trigger insertion of database:

After compiling the insert trigger on the insertion query on database we can have a trigger before
insertion complete.

ANUP SAPKOTA(4TH SEM) 89

 DATABASE MANAGMENT SYSTEM

Trigger on Update Database:

ANUP SAPKOTA(4TH SEM) 90

 DATABASE MANAGMENT SYSTEM

After creating update trigger on updating of the table we can have trigger before the updation of
table.

Trigger on deletion of database:

ANUP SAPKOTA(4TH SEM) 91

 DATABASE MANAGMENT SYSTEM

After creating deletion trigger on table, we can have deleted trigger before delete operation
complete

Trigger created on database:

Tools in the system to manage the security as authorization:

It is mine duty to make the database security good so that the performance of application can be
good without any interruption. So, I have inserted some terms that helps to manage security as
well as authorization:

ANUP SAPKOTA(4TH SEM) 92

 DATABASE MANAGMENT SYSTEM

User Account Provisioning:

It is a process that ensures user accounts are created, given proper permissions, changed,
disabled, and deleted. These identity management actions are triggered when information is
added or changed in a personnel system. New hires, promotions, transfers, and departures are
examples of events that can trigger identity management processes.
Manually managing student assignment and student memberships can quickly become one of
the College department’s most time-consuming jobs. When a student submits assignment, it
takes the department 30 minutes on average to create a new account and assign proper
permissions. This process can be delayed by several days, if the student department is swamped
with other tasks. This delay can leave a student stranded and unproductive on what was supposed
to be their first day of assignment submission.
Role based access:
It is an approach to restricting system access to authorized users. It is used by the majority of
enterprises with more than 500 employees, and can implement mandatory access control (MAC)
or discretionary access control (DAC).
Within an organization, roles are created for various job functions. The permissions to perform
certain operations are assigned to specific roles. Members or staff (or other system users) are
assigned particular roles, and through those role assignments acquire the permissions needed to
perform particular system functions. Since users are not assigned permissions directly, but only
acquire them through their role (or roles), management of individual user rights becomes a
matter of simply assigning appropriate roles to the user's account; this simplifies common
operations, such as adding a user, or changing a user's department.
Role based access control interference is a relatively new issue in security applications, where
multiple user accounts with dynamic access levels may lead to encryption key instability,
allowing an outside user to exploit the weakness for unauthorized access. Key sharing

ANUP SAPKOTA(4TH SEM) 93

 DATABASE MANAGMENT SYSTEM

applications within dynamic virtualized environments have shown some success in addressing
this problem.

Three primary rules are defined for RBAC:

• Role assignment: A subject can exercise a permission only if the subject has selected or
been assigned a role.
• Role authorization: A subject's active role must be authorized for the subject. With rule
1 above, this rule ensures that users can take on only roles for which they are authorized.
• Permission authorization: A subject can exercise a permission only if the permission is
authorized for the subject's active role. With rules 1 and 2, this rule ensures that users
can exercise only permissions for which they are authorized.
Additional constraints may be applied as well, and roles can be combined in a hierarchy where
higher-level roles subsume permissions owned by sub-roles.
Identity governance:
Identity governance is the policy-based centralized orchestration of user identity management
and access control. It is the important factor that provide security to the organization providing
automated access to an ever-growing number of technology assets, while at the same time
managing potential security and compliance risks. More on it provide user interfaces and
workflows to help manage the process of maintaining roles so we can keep application up to
date making sure they represent access that people trust. Mainly in the oracle database I have
provide role base access to the database as the user I have created for database handling admin
can insert into the database as shown below the screenshot:
Creating user and granting role-based permission:
When we start the Oracle always it begins by connecting to server where oracle is hosted, then
we have to connect using System account.
As the system account is one of the predefined administrative accounts generated automatically
when oracle is installed.

ANUP SAPKOTA(4TH SEM) 94

DATABASE MANAGMENT SYSTEM

ANUP SAPKOTA(4TH SEM) 95

 DATABASE MANAGMENT SYSTEM

Here I have provide some SQL query to grant roles and privileges to the user created in the
database but below I will provide GUI of user creation and system roles and privileges for the
user.
Firstly, we have to connect the database with our oracle login it as system providing password
then we will have an interface which look a like this:
Interface after login as system:

ANUP SAPKOTA(4TH SEM) 96

 DATABASE MANAGMENT SYSTEM

After extending the assignment we can observe user on right click as well as we can see create
user option as shown in above screenshot.

ANUP SAPKOTA(4TH SEM) 97

 DATABASE MANAGMENT SYSTEM

Then we can create user, I have created admin user providing password for login.

Then system privileges to the user can be provided

ANUP SAPKOTA(4TH SEM) 98

 DATABASE MANAGMENT SYSTEM

After that role of the user in the database can be provided.

After that to unlock the user to access database

ANUP SAPKOTA(4TH SEM) 99

 DATABASE MANAGMENT SYSTEM

Then there is all roles and privileges to the user admin like:
Roles: connect, DBA
Privileges:
Create any table, alter any table, drop any table, select any table, unlimited tablespace, update
any table

After connect as admin now I can select any table that is inside the assignment database which
I will show in the below screenshot:
Connecting admin user in assignment database

ANUP SAPKOTA(4TH SEM) 100

 DATABASE MANAGMENT SYSTEM

As the admin is connected, I can select any table from the database in which I have select login
table shown down below:

ANUP SAPKOTA(4TH SEM) 101

 DATABASE MANAGMENT SYSTEM

Then I have insert into the login table with some values which is successfully completed.

On connecting through the user which is not created in the database it will denied. For that I
have try connecting through Anup which is not the valid user we get error as:

ANUP SAPKOTA(4TH SEM) 102

 DATABASE MANAGMENT SYSTEM

In the above I have discussed on providing user to the database so that we can handle the
database easier and also their privileges and roles so that they cannot ruin the database.
Single sign on:
(Searchsecurity.com 2019) Single sign-on (SSO) is a session and user authentication service
that permits a user to use one set of login credentials (e.g., name and password) to access
multiple applications. SSO can be used by enterprises, smaller organizations, and individuals to
mitigate the management of various usernames and passwords.
In a basic web SSO service, an agent module on the application server retrieves the specific
authentication credentials for an individual user from a dedicated SSO policy server, while
authenticating the user against a user repository such as a lightweight directory access protocol
(LDAP) directory. The service authenticates the end user for all the applications the user has
been given rights to and eliminates future password prompts for individual applications during
the same session.

ANUP SAPKOTA(4TH SEM) 103

 DATABASE MANAGMENT SYSTEM

Multifactor authentication:
(Searchsecurity.com 2019) Multi-factor authentication (MFA) is an authentication method in
which a computer user is granted access only after successfully presenting two or more pieces
of evidence (or factors) to an authentication mechanism: knowledge (something the user and
only the user knows), possession (something the user and only the user has), and inherence
(something the user and only the user is). The goal of MFA is to create a layered defense and
make it more difficult for an unauthorized person to access a target such as a physical location,
computing device, network or database. If one factor is compromised or broken, the attacker
still has at least one more barrier to breach before successfully breaking into the target.
Data storage on cloud:
(Searchsecurity.com 2019) Cloud storage is a model of computer data storage in which the
digital data is stored in logical pools. The physical storage spans multiple servers (sometimes in
multiple locations), and the physical environment is typically owned and managed by a hosting
company. These cloud storage providers are responsible for keeping the data available and
accessible, and the physical environment protected and running. People and organizations buy
or lease storage capacity from the providers to store user, organization, or application data.
Shortcoming of security management:
• Technology is always changing so users must always purchase upgraded information
security.
• Since technology is always changing nothing will ever be completely secure.
• If a user misses one single area that should be protected the whole system could be
compromised.
• It can be extremely complicated and users might not totally understand what they are
dealing with.
• It can slow down productivity if a user is constantly having to enter passwords.

ANUP SAPKOTA(4TH SEM) 104

 DATABASE MANAGMENT SYSTEM

Future improvements for database:

In many cases I have seen that DBA struggle with bad application performance and are feeling
quite frustrated when their SQL queries are extremely slow, which can cause the entire database
to perform poorly. So, to improve the performance of the database following things can be done:
Allocate more memory:
. (EverSql.com 2018) Similar to how having a CPU that’s not powerful enough can impact the
efficiency of a database, so too can lack of memory. After all, when there is not enough memory
available in the database to perform the work that is being asked of, database performance is
understandably going to take a hit. Basically, having more memory available will help to boost
the system’s efficiency and overall performance. A good way to check if you need more memory
is to look at how many page faults your system has; if the number of faults is high (in the
thousands, for example) it means that your hosts are running low on (or potentially entirely out
of) available memory space. Therefore, when trying to improve database performance it’s
important to both look at how much memory you have total as well as page faults (to determine
if you need additional memory to improve efficiency).
Data defragmentation:
(EverSql.com 2018) In the maintenance of file systems, defragmentation is a process that
reduces the degree of fragmentation. It does this by physically organizing the contents of the
mass storage device used to store files into the smallest number of contiguous regions
(fragments, extents). It also attempts to create larger regions of free space using compaction to
impede the return of fragmentation. Some defragmentation utilities try to keep smaller files
within a single directory together, as they are often accessed in sequence.
Defragmentation is advantageous and relevant to file systems on electromechanical disk drives
(hard disk drives, floppy disk drives and optical disk media). The movement of the hard drive's
read/write heads over different areas of the disk when accessing fragmented files is slower,
compared to accessing the entire contents of a non-fragmented file sequentially without moving
the read/write heads to seek other fragments.

ANUP SAPKOTA(4TH SEM) 105

 DATABASE MANAGMENT SYSTEM

Database version:
Another major factor in database performance is the version of SQL developer we are currently
deploying. Staying up to date with the latest version of database can have significant impact on
overall database performance. It's possible that one query may perform better in older versions
of SQL developer than in new ones, but when looking at overall performance, new versions tend
to perform better. As I have provided some method for the improvement of the database
performance there are plenty of the method to improve performance. We can make test of
different method and dee which make better impact in the database and use them for further
development.
Optimize queries:
In most cases performance issues are caused by poor SQL queries. While developing the
database we stuck between IN or EXISTS or writing subquery or join statement. Being in
dilemma cause poor management of database so for optimizing queries we can use query
optimizer such as Ever SQL Query Optimizer which will both speed up the query and explain
the recommendations.
Create optimal indexes:
If we done indexing properly it help to optimize the query execution duration and increase
overall performance. Indexes accomplish this by implementing a data structure that helps to
keep things organized and makes locating information easier, indexing speeds up the data
retrieval process and makes it more efficient, thereby saving our time and effort. (EverSql.com
2018)
Conclusion:
In this experiment I had demonstrated the tools available in the system to monitor and optimize
system performance, and examined the audit logs as well as I had demonstrated the tools
available in the system to manage security and authorizations as well as I had asses the
effectiveness of the system administration and management tools available on the platform
identifying any shortcomings of the tools and finally I had accessed any future improvements

ANUP SAPKOTA(4TH SEM) 106

 DATABASE MANAGMENT SYSTEM

that may be required to ensure the continued effectiveness of the database system. In the lab all
the demonstration of the experiments are successful.
References:
EDUCBA. (2019). System Analysis And Design | Top 11 Differences You Should Know.
[online] Available at: https://www.educba.com/system-analysis-and-design/ [Accessed 27 Dec.
2019].
What is Single Sign-On (SSO) and How Does It Work? (2019). Available at:
https://searchsecurity.techtarget.com/definition/single-sign-on (Accessed: 27 December 2019).
Audit Log (2004). Available at: https://martinfowler.com/eaaDev/AuditLog.html (Accessed: 27
December 2019).
(2019) Essentialsql.com. Available at: https://www.essentialsql.com/what-is-a-database-
trigger/ (Accessed: 27December 2019).
5 Easy Ways To Improve Your Database Performance (2018). Available at:
https://www.eversql.com/5-easy-ways-to-improve-your-database-performance/ (Accessed: 27
December 2019)

ANUP SAPKOTA(4TH SEM) 107

 DATABASE MANAGMENT SYSTEM

References:
1. SearchSQLServer. (2019). What is a Database Management System? - Definition from
WhatIs.com. [online] Available at: https://searchsqlserver.techtarget.com/definition/database-
management-system [Accessed 20 Dec. 2019].
2. Geol-amu.org. (2019). Types of Database Management Systems. [online] Available at:
http://www.geol-amu.org/notes/be1b-3-3.htm [Accessed 20 Dec. 2019].
3. SearchSQLServer. (2019). What is Database Normalization? [online] Available at:
https://searchsqlserver.techtarget.com/definition/normalization [Accessed 20 Dec. 2019].
4. Tutorialspoint.com. (2019). DBMS - Data Models - Tutorialspoint. [online] Available at:
https://www.tutorialspoint.com/dbms/dbms_data_models.htm [Accessed 20 Dec. 2019].
5. Sisense. (2019). What is a Relational Database Management System? | Sisense Glossary.
[online] Available at: https://www.sisense.com/glossary/relational-database/ [Accessed 20 Dec.
2019].
6. Guru99.com. (2019). DBMS vs RDBMS: Complete Difference between DBMS and RDBMS.
[online] Available at: https://www.guru99.com/difference-dbms-vs-rdbms.html [Accessed 20
Dec. 2019].
7. Jhigh.co.uk. (2019). Data Anomalies. [online] Available at:
http://jhigh.co.uk/Higher/dbases/anomalies.html [Accessed 21 Dec. 2019].
8. Guru99.com. (2019). DBMS Concurrency Control: Two Phase, Timestamp, Lock-Based
Protocol. [online] Available at: https://www.guru99.com/dbms-concurrency-control.html
[Accessed 22 Dec. 2019].
9. W3schools. (2019). Database Security. [online] Available at:
https://www.w3schools.in/dbms/database-security/ [Accessed 23 Dec. 2019].
10. Techopedia.com. (2019). What is Database Security? - Definition from Techopedia. [online]
Available at: https://www.techopedia.com/definition/29841/database-security [Accessed 23 Dec.
2019].
11. Differencebetween.net. (2019). Difference between Authentication and Authorization |
Difference Between. [online] Available

ANUP SAPKOTA(4TH SEM) 108

 DATABASE MANAGMENT SYSTEM

at:http://www.differencebetween.net/technology/difference-between-authentication-and-
authorization/ [Accessed 23 Dec. 2019].
12. SearchSecurity. (2019). What is access control? - Definition from WhatIs.com. [online]
Available at: https://searchsecurity.techtarget.com/definition/access-control [Accessed 24 Dec.
2019].
13. Software, D. (2017). Oracle Database Data: Backup and Restore. [online] Hetman Software.
Available at: https://hetmanrecovery.com/recovery_news/backing-up-and-restoring-the-database-
oracle-database.htm [Accessed 24 Dec. 2019].
14. Software Testing Material. (2015). Software Testing - Definition, Types, Methods,
Approaches. [online] Available at: https://www.softwaretestingmaterial.com/software-testing/
[Accessed 24 Dec. 2019].
15. Admin, S. (2014). Difference between Black Box Testing and White Box Testing. [online]
Software Testing Class. Available at: https://www.softwaretestingclass.com/difference-between-
black-box-testing-and-white-box-testing/ [Accessed 24 Dec. 2019].
16. Tutorialspoint.com. (2019). System Analysis and Design - Overview - Tutorialspoint. [online]
Available at:
https://www.tutorialspoint.com/system_analysis_and_design/system_analysis_and_design_overv
iew.htm [Accessed 24 Dec. 2019].
17.EDUCBA. (2019). System Analysis And Design | Top 11 Differences You Should Know.
[online] Available at: https://www.educba.com/system-analysis-and-design/ [Accessed 27 Dec.
2019].
18.What is Single Sign-On (SSO) and How Does It Work? (2019). Available at:
https://searchsecurity.techtarget.com/definition/single-sign-on (Accessed: 27 December 2019).
19.Audit Log (2004). Available at: https://martinfowler.com/eaaDev/AuditLog.html (Accessed:
27 December 2019).
(2019) Essentialsql.com. Available at: https://www.essentialsql.com/what-is-a-database-trigger/
(Accessed: 27December 2019).

ANUP SAPKOTA(4TH SEM) 109

 DATABASE MANAGMENT SYSTEM

20. 5 Easy Ways To Improve Your Database Performance (2018). Available at:
https://www.eversql.com/5-easy-ways-to-improve-your-database-performance/ (Accessed: 27
December 2019)

ANUP SAPKOTA(4TH SEM) 110