ADVANCED DATA

MANAGEMENT Slides By: Ms. Shree Jaswal

TECHNIQUES
St. Francis Institute of Technology, Department of Information Technology
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TOPICS TO BE COVERED
•Advanced Database Access protocols: Discretionary Access Control
Based on Granting and Revoking Privileges;
•Mandatory Access Control and Role-Based Access Control.
•Remote Database access protocol
•Overview of Advanced Database models like Mobile databases,
Temporal databases, Spatial databases.

•Self-learning Topics: Learn Data Security concepts like Authentication,

Authorization and encryption.
ADMT CHP2 SLIDES BY: MS. SHREE J. 2
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

WHICH CHAPTER? WHICH BOOK?

Chapter 24: Database Security, Elmasri and Navathe, “Fundamentals of
Database Systems”, 6th Edition, PEARSON Education.
Chapter 26: Enhanced Data Models for Advanced Applications, Elmasri and
Navathe, “Fundamentals of Database Systems”, 6th Edition, PEARSON
Education.

ADMT CHP2 SLIDES BY: MS. SHREE J. 3

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE SECURITY

ISSUES
Types of Security Issues
Legal and ethical issues
Policy issues eg: credit ratings and personal medical records
System-related issues eg: security function at hardware, OS level
or DBMS level
The need to identify multiple security levels eg: top secret, secret,
confidential

ADMT CHP2 SLIDES BY: MS. SHREE J. 4

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE SECURITY

ISSUES
Threats to databases
Loss of integrity(inaccuracy, fraud, or erroneous decisions)
Loss of availability
Loss of confidentiality (violation of the Data Privacy Act , Loss of
public confidence, embarrassment, or legal action against the
organization)

ADMT CHP2 SLIDES BY: MS. SHREE J. 5

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE SECURITY

ISSUES
A DBMS typically includes a database security and authorization
subsystem that is responsible for ensuring the security portions of a
database against unauthorized access.

Two types of database security mechanisms:

Discretionary security mechanisms
Mandatory security mechanisms

ADMT CHP2 SLIDES BY: MS. SHREE J. 6

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE SECURITY ISSUES

To protect databases against various types of threats four kinds of
countermeasures can be implemented:
Access control
Inference control
Flow control
Encryption

ADMT CHP2 SLIDES BY: MS. SHREE J. 7

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE
SECURITY ISSUES
The security mechanism of a DBMS must include provisions for
restricting access to the database as a whole
This function is called access control and is handled by creating
user accounts and passwords to control login process by the
DBMS.

ADMT CHP2 SLIDES BY: MS. SHREE J. 8

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE
SECURITY ISSUES
The security problem associated with databases is that of
controlling the access to a statistical database, which is used to
provide statistical information or summaries of values based on
various criteria. Eg. a database for population statistics

The countermeasures to statistical database security problem is

called inference control measures.

ADMT CHP2 SLIDES BY: MS. SHREE J. 9

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE
SECURITY ISSUES
Q1: SELECT COUNT (*) FROM PERSON WHERE ;
Q2: SELECT AVG (Income) FROM PERSON WHERE ;
Now suppose that we are interested in finding the Salary of Jane Smith, and we
know that she has a Ph.D. degree and that she lives in the city of Bellaire, Texas.
We issue the statistical query Q1 with the following condition:
(Last_degree=‘Ph.D.’ AND Sex=‘F’ AND City=‘Bellaire’
AND State=‘Texas’)
If we get a result of 1 for this query, we can issue Q2 with the same condition and
find the Salary of Jane Smith.

ADMT CHP2 SLIDES BY: MS. SHREE J. 10

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE
SECURITY ISSUES
Another security is that of flow control, which prevents information
from flowing in such a way that it reaches unauthorized users.

Channels that are pathways for information to flow implicitly in

ways that violate the security policy of an organization are called
covert channels.

ADMT CHP2 SLIDES BY: MS. SHREE J. 11

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

INTRODUCTION TO DATABASE
SECURITY ISSUES
A final security issue is data encryption, which is used to protect
sensitive data (such as credit card numbers) that is being
transmitted via some type of communication network.
The data is encoded using some encoding algorithm.
An unauthorized user who access encoded data will have
difficulty deciphering it, but authorized users are given decoding
or decrypting algorithms (or keys) to decipher data.

ADMT CHP2 SLIDES BY: MS. SHREE J. 12

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

DATABASE SECURITY AND THE DBA

The database administrator (DBA) is the central authority for
managing a database system.
The DBA’s responsibilities include
granting privileges to users who need to use the system
classifying users and data in accordance with the policy of the
organization
The DBA is responsible for the overall security of the database
system.

ADMT CHP2 SLIDES BY: MS. SHREE J. 13

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

DATABASE SECURITY AND THE DBA

The DBA has a DBA account in the DBMS
 Sometimes these are called a system or superuser account
 These accounts provide powerful capabilities such as:
 1. Account creation
 2. Privilege granting
 3. Privilege revocation
 4. Security level assignment
 Action 1 is access control, whereas 2 and 3 are discretionary and 4 is used
to control mandatory authorization

ADMT CHP2 SLIDES BY: MS. SHREE J. 14

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ACCESS PROTECTION, USER ACCOUNTS, AND

DATABASE AUDITS
Whenever a person or group of persons need to access a
database system, the individual or group must first apply for a
user account.
The DBA will then create a new account id and password for the
user if he/she deems there is a legitimate need to access the
database
The user must log in to the DBMS by entering account id and
password whenever database access is needed

ADMT CHP2 SLIDES BY: MS. SHREE J. 15

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ACCESS PROTECTION, USER ACCOUNTS, AND

DATABASE AUDITS
The database system must also keep track of all operations on the
database that are applied by a certain user throughout each login
session.
To keep a record of all updates applied to the database and of the
particular user who applied each update, we can modify system log,
which includes an entry for each operation applied to the database
that may be required for recovery from a transaction failure or system
crash.
We can expand the log entries so that they also include the account
number of the user and the online computer or device ID that applied
each operation recorded in the log.
ADMT CHP2 SLIDES BY: MS. SHREE J. 16
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ACCESS PROTECTION, USER ACCOUNTS, AND

DATABASE AUDITS
If any tampering with the database is suspected, a database audit
is performed
A database audit consists of reviewing the log to examine all
accesses and operations applied to the database during a
certain time period.
Database audits are particularly important for sensitive
databases that are updated by many transactions and users, such
as a banking database that is updated by many bank tellers.
A database log that is used mainly for security purposes is
sometimes called an audit trail.
ADMT CHP2 SLIDES BY: MS. SHREE J. 17
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SENSITIVE DATA AND TYPES OF DISCLOSURES

Sensitivity of data is a measure of the importance assigned to the data by its owner, for the purpose of
denoting its need for protection.
Several factors can cause data to be classified as sensitive:
1. Inherently sensitive: The value of the data itself may be so revealing or confidential that it becomes
sensitive—for example, a person’s salary or that a patient has HIV/AIDS.
2. From a sensitive source: The source of the data may indicate a need for secrecy—for example, an
informer whose identity must be kept secret.
3. Declared sensitive: The owner of the data may have explicitly declared it as sensitive.
4. A sensitive attribute or sensitive record: The particular attribute or record may have been declared
sensitive—for example, the salary attribute of an employee or the salary history record in a personnel
database.
5. Sensitive in relation to previously disclosed data: Some data may not be sensitive by itself but will
become sensitive in the presence of some other data—for example, the exact latitude and longitude
information for a location where some previously recorded event happened that was later deemed
sensitive.
ADMT CHP2 SLIDES BY: MS. SHREE J. 18
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

DISCRETIONARY ACCESS CONTROL BASED ON

GRANTING AND REVOKING PRIVILEGES
The typical method of enforcing discretionary access control in a
database system is based on the granting and revoking
privileges.

ADMT CHP2 SLIDES BY: MS. SHREE J. 19

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TYPES OF DISCRETIONARY PRIVILEGES

The account level:
At this level, the DBA specifies the particular privileges that each
account holds independently of the relations in the database.
The relation level (or table level):
At this level, the DBA can control the privilege to access each
individual relation or view in the database.

ADMT CHP2 SLIDES BY: MS. SHREE J. 20

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TYPES OF DISCRETIONARY PRIVILEGES

The privileges at the account level apply to the capabilities provided to the account
itself and can include
 the CREATE SCHEMA or CREATE TABLE privilege, to create a schema or base
relation;
 the CREATE VIEW privilege;
 the ALTER privilege, to apply schema changes such adding or removing attributes
from relations;
 the DROP privilege, to delete relations or views;
 the MODIFY privilege, to insert, delete, or update tuples;
 and the SELECT privilege, to retrieve information from the database by using a
SELECT query.

ADMT CHP2 SLIDES BY: MS. SHREE J. 21

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TYPES OF DISCRETIONARY PRIVILEGES

The second level of privileges applies to the relation level
This includes base relations and virtual (view) relations.
The granting and revoking of privileges generally follow an
authorization model for discretionary privileges known as the access
matrix model where
The rows of a matrix M represents subjects (users, accounts, programs)
The columns represent objects (relations, records, columns, views,
operations).
Each position M(i,j) in the matrix represents the types of privileges
(read, write, update) that subject i holds on object j.
ADMT CHP2 SLIDES BY: MS. SHREE J. 22
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TYPES OF DISCRETIONARY PRIVILEGES

ADMT CHP2 SLIDES BY: MS. SHREE J. 23

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPECIFYING PRIVILEGES USING VIEWS

The mechanism of views is an important discretionary
authorization mechanism in its own right. For example,
If the owner A of a relation R wants another account B to be able
to retrieve only some fields of R, then A can create a view V of R
that includes only those attributes and then grant SELECT on V to
B.
The same applies to limiting B to retrieving only certain tuples of
R; a view V’ can be created by defining the view by means of a
query that selects only those tuples from R that A wants to allow B
to access.

ADMT CHP2 SLIDES BY: MS. SHREE J. 24

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

REVOKING PRIVILEGES
In some cases it is desirable to grant a privilege to a user
temporarily. For example,
The owner of a relation may want to grant the SELECT privilege
to a user for a specific task and then revoke that privilege once
the task is completed.
Hence, a mechanism for revoking privileges is needed. In SQL, a
REVOKE command is included for the purpose of canceling
privileges.

ADMT CHP2 SLIDES BY: MS. SHREE J. 25

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

PROPAGATION OF PRIVILEGES USING THE

GRANT OPTION
Whenever the owner A of a relation R grants a privilege on R to another account
B, privilege can be given to B with or without the GRANT OPTION.
If the GRANT OPTION is given, this means that B can also grant that privilege on
R to other accounts.
 Suppose that B is given the GRANT OPTION by A and that B then grants the
privilege on R to a third account C, also with GRANT OPTION. In this way,
privileges on R can propagate to other accounts without the knowledge of the
owner of R.
 If the owner account A now revokes the privilege granted to B, all the privileges
that B propagated based on that privilege should automatically be revoked by
the system.

ADMT CHP2 SLIDES BY: MS. SHREE J. 26

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

AN EXAMPLE
Suppose that the DBA creates four accounts
 A1, A2, A3, A4
and wants only A1 to be able to create base relations. Then the DBA must
issue the following GRANT command in SQL
GRANT CREATETAB TO A1;
In SQL2 the same effect can be accomplished by having the DBA issue a
CREATE SCHEMA command as follows:
CREATE SCHEMA EXAMPLE AUTHORIZATION A1;

ADMT CHP2 SLIDES BY: MS. SHREE J. 27

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

AN EXAMPLE CONT…
User account A1 can create tables under the schema called EXAMPLE.
Suppose that A1 creates the two base relations EMPLOYEE and
DEPARTMENT
 A1 is then owner of these two relations and hence all the relation privileges
on each of them.
Suppose that A1 wants to grant A2 the privilege to insert and delete tuples in
both of these relations, but A1 does not want A2 to be able to propagate
these privileges to additional accounts:
GRANT INSERT, DELETE ON
EMPLOYEE, DEPARTMENT TO A2;

ADMT CHP2 SLIDES BY: MS. SHREE J. 28

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

AN EXAMPLE CONT…

ADMT CHP2 SLIDES BY: MS. SHREE J. 29

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

AN EXAMPLE CONT…
Suppose that A1 wants to allow A3 to retrieve information from either of the
two tables and also to be able to propagate the SELECT privilege to other
accounts.
A1 can issue the command:
GRANT SELECT ON EMPLOYEE, DEPARTMENT
TO A3 WITH GRANT OPTION;
A3 can grant the SELECT privilege on the EMPLOYEE relation to A4 by issuing:
GRANT SELECT ON EMPLOYEE TO A4;
 Notice that A4 can’t propagate the SELECT privilege because GRANT
OPTION was not given to A4

ADMT CHP2 SLIDES BY: MS. SHREE J. 30

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

AN EXAMPLE CONT…
Suppose that A1 decides to revoke the SELECT privilege on the EMPLOYEE
relation from A3; A1 can issue:
REVOKE SELECT ON EMPLOYEE FROM A3;
The DBMS must now automatically revoke the SELECT privilege on EMPLOYEE
from A4, too, because A3 granted that privilege to A4 and A3 does not have
the privilege any more.

ADMT CHP2 SLIDES BY: MS. SHREE J. 31

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPECIFYING LIMITS ON PROPAGATION OF

PRIVILEGES
Techniques to limit the propagation of privileges have been developed,
although they have not yet been implemented in most DBMSs and are
not a part of SQL.
 Limiting horizontal propagation to an integer number i means that an
account B given the GRANT OPTION can grant the privilege to at most
i other accounts.
 Vertical propagation is more complicated; it limits the depth of the
granting of privileges.
 If account A grants a privilege to account B with the vertical propagation
set to an integer number j > 0, this means that the account B has the
GRANT OPTION on that privilege, but B can grant the privilege to other
accounts only with a vertical propagation less than j.

ADMT CHP2 SLIDES BY: MS. SHREE J. 32

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPECIFYING LIMITS ON PROPAGATION OF

PRIVILEGES
Eg. A1 grants SELECT to A2 on the EMPLOYEE relation with horizontal propagation
equal to 1 and vertical propagation equal to 2.
A2 can then grant SELECT to at most one account because the horizontal propagation
limitation is set to 1.
Additionally, A2 cannot grant the privilege to another account except with vertical
propagation set to 0 (no GRANT OPTION) or 1; this is because A2 must reduce the
vertical propagation by at least 1 when passing the privilege to others.

ADMT CHP2 SLIDES BY: MS. SHREE J. 33

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MANDATORY ACCESS CONTROL AND ROLE-BASED ACCESS

CONTROL FOR MULTILEVEL SECURITY
The discretionary access control techniques of granting and revoking privileges
on relations has traditionally been the main security mechanism for relational
database systems.
This is an all-or-nothing method:
 A user either has or does not have a certain privilege.
In many applications, an additional security policy is needed that classifies
data and users based on security classes.
 This approach as mandatory access control, would typically be combined
with the discretionary access control mechanisms.

ADMT CHP2 SLIDES BY: MS. SHREE J. 34

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MANDATORY ACCESS CONTROL AND ROLE-BASED ACCESS

CONTROL FOR MULTILEVEL SECURITY
Typical security classes are top secret (TS), secret (S), confidential (C), and
unclassified (U), where TS is the highest level and U the lowest: TS ≥ S ≥ C ≥ U

The commonly used model for multilevel security, known as the Bell-LaPadula
model, classifies each subject (user, account, program) and object (relation,
tuple, column, view, operation) into one of the security classifications, TS, S, C,
or U:
 Clearance (classification) of a subject S as class(S) and to the classification of an
object O as class(O). Thus achieving DAC.

ADMT CHP2 SLIDES BY: MS. SHREE J. 35

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MANDATORY ACCESS CONTROL AND ROLE-BASED ACCESS

CONTROL FOR MULTILEVEL SECURITY
Two restrictions(MAC) are enforced on data access based on the
subject/object classifications:
 Simple security property: A subject S is not allowed read access to an object
O unless class(S) ≥ class(O) i.e a subject at a given security level may not
read an object at a higher security level.
 A subject S is not allowed to write an object O unless class(S) ≤ class(O). This
known as the star property (or * property) i.e a subject at a given security
level may not write to any object at a lower security level.
 Eg. a user (subject) with TS clearance may make a copy of an object with
classification TS and then write it back as a new object with classification U, thus
making it visible throughout the system.

ADMT CHP2 SLIDES BY: MS. SHREE J. 36

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

EXAMPLE

A multilevel relation to illustrate multilevel security. (a) The original

EMPLOYEE tuples. (b) Appearance of EMPLOYEE after filtering for classification C users.
(c) Appearance of EMPLOYEE after filtering for classification U users
ADMT CHP2 SLIDES BY: MS. SHREE J. 37
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

COMPARING DISCRETIONARY ACCESS CONTROL AND

MANDATORY ACCESS CONTROL
Discretionary Access Control (DAC) policies are characterized by
a high degree of flexibility, which makes them suitable for a large
variety of application domains.
The main drawback of DAC models is their vulnerability to
malicious attacks, such as Trojan horses embedded in application
programs.

ADMT CHP2 SLIDES BY: MS. SHREE J. 38

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

COMPARING DISCRETIONARY ACCESS

CONTROL AND MANDATORY ACCESS CONTROL
By contrast, mandatory policies ensure a high degree of protection
in a way, they prevent any illegal flow of information.
Mandatory policies have the drawback of being too rigid and
they are only applicable in limited environments.
In many practical situations, discretionary policies are preferred
because they offer a better trade-off between security and
applicability.

ADMT CHP2 SLIDES BY: MS. SHREE J. 39

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ACCESS CONTROL LIST AND ACCESS CONTROL

ENTRY
An access control list (ACL) is a table listing the permissions attached to
computing resources.
It tells the operating system which users can access an object, and which
actions they can carry out.
There is an entry for each user, which is linked to the security attributes of
each object.
ACL is commonly used for traditional DAC systems.

ADMT CHP2 SLIDES BY: MS. SHREE J. 40

The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

List of users and

access rights per
object

List of objects and

access rights per user

ADMT CHP2 SLIDES BY: MS. SHREE J. 41

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ACCESS CONTROL LIST AND ACCESS CONTROL

ENTRY
Access control entries (ACE) are entries in an access control list containing information describing
the access rights related to a particular security identifier or user.
Each access control entry contains an ID, which identifies the subject group or individual.
An access control list may have several access control entries with each one defining the access
rights of different groups or individuals.
When a user logs on to a system and executes a program, it uses the credentials and rights
associated with the user.
When the program attempts to open an object or use some resources, the OS compares the
credential being used by the program with the security control associated with the object or
user.
The ACE information is then used by a security reference monitor to determine if the program
should be allowed or denied access to that object or user.
ADMT CHP2 SLIDES BY: MS. SHREE J. 42
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ROLE-BASED ACCESS CONTROL

Role-based access control (RBAC) emerged rapidly in the 1990s as a proven
technology for managing and enforcing security in large-scale enterprise-wide
systems.
Its basic notion is that permissions are associated with roles, and users are
assigned to appropriate roles.
Roles can be created using the CREATE ROLE and DESTROY ROLE commands.
 The GRANT and REVOKE commands discussed under DAC can then be used
to assign and revoke privileges from roles.
 Eg. GRANT ROLE full_time TO employee_type1
 GRANT ROLE intern TO employee_type2

ADMT CHP2 SLIDES BY: MS. SHREE J. 43

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SQL INJECTION
One of the most common threats to a database system.
In an SQL Injection attack, the attacker injects a string input through the
application, which changes or manipulates the SQL statement to the attacker’s
advantage.
It can harm the database in various ways, such as unauthorized manipulation
of the database, or retrieval of sensitive data.
It can also be used to execute system level commands that may cause the
system to deny service to the application.

ADMT CHP2 SLIDES BY: MS. SHREE J. 44

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SQL INJECTION
SQL Manipulation: the most common type of injection attack, changes an SQL command in the
application
Eg. by adding conditions to the WHERE-clause of a query, or by expanding a query with
additional query components using set operations such as UNION, INTERSECT, or MINUS.
SELECT * FROM users WHERE username = ‘jake’ and PASSWORD =
‘jakespasswd’
The attacker can try to change (or manipulate) the SQL statement, by changing it as follows:
SELECT * FROM users WHERE username = ‘jake’ and (PASSWORD =
‘jakespasswd’ or ‘x’ = ‘x’)
As a result, the attacker who knows that ‘jake’ is a valid login of some user is able to log into
the database system as ‘jake’ without knowing his password and is able to do everything that
‘jake’ may be authorized to do to the database system.

ADMT CHP2 SLIDES BY: MS. SHREE J. 45

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

PROTECTION TECHNIQUES AGAINST SQL

INJECTION
Bind Variables (Using Parameterized Statements): The use of bind variables
protects against injection attacks and also improves performance.
Consider the following example using Java and JDBC:
PreparedStatement stmt = conn.prepareStatement( “SELECT * FROM
EMPLOYEE WHERE EMPLOYEE_ID=? AND PASSWORD=?”);
stmt.setString(1, employee_id);
stmt.setString(2, password);
Instead of embedding the user input into the statement, the input should be bound to
a parameter. In this example, the input ‘1’ is assigned (bound) to a bind variable
‘employee_id’ and input ‘2’ to the bind variable ‘password’ instead of directly
passing string parameters.
ADMT CHP2 SLIDES BY: MS. SHREE J. 46
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

PROTECTION TECHNIQUES AGAINST SQL

INJECTION
Filtering Input (Input Validation): This technique can be used to remove escape
characters from input strings by using the SQL Replace function.
Eg., the delimiter single quote (‘) can be replaced by two single quotes (‘’).
Some SQL Manipulation attacks can be prevented by using this technique, since
escape characters can be used to inject manipulation attacks.
However, because there can be a large number of escape characters, this technique
is not reliable.

ADMT CHP2 SLIDES BY: MS. SHREE J. 47

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

CHALLENGES OF DATABASE SECURITY

Data Quality: The database community needs techniques and organizational
solutions to assess and attest the quality of data. These techniques may include simple
mechanisms such as quality stamps that are posted on Web sites.
Intellectual Property Rights: With the widespread use of the Internet and intranets,
legal and informational aspects of data are becoming major concerns of
organizations. Digital watermarking can be used to protect content from unauthorized
duplication and distribution by enabling provable ownership of the content
Database Survivability: A DBMS in addition to making every effort to prevent an
attack and detecting one in the event of occurrence, should be able to do the
following: Confinement, Damage assessment, Reconfiguration, Repair and Fault
treatment

ADMT CHP2 SLIDES BY: MS. SHREE J. 48

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

REMOTE DATABASE ACCESS PROTOCOL

▪Remote database access (RDA) is a protocol standard for database access
produced in 1993 by the International Organization for Standardization (ISO).
▪RDA is an application-level protocol
▪This standard has not found commercial support from database vendors
▪The purpose of RDA is to describe the connection of a database client to a
database server.
▪It includes features for:
 communicating database operations and parameters from the client to the server,
 in return, transporting result data from the server to the client,
 database transaction management, and
 exchange of information.
ADMT CHP2 SLIDES BY: MS. SHREE J. 49
OVERVIEW OF ADVANCED
DATABASE MODELS
ADMT CHP2 SLIDES BY: MS. SHREE J. 50
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Time Representation, Calendars, and Time Dimensions
Time is considered ordered sequence of points in some granularity
 Use the term choronon instead of point to describe minimum granularity
A calendar organizes time into different time units for convenience.
 Accommodates various calendars
 Gregorian (western)
 Chinese
 Islamic
 Hindu
 Jewish
 Etc.

ADMT CHP2 SLIDES BY: MS. SHREE J. 51

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Point events
Single time point event
E.g., bank deposit
Series of point events can form a time series data
Duration events
Associated with specific time period
Time period is represented by start time and end time
Eg. [2003-08-15, 2008-11-20] represents the set of all days
from August 15, 2003, until November 20, 2008, inclusive
ADMT CHP2 SLIDES BY: MS. SHREE J. 52
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Valid time
▪The time that the event occurred, or the period during which the fact
was considered to be true in the real world
▪A temporal database using this interpretation is called a valid time
database.
Transaction time (system time)
 The time when the information from a certain transaction becomes valid
or the time when the information was actually stored in the database
 A temporal database using this interpretation is called a transaction
time database.

ADMT CHP2 SLIDES BY: MS. SHREE J. 53

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Bitemporal database
Databases dealing with two time dimensions
It allows you to query across system and valid time axes.
You can go back in time and explore data, manage historical
data across systems, ensure data integrity, and do complex
bitemporal analysis with ease.
For example, temporal database can answer, “Where did John
Thomas live on August 20th?” However, a bitemporal database
can answer, “Where did John Thomas live on August 20th as we
knew it on September 1st?”
ADMT CHP2 SLIDES BY: MS. SHREE J. 54
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Incorporating Time in Relational Databases Using Tuple Versioning
Add to every tuple
Valid start time
Valid end time

ADMT CHP2 SLIDES BY: MS. SHREE J. 55

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

ADMT CHP2 SLIDES BY: MS. SHREE J. 56

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

ADMT CHP2 SLIDES BY: MS. SHREE J. 57

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

The special value, now, is a temporal variable that implicitly represents the current
time as time progresses.
The new relation key for EMP_VT is a combination of the nontemporal key and the
valid start time attribute Vst, so we use (Ssn, Vst) as primary key.
A proactive update, is applied to the database before it becomes effective in the
real world. Eg. the salary update of Smith may have been entered in the database
on May 15, 2003, at 8:52:12 A.M., say, even though the salary change in the real
world is effective on June 1, 2003.
If the update is applied to the database after it becomes effective in the real world,
it is called a retroactive update.
An update that is applied at the same time as it becomes effective is called a
simultaneous update.

ADMT CHP2 SLIDES BY: MS. SHREE J. 58

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

TEMPORAL DATABASE CONCEPTS

Because updates, insertions, and deletions may be applied retroactively or
proactively, there is no record of the actual database state at any point in
time.
If the actual database states are important to an application, then one should
use transaction time relations.
In a transaction time database, whenever a change is applied to the
database, the actual timestamp of the transaction that applied the change
(insert, delete, or update) is recorded.
Such a database is most useful when changes are applied simultaneously in
the majority of cases—for example, real-time stock trading or banking
transactions.
ADMT CHP2 SLIDES BY: MS. SHREE J. 59
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

In EMP_BT, the current version of each employee typically has a special value, uc (Until Changed), as its transaction end
time, which indicates that the tuple represents correct information until it is changed by some other transaction.
ADMT CHP2 SLIDES BY: MS. SHREE J. 60
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

Keep track of objects in a multi-dimensional space
Maps
Geographical Information Systems (GIS)
Weather
In general spatial databases are n-dimensional
This discussion is limited to 2-dimensional spatial databases

ADMT CHP2 SLIDES BY: MS. SHREE J. 61

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

Spatial Data Types and Models: Spatial data comes in three basic forms
Map Data: includes various geographic or spatial features of objects in a
map, such as an object’s shape and the location of the object within the map.
The three basic types of features are points, lines, and polygons (or areas).
Attribute data: is the descriptive data that GIS systems associate with map
features. For example, suppose that a map contains features that represent
counties within a US state (such as Texas or Oregon). Attributes for each
county feature (object) could include population, largest city/town, area in
square miles, and so on.
Image data: includes data such as satellite images and aerial photographs,
which are typically created by cameras.
ADMT CHP2 SLIDES BY: MS. SHREE J. 62
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

Spatial operators are used to capture all the relevant geometric properties of
objects embedded in the physical space and the relations between them, as well as
to perform spatial analysis.
1. Topological operators: Topological properties are invariant when topological
transformations are applied. These properties do not change after transformations
like rotation, translation, or scaling. Examples include open (region), close (region),
and inside (point, loop).
2. Projective operators: Projective operators, such as convex hull, are used to express
predicates about the concavity/convexity of objects as well as other spatial relations
(for example, being inside the concavity of a given object).
3. Metric operators: Metric operators provide a more specific description of the
object’s geometry. They are used to measure some global properties of single objects
(such as the area, relative size of an object’s parts, compactness, and symmetry), and
to measure the relative position of different objects in terms of distance and
direction. Examples include length (arc) and distance (point, point).
ADMT CHP2 SLIDES BY: MS. SHREE J. 63
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

Typical Spatial Queries
 Range query: Finds objects of a particular type within a particular distance
from a given location
 E.g., Dmart in Thane, Maharashtra
 Nearest Neighbor query: Finds objects of a particular type that is nearest to
a given location
 E.g., Nearest Dmart from an address in Thane, Maharashtra
 Spatial joins or overlays: Joins objects of two types based on some spatial
condition (intersecting, overlapping, within certain distance, etc.)
 E.g., All Dmarts within 4 Kms from Ghodbunder road.

ADMT CHP2 SLIDES BY: MS. SHREE J. 64

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

Spatial data indexing:
R-trees
Technique for typical spatial queries
Group objects close in spatial proximity on the same leaf nodes
of a tree structured index
Internal nodes define areas (rectangles) that cover all areas of
the rectangles in its subtree.
Quad trees
Divide subspaces into equally sized areas
ADMT CHP2 SLIDES BY: MS. SHREE J. 65
The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

ADMT CHP2 SLIDES BY: MS. SHREE J. 66

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE CONCEPTS

A rectangular bounding box is associated with each tree node.
 Bounding box of a leaf node is a minimum sized rectangle that contains all
the rectangles/polygons associated with the leaf node.
 The bounding box associated with a non-leaf node contains the bounding
box associated with all its children.
 Bounding box of a node serves as its key in its parent node (if any)
 Bounding boxes of children of a node are allowed to overlap
A polygon is stored only in one node, and the bounding box of the node must
contain the polygon.
 The storage efficiency or R-trees is better than that of quadtrees since a
polygon is stored only once.
ADMT CHP2 SLIDES BY: MS. SHREE J. 67
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIAL DATABASE APPLICATIONS

▪Useful in many disciplines, including geography, remote sensing, urban
planning, and natural resource management
▪It is playing an important role in the solution of challenging scientific
problems such as global climate change and genomics
▪GIS and spatial database management systems have a large role to
play in the area of bioinformatics
▪Visualization maps
▪Spatial outlier detection: For example, if a neighborhood of older houses has just one
brand-new house, that house would be an outlier based on the nonspatial attribute
‘house_age’.

ADMT CHP2 SLIDES BY: MS. SHREE J. 68

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

SPATIO-TEMPORAL DATA

Average Monthly
Temperature of land
and ocean

ADMT CHP2 SLIDES BY: MS. SHREE J. 69

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
In the years ahead multimedia information systems are expected to
dominate our daily lives.
Our houses will be wired for bandwidth to handle interactive
multimedia applications.
Our high-definition TV/computer workstations will have access to
a large number of databases, including digital libraries, image
and video databases that will distribute vast amounts of
multisource multimedia content.

ADMT CHP2 SLIDES BY: MS. SHREE J. 70

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
Types of multimedia data are available in current systems
Text: May be formatted or unformatted. For ease of parsing
structured documents, standards like SGML and variations such as
HTML are being used.
Graphics: Examples include drawings and illustrations that are
encoded using some descriptive standards (e.g. CGM, PICT,
postscript).

ADMT CHP2 SLIDES BY: MS. SHREE J. 71

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
Types of multimedia data are available in current systems (contd.)
Images: Includes drawings, photographs, and so forth, encoded in
standard formats such as bitmap, JPEG, and MPEG. Compression
is built into JPEG and MPEG.
These images are not subdivided into components. Hence
querying them by content (e.g., find all images containing circles)
is nontrivial.
Animations: Temporal sequences of image or graphic data.

ADMT CHP2 SLIDES BY: MS. SHREE J. 72

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
Types of multimedia data are available in current systems (contd.)
Video: A set of temporally sequenced photographic data for
presentation at specified rates– for example, 30 frames per
second.
Structured audio: A sequence of audio components comprising
note, tone, duration, and so forth.
Audio: Sample data generated from aural recordings in a string
of bits in digitized form. Analog recordings are typically
converted into digital form before storage.

ADMT CHP2 SLIDES BY: MS. SHREE J. 73

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
Types of multimedia data are available in current systems (contd.)
Composite or mixed multimedia data: A combination of
multimedia data types such as audio and video which may be
physically mixed to yield a new storage format or logically mixed
while retaining original types and formats. Composite data also
contains additional control information describing how the
information should be rendered.

ADMT CHP2 SLIDES BY: MS. SHREE J. 74

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MULTIMEDIA DATABASES
Nature of Multimedia Applications:
Multimedia data may be stored, delivered, and utilized in many
different ways.
Applications may be categorized based on their data
management characteristics.

ADMT CHP2 SLIDES BY: MS. SHREE J. 75

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES: MOBILE COMPUTING

ENVIRONMENT
A mobile computing environment consists of mobile computers, referred to
as mobile hosts, and a wired network of computers.
Mobile host may be able to communicate with wired network through a
wireless digital communication network
 Wireless local-area networks (within a building)
 Wide areas networks
 Cellular digital packet networks
 3 G and 4 G cellular networks

ADMT CHP2 SLIDES BY: MS. SHREE J. 76

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES : MOBILE COMPUTING

ENVIRONMENT
A model for mobile communication
 Mobile hosts communicate to the wired network via computers referred to as
mobile support (or base) stations.
 Each mobile support station manages those mobile hosts within its cell.
 When mobile hosts move between cells, there is a handoff of control from
one mobile support station to another.
Direct communication, without going through a mobile support station is also
possible between nearby mobile hosts
 Supported, for e.g., by the Bluetooth standard (up to 10 meters, at up to
721 kbps)

ADMT CHP2 SLIDES BY: MS. SHREE J. 77

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES: ISSUES IN MOBILE COMPUTING

New issues for query optimization.
 Connection time charges and number of bytes transmitted
 Energy (battery power) is a scarce resource and its usage must be minimized
Mobile user’s locations may be a parameter of the query
 GIS queries
 Techniques to track locations of large numbers of mobile hosts
Broadcast data can enable any number of clients to receive the same data at no extra
cost
Users may need to be able to perform database updates even while the mobile computer
is disconnected.
 E.g., mobile salesman records sale of products on (local copy of) database.
 Can result in conflicts detected on reconnection, which may need to be resolved
manually.
ADMT CHP2 SLIDES BY: MS. SHREE J. 78
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES: ROUTING AND QUERY

PROCESSING
Must consider these competing costs:
 User time.
 Communication cost
 Connection time - used to assign monetary charges in some cellular systems.
 Number of bytes, or packets, transferred - used to compute charges in digital
cellular systems
 Time-of-day based charges - vary based on peak or off-peak periods
 Energy - optimize use of battery power by minimizing reception and
transmission of data.
 Receiving radio signals requires much less energy than transmitting radio
signals.
ADMT CHP2 SLIDES BY: MS. SHREE J. 79
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES: DISCONNECTIVITY AND

CONSISTENCY
A mobile host may remain in operation during periods of
disconnection.
Problems created if the user of the mobile host issues queries and
updates on data that resides or is cached locally:
Recoverability: Updates entered on a disconnected machine may
be lost if the mobile host fails. Since the mobile host represents a
single point of failure, stable storage cannot be simulated well.
Consistency: Cached data may become out of date, but the
mobile host cannot discover this until it is reconnected.
ADMT CHP2 SLIDES BY: MS. SHREE J. 80
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MOBILE DATABASES: MOBILE UPDATES

Partitioning via disconnection is the normal mode of operation in mobile computing.
For data updated by only one mobile host, simple to propagate update when mobile host
reconnects
 In other cases data may become invalid and updates may conflict.
When data are updated by other computers, invalidation reports inform a reconnected
mobile host of out-of-date cache entries
 However, mobile host may miss a report.
Version-numbering-based schemes guarantee only that if two hosts independently update
the same version of a document, the clash will be detected eventually, when the hosts
exchange information either directly or through a common host.
Automatic reconciliation of inconsistent copies of data is difficult
 Manual intervention may be needed
ADMT CHP2 SLIDES BY: MS. SHREE J. 81
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

QUESTIONS FROM MU PAPERS

What is temporal database? What are its characteristics? (Dec 2018)……5M…Ans: Chp
26, pg. 943
Explain Mandatory Access Control and Discretionary Access Control. Also explain Access
control list and access control entry w.r.t. same (Dec 2018)……10M…Ans: Chp 24, pg. 842,
847
Write short note on Role Based Access Control (Dec 2018)……10M…Ans: Chp 24, pg. 851
Explain Mandatory Access Control, Discretionary Access Control and Role Based Access
Control (Dec 2019)……10M…Ans: Chp 24, pg. 842, 847, 851
Write short notes on: a. Temporal databases b. Spatial databases (Dec 2019)……5M
each…Ans: Chp 26, pg. 957 , pg. 943
Note: Chapter number and page numbers are from the book, Elmasri and Navathe, “Fundamentals of
Database Systems”, 6th Edition, PEARSON Education.

ADMT CHP2 SLIDES BY: MS. SHREE J. 82

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

QUESTIONS FROM MU PAPERS

List and explain the commonly accepted security goals for databases(May
2019)……5M…Ans: Chp 24, pg. 836
Explain Temporal Databases with suitable example. (May 2019)……10M…Ans: Chp
26, pg. 943
Write short note on Mobile databases. (May 2019)……5M…Ans: Chp 25, pg. 1079,
Korth, Slberchatz,Sudarshan, :”Database System Concepts”, 6th Edition, McGraw – Hill

List out characteristics of Temporal Database (Dec 2020)……5M each…Ans: Chp 26,
pg. 957 , pg. 943
Difference between Mandatory Access control and Discretionary access control also
explain Access control list and access control list with respect to same. (Dec
2020)……10M…Ans: Chp 24, pg. 842, 847, 851
Note: Chapter number and page numbers are from the book, Elmasri and Navathe,
“Fundamentals of Database Systems”, 6th Edition, PEARSON Education.
ADMT CHP2 SLIDES BY: MS. SHREE J. 83
 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MCQ – DEC 2020

1. Which of the following is NOT a valid access control mechanism?
 Discretionary Access Control.
 Subjective Access Control.
 Mandatory Access Control.
 Role Based Access Control.

2. By ‘spatial data’ we mean data that has

 The values which are Complex
 The values which are Positional
 The values which are Graphic
 The values which are Decimal

ADMT CHP2 SLIDES BY: MS. SHREE J. 84

 The material in this presentation belongs to St. Francis Institute of Technology and is solely for educational purposes. Distribution and modifications of the content is prohibited.

MCQ - DEC 2020

3. Different types of time available in the Temporal database.
 Valid and Transaction Time
 Transaction and Bi-Tempoal Time
 Valid and Bi-Temporal Time
 Valid, Transaction as well as Bi-Temporal Time

4. Drawbacks of DAC are as below except

▪Low level of data protection
▪Obscure
▪Vulnerable to malicious attacks,
▪User Friendly

ADMT CHP2 SLIDES BY: MS. SHREE J. 85