‫‪Database Systems II‬‬

‫‪Important‬‬
‫هنا جمعت تعريفات و مفاهيم نظري من شابتر ‪ 3‬و ‪( 6‬اللي شفتهم مهمين‪,‬‬
‫احتمال تكون فيه حاجات جاية في االمتحان مش موجودة في الـ ‪PDF‬‬

‫• الـ ‪ PDF‬ده مجهود طالب مش دكتور‪ ،‬وارد يكون فيه أخطاء‪ .‬فـ ياريت محدش يعتمد اي حاجة هنا كـ‬
‫‪model answer‬‬
‫• السؤال اللي قدامه "☹" معناه إني معرفتش أحله أو إني مش واثق من إلمعلومة اللي عندي خالص‬
‫• أي تعديل في الـ ‪ PDF‬هينزل على الدرايف ‪[Click Here] ‬‬

‫‪- Ahmed Huzain‬‬

Database Systems II Page |1

Chapter 3: Enhanced ER Diagram

The EER goal is achieved by incorporation of a semantic data modeling concepts into the conceptual ER Model.
These semantic concepts are:

1. Object Oriented Concept

a. Superclass & Subclass Relationship
b. Attribute & Relationships inheritance
2. The concept of Specialization Looking for the real world from different point of views
3. The concept of Categories Generation of a class which represents the union of entities of other classes

Features of the Superclass /Subclass Relationship concept on ER:

1. An entity in a subclass is related via the key attribute to its superclass entity.
2. An entity cannot exist in a database by being a member of a subclass unless it is a member in superclass.
3. An entity may be a member in many subclasses, but it is not necessary that every entity in a superclass is a
member in subclass. 4. An entity that is a member of a subclass inherits all the attributes of its superclass &
also inherits its relationships as well.
4. A member entity of the subclass represents the same real-world entity in the related superclass but in
distinct specific role.

Specialization: The process of defining a set of subclasses of an entity type; this entity type is called the
superclass of the specialization. The set of subclasses that forms a specialization is defined based on some
distinguishing characteristic of the entities in the superclass.

Specialization’s constraints:
• Definition Constraints:
o Predicate Defined Specialization: It is process of defining a condition to determine exactly the
entities that will become members of each subclass by placing a condition on the value of some
attribute of the superclass, which is called Defining Attribute of the related subclass
o User Defined Constraints: When we have not any condition in order to determine membership in a
subclass hence membership is specified individually for each entity by the user and not by any
condition that can be evaluated automatically
• Disjoints Constraints:
o Disjoint: an entity can be a member of at most one subclass of a specialization
o Overlapping: an entity can be a member in any number of subclasses of specialization
• Participation Constraints:
o Total Participation Specialization: every entity in a superclass must be a member of at least one
subclass in the specialization
o Partial Participation Specialization: allows an entity in superclass not to belong to any of its
subclasses in the specialization

- Ahmed Huzain
Database Systems II Page |2

1. Shared subclass: a subclass with more than one superclass and its entities represent a subset of the
intersection of the entities of its superclasses. This means that an entity of the shared subclass must exist as
an entity in all its superclasses
2. Multiple inheritance: The constraint that a subclass can be a subclass in more than one class/subclass
relation

Lattices & Hierarchies:

Specialization Hierarchy (Tree Inheritance): It is the constraint that every subclass participates as a subclass in
only subclass/class relationship.

Specialization Lattice (Multiple Inheritance): It is the constraint that a subclass can be a subclass in more than
one class/subclass relation.

• In specialization with lattice or hierarchy inheritance, a subclass inherits the attributes not only of its direct
superclass but also of all its predecessor superclasses all the way to the root of the hierarchy or lattice.
• Leaf Node Class: it is a class that has no subclasses of its own.
• Shared Subclass: it is a subclass with more than one superclass and its entities represent a subset of the
intersection of the entities of its superclasses. This means that an entity of the shared subclass must exist as
an entity in all its superclasses.

UNION Type (Category): Category is a union type represented by a subclass that contains a collection of real-
world entities (objects) which are a subset of the union of entity types
Remarks:
• Attribute inheritance works more selectively in the case of category.
• On the other hand, a shared subclass entity inherits all the attributes of its super classes

Mapping Options for Specialization:

• Option 8A: Multiple relations Superclass and Subclasses
• Option 8B: Multiple Relations-Subclass relation Only
• Option 8C: Single relation with one type attribute
• Option 8D: Single relation with multiple type attributes

Remarks:
• Option 8A works for any constraints on specialization (total, partial, disjoint, overlap).
• Option 8B works for only when both the disjoint and total constraints hold.
• Option 8c & 8D (Single Relations) are not recommended if many specific attributes (local att.) are defined for
the subclasses. Why? (Results in many NULLS)
• Option 8C & 8D (Single Relations) are recommended if few specific attributes (local att.) are defined for the
subclasses. Why? (Low amount of NULLS, not a huge concern)

- Ahmed Huzain
Database Systems II Page |3

• Option 8C is used to handle disjoint subclasses by including a single type attribute (discriminating) to
indicate the subclass to which each tuple belongs. If specialization is partial the type Attribute can have a
Null value in tuples that do not belong to any subclass.
• Option 8D is designed to handle overlapping subclasses by including m boolean type field where m is
Number of subclasses of the specialization

Mapping in Categories:

• For mapping a category whose super classes have different keys, it is customary to specify a new key
attribute called surrogate key.
• Surrogate key: it is a new key attribute created for a relation which corresponds to a category defining super
classes that have different keys

Remark: The surrogate key is primary key of the category relation, and it is also included as a foreign key in the
relations which corresponding to super classes of the category.

Chapter 6: Database Security

Database security is a broad area that addresses many issues, including the following:

• Various legal and ethical issues regarding the right to access certain information For example, some
information may be deemed to be private and cannot be accessed legally by unauthorized organizations or
persons.
• Policy issues at the governmental, institutional, or corporate level regarding what kinds of information
should not be made publicly available. For example, credit ratings and personal medical records.
• System-related issues such as the system levels at which various security functions should be enforced. For
example, whether a security function should be handled at the physical hardware level, the operating
system level, or the DBMS level.
• The need in some organizations to identify multiple security levels and to categorize the data and users
based on these classifications. For example, top secret, secret, and unclassified. The security policy of the
organization with respect to permitting access to various classifications of data must be enforced.

Threats to Databases

Loss of integrity: Database integrity refers to the requirement that information be protected from improper
modification

• Modification of data includes creating, inserting, and updating data; changing the status of data; and
deleting data.
• Integrity is lost if unauthorized changes are made to the data by either intentional or accidental acts. If
the loss of system or data integrity is not corrected, continued use of the contaminated system or
corrupted data could result in inaccuracy, fraud, or erroneous decisions

Loss of availability: Database availability refers to making objects available to a human user or a program
who/which has a legitimate right to those data objects

- Ahmed Huzain
Database Systems II Page |4

• Loss of availability occurs when the user or program cannot access these objects

Loss of confidentiality: Database confidentiality refers to the protection of data from unauthorized disclosure.

• The impact of unauthorized disclosure of confidential information can range from violation of the Data
Privacy Act to the jeopardization of national security.
• Unauthorized, unanticipated, or unintentional disclosure could result in loss of public confidence,
embarrassment, or legal action against the organization

Database security mechanisms:

• Discretionary security mechanisms: These are used to grant privileges to users, including the capability
to access specific data files, records, or fields in a specified mode (such as read, insert, delete, or
update).
• Mandatory security mechanisms: These are used to enforce multilevel security by classifying the data
and users into various security classes (or levels) and then implementing the appropriate security policy
of the organization.

Control Measures

Access control:
• The security mechanism of a DBMS must include provisions for restricting access to the database system
as a whole.
• is handled by creating user accounts and passwords to control the login process by the DBMS

Inference control: Statistical database users such as government statisticians or market research firms are
allowed to access the database to retrieve statistical information about a population but not to access the
detailed confidential information about specific individuals.

Flow control: prevents information from flowing in such a way that it reaches unauthorized users

Data encryption:
• Protects sensitive data that is transmitted via some type of communications network.
• The data is encoded using some coding algorithm. An unauthorized user who accesses encoded data will
have difficulty deciphering it, but authorized users are given decoding or decrypting algorithms (or keys)
to decipher the data

Database Security and the DBA

The database administrator (DBA) is the central authority for managing a database system.

The DBA’s responsibilities include granting privileges to users who need to use the system and classifying users
and data in accordance with the policy of the organization

- Ahmed Huzain
Database Systems II Page |5

1. Account creation: This action creates a new account and password for a user or a group of users to enable
access to the DBMS
2. Privilege granting: This action permits the DBA to grant certain privileges to certain accounts
3. Privilege revocation: This action permits the DBA to revoke (cancel) certain privileges that were previously
given to certain accounts
4. Security level assignment: This action consists of assigning user accounts to the appropriate security
clearance level.

Types of Discretionary Privileges

The account levels: The DBA specifies the privileges that each account holds independently of the relations in
the database.

The relation (or table) level: The DBA can control the privilege to access each individual relation (or table) or
view in the database.

Privileges: The right to execute SQL statement

Users can be given the privileges to grant additional privileges to other users or to roles.

1. Roles: named groups of related privileges.

2. Schema: is a collection of objects such as tables, Views, and indexes. The schema is owned by a
Database user and has the same name of that user.
3. Creating User: The Database Administrator (DBA) creates new user by executing the CREATE USER
command with the following syntax:

- Ahmed Huzain
Database Systems II Page |6

Chapter 8: DDBMS
Advantage of DDBMs:

• Distributed nature of some DB applications: Many database applications are naturally distributed over
different locations
• Increased reliability and availability: When the data and DBMS software are distributed over several sites,
one site may fail while other sites continue in operation. Only the data and software that exist at the failed
site cannot be accessed, other data and software can still be used
• Allowing data sharing while maintaining some measure of local control. In DDBSs, it is possible to control the
data and the software locally at each site. However, certain data can be accessed by other remote sites
through the DDBMS software
• Improve performance by distributing a large database over multiple sites, smaller database will exist at each
site. Each site will have a smaller number of transactions executing than if all transactions were submitted to
a single centralized database. Distribution leads to increase complexity in the system design and
implementation

To satisfactorily achieve the advantages listed above, the DDBMS software must be able to provide additional
functions. Some of these are

1. To access remote sites and transmit queries and data among the various sites via a communication network.
2. To keep track of the data distribution and replication in the DDBMS catalog
2. To device execution strategies for quires and transactions that access data from more than one site
3. To decide on which copy of a replicated data item to access
4. To maintain the consistency of copies of a replicated data item
5. To recover from individual site crashes and from new types of failures such as failure of a communication
link.

- Ahmed Huzain