Unit 5

Database Security and Transaction Processing

Q. Explain Database security with its requirements.

Q. What do you mean by database security?

Database Security: Database security refers to the collective measures used to protect
and secure a database or database management software from illegal use and malicious
threats and attacks. Database security covers and enforces security on all aspects and
components of databases like Data stored in database, Database server, DBMS.

Data Security Requirements:

1. Authentication: System verifies a user's identity.
2. Authorization: Which database operations that user may perform (like read, update,drop
etc.) and which data objects that user may access.
3. Secure Storage of Sensitive Data: Once confidential data has been entered, itsintegrity
and privacy must be protected on the databases and servers wherein it resides.
4. Integrity: Data integrate means that data is protected from deletion and corruption
5. Availability: A secure system makes data available to authorized users, without delay.
6. Confidentiality: A secure system ensures the confidentiality of data. This meansthat it
allows individuals to see only the data they are supposed to see.

Importance of Security in Database Environment

Database security is the protection of the database against intentional and unintentional
threats that may be computer-based or non-computer-based. Database security is the
business of the entire organization as all people use the data held in the organization's
database and any loss or corruption to data would affect the day-to-day operation of the
organization and the performance of the people. Therefore, database security encompasses
hardware, software, infrastructure,people and data of the organization.
Q. Explain ACID properties of transaction. 4 Marks
(Four ACID properties - 1 mark each)
ACID Properties:
1. Atomicity: When one transaction takes place, many operations occur under one transaction.
Atomicity means either all operations will take place property and reflect in the database or
none of them will be reflected.

2. Consistency: Consistency keeps the database consistent. Execution of a transaction needs to

take place in isolation. It helps in reducing complications of executing multiple transactions at
a time and preserves the consistency of the database.

3. Isolation: It is necessary to maintain isolation for the transactions. This means one
transaction should not be aware of another transaction getting executed. Also their intermediate
result should be kept hidden.

4. Durability: When a transaction gets completed successfully, it is important that the changes
made by the transaction should be preserved in database in spite of system failures.

Q. Describe Commit and Rollback with syntax. 4 Marks

(For each command explanation - 1 mark; syntax - 1 mark)

Ans:
Commit
The COMMIT command is used to save changes invoked by a transaction to the database.
The COMMIT command saves all transactions to the database since the last COMMIT or
ROLLBACK command.
The syntax for COMMIT command is as follows: SQL> COMMIT;
Rollback:
The ROLLBACK command is used to undo transactions that have not already been saved to
the database.
The ROLLBACK command can only be used to undo transactions since the last COMMIT or
ROLLBACK command was issued.
We can either rollback the entire transaction or till a particular save point transaction can be
rolled back.
The syntax for ROLLBACK is:

ROLLBACK TO SAVEPOINT_NAME; OR
ROLLBACK;
e.g. ROLLBACK TO sv1;
OR ROLLBACK

Q. Describe Grant and Revoke commands. 4 Marks

(Description of Grant - 2 marks; Revoke - 2 marks)
Ans:
Grant: This command is used to give permission to user to do operations on the other user‗s
object.
Syntax: Grant<object privileges>on<object name>to<username>[with grant option] ;
Example: Grant select, update on emp to user1;
Revoke: This command is used to withdraw the privileges that has been granted to a user.
Syntax: Revoke <object privileges>on<object name>from <username> ;
Example: Revoke select, update on emp from user1;

Q. Describe ACID properties of transaction. 4 Marks

ACID Properties:
1. Atomicity: When one transaction takes place, many operations occur under one transaction.
Atomicity means either all operations will take place property and reflect in the database or
none of them will be reflected.

2. Consistency: Consistency keeps the database consistent. Execution of a transaction needs

to take place in isolation. It helps in reducing complications of executing multiple
transactions at a time and preserves the consistency of the database.

3. Isolation: It is necessary to maintain isolation for the transactions. This means one
transaction should not be aware of another transaction getting executed. Also their
intermediate result should be kept hidden.

4. Durability: When a transaction gets completed successfully, it is important that the

changes made by the transaction should be preserved in database in spite of system
failures.

Q. How to use COMMIT, SAVE POINT, ROLLBACK commands. 4 Marks

( Explanation – 3Marks, Example – 1Mark)
Commit:

database.

or ROLLBACK command.

SQL> COMMIT;
Savepoint:
is as follows:

certain point without rolling back the entire transaction.

SAVEPOINT SAVEPOINT_NAME;
e.g. SAVEPOINT SV1;
Rollback:

saved to the database.

COMMIT or ROLLBACK command was issued.

ROLLBACK TO SAVEPOINT_NAME;
e.g. ROLLBACK TO sv1;
 Q. Draw transaction state diagram.
(Correct diagram- 2 Marks)

A transaction must be in one of the following states:

1. Active: the initial state, the transaction stays in this state while it
is executing.
2. Partially committed: after the final statement has been executed.
3. Failed: when the normal execution can no longer proceed.
4. Aborted: after the transaction has been rolled back and
the database has been restored to its state prior to the start
of the transaction.
5. Committed: after successful completion.