Database Management Systems (DBMS) Module 5

Module V
Transaction Processing and Database Security

Transaction

A transaction can be defined as a group of tasks. A single task is the minimum processing unit
which cannot be divided further.

Let’s take an example of a simple transaction. Suppose a bank employee transfers Rs 500 from A's
account to B's account. This very simple and small transaction involves several low-level tasks.

A’s Account
Open_Account(A)
Old_Balance = A.balance
New_Balance = Old_Balance - 500
A.balance = New_Balance
Close_Account(A)

B’s Account
Open_Account(B)
Old_Balance = B.balance
New_Balance = Old_Balance + 500
B.balance = New_Balance
Close_Account(B)

ACID Properties

The transaction refers to a small unit of any given program that consists of various low-level tasks.
Every transaction in DBMS must maintain ACID – A (Atomicity), C (Consistency), I (Isolation),
D (Durability). One must maintain ACID so as to ensure completeness, accuracy, and integrity of
data.

1. Atomicity

The property of atomicity states that we must treat any given transaction as an atomic unit. It means
that either all or none of its operations need to be executed. One must ensure that there is no state

1
Database Management Systems (DBMS) Module 5

in the database in which a transaction happens to be left partially completed. One must either
define the states before or after the execution/failure/abortion of the transaction.

2. Consistency

The property of consistency states that the database must always remain in a consistent state after
any transaction. Thus, a transaction must never have any damaging effect on the data and
information that resides in the database. In case, before the execution of a transaction, the database
happens to be in a consistent state, then it has to remain consistent even after the transaction gets
executed.

3. Isolation

The property of isolation states that when multiple transactions are being simultaneously executed
and in parallel in a database system, then the carrying out and execution of the transaction would
occur as if it is the only transaction that exists in the system. None of the transactions would affect
any other transaction’s existence.

The execution of a transaction should not be interfered with by any other transactions executing
concurrently.

4. Durability

The property of durability states that any given database must be durable enough to all of its latest
updates, and it must happen even if the system suddenly restarts or fails. The database would hold
the modified data in case a transaction updates and commits some chunk of information in the
database.

The changes applied to the database by a committed transaction must persist in the database. These
changes must not be lost because of any failure.

Serializability

When multiple transactions are being executed by the operating system in a multiprogramming
environment, there are possibilities that instructions of one transaction are interleaved with some
other transaction.

2
Database Management Systems (DBMS) Module 5

 Schedule − A chronological execution sequence of a transaction is called a schedule. A

schedule can have many transactions in it, each comprising of a number of
instructions/tasks.

 Serial Schedule − It is a schedule in which transactions are aligned in such a way that one
transaction is executed first. When the first transaction completes its cycle, then the next
transaction is executed. Transactions are ordered one after the other. This type of schedule
is called a serial schedule, as transactions are executed in a serial manner.

States of Transactions

A transaction in a database can be in one of the following states –

 Active − In this state, the transaction is being executed. This is the initial state of every
transaction.

 Partially Committed − When a transaction executes its final operation, it is said to be in

a partially committed state.

 Failed − A transaction is said to be in a failed state if any of the checks made by the
database recovery system fails. A failed transaction can no longer proceed further.

3
Database Management Systems (DBMS) Module 5

 Aborted − If any of the checks fails and the transaction has reached a failed state, then the
recovery manager rolls back all its write operations on the database to bring the database
back to its original state where it was prior to the execution of the transaction. Transactions
in this state are called aborted. The database recovery module can select one of the two
operations after a transaction aborts −

o Re-start the transaction

o Kill the transaction

 Committed − If a transaction executes all its operations successfully, it is said to be

committed. All its effects are now permanently established on the database system.

Database Security and Authorization

Types of Security

Database security is a broad area that addresses many issues, including the following:

 Various legal and ethical issues regarding the right to access certain information—
for example, some information may be deemed to be private and cannot be accessed
legally by unauthorized organizations or persons. In each country, there are numerous
laws governing privacy of information. For example, Never share or pass on a
customer’s personal information to any other personwithout first informing the
customer and obtaining his/her consent.

 Policy issues at the governmental, institutional, or corporate level as to what kinds of

information should not be made publicly available—for example,credit ratings and
personal medical records.

 System-related issues such as the system levels at which various security functions
should be enforced—for example, whether a security function should be handled at the
physical hardware level, the operating system level, or the DBMS level.

4
Database Management Systems (DBMS) Module 5

 The need in some organizations to identify multiple security levelsand to categorize the
data and users based on these classifications—for example, top secret, secret,
confidential, and unclassified. The security policy of the organization with respect to
permitting access to various classifications of data must be enforced.

Threats to Databases

 Loss of integrity
 Loss of availability
 Loss of confidentiality

Threats to databases can result in the loss or degradation of some or all of the following
commonly accepted security goals: integrity, availability, and confidentiality.

 Loss of integrity.
Database integrity refers to the requirement that information be protected from
improper modification. Modification of data includes creation, insertion, updating,
changing the status of data, and deletion. Integrity is lost if unauthorized changes are
made to the data by either intentional or accidental acts.
 Loss of availability.
Database availability refers tomaking objects availableto a human user or a program
to which they have a legitimate right.
 Loss of confidentiality.
Database confidentiality refers to the protection ofdata from unauthorized disclosure.
Unauthorized disclosure could result in loss of public confidence, or legal action against
the organization.

Control Measures

Four main control measures are used to provide security of data in databases:

 Access control
 Inference control

5
Database Management Systems (DBMS) Module 5

 Flow control
 Data encryption

 Access control

The security mechanism of a DBMS must include provisions for restricting access to the
database system . This function, called access control, is handled by creating user
accounts and passwordsto control the login process by the DBMS.

 Inference control

o Statistical databases are used to provide statistical information or summaries of values

based on various criteria For example, a database for population statistics may provide
statistics based on age groups, income levels etc.

o Statistical database users such as government statisticians or market research firms are
allowed to access the database to retrieve statistical information about a population but
not to access the detailed confidential information about specific individuals.

o Security for statistical databases must ensure that information about individuals cannot
be accessed.

o It is sometimes possible to deduce or infer certain facts concerning individuals from

queries that involve only summary statistics on groups; consequently, this must not be
permitted either.

o This problem, called statistical database security and the corresponding control
measures are called inference control measures.

6
Database Management Systems (DBMS) Module 5

 Flow control

o Flow control, which prevents information from flowing in such a way that it reaches
unauthorized users.

o Channels that are pathways for information to flow implicitly in ways that violate the
security policy of an organization are called covert channels.

 Data encryption

o Data encryption , which is used to protect sensitive data (such as credit card numbers)
that is transmitted via some type of communications network.

o Encryption can be used to provide additional protection for sensitive portions of a

database as well.

o The data is encoded using some coding algorithm. An unauthorized user who accesses
encoded data will have difficulty deciphering it, but authorized users are given
decoding or decrypting algorithms (or keys) to decipher the data.

Database Security and the DBA

Database administrator (DBA) is the central authority for managing a database system. The DBA’s
responsibilities include granting privileges to users who need to use the system and classifying
users and data in accordance with the policy of the organization.

7
Database Management Systems (DBMS) Module 5

The DBA has a DBA account in the DBMS, sometimes called a system or superuser account,
which provides powerful capabilities that are not made available to regular database accounts and
users.

In Mysql root is the DBA account name.

DBA privileged commands include commands for granting and revoking privileges to individual
users or user groups and for performing the following types of actions:

1. Account creation.

This action creates a new account and password for a user or a group of users to enable access to
the DBMS.

Syntax: -

CREATE USER account_name IDENTIFIED BY 'password';

Example: -

create user user1@localhost identified by ‘pass1';

2. Privilege granting.

This action permits the DBA to grant certain privileges to certain accounts by using GRANT
command.

3. Privilege revocation.

This action permits the DBA to revoke (cancel) certain privileges that were previously given to
certain accounts by using REVOKE command.

4. Security level assignment.

This action consists of assigning user accounts to the appropriate security clearance level. Typical
security classes are top secret (TS), secret (S), confidential (C), and unclassified (U).

8
Database Management Systems (DBMS) Module 5

Action 1 in the preceding list is used to control access to the DBMS as a whole, whereas actions 2
and 3 are used to control discretionary database authorization and action 4 is used to control
mandatory authorization.

Access Control, User Accounts, and Database Audits

DBA will create a new account number and password for the user. The user must log in to the
DBMS by entering the account number and password whenever database access is needed. The
DBMS checks that the account number and password are valid.

To keep track of database users and their accounts and passwords by creating an encrypted table
or file with two fields: AccountNumber and Password. The database system must also keep
track of all operations on the database that are applied by a certain user throughout each login
session, which consists of the sequence of database interactions that a user performs from the time
of logging in to the time of logging off.

When a user logs in, the DBMS can record the user’s account number and associate it with the
computer or device from which the user logged in. It is particularly important to keep track of
update operations that are applied to the database so that, if the database is tampered with, the
DBA can determine which user did the tampering.

If any tampering with the database is suspected, a database audit is performed, which consists of
reviewing the log to examine all accesses and operations applied to the database during a certain
time period.

When an illegal or unauthorized operation is found, the DBA can determine the account number
used to perform the operation.

A database log that is used mainly for security purposes is sometimes called an audit trail.

9
Database Management Systems (DBMS) Module 5

Access control Based on Granting and Revoking Privileges

We can use DCL commands for access control.

DCL (Data Control Language) Commands

DCL commands are used to enforce database security in a multiple database environment. Two
types of DCL commands are

 Grant
 Revoke

Database Administrator's or owners of the database object can provide/remove privileges on a

database object.

SQL Grant Command

SQL Grant command is used to provide access or privileges on the database objects to the users.
The syntax for the GRANT command is:

GRANT privilege_name ON object_name TO {user_name | role_name} [with GRANT

option];

Here, privilege_name: is the access right or privilege granted to the user.

object_name: is the name of the database object like table, view etc.

user_name: is the name of the user to whom an access right is being granted.

SQL Revoke Command

The revoke command removes user access rights or privileges to the database objects. The syntax
for the REVOKE command is:

REVOKE privilege_name ON object_name FROM {User_name | Role_name};

For Example:

a. GRANT SELECT ON employee TO user1;

This command grants a SELECT permission on employee table to user1.

10
Database Management Systems (DBMS) Module 5

b. REVOKE SELECT ON employee FROM user1;

This command will revoke a SELECT privilege on employee table from user1.

11