Examen 3. Presentacion 6

Question 1

Semantic Data Control Involves

Answer 1

View management
Security control
Integrity control

Question 2

Semantic Data Control Objective

Answer 2

Ensure that authorized users perform correct operations on the
database, contributing to the maintenance of the database
integrity.

Question 3

View – virtual relation

Answer 3

generated from base relation(s) by a query
not stored as base relations

Question 4

CREATE VIEW SYSAN(ENO,ENAME)
AS SELECT ENO,ENAME
FROM EMP
WHERE TITLE= “Syst. Anal.”

Answer 4

View – virtual relation Example

Question 5

ELECT ENAME, PNO, RESP
FROM SYSAN, ASG
WHERE SYSAN.ENO = ASG.ENO

Answer 5

Views can be manipulated as base relations

Question 6

SELECT ENAME, PNO, RESP
FROM SYSAN, ASG
WHERE SYSAN.ENO = ASG.ENO

Answer 6

Queries expressed on views

Question 7

SELECT ENAME,PNO,RESP
FROM EMP, ASG
WHERE EMP.ENO = ASG.ENO
AND TITLE = “Syst. Anal.”

Answer 7

Queries expressed on base relations

Question 8

CREATE VIEW ESAME
AS SELECT *
FROM EMP E1, EMP E2
WHERE E1.TITLE = E2.TITLE
AND E1.ENO = USER

Answer 8

To restrict access

Question 9

CREATE VIEW SYSAN(ENO,ENAME)
AS SELECT ENO,ENAME
FROM EMP
WHERE TITLE=”Syst. Anal.”

Answer 9

Updatable

Question 10

CREATE VIEW EG(ENAME,RESP)
AS SELECT ENAME,RESP
FROM EMP, ASG
WHERE EMP.ENO=ASG.ENO

Answer 10

Non-updatable

Question 11

View Management in Distributed DBMS

Answer 11

Views might be derived from fragments.
View definition storage should be treated as database
storage
Query modification results in a distributed query
View evaluations might be costly if base relations are
distributed

Question 12

Materialized View

Answer 12

Stored as a database relation, possibly with indices

Question 13

Deferred mode

Answer 13

DDBMS: No need to access remote, base relations
Data warehouse: to speed up OLAP

Question 14

Materialized View updating

Answer 14

Resembles data replication but there are differences
View expressions typically more complex
Replication configurations more general

Question 14

When to Refresh a View Modes

Answer 14

Immediate mode, Deferred mode

Question 14

Deffered Mode times

Answer 14

Lazily: just before evaluating a query on the view
Periodically: every hour, every day, etc
Forcedly: after a number of predefined updates

Question 14

Deferred mode

Answer 14

Through separate refresh transactions
Triggered at different times with different trade-offs

Question 15

Immediate mode

Answer 15

As part of the updating transaction, e.g. through 2PC
View always consistent with base data and fast queries
But increased transaction time to update base data

Question 15

How to Refresh a View

Answer 15

Full computing from base data
Incremental computing by applying only the changes to
the view

Question 16

Data Security

Answer 16

Data protection
Access control

Question 17

Data protection

Answer 17

Prevents the physical content of data to be understood by unauthorized users
Uses encryption/decryption techniques

Question 18

Access control

Answer 18

Only authorized users perform operations they are allowed to on database objects

Question 19

Types of access control

Answer 19

Discretionary access control (DAC)
Multilevel access control (MAC)

Question 20

DAC’sMain actors

Answer 20

Subjects (users, groups of users) who execute operations
Operations (in queries or application programs)
Objects, on which operations are performed

Question 21

Problem with DAC

Answer 21

A malicious user can access unauthorized data through an authorized user

Question 22

Multilevel Access Control

Answer 22

Different security levels Access controlled by 2 rules A relation can be classified at different levels A classified relation is thus multilevel

Question 23

Different security levels

Answer 23

Top Secret > Secret > Confidential > Unclassified

Question 24

No read up

Answer 24

subject S is allowed to read an object of level L only if level(S) ≥ L Protect data from unauthorized disclosure, e.g. a subject with secret clearance cannot read top secret data

Question 25

No write down

Answer 25

subject S is allowed to write an object of level L only if level(S) ≤ L Protect data from unauthorized change, e.g. a subject with top secret clearance can only write top secret data but not secret data (which could then contain top secret data)

Question 26

A relation can be classified at different levels

Answer 26

Relation: all tuples have the same clearance Tuple: every tuple has a clearance Attribute: every attribute has a clearance

Question 27

Additional problems in a distributed environment

Answer 27

Remote user authentication Management of DAC rules Covert channels in MAC

Question 28

Semantic Integrity Control

Answer 28

Maintain database consistency by enforcing a set of constraints defined on the database.

Question 29

Structural constraints

Answer 29

Basic semantic properties inherent to a data model e.g., unique key constraint in relational model

Question 30

Behavioral constraints

Answer 30

Regulate application behavior, e.g., dependencies in the relational model

Question 31

Two components

Answer 31

Integrity constraint specification Integrity constraint enforcement

Question 32

Predefined constraints

Answer 32

Not-null attribute, Unique key, Foreign key, Functional dependency

Question 33

Precompiled constraints Definition

Answer 33

Express preconditions that must be satisfied by all tuples in a relation for a given update type

Question 34

Precompiled constraints

Answer 34

Domain constraint, Domain constraint on deletion, Transition constraint

Question 35

General constraints Definition

Answer 35

Constraints that must always be true. Formulae of tuple relational calculus where all variables are quantified

Question 36

General constraints

Answer 36

Functional dependency, Constraint with aggregate function,