UNIT –III DBMS

UNIT III
Integrity and Security: Domain Constraints – Referential Integrity – Assertions –Triggers – Security and
Authorization – Authorization in SQL .Relational-Database Design: Normalization -First Normal Form,
Second Normal Form, Third Normal Form, Boyce-Codd Normal Form.

Integrity and Security

Integrity constraints provide a means of ensuring that changes made to the database by
authorized users do not result in a loss of data consistency. Thus, integrity constraints guard
against accidental damage to the data base.

These constraints are in the forms:

Key declarations: stipulation (condition) that certain attributes form a candidate key for a
given entity set. The set of legal insertions and updates is constrained to those that do not
create two entities with the same value on a candidate key.

Form of a relationship: many- to- many, one- to- many, one to one. A one-to-one or one –
to-many relationship restricts the set of legal relationships among entities of a collection of
entity sets.

 Domain Constraints
 Referential Integrity
 Assertions
 Triggers
 Security
 Authorization
 Authorization in SQL

Domain Constraints:
Domain of possible values must be associated with every attribute.
Domains could be specified as below:

create DOMAIN NAME1 CHAR(10)

create DOMAIN STUNO INTEGER
create DOMAIN NAME2 CHAR(10)
etc…….

Note that NAME1 and NAME2 are both character strings of length 10 but they now
belong to different (semantic) domains.
It is important to denote different domains too
Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 1
UNIT –III DBMS

(a) Constrain unions, intersections, differences, and equi joins of relations.

(b) Let the system check if two occurrences of the same database value denote the same real
world object.
The constraint on union-compatibility and join-compatibility is important so that only those operations
that make sense are permitted. For example, a join on class number and student number would make no
sense even if both attributes are integers and the user should not be permitted to carry out such
operations (or at least be warned when it is attempted).

When Should Constraints Be Checked?

• Usually they are checked for each modification statement.

• But sometimes deferred constraint checking is necessary.

1.Domain Constraints

 Integrity constraints guard against accidental damage to the database, by ensuring that
authorized changes to the database do not result in a loss of data consistency.
 Domain constraints are the most elementary form of integrity constraint.
 They test values inserted in the database, and test queries to ensure that the
comparisons make sense.
 Number of standard domain types, such as integer types, character types, and
date/time types defined in SQL.

 Domain constraints are the most elementary form of integrity constraint. They are
tested easily by the system whenever a new data item is entered into the database.

 It is possible for several attributes to have the same domain.

 For example, the attributes customer-name and employee-name might have the same
domain: the set of all person names.
 However, the domains of balance and branch-name certainly ought to be distinct. It is
perhaps less clear whether customer-name and branch-name should have the same
domain.

“Find all customers who have the same name as a branch” to be a meaningful query. Thus, if
we view the database at the conceptual, rather than the physical, level, customer-name and
branch-name should have distinct domains.

The create domain clause can be used to define new domains. For example, the statements:

Values of one domain can be cast (that is, converted) to another domain. If the attribute A or
relation r is of type Dollars, we can convert it to Pounds by writing

(cast r.A as Pounds)

(Should also multiply by the dollar-to-pound conversion-rate)

o The check clause in SQL-92 permits domains to be restricted:

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 2

UNIT –III DBMS


Use check clause to ensure that an hourly-wage domain allows only
values greater than a specified value.
o The domain has a constraint that ensures that the hourly-wage is greater than 4.00

The domain HourlyWage has a constraint that ensures that the hourly wage is greater than
4.00. The clause constraint wage-value-test is optional, and is used to give the name wage-
value-test to the constraint.

The check clause can also be used to restrict a domain to not contain any null values:

As another example, the domain can be restricted to contain only a specified set of values by
using the in clause:

The preceding check conditions can be tested quite easily, when a tuple is inserted or
modified. However, in general, the check conditions can be more complex (and harder to
check), since subqueries that refer to other relations are permitted in the check condition. For
example, this constraint could be specified on the relation deposit:

The check condition verifies that the branch-name in each tuple in the deposit relation is
actually the name of a branch in the branch relation. Thus, the condition has to be checked
not only when a tuple is inserted or modified in deposit, but also when the relation branch
changes (in this case, when a tuple is deleted or modified in relation branch). The preceding
constraint is actually an example of a class of constraints called referential-integrity
constraints.

2.Referential Integrity

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 3

UNIT –III DBMS

A referential integrity constraint requires that a foreign key in one relation refers to an
actual, existing tuple in another relation.

i.e. the value that appears in one relation for a given set(‘s’) of attributes also appears
for certain set of attributes in another relation for (‘r’).

 Primary and candidate keys and foreign keys can be specified as part of the
SQL create table statement
 The primary key clause lists of attributes that comprise the primary key.
 The unique key clause lists of attributes that comprise a candidate key.
 The foreign key clause lists the attributes that comprise the foreign key and the name
of the relation referenced by the foreign key. By default, a foreign key references the primary
key attributes of the referenced table.

Example :

create table deposit( branch-namechar(15) not null,

account-numberchar(10),customer-namechar(20) not null,

primary key (account-number, customer-name),

foreign key (branch-name) references branch,

foreign key (customer-name) references customer).

2.1.Referential Integrity in E-R Model

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 4

UNIT –III DBMS

 Consider relationship set R between entity sets E1 and E2. The relational schema for
R includes the primary keys K1 of E1 and K2 of E2.
 Then K1 and K2 form foreign keys on the relational schemas for E1 and E2
respectively.

 weak entity sets are also a source of referential integrity constraints.

 For the relation schema for a weak entity set must include the primary key
attributes of the entity set on which it depends

2.2.Referential Integrity in SQL

SQL supports all four options on deletes and updates

 Default is ‘NO ACTION’( Action is rejected).

 CASCADE(Also delete all tuples that refer to deleted tuple).
 SET NULL/SET DEFAULT(Sets foreign key value of refercing tuple).

Example:

create table deposit

( branch-namechar(15) not null,

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 5

UNIT –III DBMS

account-numberchar(10),

customer-namechar(20) not null,

primary key (account-number, customer-name),

foreign key (branch-name) references branch,

foreign key (customer-name) references customer);

2.3Checking Referential Integrity on Database Modification

 The following tests must be made in order to preserve the following referential
integrity constraint:
 (r2)  K (r1)

 Insert. If a tuple t2 is inserted into r2, the system must ensure that there is a tuple t1
in r1 such that t1[K] = t2[]. That is
t2 []  K (r1)

 Delete. If a tuple, t1 is deleted from r1, the system must compute the set of tuples in
r2 that reference t1:
 = t1[K] (r2)

If this set is not empty

 either the delete command is rejected as an error, or

 the tuples that reference t1 must themselves be deleted
(cascading deletions are possible).

 Update. There are two cases:
If a tuple t2 is updated in relation r2 and the update modifies values for foreign key , then a
test similar to the insert case is made:
 Let t2’ denote the new value of tuple t2. The system must ensure that
t2’[]  K(r1)

If a tuple t1 is updated in r1, and the update modifies values for the primary key (K), then a
test similar to the delete case is made:

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 6

UNIT –III DBMS

The system must compute

 = t1[K] (r2)
using the old value of t1 (the value before the update is applied).
If this set is not empty
1. the update may be rejected as an error, or
2. the update may be cascaded to the tuples in the set, or
3. the tuples in the set may be deleted.

2.4 Referential Integrity in SQL

Primary and candidate keys and foreign keys can be specified as part of the SQL create table
statement:
The primary key clause of the create table statement includes a list of the attributes that
constitute the primary key.

The unique clause of the create table statement includes a list of the attributes that constitute
a candidate key.

The foreign key clause of the create table statement includes both a list of the attributes that
constitute the foreign key and the name of the relation referenced by the foreign key.

Primary and foreign key declarations using the partial SQL DDL Definition of our bank
database shown in fig:6.2

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 7

UNIT –III DBMS

We can use the following short form as part of an attribute definition to declare that the
attribute forms a foreign key:

However, a foreign key clause can specify that if a delete or update action on the referenced
relation violates the constraint, then, instead of rejecting the action, the system must take
steps to change the tuple in the referencing relation to restore the constraint. Consider this
definition of an integrity constraint on the relation account:

Because of the clause on delete cascade associated with the foreign-key declaration,if a
delete of a tuple in branch results in this referential-integrity constraint being violated,the
system does not reject the delete. Instead, the delete “cascades” to the account relation,
deleting the tuple that refers to the branch that was deleted.

SQL also allows the foreign keyclause to specify actions other than cascade, if the constraint
is violated: The referencing field (here, branch-name) can be set to null (by using set null in
place of cascade),or to the default value for the domain (by using set default).

Null values complicate the semantics of referential integrity constraints in SQL.Attributes of

foreign keys are allowed to be null, provided that they have not otherwise been declared to be
non-null. If all the columns of a foreign key are non-null in a given tuple, the usual definition
of foreign-key constraints is used for that tuple. Ifany of the foreign-key columns is null, the
tuple is defined automatically to satisfy the constraint.
SQL also provides constructs that allow you to change the behavior with null values.

3.Assertions

 An assertion is a predicate expressing a condition that we wish the database always to

satisfy.
 An assertion in SQL takes the form
 create assertion <assertion-name> check <predicate>

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 8

UNIT –III DBMS

 When an assertion is made, the system tests it for validity, and tests it again on every
update that may violate the assertion
o This testing may introduce a significant amount of overhead; hence assertions
should be used with great care.
 Asserting
for all X, P(X)
is achieved in a round-about fashion using
not exists X such that not P(X)

Assertions in SQL form:

Example

When an assertion is created, the system tests it for validity. If the assertion is valid,then any
future modification to the database is allowed only if it does not cause that assertion to be
violated.

4.Triggers

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 9

UNIT –III DBMS

 A trigger is a statement that is executed automatically by the system as a side effect

of a modification to the database.
 To design a trigger mechanism, we must:
 Specify when a trigger is to be executed. This is broken up into an event that
causes the trigger to be checked and a condition that must be satisfied for trigger
execution to proceed.
 Specify the actions to be taken when the trigger executes.
The above model of triggers is referred to as the event-condition-action model for triggers.

Trigger Example
 Suppose that instead of allowing negative account balances, the bank deals with
overdrafts by
o setting the account balance to zero
o creating a loan in the amount of the overdraft
o giving this loan a loan number identical to the account number of the
overdrawn account
 The condition for executing the trigger is an update to the account relation that results
in a negative balance value.

4.1Need of Triggers

Triggers are useful mechanisms for alerting humans or for starting certain tasks
automatically when certain conditions are met. As an illustration, suppose that, instead of
allowing negative account balances, the bank deals with overdrafts by setting the account
balance to zero, and creating a loan in the amount of the overdraft. The bank gives this loan a
loan number identical to the account number of the overdrawn account.

For this example, the condition for executing the trigger is an update to the account relation
that results in a negative balance value. Suppose that Jones’ withdrawal of some money from
an account made the account balance negative. Let t denote the account tuple with a negative
balance value. The actions to be taken are:

Insert a new tuple s in the loan relation with

Insert a new tuple u in the borrower relation with

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 10

UNIT –III DBMS

Set t[balance] to 0.

4.2.Triggers in SQL


SQL-based database systems use triggers widely, although before SQL:1999 they were not
part of the SQL standard. Unfortunately, each database system implemented its

 Centralized actions can be defined using a non declarative approach (writing PL/SQL
code) with database triggers.
 A database trigger is a stored procedure that is fired (implicitly executed) when an
INSERT, UPDATE, or DELETE statement is issued against the associated table.
 Database triggers can be used to customize a database management system:
 value-based auditing
 automated data generation
 the enforcement of complex security checks
 enforce integrity rules
 enforce complex business rules
For updates, the trigger can specify columns whose update causes the trigger to execute. For
instance if the first line of the overdraft trigger were replaced by

then the trigger would be executed only on updates to balance; updates to other attributes
would not cause it to be executed.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 11

UNIT –III DBMS

Example:1

suppose the value in a phone number field of an inserted tuple is blank, which indicates
absence of a phone number. We can define a trigger that replaces the value by the null value.
The set statement can be used to carry out such modifications.

Example:2
Returning to our warehouse inventory example, suppose we have the following relations:

• inventory(item, level), which notes the current amount (number/weight/volume) of the item
in the warehouse

minlevel(item, level), which notes the minimum amount of the item to be maintained

• reorder(item, amount), which notes the amount of the item to be ordered when
its level falls below the minimum

• orders(item, amount), which notes the amount of the item to be ordered.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 12

UNIT –III DBMS

4.3.The Execution Model for Triggers

 Execute all BEFORE statement triggers that apply to the statement.

 Loop for each row affected by the SQL statement.
 Execute all BEFORE row triggers that apply to the statement.
 Lock and change row, and perform integrity constraint checking. (The lock is
not released until the transaction is committed.)
 Execute all AFTER row triggers that apply to the statement.
 Complete deferred integrity constraint checking.
 Execute all AFTER statement triggers that apply to the statement.

Example:

4.4.When Not To Use Triggers

 Triggers were used earlier for tasks such as

 maintaining summary data (e.g. total salary of each department)
 Replicating databases by recording changes to special relations (called change
or delta relations) and having a separate process that applies the changes over to a replica
 There are better ways of doing these now:
 Databases today provide built in materialized view facilities to maintain
summary data
 Databases provide built-in support for replication
 Encapsulation facilities can be used instead of triggers in many cases
 Define methods to update fields
 Carry out actions as part of the update methods instead of
through a trigger

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 13

UNIT –III DBMS

5.Security

The data stored in the database need to be protected from unauthorized access, malicious
destruction or alteration, and accidental introduction of consistency.

Security Violations
Misuse of the database can be categorized as being either intentional(malicious) or
accidental. Accidental loss of data consistency may result from

Crashes during transaction processing

 Anomalies caused by concurrent access to the database
 Anomalies caused by the distribution of data over several computers
 Logical errors that violate the assumption those transcations prevent the database
consistency constraints
It is easier to protect against accidental loss of data consistency than to protect against
malicious access to the database.Among the forms of malicious access are:
• Unauthorized reading of data (theft of information)
• Unauthorized modification of data
• Unauthorized destruction of data

To protect the database,we must take security measures at several levels:

Database security refers to protection from malicious access. Absolute protection of the
database from malicious abuse is not possible, but the cost to the perpetrator can be made
high enough to deter most if not all attempts to access the database without proper authority.

To protect the database, we must take security measures at several levels:

• Database system. Some database-system users may be authorized to access only a limited
portion of the database. Other users may be allowed to issue queries, but may be forbidden to
modify the data. It is the responsibility of the database system to ensure that these
authorization restrictions are not violated.
• Operating system. No matter how secure the database system is, weakness in operating-
system security may serve as a means of unauthorized access to the database.
• Network. Since almost all database systems allow remote access through terminals or
networks, software-level security within the network software is as important as physical
security, both on the Internet and in private networks.
• Physical. Sites with computer systems must be physic ally secured against armed or
surreptitious entry by intruders.
• Human. Users must be authorized carefully to reduce the chance of any user giving access
to an intruder in exchange for a bribe or other favors.

Security at all these levels must be maintained if database security is to be ensured.

A weakness at a low level of security (physical or human) allows circumvention of
strict high-level (database) security measures.

Security within the operating system is implemented at several levels, ranging from
passwords for access to the system to the isolation of concurrent processes running within the
system. The file system also provides some degree of protection.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 14

UNIT –III DBMS

Finally, network-level security has gained widespread recognition as the Internet has evolved
from an academic research platform to the basis of international electronic commerce.

6.Authorization

A user may have several forms of authorization on parts of the database.

Forms of authorization on parts of the database:

 Read authorization - allows reading, but not modification of data.

 Insert authorization - allows insertion of new data, but not modification of existing
data.
 Update authorization - allows modification, but not deletion of data.
 Delete authorization - allows deletion of data

Forms of authorization to modify the database schema:

 Index authorization - allows creation and deletion of indices.

 Resources authorization - allows creation of new relations.
 Alteration authorization - allows addition or deletion of attributes in a relation.
 Drop authorization - allows deletion of relations.

The drop and delete authorization differ in that delete authorization allows deletion of tuples
only. If a user deletes all tuples of a relation, the relation still exists, but it is empty. If a
relation is dropped, it no longer exists.
Resource authorization. A user with resource authorization who creates a new relation is
given all privileges on that relation automatically.

Index authorization may appear unnecessary, since the creation or deletion of an index does
not alter data in relations. Rather, indices are a structure for performance
enhancements.However, indices also consume space, and all database modifications are
required to update indices. If index authorization were granted to all users, those who
performed updates would be tempted to delete indices, whereas those who issued queries
would be tempted to create numerous indices. To allow the database administrator to
regulate the use of system resources, it is necessary to treat index creation as a privilege.
6.1 Authorization and Views

 Users can be given authorization on views, without being given any authorization on
the relations used in the view definition
 Ability of views to hide data serves both to simplify usage of the system and to
enhance security by allowing users access only to data they need for their job
 A combination or relational-level security and view-level security can be used to
limit a user’s access to precisely the data that user needs.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 15

UNIT –III DBMS

View Example

 Suppose a bank clerk needs to know the names of the customers of each branch, but
is not authorized to see specific loan information.
Approach: Deny direct access to the loan relation, but grant access to the view cust-loan,
which consists only of the names of customers and the branches at which they have a loan.

The cust-loan view is defined in SQL as follows:

The clerk is authorized to see the result of the query:

select * from cust-loan;

Clearly, the clerk is authorized to see the result of this query. However, when the query
processor translates it into a query on the actual relations in the database, it produces a query
on borrower and loan. Thus, the system must check authorization on the clerk’s query before
it begins query processing

6.2Authorization on Views

Creation of a view does not require resource authorization.

A user who creates a view does not necessarily receive all privileges on that view. User
receives only those privileges that provide no additional authorization beyond those that user
already had.

For example, a user cannot be given update authorization on a view without having update
authorization on the relations used to define the view. If a user creates a view on which no
authorization can be granted, the system will deny the view creation request. In our cust-loan
view example, the creator of the view must have read authorization on both the borrower and
loan relations.
6.3.Granting of Privileges

 The passage of authorization from one user to another may be represented by an

authorization graph.
 The nodes of this graph are the users.
 The root of the graph is the database administrator.
 Consider graph for update authorization on loan.
 An edge Ui Uj indicates that user Ui has granted update authorization on loan to
Uj.

In the sample graph in Figure 6.6, observe that user U5 is granted authorization by both U1
and U2; U4 is granted authorization by only U1.A user has an authorization if and only if

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 16

UNIT –III DBMS

there is a path from the root of the authorizationgraph (namely, the node representing the
database administrator) down to
the node representing the user.

Suppose that the database administrator decides to revoke the authorization of user U1. Since
U4 has authorization from U1, that authorization should be revoked as well. However, U5
was granted authorization by both U1 and U2. Since the database administrator did not
revoke update authorization on loan from U2, U5 retains update authorization on loan. If U2
eventually revokes authorization from U5, then U5 loses the authorization.

A pair of devious users might attempt to defeat the rules for revocation of authorization by
granting authorization to each other, as shown in Figure 6.7a. If the database administrator
revokes authorization from U2, U2 retains authorization through U3, as in Figure 6.7b. If
authorization is revoked subsequently from U3, U3 appears to retain authorization through
U2, as in Figure 6.7c. However, when the database administrator revokes authorization from
U3, the edges fromU3 to U2 and
from U2 to U3 are no longer part of a path starting with the database administrator.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 17

UNIT –III DBMS

7. Authorization in SQL

Security Specification in SQL

 The SQL standard includes the privileges delete, insert, select, and update.
 The select privilege corresponds to the read privilege.
 SQL also includes a references privilege that permits a user/role to declare foreign
keys the user/role must have been granted references privilege on those attributes.

The SQL data-definition language includes commands to grant and revoke privileges. The
grant statement is used to confer authorization. The basic form of this statement is:

The privilege list allows the granting of several privileges in one command. The following
grant statement grants users U1, U2, and U3 select authorization on the account relation:

The update authorization may be given either on all attributes of the relation or on only
some. If update authorization is included in a grant statement, the list of attributes on which
update authorization is to be granted optionally appears in parentheses immediately after the
update keyword.

If the list of attributes is omitted, the update privilege will be granted on all attributes of the
relation.
This grant statement gives users U1, U2, andU3 update authorization on the amount attribute
of the loan relation:

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 18

UNIT –III DBMS

The SQL references privilege is granted on specific attributes in a manner like that for the
update privilege. The following grant statement allows user U1 to create relations that
reference the key branch-name of the branch relation as a foreign key:

The privilege all privileges can be used as a short form for all the allowable
privileges.Similarly, the user name public refers to all current and future users of the system.
SQL also includes a usage privilege that authorizes a user to use a specified domain

Roles

Roles can be created in SQL:1999 as follows

Roles can then be granted privileges just as the users can, as illustrated in this statement:

The Privilege to Grant Privileges

By default, a user/role that is granted a privilege is not authorized to grant that privilege to
another user/role. we append the with grant option clause to theappropriate grant command.

For example, if we wish to allow U1 the select privilegeon branch and allow U1 to grant this
privilege to others, we write

To revoke an authorization, we use the revoke statement. It takes a form almost

identical to that of grant:

Thus, to revoke the privileges that we granted previously, we write

The revoke statement may alternatively specify restrict

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 19

UNIT –III DBMS

In this case, the system returns an error if there are any cascading revokes, and does
not carry out the revoke action. The following revoke statement revokes only the
grant option, rather than the actual select privilege:

7.1Limitations of SQL Authorization

 SQL does not support authorization at a tuple level

 E.g. we cannot restrict students to see only (the tuples storing) their own
grades
 With the growth in Web access to databases, database accesses come primarily from
application servers.
 End users don't have database user ids, they are all mapped to the same
database user id
 All end-users of an application (such as a web application) may be mapped to a single
database user
 The task of authorization in above cases falls on the application program, with no
support from SQL
 Benefit: fine grained authorizations, such as to individual tuples, can be
implemented by the application.
 Drawback: Authorization must be done in application code, and may be
dispersed all over an application
 Checking for absence of authorization loopholes becomes very difficult since
it requires reading large amounts of application code
.

8.Encryption

 Data may be encrypted when database authorization provisions do not offer sufficient
protection.
 Properties of good encryption technique:
 Relatively simple for authorized users to encrypt and decrypt data.
 Encryption scheme depends not on the secrecy of the algorithm but on the
secrecy of a parameter of the algorithm called the encryption key.
 Extremely difficult for an intruder to determine the encryption key.

 Data Encryption Standard (DES) substitutes characters and rearranges their order on
the basis of an encryption key which is provided to authorized users via a secure mechanism.
Scheme is no more secure than the key transmission mechanism since the key has to be
shared.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 20

UNIT –III DBMS

 Advanced Encryption Standard (AES) is a new standard replacing DES, and is based
on the Rijndael algorithm, but is also dependent on shared secret keys
 Public-key encryption is based on each user having two keys:
o public key – publicly published key used to encrypt data, but cannot be used to
decrypt data
o private key -- key known only to individual user, and used to decrypt data.
Need not be transmitted to the site doing encryption.
Encryption scheme is such that it is impossible or extremely hard to decrypt data given
only the public key.

 The RSA public-key encryption scheme is based on the hardness of factoring a very
large number (100's of digits) into its prime components.

9.Authentication

 Password based authentication is widely used, but is susceptible to sniffing on a

network
 Challenge-response systems avoid transmission of passwords
 DB sends a (randomly generated) challenge string to user
 User encrypts string and returns result.
 DB verifies identity by decrypting result
 Can use public-key encryption system by DB sending a message encrypted
using user’s public key, and user decrypting and sending the message back
 Digital signatures are used to verify authenticity of data
 E.g. use private key (in reverse) to encrypt data, and anyone can verify
authenticity by using public key (in reverse) to decrypt data. Only holder of private key
could have created the encrypted data.
 Digital signatures also help ensure no repudiation: sender
cannot later claim to have not created the data
NORMALIZATION:

Normalization is a technique for producing set of relation with desirable properties given the
data requirements of an enterprise. It is the processes of removing redundant data from are
tables to improve storage efficiency data integrity and scalability. It generally involves
splitting the existing tables into multiple ones which must be rejoined or linked each time a
query is used.

Pitfalls in relational database design:

The undesirable properties that a bad relational database design may have are:

 Repetition of information
 Inability to represent certain information
 Loss of information

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 21

UNIT –III DBMS

Purpose of normalization

 To avoid redundancy by storing each fact within the database only once
 To put a data into a form that confirm to relational principles
 To put data into form that is more able to accurately accommodate change.
 To avoid updating anomalies
 To facilitate the enforcement of data constraints.

Benefits:

 Facilitates data integration.

 Reduces data redundancy
 Produces a robust architecture for retrieving and maintaining data
 Complements data modeling
 Reduces the chance of data anomalies occurring

Redundancy:

Redundant is where we have stored some information more than once

Repeating groups

An attribute that can have more than one value

Anomalies

An undesirable side effects that occur when performing any modification

Insert

Update

Delete

Functional dependency

Attribute B is functionally depend upon attributes A, if a values of A determines a single

value of attribute B at any one time.

Example: A->B

A determines B or B functionally dependent on A

Compound determinant

If more than one attribute is necessary to determine another attribute in an entity

Full functional dependency

It use all the attribute of the composite determinant to identify its object uniquely

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 22

UNIT –III DBMS

Partial functional dependency

It only use a subset of attributes of the composite determinant to identify its object uniquely

Transitive dependency

Transitive dependency exists when there is an intermediate functional dependency

Example: A->B->c

If A->Band B->c then A->B->C then,

A->C

Lossless join dependency

A property of decomposition which ensures that no spurious tuples are generated when
relations are reunited to a natural join dependency or operator.

Types of Normalization

 First normal form

 Second normal form
 Third normal form
 Boyee codd normal form
 Fourth normal form
 Fifth normal form

FIRST NORMAL FORM(1 NF):

The relation is said to be first normal form(1NF) if and only if each attribute of the relation is
atomic more simplify to be in 1nf each column must contain only a single value and each row
must contain the same columns.

It describes the tabular format in which

1. All the key attributes are defined.

2. There are no repeating groups in the tables.
3. All attributes are depend on the primary key.
Consider the table given below
Table name:employee

Empno name Deptno dname skills

1 Kevin jacob 201 R&d C,java,perl
2 Jones 224 IT Linux,max
3 Rivera 201 R&d Oracle,java,db2

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 23

UNIT –III DBMS

In the above table this skill field has multi value attributes and unnormalized form.a
relation table must not have repeating groups.
So,it can be converted into first normal form as shown as below

Empno name Deptno dname skills

1 Kevin jacob 201 R&d C
1 Kevin jacob 201 R&d java
1 Kevin jacob 201 R&d perl
2 Jones 224 IT linux
2 Jones 224 IT max
3 Rivera 201 R&d oracle
3 Rivera 201 R&d java
3 rivera 201 R&d Db2

Here the above employee table is in the first normal form .

The redundancy value in the are eliminated by placing the multi value attribute into
different rows to indicate the same relationship as before.
Characteristics of first normal form:
Remove horizontal redundancy:
No two columns hold the same value or information.
No single column holds more than single item.
Each row must be unique
Use a primary key

Benefits of 1NF:
o Easy to query or sort the data
o More scable
o Each row can be identified for updating.

SECOND NORMAL FORM

A relation is said to be second normal form if and only if every non key field depend on the
entire primary key, not on part of a composite key. If a database has only single field primary
keys, it is automatically in second normal form.

It involves a normalization using functional dependencies. A given set of functional

dependencies can be used in designing relational database in which most of the undesirable
property do not occur. Using Functional dependencies we can define several normal form,
which represent “good” database design.

EMPNO NAME DEPT NO DEPTNAME SKILSS

1 kevinjocob 201 R&D C
1 kevinjocob 201 R&D perl
1 kevinjocob 201 R&D java
2 jones 224 IT LINUX

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 24

UNIT –III DBMS

2 jones 224 IT MAC

3 rivera 201 R&D DB2
3 rivera 201 R&D oracle
3 rivera 201 R&D java

EMPNO NAME DEPTNO DEPTNAME

1 kevinjocob 201 R&D
2 jones 224 IT
3 rivera 201 R&D

EMPNO SKILLS
1 C
1 perl
1 java
2 LINUX
2 MAC
3 oracle
3 java
3 DB2

FUNCTIONAL DEPENDENCIES

The property of one or more attribute that uniquely determined the value of other attribute.

Functional dependencies is a relationship between or among attribute such that the value of
one attribute depend on or determined by the values of other attributes.

Features of 2NF

->Meet all the requirements of the 2NF.

-> Remove columns that are not depend up the primary key.

-> Remove columns that are not fully depend up on the primary key.

THIRD NORMAL FORM(3NF)

->It is always possible to find a lossless-join, dependency-preservation decomposition (I,e) in

third normal form(3NF)

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 25

UNIT –III DBMS

->BCNF require that all non- trivial dependencies be of the form α->β, where, where α is a
super key. 3NF relaxes this constrain by allowing non-trivial functional dependencies whose
left side is not a super key.

-> A relational schema R is in 3NF with respect to set F of functional dependencies, if , for
all functional dependencies in F+ of the form α->β where αCR and βCR, at least one of the
following holds:

α->β is a trivial functional dependencies.

α is a supper key for R.

Each attribute A in β->a is contained is a candidate key for R.

Dependency preserving, lossless join decomposition in to 3NF

Let FC be a canonical cover for F;

I:=0

For each functional dependency Rj, j=1,2,..i contain αβ

Then begin

I:=i+1;

Ri:=αβ;

And

If none of the schemas Rj, j=I,1…I contains a candidate key for R

Then begin

I:=i+1;

Ri:= any candidate key for R;

End

Return(R1, R2,……Ri)

 The relation R is said to be 3NF, if and only if it is a second normal form and no
transitive dependency exist between non-key attribute and key attribute.
 Transitive functional dependency arises only when non-key attribute.
 A relation is said to be transitively dependent when
(i) Z is transitively dependent on X.
(ii) When X determines Y and Y determines Z.
(iii) Thus Z is indirectly dependent X through Y.

EG; Employee

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 26

UNIT –III DBMS

PROJECTNO NAME ADDRESS

P1 Rose 86,new st.
P2 Smith 42, Nehru st.
P3 Rose 86,new st.
P4 Rose 86, new st.

EMPLOYEE

PROJECT NO NAME
P1 Rose
P2 Smith
P3 Rose
P4 Rose

Employee name

NAME ADDRESS
Rose 86,Nehru st.
Smith 42, Nehru st.

Here the name attribute is used to link between two tables and act as the
foreign key.

Boyce codd normal form: (BCNF)

BCNF is based on the concept of determinant.A determinant is any artibute

(simple,composite) on which some other arttribute is fully functional dependent.

A relation schema R is in BCNF with respect to a set Fof functional dependencies if for
all functional dependencies in f+ of the form α->β where α subset of R and ,β _c R atleast
one of the following holds:

 α->β Is a trivial functional dependency(β-c α)

 α Is a super key for schema R
 A relation is in boyee codd normal form is if and only if every detetminant is a
candidate key(ie)for every x->y,x is candidate key.

Example:

Suppose each student may maior in several areas .each student has one tutor for each
area.each area has several tutors but tutor advices in only one area each tutor advices
several students in an area.

Table name: student-staff

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 27

UNIT –III DBMS

STUDENT NO AREA STAFF NO

12MC01 CSE 234
12MC02 IT 345
12MC01 SE 456
12MC02 BME 678
12MC03 IT 567

The schema is in third normal form because there are no partial dependencies and no
interdata dependency and hence anamolies will raise.

Suppose the data 12MC01 changes one of the major form computer science to
information system.By doing this changes, we loss information about staff number 234
tutor on CSE.this is an anamolies.

To insert a new row to establish the fact, staff number 789 an computer
science.We cannot do this until atleast one student take this area as the major. This is an
insertion anamoly.

Suppose ,12MC03 withdraw from the major. If removing the redundant

row we lose information about staff no 567.This is an deletion anamoly .

These anamoly occur bscause there are two overlapping candidate key
occur.So BCNF indentify this problem and purpose to solution.

Every table has only one candidate key. The above relation can be
represented in BCNF by splitting the table into two relations called student number.,staff
In one relation, here staff number is refered as second relation with area which is as
below.

STUDENT NUMBER STAFF NUMBER

12MC01 234
12MCO2 345
12MCO1 456
12MCO2 678
12MCO3 567

STAFF NUMBER AREA

234 CSE
345 IT
456 SE
678 BME
567 IT

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 28

UNIT –III DBMS

Fourth Normal Form:

To improve the database design, by decomposing this schema into fourth normal form
decomposition.

A relation schema R is in fourth normal form(4NF) with respect to a set D of functional and
multivalve dependencies if ,for all multivalve dependencies in D+ of the form A->-->B.

Hold:

 A-->B is a trivial multivalued dependency.

 A is a superkey for schema R.

A database design is in 4NF if each member of the set of relation schemas that constitutes
the design is in 4 NF.

The table set to be 4NF if and only if it’s in BCNF and multivalve dependency or functional
dependency.

4NF remove unwanted data structures it includes null values.

All multivalve dependency must be changed from non – trivial to trivial.

Example:

Car Color Engine

C1 Red F3.2L
C1 Red F4.5L
C1 White F3.2L
C1 White F4.5L
C1 Blue F3.2L
C1 Blue F4.5L
C2 Red C3.2L
C2 Red C4.5L
C2 Green C3.2L
C2 Green C4.5L

In the above table primary key identifier is car, color, and engine. None of the attributes of
dependencies of other attributes there is any possible dependencies or decomposition.

Each color for each car is paired with each engine, size for each car and this continuous. With
every other car, in the restated car this car reduces in the relational.

If a row is deleted from the table car,”c1” comes for the row of the table this type of reduces
by multivalve decomposition. Suppose there is a relation R of set of attribute S that contain
multivalve dependencies X ->> Y.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 29

UNIT –III DBMS

The remaining attribute of relation R called Z; X ->> Y is multivalve dependencies.

Two tables:-

Car color:

Car Color
C1 Red
C1 White
C1 Blue
C2 Red
C2 Green

Car Engine:

Car Engine
C1 F3.2L
C1 F4.5L
C2 C3.2L
C2 C4.5L

When this table structure we can determine the 4NF. For example, Red, C1 car can have
either “F3.2L”, “F4.5L”. However to delete one piece of (row) information do not actually
lose the information as oppressed to when a row is eliminate from the original relation.

Prepared by Mrs.D.Maladhy (AP/IT/RGCET) Page 30