Unit V (Integrity constraints)

Integrity constraints

G.S.Gupta, PCMS

The constraints means the rule and regulation for the data. Such as an entity contains three
attribute (rollno, name, dob) and constraints for the rollno is rollno>10 . it means if any
user feed the rollno <10 then is will not be inserted in to the data.
The major types of integrity constraints are domain constraints, entity integrity, and
referential integrity and action assertions.
Domain constraints
All of the values that appear in a column of a relation must be taken from the same
domain. A domain is the set of values that may be assigned to an assigned . A domain
definition usually conists of the components such as domain name, meaning, data type and
size and allowable values or range.
Attribute
Customer_id

Domain name
Customer_ids

Customer_name

Customer_name

Customer_city

Customer_city

Description
Set
of
all
customers id
Set of all customer
name
Set of all cities

Domain
Character size 8
Character size 25
Charter size 20

Entity integrity constratins

This rule is designed to assure that every relation has a primary key and that the data values
for that primary key are all valid. i.e. every primary key is not null. But in some case a
particular attribute can not be assigned a data value.
There are two situation where this
one is likely occur.: either there is no applicable data values or the applicable data values is
not known when values are assigned.
NULL is a value that may be assigned to an attribute when no other values applies or when
the applicable value is unknown.
So the entity integrity rule states the following No primary key attribute may be NULL.
Referential integrity constraints
A Referential integrity constraints is a rule that maintains consistency among the rows of
two relation. The rule states that if there is a foreign key in one relation , either each foreign
key value must match a primary key value in another relation or the foreign key value must
be null.
Customer
Customer_id
order
Order_id

Customer_name

Order_date

Order line
Order_id Product id
product
Product_id

Address

City

State

Zip

Customer_id

Company

Product_description

Product_finisth

Standard_price

On_hand

Action Assertions
It is a statement of a constraints or control on the action of the organization. An action
assertion is the property of some business rule and states under what condition a particular
action can be performed on which business rule.( A business rule can be as simple as the
definition of an entity type, relationship or attribute)

Page :1

Unit V (Integrity constraints)

G.S.Gupta, PCMS

Security and authorization

The database should be protect from the unauthorized access and malicious alteration. In
addition to the protection against accidental introduction of inconsistency that integrity
constraints provide.
Security violation
There are several forms of security violation
a.
unauthorized reading of data
b.
unauthorized modification of data
c.
unauthorized destruction of data
the database security referes to the protection from malicious access. Absolute protection of
the database from malicious abuse is not possible but the cost to the perpetrator can be
made high enough to deter most if not all attempts to access the database without proper
authority.
To protect the dabase the security measures at several levels.
1.

database system
some database system users may be authorized to access only a limited portion
of the database. Other users may be allowed to issue queries, ;but may be
forbidden to modify data. It is the responsibility of the database system to ensure
that these authorization restriction are not violated.

2.

Operating system
No matter how secure the database system is , weakness in operating sytem
security may serve as a means of unauthorized access of the dataase

3.

network
Since all most all database system allow remote access through terminals or
networks , software level security within the network software is as important as
physical security , both on the internet and private networks.
4.
Physical
Sites with computer system must be physically secured against arms or
surreptitious entry by intruders.
5.
Human
Users must be authorized carefully to reduce the chance of any user giving access
to an intruder in exchange for a bribe or other favors.
Security at all these levels must be maintaind if database security is to be ensured. A
weakness at low level security allows circumvention of strict high level security measures.

Access control
In addition to handling such concern any organization need to address five areas regard to
achieving high data quality.
1.

security policy and disaster recovery

the org. must establish security policies and make detailed disaster recovery
plans. It should determine how the organization is going to maiontain a secure
system. Disaster recovery will determine how the organization will continue to
function should an emergency situation such as flood or fire.

2.

Personnel control
Monitoring to ensure that the personnel are following established practices ,
taking regular vacation , working with other employees , and so forth should be
followed. Employee should be trained in those aspects of security and quality that

Page :2

Unit V (Integrity constraints)

3.

4.

5.

G.S.Gupta, PCMS

are relevant to their jobs and be encouraged to be aware of and follow standard
security and data quality measures.
physical access control
limited access to particular areas within a building is usually a pat of controlling
physical areas. Sensitive equipment, including hardware and peripherals such as
printers can be controlled by placement in the secured areas. Other equippemnt
may be locked to a desk or cabinet, or may have an alarm attached. Backup
datatapes must be kept in fireproof data safes or at a safe location.
maintenance control
an area of control that helps to maintain data quality but that is often overlooked is
maintenance control. Organization should reveiew external maintenance
agreements for all hardware and software they are using to ensure that
appropriate response are agreed to for maintaining data quality.
data protection and privacy
it refers about the rights of individuals to not have personal information collected
and misestimated casually
have intensified as more of the population has
become familiar with omptuers and as communications among computes have
proliferated.

Concurrency control
The process of managing simultenous operations against a database so that data
integrity is maintained and the operations do not interfere with each other in a multiuser
environment.

Authorization
There are several form of authorization which

may assign on a part of database.

Read authorization
It allows reading, but not modification of data.
Insert authorization
Allows insertions of new data, but not modification of existing data.
Update authorization
Allows modification but not deletion of data
Delete authorization
Allows deletion of data
In addition to these forms of authorization for access to data, we may grant a user
authorization to modify database schema.
Index authorization
Allows the creation and deletion of indices.
Resource authorization
Allows the creation of new relations.
Alteration authorization
Allows the addition or deletion of attributes in a relation.
Drop authorization
Allows the deletion of relation.
The drop and delete authorization differ in that delete authorization allows deletion of records
only. If a user deleted all records in a relation the relation still exists but it is empty. If a
relation is dropped, it no longer exists.
Index authorization may appear unnecessary since creation or deletion of an index does not
alter data in relations. If index authorization were granted to all users, those performed
updated would be tempted to delete indices whereas those who issued queries would be
tempted to created numerous indices. To allow the administrator to regulate the use of
system resources, it is necessary to treat index creation as a privilege.
The database administrator may authorize new users; restructure the database and son on.
This form of authorization is analogous to that of a super user or operator for an operating
system.

Page :3

Unit V (Integrity constraints)

G.S.Gupta, PCMS

Authorization and views.

It is not desirable for all users to see the entire logical model. Security consideration may
require that certain data must be hidden form users. A view can hide the data that a user
does not need to see. The ability of views to hide data serves both to simplify usage of the
system and to enhance security. Views simplify system usage because they restrict the users
attention to the data of interest. Although a user may be denied direct access to a relation,
that user may be allowed to access part of that relation through a view. Thus a combination
of relational level security and view level security limits a users access to precisely that data
that the user needs.
A view can be created by using the following syntax
Create view viewname
( select fieldname1, fieldname2
Form tablename where condtion;)
Creation of a view does not require resource authorization. A user who creates a view does
not necessarily receive all privileges on that view. She receives only those privileges that
provide no additional authorization beyond those that she already had.
e.g. a user cannot be given update authorization on a view without having update
authorization on the relations used to define the view.

Encryption and decryption (Cryptography)

Encryption is the conversion of data into a form, called a cipher text that cannot be easily
understood by unauthorized people. Decryption is the process of converting encrypted data
back into its original form, so it can be understood.
The use of encryption/decryption is as old as the art of communication. In wartime, a cipher,
often incorrectly called a "code," can be employed to keep the enemy from obtaining the
contents of transmissions. (Technically, a code is a means of representing a signal without the
intent of keeping it secret; examples are Morse code and ASCII.) Simple ciphers include the
substitution of letters for numbers, the rotation of letters in the alphabet, and the
"scrambling" of voice signals by inverting the sideband frequencies. More complex ciphers
work according to sophisticated computer algorithms that rearranges the data bits in digital
signals.
In order to easily recover the contents of an encrypted signal, the correct decryption key is
required. The key is an algorithm that "undoes" the work of the encryption algorithm.
Alternatively, a computer can be used in an attempt to "break" the cipher.
Encryption/decryption is especially important in wireless communications. This is because
wireless circuits are easier to tap" than their hard-wired counterparts. Nevertheless,
encryption/decryption is a good idea when carrying out any kind of sensitive transaction, such
as a credit-card purchase online, or the discussion of a company secret between different
departments in the organization. The stronger the cipher that is, the harder it is for
unauthorized people to break it the better, in general. However, as the strength of
encryption/decryption increases, so does the cost.
Encryption has long been used by militaries and governments to facilitate secret
communication. Encryption is now used in protecting information within many kinds of civilian
systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones,
wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic
teller machines. Encryption is also used in digital rights management to prevent unauthorized
use or reproduction of copyrighted material and in software also to protect against reverse
engineering

Page :4