Title: Data and Applications Security Developments and Directions
1Data and Applications Security Developments and
Directions
- Dr. Bhavani Thuraisingham
- The University of Texas at Dallas
- Lecture 2
- Supporting Technologies Data Management
- January 13, 2005
2Objective of the Unit
- This unit will provide an overview of the
concepts and developments in data management - Reference Data Management Systems Evolution and
Interoperation, Thuraisingham, CRC Press, 1997
3Outline of the Unit
- Concepts in database systems
- Types of database systems
- Distributed Data Management
- Heterogeneous database integration
- Federated data management
4Concepts in Database Systems
- Definition of a Database system
- Early systems
- Metadata
- Architectural Issues
- Schema, Functional
- DBMS Design Issues
- Other Issues
- Database design, Administration
5Database System
- Consists of database, hardware, Database
Management System (DBMS), and users - Database is the repository for persistent data
- Hardware consists of secondary storage volumes,
processors, and main memory - DBMS handles all users access to the database
- Users include application programmers, end users,
and the Database Administrator (DBA) - Need Reduced redundancy, avoids inconsistency,
ability to share data, enforce standards, apply
security restrictions, maintain integrity,
balance conflicting requirements - We have used the definition of a database
management system given in C. J. Dates Book
(Addison Wesley, 1990)
6An Example Database System
Adapted from C. J. Date, Addison Wesley, 1990
7Metadata
- Metadata describes the data in the database
- Example Database D consists of a relation EMP
with attributes SS, Name, and Salary - Metadatabase stores the metadata
- Could be physically stored with the database
- Metadatabase may also store constraints and
administrative information - Metadata is also referred to as the schema or
data dictionary
8Three-level Schema Architecture Details
User B2
User A1
User A2
User A3
User B1
External Schema B
External Model A
External Schema A
External Model B
External/Conceptual Mapping A
External/Conceptual Mapping B
Conceptual Model
Conceptual Schema
Conceptual/Internal Mapping
Stored Database Internal Model
Internal Schema
9Functional Architecture
Data Management
User Interface Manager
Schema (Data Dictionary) Manager (metadata)
Security/ Integrity Manager
Query Manager
Transaction Manager
Storage Management
File Manager
Disk Manager
10DBMS Design Issues
- Query Processing
- Optimization techniques
- Transaction Management
- Techniques for concurrency control and recovery
- Metadata Management
- Techniques for querying and updating the
metadatabase - Security/Integrity Maintenance
- Techniques for processing integrity constraints
and enforcing access control rules - Storage management
- Access methods and index strategies for efficient
access to the database
11Other Issues
- Database design
- Generally a two-step process
- Semantic data model to capture the entities of
the application and the relationships between the
entities - Generate the conceptual schema theory of normal
forms for relational databases - Research on object-oriented approaches for
database design - Database Administration
- Creating and deleting databases backup and
recovery, enforcing policies, auditing, etc.
12Types of Database Systems
- Relational Database Systems
- Object Database Systems
- Deductive Database Systems
- Other
- Real-time, Secure, Parallel, Scientific,
Temporal, Wireless, Functional,
Entity-Relationship, Sensor/Stream Database
Systems, etc.
13Relational Database Informal Overview
- Collection of tables also called relations
- Table has one or more columns also called
attributes - Each table has zero or more rows also called
tuples - Elements of a row take values from a pool of
legal values - The values of one or more columns in a row
uniquely identify the row. These columns form an
identifier (also called key) - One identifier is designated as the unique
identifier (also called primary key) - Querying relational databases using language
called SQL (Structured Query Language)
14Relational Database Example
Relation S S SNAME STATUS CITY S1 Smith
20 London S2 Jones 10
Paris S3 Blake 30
Paris S4 Clark 20 London S5
Adams 30 Athens Relation P P
PNAME COLOR WEIGHT CITY P1 Nut
Red 12 London P2 Bolt
Green 17 Paris P3 Screw
Blue 17 Rome P4 Screw
Red 14 London P5 Cam
Blue 12 Paris P6 Cog
Red 19 London
Relation SP S P QTY S1 P1
300 S1 P2 200 S1 P3 400 S1 P4
200 S1 P5 100 S1 P6 100 S2
P1 300 S2 P2 400 S3 P2
200 S4 P2 200 S4 P4 300 S4 P5
400
15Concepts in Object Database Systems
- Objects- every entity is an object
- Example Book, Film, Employee, Car
- Class
- Objects with common attributes are grouped into a
class - Attributes or Instance Variables
- Properties of an object class inherited by the
object instances - Class Hierarchy
- Parent-Child class hierarchy
- Composite objects
- Book object with paragraphs, sections etc.
- Methods
- Functions associated with a class
16Example Class Hierarchy
ID Name Author Publisher
Document Class
Method2
Method1
Print-doc(ID)
Print-doc-att(ID)
Journal Subclass
Book Subclass
of Chapters
Volume
B1
17Example Composite Object
Composite Document Object
Section 2 Object
Section 1 Object
Paragraph 1 Object
Paragraph 2 Object
18Deductive Database Systems
- Database systems augmented with inference engines
to deduce new data from existing data and rules - Example
- Rule parent of a parent is a grandparent
- Data John is Janes parent Jane is Roberts
parent - From the above, infer John is Roberts
grandparent - Loose and tight coupling architectures between
the database system and inference engine
19A Definition of a Distributed Database System
- A collection of database systems connected via a
network - The software that is responsible for
interconnection is a Distributed Database
Management System (DDBMS) - Each DBMS executes local applications and should
be involved in at least one global application
(Ceri and Pelagetti) - Homogeneous environment
20Architecture
21Distributed Processor
Network Interface
Distributed Query/Update Processor
Distributed Transaction Manager
Integrity/ Security Manager
Distributed Metadata Management
Local DBMS Interface
22Data Distribution
S
I
T
E
1
E
M
P
1
D
E
P
T
1
D
S
S
N
a
m
e
S
a
l
a
r
y
D
n
a
m
e
D
M
G
R
1
0
1
J
o
h
n
2
0
1
0
J
a
n
e
C
.
S
c
i
.
2
0
2
P
a
u
l
3
0
2
0
3
J
a
m
e
s
4
0
3
0
D
a
v
i
d
E
n
g
l
i
s
h
2
0
4
J
i
l
l
5
0
4
0
P
e
t
e
r
F
r
e
n
c
h
1
0
6
0
5
M
a
r
y
2
0
6
J
a
n
e
7
0
S
I
T
E
2
E
M
P
2
D
E
P
T
2
S
S
N
a
m
e
S
a
l
a
r
y
D
D
n
a
m
e
D
M
G
R
9
M
a
t
h
e
w
7
0
5
0
5
0
J
o
h
n
M
a
t
h
D
a
v
i
d
8
0
3
0
7
P
h
y
s
i
c
s
P
a
u
l
2
0
P
e
t
e
r
9
0
4
0
8
23Distributed Database Functions
- Distributed Query Processing
- Optimization techniques across the databases
- Distributed Transaction Management
- Techniques for distributed concurrency control
and recovery - Distributed Metadata Management
- Techniques for managing the distributed metadata
- Distributed Security/Integrity Maintenance
- Techniques for processing integrity constraints
and enforcing access control rules across the
databases
24Query Processing Example (Concluded)
DQP (Distributed Query Processor)
Network
DQP
DQP
DQP
DBMS 3
DBMS 1
DBMS 2
EMP1 (20) EMP3 (50) DEPT3 (30)
EMP2 (30) DEPT2 (20)
EMP1 (20)
Query at site 1 Join EMP and DEPT on D Move
EMP2 to site 3 Merge EMP1, EMP2, EMP3 to form
EMP Move DEPT2 to site 3 Merge DEPT2 and DEPT3
to form DEPT Join EMP and DEPT Move result to
site 1
25Transaction Processing Example
DTM (Distributed Transaction Manager)
responsible for executing the distributed transact
ion
Issues Concurrency control Recovery Data
Replication
Site 1 Coordinator
Transaction Tj
Subtransaction Tj4
Subtransaction Tj2
Subtransaction Tj3
Site 2 Participant
Site 4 Participant
Site 3 Participant
Two-phase commit Coordinator queries
participants whether they are ready to
commit If all participants agree, then
coordinator sends request for the participants to
commit
26Interoperability of Heterogeneous Database Systems
Database System A
Database System B
(Relational)
(Object- Oriented)
Network
Transparent access to heterogeneous databases -
both users and application programs Query,
Transaction processing
Database System C (Legacy)
27Technical Issues on the Interoperability of
Heterogeneous Database Systems
- Heterogeneity with respect to data models,
schema, query processing, query languages,
transaction management, semantics, integrity, and
security policies - Interoperability based on client-server
architectures - Federated database management
- Collection of cooperating, autonomous, and
possibly heterogeneous component database
systems, each belonging to one or more
federations
28Different Data Models
Network
Node A
Node B
Node C
Node D
Database
Database
Database
Database
Network Model
Object- Oriented Model
Relational Model
Hierarchical Model
Developments Tools for interoperability
commercial products Challenges Global data
model
29Schema Integration and Transformation An approach
External Schema III
External Schema I
External Schema II
Global Schema Integrate the generic schemas
Generic schema describing the relational database
Generic schema describing the network database
Generic schema describing the hierarchical databas
e
Generic schema describing the object-oriented data
base
Schema describing the network database
Schema describing the hierarchical database
Schema describing the object-oriented database
Schema describing the relational database
Challenges Selecting appropriate generic
representation maintaining
consistency during transformations
schema evolution
30Semantic Heterogeneity
- Semantic heterogeneity occurs when there is a
disagreement about the meaning or interpretation
of the same data
Object O
Challenges Standard definitions Repositories
Node A
Node B
Database
Database
Object O interpreted as a passenger ship
Object O interpreted as a submarine
31Federated Database Management
Database System A
Database System B
Federation F1
Cooperating database systems yet maintaining some
degree of autonomy
Federation F2
Database System C
32Autonomy
component A honors the local request first
request from component
local request
Component A
Component B
Challenges Adapt techniques to handle autonomy
- e.g., transaction processing, schema
integration transition research to products
communication through federation
component A does not communicate with component C
Component C
33Schema Integration and Transformation in a
Federated Environment
External
External
External
External
Schema 1.2
Schema 2.1
Schema 2.2
Schema 1.1
Federated Schema
Federated Schema
for FDS - 1
for FDS - 2
Export Schema I
Export Schema II
Export Schema
Export Schema
for Component B
for Component C
for Component A
for Component B
Generic Schema
Generic Schema
Generic Schema
for Component B
for Component A
for Component C
Component Schema
Component Schema
Component Schema
for Component A
for Component B
for Component C
Local
Local
Schema 2
Schema 1
Adapted from Sheth and Larson, ACM Computing
Surveys, September 1990
34Federated Data and Policy Management
Data/Policy for Federation
Export
Export
Data/Policy
Data/Policy
Export
Data/Policy
Component
Component
Data/Policy for
Data/Policy for
Agency A
Agency C
Component
Data/Policy for
Agency B
35Current Status and Directions
- Developments
- Several prototypes and some commercial products
- Tools for schema integration and transformation
- Standards for interoperable database systems
- Challenges being addressed
- Semantic heterogeneity
- Autonomy and federation
- Global transaction management
- Integrity and Security
- New challenges
- Scale
- Web data management