CH 6
CH 6
CH 6
discuss how views and permissions can be used to restrict access to sensitive
data in relational database systems
2 of 30
4 of 30
5 of 30
7 of 30
8 of 30
9 of 30
Relationships between entities and events, both of which are represented in the
database by means of data sets, can be of three types, referred to as the relationship
cardinality. One-to-one (1:1), one-to-many (1:M), and many-to-many (M:M)
relationships are the three relationship types; the shorthand for depicting each
relationship type is shown in parentheses. Consider the relationship between the
"department" and "manager" entities. A 1:1 relationship between departments and
managers implies that each department can have one and only one manager and each
manager can manage one and only one department. Now consider the relationship
between the "salespersons" and "customers" entities. A 1:M relationship between
salespersons and customers means that each salesperson can have many customers
but every customer is assigned to exactly one salesperson. Note that a 1:M relationship
can be interpreted as a M:1 relationship when read from the opposite direction. Thus,
the relationship from customers to salespersons is a M:1 relationship (many customers
have one salesperson). A M:M relationship between salespersons and customers
10 of 30
Relationship
1:1
1:M
M:M
Relationship Types
Explanation
One-to-one (e.g., one professor in one office)
One-to-many (e.g., one advisor has many students)
Many-to-many (e.g., a class has many students, and
a student can be in many classes)
11 of 30
The resulting tables are SALES-REGIONS, CUSTOMERS, SALES-ORDERS, ITEMSORDERED, COLLECTIONS, ORDERS-COLLECTIONS, and ITEMS. The arrows in the
figure are drawn to point out the links between tables (i.e., the common fields between
tables). The single and double headed arrows signify "1" and "M" relationships as
before. The convention we will use to indicate the primary key in a table is by
underlining it. Obviously, there will be two (or more) fields underlined in the case of a
composite primary key.
Recall that we introduced the concept of a "foreign key" earlier in the chapter. Let us
revisit that concept in the context of the relational model. To repeat, a foreign key is
either a non-key attribute in a table that is a primary key in a related table or an element
of a composite key in a table that is a primary key in a related table. The "related table"
is in effect the "master" table for that key field. In the above set of tables, the
CUSTOMER-NO and REGION-NO fields in the SALES-ORDERS table represent one
variant of the foreign key concept -- they are non-key attributes in the SALES-ORDERS
table, but each of them are primary keys in a related table. CUSTOMER-NO is the
primary key in the CUSTOMERS table, and REGION-NO is the primary key in the
SALES-REGIONS table. "CUSTOMERS" is considered to be the "master" table for the
12 of 30
15 of 30
Validation Rules
Greater than a minimum and/or less than a
Range test
maximum value?
Validity test
One of the acceptable values for this field?
Length test
Correct number of digits entered?
Valid combinations Correct mathematical or logical relationship
test
between fields in a table?
17 of 30
18 of 30
In addition to QBE and SQL, two other RDBMS tools are noteworthy. Most RDBMS
include a report writer which can be used to create custom reports formatted to the
user's specifications. The user simply indicates which table or view to use as the input
and can determine the precise nature of the report. The fields to total, at what points to
provide subtotals, the header and footer for each page, and the end of report summary
information are some examples of the report characteristics that the user can control.
The second useful RDBMS tool is the forms editor which can be used to create custom
data input forms. Rather than using the table itself to enter data, users (especially
novice users) can be provided with easy to use forms that simplify the process of
entering and retrieving data. Forms can be designed to supply default values for fields
and for specifying custom formats to facilitate data entry. Other than simply for data
input, forms also represent the user-interface component of powerful custom
applications that can be developed using the RDBMS' programming tools. Program
code modules can be associated with buttons on forms such that a whole series of
actions are automatically executed when the user clicks on a button after entering data
into form fields. This use of forms will be discussed in the next chapter. Shown below is
an example of a Microsoft Access form, used to add, update, and delete information
about customers.
19 of 30
20 of 30
Query no. 2:
SELECT CUSTOMERS.NAME, CUSTOMERS.PHONE
FROM CUSTOMERS, SALES
WHERE CUSTOMERS.CUSTOMERNO = SALES.CUSTOMERNO AND
SALES.SALESPERSON = "John Doe";
Query no. 3
SELECT CUSTOMERS.NAME, CUSTOMERS.BALANCE
FROM CUSTOMERS, SALES, ITEMS_SOLD
WHERE CUSTOMERS.CUSTOMERNO = SALES.CUSTOMERNO
AND SALES.INVOICENO = ITEMS_SOLD.INVOICENO
AND ITEMS_SOLD.ITEMNO = 1250;
The statements shown above use the syntax <table-name.field-name> to jointly refer to
both a field and the table in which the field appears. Joins are performed by indicating
which fields in the two tables should equal one another (i.e., which fields are common
between the two tables). In query number 3 above, the WHERE clause specifies (1) the
two joins neededbetween CUSTOMERS and SALES using CUSTOMERNO and
between SALES and ITEMS_SOLD using INVOICENO and (2) the criterion involving
21 of 30
DBMS Languages
Language/tool
Explanation
Used to create tables, set
permissions on tables, define
DDL - Data Definition Language validation rules in tables, and
perform other functions such as
backup.
Embedded into application
programs written in a third or
DML - Data Manipulation
fourth generation language. The
Language
DML statements allow the
program to interface with the
database.
General term for user-oriented
interfaces to the database to
DQL - Data Query Language
enable end users to obtain
answers to ad hoc questions.
A widely accepted standard
relational database query
language. Command line interface
SQL - Structured Query Language
using four main operators -SELECT, INSERT, UPDATE, and
DELETE.
Graphical interface for querying.
User is presented with a shell of a
table to be queried in which the
QBE - Query By Example
user can enter an example of what
he/she is looking for as a means
of querying the table.
Allows custom reports to be
Report Writer
generated from tables in a very
user-friendly intuitive manner.
Permit the creation of user-friendly
interfaces to tables. Forms can be
Forms Editor
made to appear like the
documents and paper forms that
are familiar to the user.
22 of 30
23 of 30
Summary
The chapter began by contrasting the older file-oriented approach with the database
approach. Drawbacks of the file-oriented approach and advantages and limitations of
the database approach were discussed. Key database concepts such as primary,
concatenated, and foreign keys were described. The various types of relationships such
as 1:1, 1:M, and M:M relationships were then explained. The relational model was then
explored in detail. Rules for relations, entity and referential integrity, and validation
rules for relational database systems were explained. The process of restricting access
24 of 30
Key Terms
Composite key
Concatenated key
Concurrency control
Data definition language
Data dictionary
Data independence
Data manipulation language
Data query language
Database approach
Dynamic backup
Encapsulation
Entity integrity
File-oriented approach
Foreign key
Forms editor
Inheritance
Object-oriented
Redundant array of inexpensive disks
Referential integrity
Relationship cardinality
Report writer
Static backup
Structured query language (SQL)
25 of 30
dBase - one of the earliest (and still around) RDBMS for the personal computer
Base the database software that is part of the Apache OpenOffice suite
Oracle 12c the latest version of Oracle's database, the industry leader in
RDBMS technology.
Other sites
26 of 30
Discussion Questions
1. Briefly describe the file-oriented approach to data processing.
2. Provide an overview level description of the database approach to data
processing.
3. Distinguish between the file-oriented and database approaches in terms of their
relative advantages and disadvantages.
4. What do you understand by the term "legacy systems."
5. Explain the concept of data independence.
6. Giving examples, explain the concept of foreign keys.
7. Indicate the key features of the object-oriented model.
8. How are many-to-many relationships represented in the relational model?
Explain in the context of the following scenario: an employee can be working on
many projects, and a project can have many employees working on it.
9. What are the rules to which tables must conform in the relational model?
10. Giving examples, explain the concepts of entity and referential integrity.
11. What are data validation rules? Why are validation rules in database
environments superior to application controls in a file-oriented environment?
12. Explain the methods by which access to sensitive data in a relational database
can be restricted.
13. Explain the concept of the "data dictionary." Why do auditors find the data
dictionary useful?
14. What are the three broad categories of database languages? Briefly indicate the
function of each language type.
15. Describe the four major SQL operators.
16. Distinguish between static and dynamic database backup. Explain the function of
RAID.
17. Giving examples, explain the concept of concurrency control in database
environments.
27 of 30
CUSTOMER# NAME
456
457
458
459
460
ADDRESS1
STATE
TX
NY
FL
TX
CA
STR BALANCE
6.25
6.50
6.45
6.25
5.50
34560.65
2145.90
45670.75
21009.50
4561.00
INVOICES
INVOICE# DATE
1001
11-1-95
1002
11-2-95
11-2-95
1003
11-2-95
1004
11-3-95
CUSTOMER#
456
457
460
459
450
AMOUNT
450.75
560.25
300.10
890.25
425.50
INVOICE-ITEMS
INVOICE#
1001
1001
1002
1003
1003
1006
ITEM#
121
540
211
121
121
348
DESC
Widget
Bolt
Gear
Widget
Widget
Nut
PRICE
2.25
0.40
3.70
2.25
2.25
0.25
QTY
45
25
10
15
10
5
Required:
a) List all violations of entity integrity in the above tables.
b) List all violations of referential integrity in the above tables.
29 of 30
30 of 30