ASSIGNMENT -4

SUBMITTED TOMR. JITENDER SINGH

SUBMITTED BYSURENDRA MCA 3rd SEM D-3804

A15 10806601

Part A Q1:-> What benefit does strict two –phase locking provide? What disadvantages result? Ans. Strict Two-Phase Locking (Strict 2PL) The most widely used locking protocol, called Strict Two-Phase Locking, or Strict 2PL,has two rules. The first rule is (1) If a transaction T wants to read (respectively, modify) an object, it first requests a shared (respectively, exclusive) lock on the object. Of course, a transaction that has an exclusive lock can also read the object; an additional shared lock is not required. A transaction that requests a lock is suspended until the DBMS is able to grant it the requested lock. The DBMS keeps track of the locks it has granted and ensures that if a transaction holds an exclusive lock on an object, no other transaction holds a shared or exclusive lock on the same object. The second rule in Strict 2PL is: 2. All locks held by a transaction are released when the transaction is completed. Benefits:  Strict 2PL allows only serializable schedules. Additionally, it simplifies transaction aborts (Non-strict) 2PL also allows only serializable schedules, but involves more complex abort processing A transaction always reads a value written by a committed transaction; therefore, one never has to abort a transaction because its calculations were based on a file it should not have seen.  

The disadvantage of the two phase locking protocol is that they are prone to deadlocks.a deadlocks situation is said to occur when a set of transaction is unable to proceed because each of them is waiting for one or more transactions to release some locks. Different DBMS use techniques to detect,prevent and avoid deadlocks.here only deadlock detection is discussed.

Q2:-> Most implementations of database systems use strict two –phase locking. Suggest three reasons for the popularity of this protocol?

Ans. A transaction always reads a value written by a committed transaction; therefore, one never has to abort a transaction because its calculations were based on a file it should not have seen. All lock acquisitions and releases can be handled by the system without the transaction being aware of them; lock are acquired whenever a file is to be accessed and released when a transaction has finished.

Q3:-> In multiple granularity locking, What is the difference between implicit and explicit locking ? Ans.: Implicit: one that is automatically set on the data object type as required by the SAS operation. The operation has default locking requirements that are affected by two factors: the data object that is being accessed and the way that the object is accessed. For example, the DATA step with a MODIFY statement accesses an observation for update by default. Exlicit: Explicit lock requests need to be issued if a different kind of lock is required during an operation. For example, if an X lock is to acquired before a FETCH it has to be explicitly requested for.

Q4:-> Illustrate the deadlock handling concept? Give the approaches for preventing the deadlocks? Ans. Consider the following example: transaction T1 gets an exclusive lock on object A,T2 gets an exclusive lock on B, T1 requests an exclusive lock on B and is queued,and T2 requests an exclusive lock on A and is queued. Now, T1 is waiting for T2 to release its lock and T2 is waiting for T1 to release its lock! Such a cycle of transactions waiting for locks to be released is called a deadlock Preventation: We can prevent deadlocks by giving each transaction a priority and ensuring that lower priority transactions are not allowed to wait for higher priority transactions (or vice versa). One way to assign priorities is to give each transaction a timestamp when it starts up. The lower the timestamp, the higher the transaction’s priority, that is, the oldest transaction has the highest priority. Wait-die: If Ti has higher priority, it is allowed to wait; otherwise it is aborted.

Wound-wait: If Ti has higher priority, abort Tj; otherwise Ti waits. Q6:-> Discuss the various types of failures. What is meant by catastrophic failure? Ans. THE WHOLE DATABASE AND the logs are periodically copied onto an offline nonvolatile storage medium. In case of a catastrophic system failure,the backup copy is restored and the system can be restored. This means the crash that recovery can not be done. The data can not be recovered. Q7:->compare the deferred and immediate modifications versions of the log based recovery scheme in terms of ease of implementation and overhead cost? Ans. deferred-modification technique: Recall that a transaction is said to be partially committed once the final action of the transaction has been executed. The version of the deferred-modification technique that we describe in this section assumes that transactions are executed serially. Immediate: The immediate-modification technique allows database modifications to be output to the database while the transaction is still in the active state. Data modifications written by active transactions are called uncommitted modifications. In the event of a crash or a transaction failure, the system must use the old-value field of the log records described in Section 17.4 to restore the modified data items to the value they had prior to the start of the transaction. The undo operation, described next, accomplishes this restoration. Before a transaction Ti starts its execution, the system writes the record <Ti start> to the log. During its execution, any write(X) operation by Ti is preceded by the writing of the appropriate new update record to the log. When Ti partially commits, the system writes the record <Ti commit> to the log.

Part B Q1:-> Which account is designated as the owner of a relation? What privileges does the owner of a relation have? Ans. A user who has been granted some form of authorization may be allowed to pass on this authorization to other users. However, we must be careful how authorization may be passed among users, to ensure that such authorization can be revoked at some future time. Consider, as an example, the granting of update authorization on the loan relation of the bank database. Assume that, initially, the database administrator grants

update authorization on loan to users U1, U2, and U3, who may in turn pass on this authorization to other users. The passing of authorization from one user to another can be represented by an authorization graph. The nodes of this graph are the users. The graph includes an edge Ui → Uj if user Ui grants update authorization on loan to Uj . The root of the graph is the database administrator. In the sample graph in Figure 6.6, observe that user U5 is granted authorization by both U1 and U2; U4 is granted authorization by only U1.

Types of privileges:

1. The account level: At this level, the DBA specifies the particular privileges that each account holds independently of the relations in the database. 2. The relation (or table) level: At this level, we can control the privilege to access each individual relation or view in the database.

Q2:-> What are digital signatures? How do they work? Ans. : digital signature are realted to public key cryptography,but reverse the role of public and private keys. A sender can encrypt and digitally sign a message wth her secret key. When the message is received, the recipient can decrypt it with the sender’s public key, as the sender is the only person with the access to the secret key. The recipient can be fairly certain from whom the message came and that it has not been altered. Digital signature can be really useful. They let the recipient be sure that the message has not been tampered with and they make it difficult for the sender to repudiate,or deny sending the message.. A public key encryption is fairlyslow for large message,another type of algorithm called a hash function,is usually used to improve efficiency.

It works: A digital signature is nothing more than a number- a serial number that is cryptography produced and digitally verified. PGP Example: PGP digital signature can perform two different function,both very important to the security of y our communication. • Integrity

aunthentication

Q3:-> Discuss the several techniques for enforcing the security in the database systems?

Ans.. Database security refers to protection from malicious access. Absolute protection of the database from malicious abuse is not possible, but the cost to the perpetrator can be made high enough to deter most if not all attempts to access the database without proper authority. To protect the database, we must take security measures at several levels: • Database system. Some database-system users may be authorized to access only a limited portion of the database. Other users may be allowed to issue queries, but may be forbidden to modify the data. It is the responsibility of the database system to ensure that these authorization restrictions are not violated. • Operating system. No matter how secure the database system is, weakness in operating-system security may serve as a means of unauthorized access to the database. • Network. Since almost all database systems allow remote access through terminals or networks, software-level security within the network software is as important as physical security, both on the Internet and in private networks. • Physical. Sites with computer systems must be physically secured against armed or surreptitious entry by intruders. • Human. Users must be authorized carefully to reduce the chance of any user giving access to an intruder in exchange for a bribe or other favors. Q4:-> Illustrate the concept of recovery with single and concurrent transactions with the help of example? Ans. concurrent transactions: The recovery scheme must also provide high availability; that is, it must minimize the time for which the database is not usable after a crash. we considered recovery in an environment where only a single transaction at a time is executing. We now discuss how we can modify and extend the log-based recovery scheme to deal with multiple concurrent transactions. Regardless of the number of concurrent transactions, the system has a single disk buffer and a single log. All transactions share the buffer blocks.We allow immediate modification, and permit a buffer block to have data items updated by one or more transactions.