Entity Relationship Diagram

Example
E-R Diagram of Hospital Management System
Name

Address

Address

Department

Age

Name
P_id

D_id

1
Doctor

M
Treats

Ph.No

Patient
1

Gender
Ph.No
Gender

M
Issued

1
Assign

BILL NO.
Room_id
Doc_Charges
Bill

Room Charges

Type

Room
R.NO

What is an Enhanced ERD?

An enhanced entity-relationship model, also known as an extended entity-relationship
model, is a type of database diagram that's similar to regular ERDs. Enhanced ERDs are
high-level conceptual models that accurately represent the requirements of complex
databases.

Enhanced ERDs include the same concepts that ordinary ER diagrams encompass. In
addition, EERDs include:

Subtypes and supertypes (sometimes known as subclasses and superclasses)

Specialization or generalization
Attribute and relationship inheritance

SUPERTYPES & SUBTYPES

Supertype - an entity type that has a relationship with one or more subtypes.
Subtype - a subgroup of entities with unique attributes.
Every patient is cared for by a RESPONSIBLE_PHYSICIAN who develops a
treatment plan for the patient
Example: Patients
Each subtype also has unique attributes. Outpatients have a Checkback_Date, whilst
residents have a Date_Discharged and a unique relationship that assigns each patient to
a bed (this is a mandatory relationship, and each bed may or may not be assigned to a
patient)

GENERALIZATION & SPECIALIZATION

Generalization - the process of defining a general entity type from a collection

of specialized entity types.
Specialization - the inverse of generalization, since it defines subtypes of the
supertype and forms relationships between supertype and subtupe.

CONSTRAINTS

Disjoint Rule: An instance of the supertype can be only ONE of the subtypes
Overlap Rule: An instance of the supertype can simultaneously be a member of more

than one of the subtypes

Person_

Employee?

Address
Name

SSN

Sex

Date_of_
Birth

PERSON
Person_Type:

Salary
Employee
_Type

Employee?=Y

Student?=Y

Alumnus?=Y

EMPLOYEE

ALUMNUS

STUDENT

Date_Hired
Degrees

Student

Data RecoveryEmployee_Type=
& ProtectionYear

Date
Degree

d
Faculty

d
Staff

Grad

Unde

FACULTY

STAFF

GRADUATE
STUDENT

What is databaseRank
security?Position

Potential threats to computer system

Authorization and Authentication

Encryption

DBMSs and Web Security

Test_Score

Database security The mechanisms that protect

the database against intentional or accidental
threats.
Major areas of loss:
a. theft and fraud
b. loss of confidentiality
c. loss of privacy
d. loss of integrity
e.
loss of availability

Threats
Treat Any situation or event, whether intentional or accidental, that may
adversely affect a system and consequently the organization.
i.

Using another persons means of access

Illegal entry by hacker

ii.
iii.
iv.

v.

Creating trapdoor into system

Theft of data, programs, and equipment
Staff shortages or strikes
Inadequate staff training
Viewing and disclosing unauthorized data
Data corruption owning to power loss or surge

UNDER
STUD

C
Sta

vi.

Physical damage to equipment

Countermeasures Computer-Based Controls

Authorization and Authentication, Views Backup and Recovery, Integrity,
Encryption, RAID technology

Authorization and Authentication

Authorization The granting of a right or privilege that enables a
subject to have legitimate access to a system or a systems objects.
Authentication A mechanism that determines whether a user is who
he/she claims to be.
This usually involves a username and a password, but can include any
other method of demonstrating identity, such as a smart card, retina scan,
voice recognition, or fingerprints.
Security
It is common knowledge that the databases should be held secure, against
damages, unauthorized accesses and updatings. A DBMS typically includes a
database security and authorization subsystem that is responsible for the security
of the database against unauthorized accesses and attacks. Traditionally, two types
of security mechanisms are in use.
1. Discretionary security mechanisms: Here each user (or a group of users) is
granted privileges and authorities to access certain records, pages or files
and denied access to others. The discretion normally lies with the database
administer (DBA)
2. Mandatory security mechanisms: These are standard security mechanisms
that are used to enforce multilevel security by classifying the data into
different levels and allowing the users (or a group of users) access to certain
levels only based on the security policies of the organization.
Another type of security enforced in the statistical database security often
large databases are used to provide statistical informations about various
aspects like, say income levels, qualifications, health conditions etc. These are
derived by collecting a large number of individual data. A person who is doing

the statistical analysis may be allowed access to the statistical data which is
an aggregated data, but he should not be allowed access to individual data
Another concept is the creation of views. While the database record may
have large number of fields, a particular user may be authorized to have
information only about certain fields. In such cases, whenever he requests for
the data item, a view is created for him of the data item, which includes only
those fields which he is authorized to have access to. He may not even know
that there are many other fields in the records.
Backup and Recovery
Backup - The process of periodically taking a copy of the database and log file
on to offline storage media. Algorithm and
Journaling - The process of keeping and maintaining a log file (or journal) of all
changes made to the database to enable recovery to be undertaken effectively in
the event of a failure.

Encryption
Encryption - The encoding of the data by a special algorithm that renders the
data unreadable by any program without the decryption key.
Algorithm and
Plain-data
Plain-data
Encrypted data
Symmetric encryption - DES, IDEA, RC4, BlowFish, AES. Asymmetric
encryption - RSA, Diffie-Helman.

DBMSs and Web Security

Proxy servers, Firewalls, Message Digest Algorithms and Digital Signature,
Digital Certificates, SSL and S-HTTP

Proxy servers
Proxy servers is a computer that sits between a Web browser and a Web servers.
It intercepts all requests for web pages and saves them locally for some time.
Proxy server provides improvement in performance and filters requests.

Digital Certificates

Digital Certificate is an attachment to an electronic message used for security

purposes, most commonly to verify that a user sending a message is who he/she
claims to be, and provide the receiver with the means to encrypt a reply.
Secure Sockets Layer and Secure HTTP
SSL creates a secure connection between a client and a server, over which any
amount of data can be sent securely. S-HTTP is designed to transmit individual
messages securely. Both use asymmetric encryption
Recovery Methods
1. Mirroring keep two copies of the database and maintain them
simultaneously
2. Backup periodically dump the complete state of the database to some form
of tertiary storage

Recovery
System Logging the log keeps track of all transaction operations affecting the
values of database items. The log is kept on disk so that it is not affected by
failures except for disk and catastrophic failures
Recovery from Transaction Failures
Catastrophic failure
Restore a previous copy of the database from archival backup
Apply transaction log to copy to reconstruct more current state by redoing
committed transaction operations up to failure point
Incremental dump + log each transaction
Non-catastrophic failure
Reverse the changes that caused the inconsistency by undoing the operations
and possibly redoing legitimate changes which were lost
The entries kept in the system log are consulted during recovery.
No need to use the complete archival copy of the database