You are on page 1of 49

Data facts, text, graphics, images, sound, and video segments that have meaning in the user s environment.

Example: a listing of students Information data that have been processed in such a way as to increase the knowledge of the person who uses the data. Example: student data could be analyzed and summarized through the use of statistical measures. Metadata data that describe the properties or characteristics of other data but do not include that data. Some of these properties include data definitions, data structures, and rules or constraints.

NAME COURSE SECTION NAME SEMESTER GPA

TYPE TEXT INTEGER TEXT TEXT DECIMAL

LENGTH 20 1 20 10 4

DESCRIPTION COURSE NAME SECTION NUMBER STUDENT NAME SEMESTER AND YEAR STUDENT GRADE POINT AVERAGE

Character Field Record File Database an organized collection of logically related data. Data System employ a combination of persons, methods and materials to process raw data about an enterprise into significant information so as to provide a basis for management decision. Data Element general class or category of data also known as data item, data field or attributes. Key Data Element data element that uniquely identifies the record. Data Record collection of values taken by related data element. Data File collection of data records.
1. 2. 3. 4. 5.

Database Approach emphasizes the integration and sharing of data across the organization. This approach requires a major reorientation in thought process (paradigm shift), starting with top management. Database Application an application program (or set of related programs) that is used to perform a series of database activities(create, read, update, delete) on behalf of database users.

1. 2.

3. 4.

Personal databases designed to support one user. Workgroup databases databases wherein a relatively small team of people collaborate on the same project or application or on a group of similar projects or applications. Department databases designed to support the various functions and activities of a department. Enterprise databases databases whose scope is the entire organization or enterprise intended to support organization-wide operations and decision making. a. Enterprise resource planning(ERP) systems a business management system that integrates all functions of the enterprise, such as manufacturing, sales, finance, marketing, inventory, accounting, and human resources. b. Data warehouse an integrated decision support database whose content is derived from the various operational databases.

Legacy data data contained by a system used prior to the installation of a new system. 5. Extranet database database which uses Internet protocols to establish limited access to company data and information by the company s customers and suppliers. 6. Intranet database database which uses Internet protocols to establish access to company data and information that is limited to the organization. 7. Internet database database which uses Internet protocols to establish universal access to company data and information.

Program-data independence Data independence separation of data descriptions from the application programs that uses the data. 2. Minimal data redundancy 3. Improved data redundancy 4. Improved data sharing 5. Increased productivity of application development
1.

Enforcement of standards 7. Improved data quality Constraint a rule that cannot be violated by database users. 8. Improved data accessibility and responsiveness 9. Reduced program maintenance Maintenance refers to modifying or rewriting old programs to make them conform to new data formats, access methods and so forth.
6.

1. 2. 3. 4. 5.

New, specialized personnel Installation and management cost and complexity Conversion costs Need for explicit backup and recovery Organizational conflict

1. 2.

3.

Computer-Aided Software Engineering Tools (CASE) automated tools used to design databases and application programs. Repository centralized knowledge base containing all data definitions, screen and report formats, and definitions of other organizations and system components. Database Management System (DBMS) - commercial software system used to create, maintain and provide controlled access to the database and also to the repository. Database a shared collection of logically related data. Application programs computer programs that are used to create and maintain the database and provide information to users.

4. 5.

6. 7. 8. 9.

User interface languages, menus and other facilities by which users interact with various system components. Data Administrators persons who are responsible for the over-all information resources of an organization. System Developers persons such as system analysts and programmers who design new application programs. End Users persons throughout the organization who add, delete, and modify data in the database and who request or receive information from it.

Project Identification and Selection Enterprise data model Project Initiation and Planning

Analysis

Conceptual data model

Logical Database Design

Logical data model

Physical Database Design Technology model

Implementation

Databases and repositories Maintenance

1. 2.

3.

4.

5.

Enterprise modeling the first step in database development in which the scope and general contents of a database are specified. Conceptual database design analysis of the over-all data requirements for a specific information system. This system might be the topic of a particular user request to modify an existing system or to build a new system, or it might be the result of the identification of a new database from enterprise modeling. Logical database design perform the detailed review of the business processes supported by the database, analyze each individual report, transaction and so on. Physical database design and creation decide on the organization of the database in computer storage and define the physical structures to the database management system. Database implementation writing, testing and installing the programs that process the database for data capture and reporting.

6.

Database maintenance evolve the database. Add, delete, or change characteristics of the structure of a database in order to meet changing business conditions, to correct errors in database design made in earlier steps or to improve the processing speed of a database applications.

A database security manager is the most important asset to maintaining and securing sensitive data within an organization. Database security managers are required to multitask and juggle a variety of headaches that accompany the maintenance of a secure database. If you own a business it is important to understand some of the database security problems that occur within an organization and how to avoid them. If you understand the how, where, and why of database security you can prevent future problems from occurring.

Database Security Issues y Daily Maintenance: Database audit logs. These unauthorized applications are often difficult to identify and allow hackers acquire daily review to make certain that there has been no data misuse. This requires overseeing database privileges and then consistently updating user access accounts. A database security manager also provides different types of access control for different users and assesses new programs that are performing with the database. If these tasks are performed on a daily basis, you can avoid a lot of problems with users that may pose a threat to the security of the database.

y Varied Security Methods for Applications: More often than not

applications developers will vary the methods of security for different applications that are being utilized within the database. This can create difficulty with creating policies for accessing the applications. The database must also possess the proper access controls for regulating the varying methods of security otherwise sensitive data is at risk. y Post-Upgrade Evaluation: When a database is upgraded it is necessary for the administrator to perform a post-upgrade evaluation to ensure that security is consistent across all programs. Failure to perform this operation opens up the database to attack.

y Split the Position: Sometimes organizations fail to split the duties

between the IT administrator and the database security manager. Instead the company tries to cut costs by having the IT administrator do everything. This action can significantly compromise the security of the data due to the responsibilities involved with both positions. The IT administrator should manage the database while the security manager performs all of the daily security processes. y Application Spoofing: Hackers are capable of creating applications that resemble the existing applications connected to the database. These unauthorized applications are often difficult to identify and allow hackers access to the database via the application in disguise.

y Manage User Passwords: Sometimes IT database security managers will

forget to remove IDs and access privileges of former users which leads to password vulnerabilities in the database. Password rules and maintenance needs to be strictly enforced to avoid opening up the database to unauthorized users. y Windows OS Flaws: Windows operating systems are not effective when it comes to database security. Often theft of passwords is prevalent as well as denial of service issues. The database security manager can take precautions through routine daily maintenance checks. These are just a few of the database security problems that exist within organizations. The best way to avoid a lot of these problems is to employ qualified personnel and separate the security responsibilities from the daily database maintenance responsibilities.

The most important security measures of data management software follows: 1. Views or subschemas, which restrict user views of the database. A view is a subset of the database that is presented to one or more users. It is created by querying one or more of the base tables, producing a dynamic result table for the user at the time of the request. Domains, assertions, checks, and other integrity controls defined as database objects, which are enforced by the DBMS during database querying and updating. Integrity controls protect data from unauthorized use and update. They limit the values a field may hold, limit the actions that can be performed on data, or trigger the execution of some procedure, such as placing an entry in a log to record which users have done what with which data. Domain a way to create a user-defined data type. Once a domain is defined, any field can be given that domain as its data type. Assertion powerful constraint that enforce certain desirable database conditions.
2.

Trigger includes an event, condition, and action which can do the following: y Prohibit inappropriate actions y Cause special handling procedures to be executed
y Cause a row to be written to a log file to echo important information

about the user and a transaction being made to sensitive data. 3. Authorization rules, which identify users and restrict the actions they may take against a database. These are controls incorporated in the data management system that restrict access to data and also restrict the actions that people may take when they access data. 4. User-defined procedures, which define additional constraints or limitations in using a database. Some DBMS products provide user exits (or interfaces) that allow system designers or users to create their own user-defined procedures for security.

Encryption procedures, which encode data in an unrecognizable form. Encryption the coding or scrambling of data so that humans cannot read them. 6. Authentication schemes, which positively identify a person attempting to gain access to a database. 7. Backup, journaling, and checkpointing capabilities, which facilitate recovery procedures. Database recovery is data administration s response to Murphy s law. A database management system should provide four basic facilities for backup and recovery of a database: 1. Backup facilities, which provide periodic backup copies of portions of or the entire database. 2. Journalizing facilities, which maintain an audit trail of transactions and database changes. 3. Checkpoint facility, by which the DBMS periodically suspends all processing and synchronizes its files and journals.
5.

4.

Recovery manager, which allows the DBMS to restore the database to a correct condition and restart processing transactions.

Introduction to the E-R Model An entity-relationship data model (or E-R Model) is a detailed, logical representation of the data for an organization or for a business area. - normally expressed as an entity-relationship diagram (or E-R diagram) Entity a person, place, object, event, or concept in the user environment about which the organization wishes to maintain data. Entity type (or entity class) is a collection of entities that share common properties or characteristics. Entity instance (or instance) is a single occurrence of an entity type. Attribute a property or characteristic of an entity that is of interest to the organization. Candidate key an attribute or combination of attributes that uniquely identifies each instance of an entity type.

Primary key a candidate key that has been selected as the identifier for an entity type. Multi-valued attribute can have more than one value for each entity instance. Relationship an association between the instance of one or more entity types that is of interest to the organization. Degree of a relationship the number of entity types that participate in that relationship. a) Unary relationship also called a recursive relationship, is a relationship between the instances of one entity type. b) Binary relationship a relationship between instances of two entity types and is the most common type of relationship encountered in data modeling.

c)

Ternary relationship of three entity types. BASIC SYMBOLS

a simultaneous relationship among instances

ENTITY

RELATIONSHIP

PRIMARY KEY

ATTRIBUTE

MULTIVALUED ATTRIBUTE

UNARY

BINARY

TERNARY

MANDATORY 1 CARDINALITY

MANY (M) CARDINALITY (1,2, ,MANY)

OPTIONAL 0 OR 1 CARDINALITY

OPTIONAL ZERO-MANY CARDINALITY (0,1,2, ,MANY)

MAINTAINS

CONTAINS

HOSPITAL
STAFFS

LABORATORY
PERFORMS

PHYSICIAN
DIAGNOSES TREATS

WARD

IS ASSIGNED

TEST
PERFORMED FOR

PATIENT
IS ASSIGNED TO USES

STAFF

SUPPLIED BY

VENDOR
PROVIDES

MEDICAL/ SURGICAL ITEM

SUPPLY ITEM

Logical database model the process of transforming the conceptual data model into a logical database model. Logical database model a design that conforms to the data model for a class of database management system. Types of logical database models 1. Hierarchical Model records are arranged in a top-down structure that resembles an upside down tree.

Example:
DEPARTMENT

EMPLOYEE

PROJECT

SKILL

DEPENDENT

EQUIPMENT

2. Network Model a data model in which each record type may be associated with an arbitrary number of different record types.

Example:
DEPARTMENT

EMPLOYEE

PROJECT

DEPENDENT

EQUIPMENT

3. Relational Model a data model that represents data in the form of tables or relations. Example: DEPARTMENT
DEPT. NO. D100 D200 D300 NAME ENGINEERING ACCOUNTING MARKETING LOCATION WEST SOUTH EAST

Conceptual data model (E-R diagrams) Represent entities Represent relationships Normalize the relations Merge the relations Logical data model (normalized relations)

A relation is a named, two-dimensional table of data. Each relation consists of a set of named columns and an arbitrary number of unnamed rows.
EMPID 100 NAME Margaret Simpson DEPT Marketing SALARY 42,000 COURSE SPSS Surveys 140 110 Alan Beeton Chris Lucero Accounting Info Systems 39,000 41,500 Tax Acc SPSS C++ 190 150 Lorenzo Davis Susan Martin Finance Marketing 38,000 38,500 Investments SPSS TOM 5/7/9x 6/19/9x 8/12/9x DATE COMPLETED 6/19/9x 10/7/9x 12/8/9x 1/12/9x

(a) Table with repeating groups

EMPLOYEE2 EMPID 100 100 140 110 110 190 150 150 NAME Margaret Simpson Margaret Simpson Alan Beeton Chris Lucero Chris Lucero Lorenzo Davis Susan Martin Susan Martin DEPT Marketing Marketing Accounting Info Systems Info Systems Finance Marketing Marketing SALARY 42,000 42,000 39,000 41,500 41,500 38,000 38,500 38,500 COURSE SPSS Surveys Tax Acc SPSS C++ Investments SPSS TOM DATE COMPLETED 6/19/9x 10/7/9x 12/8/9x 1/12/9x 4/22/9x 5/7/9x 6/19/9x 8/12/9x

(b) EMPLOYEE2 relation

Properties of Relations
1. Entries in columns are atomic (or single-valued). 2. Entries in columns are from the same domain. 3. Each row is unique (no duplicate rows). 4. The sequence of columns (left to right) is insignificant. 5. The sequence of rows (top to bottom) is insignificant.

Well-Structured Relation: A relation that contains a minimum amount of redundancy and allows users to insert, modify, and delete the rows in a table without errors or inconsistencies. Anomalies: Errors or inconsistencies that may result when a user attempts to update a table that contains redundant data. Three types of anomalies: insertion, deletion, and modification anomalies.

Employee1 EMPID 100 140 110 190 150 NAME Margaret Simpson Alan Beeton Chris Lucero Lorenzo Davis Susan Martin DEPT Marketing Accounting Info. Systems Finance Marketing SALARY 42,000 39,000 41,500 38,500 38,500

Normalization: The process of decomposing relations with anomalies to produce smaller, well structured relations. Normal form: A state of a relation that results from applying simple rules regarding dependencies to that relation. Steps in normalization: Table with repeating groups Remove repeating groups First normal form Remove partial dependencies Second normal form Remove transitive dependencies Third normal form

Boyce-Codd normal form

Remove remaining anomalies resulting from functional dependencies

Remove multivalued dependencies Fourth normal form

Fifth normal form

Remove remaining anomalies

Functional dependency: A particular relationship between two attributes. For any relation R, attribute B is functionally dependent on attribute A if, for every valid instance of A, that value of A uniquely determines the value of B. The functional dependence of B on A is represented as A--->B. Example: SSN NAME,ADDRESS,BIRTHDATE: A person s name, address, and birthdate are functionally dependent on that person s Social Security number. Determinant: The attribute on the left-hand side of the arrow in a functional dependency; A is a determinant in the following functional dependency: A B. Composite key: A primary key that contains more than one attribute. Example: EMPLOYEE2(EMPID,NAME,DEPT,SALARY,COURSE,DATE COMPLETED).

1.

First normal form(1NF): A relation that contains no repeating groups.


PATIENT NAME WILLIAMS BAKER PATIENT ADDRESS QC MAKATI SURG_ LIC_ NO 3500 2500 3500 2600 2800 SURG. NAME PARSON CODD PARSON MILLER BENNETT SURG DATE 10/5/90 3/7/92 5/15/93 7/8/95 9/10/97 SURGERY DRUG ADMIN AAA BBB AAA CCC DDD SIDE EFFECT

HOSPITAL
PATIENT NO 268300 543290

HEART EYES HEART KIDNEY INTESTINE

HEADACHE NAUSEA HEADACHE NUMBNESS BACKACHE

TABLE WITH REPEATING GROUPS

HOSPITAL
PATIENT NO PATIENT NAME WILLIAMS WILLIAMS BAKER BAKER BAKER PATIENT ADDRESS QC QC MAKATI MAKATI MAKATI SURG_ LIC_NO 3500 2500 3500 2600 2800 SURG NAME PARSON CODD PARSON MILLER BENNETT SURG DATE 10/5/90 3/7/92 5/15/93 7/8/95 9/10/97 SURGERY DRUG ADMIN AAA BBB AAA CCC DDD SIDE EFFECT

268300 268300 543290 543290 543290

HEART EYES HEART KIDNEY INTESTINE

HEADACHE NAUSEA HEADACHE NUMBNESS BACKACHE

REPEATING GROUPS REMOVED(1NF) THE RELATION CAN ALSO BE REPRESENTED AS HOSPITAL (PATIENT_NO.,PATIENT_NAME,PATIENT_ADDRESS,SURG_LIC_NO., SURG_DATE,SURGERY,DRUG_ADMIN.,SIDE_EFFECT)

2. Second normal form(2NF): A relation is in second normal form if it is in first normal form and every nonkey attribute is fully functionally dependent on the primary key. Thus no nonkey attribute is functionally dependent on part(but not all) of the primary key. PATIENT

PATIENT_NO 268300 268300 543290 543290 543290


or simply PATIENT

PATIENT NAME WILLIAMS WILLIAMS BAKER BAKER BAKER

PATIENT ADDRESS QC QC MAKATI MAKATI MAKATI

PATIENT_NO 268300 543290

PATIENT NAME WILLIAMS BAKER

PATIENT ADDRESS QC MAKATI

PATIENT (PATIENT_NO., PATIENT_NAME,PATIENT_ADDRESS)

PAT_SURGEON PATIENT_NO 268300 268300 543290 543290 543290 SURG_LIC _NO 3500 2500 3500 2600 2800 SURG NAME PARSON CODD PARSON MILLER BENNETT SURG DATE 10/5/90 3/7/92 5/15/93 7/8/95 9/10/97 SURGERY HEART EYES HEART KIDNEY INTESTIN E DRUG ADMIN AAA BBB AAA CCC DDD SIDE EFFECT HEADACH E NAUSEA HEADACH E NUMBNESS BACKACHE

PAT_SURGEON (PATIENT_NO.,SURG_LIC_NO.,SURG_NAME,SURG_DATE,SURGERY,DRUG_ADMIN,SIDE_EFFECT) SURGEON SURG_LIC_NO 3500 2500 3500 2600 2800 SURG NAME PARSON CODD PARSON MILLER BENNETT SURGEON (SURG_LIC_NO.,SURG_NAME)

3. Third normal form(3NF): A relation is in third normal form if it is in second normal form and no transitive dependencies exist. Transitive dependency: A functional dependency between two (or more) nonkey attributes in a relation. PATIENT PATIENT NO 268300 543290 PATIENT NAME WILLIAMS BAKER PATIENT ADDRESS QC MAKATI

PATIENT (PATIENT_NO,PATIENT_NAME,PATIENT_ADDRESS) SURGEON SURG_LIC_NO 3500 2500 2600 2800 SURG_NAME PARSON CODD MILLER BENNETT

SURGEON (SURG_LIC_NO,SURG_NAME)

PAT_DRUG_SURG PATIENT_N O 268300 268300 543290 543290 543290 SURG_LIC_N O 3500 2500 3500 2600 2800 SURG NAME PARSON CODD PARSON MILLER BENNETT SURG DATE 10/5/92 3/7/92 5/15/93 7/8/92 9/10/97 SURGERY HEART EYES HEART KIDNEY INTESTINE DRUG ADMIN AAA BBB AAA CCC DDD

PAT_DRUG_SURG (PATIENT_NO,SURG_LIC_NO, SURG_NAME,SURG_DATE,SURGERY,DRUG_ADMIN) DRUG DRUG_ADMIN AAA BBB CCC DDD

SIDE EFFECT HEADACHE NAUSEA NUMBNESS BACKACHE

DRUG (DRUG_ADMIN,SIDE_EFFECT)