RDBMS Lab

Paper Code- BCA 104P

Bachelor of Computer
Applications
Semester – 2nd
Session- 2025-26

Submitted To Submitted By
Mr. Pradeep Sir Abhiraj Sagar
RBMI Bareilly Roll No - 254781150015

1
 Page
Serial Remarks/
Topic Numb
Number Signature
er

01 What is Database 3

02 3-Tier Architecture 4

03 Database Administrator 5

04 Data Models 8

05 Normalization 13

06 Keys in DBMS 17

Structured Query
07 19
Language

08 Security in DBMS 22

Distributed Database
09 25
System

2
What is Database?
A database is an organized collection of data stored electronically. It
allows users and applications to easily access, update, and manipulate
information. This data contains text, numbers, images, videos and more.
Databases are managed using specialized software known as a Database
Management System (DBMS), which facilitates the storage, retrieval,
and manipulation of data.
Databases are widely used in business, government, healthcare, and
many other sectors to store and manage data, enabling informed
decision-making and efficient operations.

Features of Database
A database offers several key features, including organized data storage,
efficient data retrieval, data security, data integrity and the ability to
handle multiple users and transactions. It also provides features like data
independence, backup and recovery mechanisms, and support for various
database operations.
 Organized Data Storage: Databases store data in a structured
format, often using tables with rows and columns, making it easy to
find and manage information.
 Data Retrieval: Databases allow for fast and efficient retrieval of
specific data through queries, enabling users to access the
information they need quickly.
 Data Security: Databases incorporate security measures to control
access to data, preventing unauthorized users from viewing,
modifying, or deleting information.
 Data Integrity: Databases enforce rules and constraints to
maintain the accuracy and consistency of data, ensuring that
information is reliable.
 Multi-User Access: Databases can support multiple users
simultaneously, allowing various users to access and modify data
concurrently.

Features of Database
Data Data Data Data Concurrent
Storage Security Integrity Retrieval Access
3-Tier Architecture
3
In Database Management System, the 3-tier architecture is a client-server
architecture that separates the user interface, application processing,
and data management into three distinct tiers or layers. The 3-tier
architecture is widely used in modern web applications and enterprise
systems because this separation of concerns allows for easier
maintenance, scalability, and flexibility in system design, enabling
developers to work independently on each layer without disturbing the
others.
1. Presentation Tier (User Interface Layer): The presentation tier is
the user interface or client layer of the application. It is responsible for
presenting data to the user and receiving input from the user. This tier
communicates with the Application Tier to process user requests and
display relevant information. This tier can be a web browser, mobile app,
or desktop application. It ensures the application is user-friendly by
providing interfaces such as web browsers, mobile apps, or desktop
applications.
Example: If you’re using a banking app, the presentation tier would
display your account balance, allow you to make transfers, and display
results based on your actions.
2. Application Tier (Business Logic Layer): The application tier acts
as the intermediary between the Presentation Tier and the Data
Management Tier. It is responsible for processing and managing the
business logic of the application. This tier communicates with the
presentation tier to receive user input and communicates with the data
management tier to retrieve or store data. This tier may include
application servers, web servers, or APIs. It houses the application's core
functionality, such as calculating values, applying rules, handling
workflows, etc.
Example: If you're purchasing an item through an e-commerce platform,
the Application Layer handles all the logic like verifying available stock,
applying discounts, calculating taxes, and confirming your payment
method.
3. Data Management Tier (Database Layer): The Data Management
tier is responsible for managing and storing data. This tier can include
databases, data warehouses, or any other persistent data storage
solution. The data management tier communicates with the application
tier save, retrieve, or manipulate data according to the business logic.
Example: In a customer relationship management (CRM) system, this tier
would store customer details, transaction history, and other data relevant
to the business.

Database Administrator
4
A Database Administrator (DBA) is an individual or person responsible for
controlling, maintaining, coordinating, and operating a database
management system. Managing, securing, and taking care of the
database systems is a prime responsibility. They are responsible and in
charge of authorizing access to the database, coordinating, capacity,
planning, installation, and monitoring uses, and acquiring and gathering
software and hardware resources as and when needed.

Types of Database Administrator (DBA)

 Administrative DBA: Their job is to maintain the server and keep
it functional. They are concerned with data backups, security,
troubleshooting, replication, migration, etc.

 Data Warehouse DBA: Assigned earlier roles, but held

accountable for merging data from various sources into the data
warehouse. They also design the warehouse, with cleaning and
scrubs data prior to loading.

 Cloud DBA: Nowadays companies prefer to save their workpiece

on cloud storage. As it reduces the chance of data loss and
provides an extra layer of data security and integrity.

 Development DBA: They build and develop queries, store

procedures, etc. that meet firm or organization needs.

 Application DBA: They particularly manage all requirements of

application components that interact with the database and
accomplish activities such as application installation and
coordination, application upgrades, database cloning, data load
process management, etc.

 Architect: They are held responsible for designing schemas like

building tables. They work to build a structure that meets
organizational needs. The design is further used by developers and
development DBAs to design and implement real applications.

 OLAP DBA: They design and build multi-dimensional cubes for

determination support or OLAP systems.

 Data Modeler: In general, a data modeler is in charge of a portion

of a data architect's duties. A data modeler is typically not regarded
as a DBA, but this is not a hard and fast rule.

 Task-Oriented DBA: To concentrate on a specific DBA task, large

businesses may hire highly specialized DBAs. They are quite
uncommon outside of big corporations. Recovery and backup DBA,

5
 whose responsibility it is to guarantee that the databases of
businesses can be recovered, is an example of a task-oriented DBA.
However, this specialism is not present in the majority of firms.
These task-oriented DBAs will make sure that highly qualified
professionals are working on crucial DBA tasks when it is possible.

 Database Analyst: This position doesn't actually have a set

definition. Junior DBAs may occasionally be referred to as database
analysts. A database analyst occasionally performs functions that
are comparable to those of a database architect. The term "Data
Administrator" is also used to describe database analysts and data
analysts. Additionally, some businesses occasionally refer to
database administrators as data analysts.

Role and Duties of Database Administrator (DBA)

 Decides Hardware: They decide on economical hardware, based
on cost, performance, and efficiency of hardware, and best suits the
organization. It is hardware that is an interface between end users
and the database.
 Manages Data Integrity and Security: Data integrity needs to
be checked and managed accurately as it protects and restricts
data from unauthorized use. DBA eyes on relationships within data
to maintain data integrity.
 Database Accessibility: Database Administrator is solely
responsible for giving permission to access data available in the
database. It also makes sure who has the right to change the
content.
 Database Design: DBA is held responsible and accountable for
logical, physical design, external model design, and integrity and
security control.
 Database Implementation: DBA implements DBMS and checks
database loading at the time of its implementation.
 Query Processing Performance: DBA enhances query processing
by improving speed, performance, and accuracy.
 Tuning Database Performance: If the user is not able to get data
speedily and accurately then it may lose organization's business. So,
by tuning SQL commands DBA can enhance the performance of the
database.

6
What is Data Model?
A data model is a blueprint or visual representation that outlines the
structure, relationships, and constraints of data within a system or
database. It acts as a guide for how data is organized, stored, and
accessed, ensuring consistency and enabling efficient data management.

Data Models

Entity
Hierarchical Data Network Data Relational Data
Relationship Data
Model Model Model
Model
7
Relational Data Model
The relational model represents how data is stored and managed in
Relational Databases. Data is organized into tables, each known as a
relation, consisting of rows (tuples) and columns (attributes). Each
row represents an entity or record, and each column represents a
particular attribute of that entity. A relational database consists of a
collection of tables each of which is assigned a unique name.
For example, consider a relation STUDENT with attributes ROLL_NO,
NAME, ADDRESS, PHONE, and AGE shown in the table.

Key Terms in the Relational Model

1. Attribute: Attributes are the properties that define an entity. For
example, ROLL_NO, NAME, ADDRESS etc.
2. Relation Schema: A relation schema defines the structure of the
relation and represents the name of the relation with its attributes. For
example, STUDENT (ROLL_NO, NAME, ADDRESS, PHONE, and AGE) is the
relation schema for STUDENT. If a schema has more than 1 relation it is
called Relational Schema.
3. Tuple: A Tuple represents a row in a relation. Each tuple contains a set
of attribute values that describe a particular entity. For example: (1, RAM,
DELHI, 9455123451, 18) is a tuple in the STUDENT table.
4. Relation Instance: The set of tuples of a relation at a particular
instance of time is called a relation instance. It can change whenever
there is an insertion, deletion or update in the database.
5. Degree: The number of attributes in the relation is known as the
degree of the relation. For example, the STUDENT relation has a degree of
5, as it has 5 attributes.
6. Cardinality: The number of tuples in a relation is known as cardinality.
For example, the STUDENT relation defined above has cardinality 4.
7. Column: The column represents the set of values for a particular
attribute. For example, the column ROLL_NO is extracted from the relation
STUDENT.
8. NULL Values: The value which is not known or unavailable is called a
NULL value. It is represented by NULL. For example, PHONE of STUDENT
having ROLL_NO 4 is NULL.

Entity-Relationship Data Model

8
The Entity-Relationship Model (ER Model) is a conceptual model for
designing a database. This model represents the logical structure of a
database, including entities, their attributes and relationships between
them. The graphical representation of this model is called an Entity-
Relation Diagram (ERD).

Q. What is an Entity?
An Entity represents a real-world object, concept or thing about which
data is stored in a database. It acts as a building block of a database.
Tables in relational database represent these entities.
Example of entities:
 Real-World Objects: Person, Car, Employee etc.
 Concepts: Course, Event, Reservation etc.
 Things: Product, Document, Device etc.
The entity type defines the structure of an entity, while individual
instances of that type represent specific entities.

Types of Entity
There are two main types of entities:
1. Strong Entity: A Strong Entity is a type of entity that has a key
Attribute that can uniquely identify each instance of the entity. A Strong
Entity does not depend on any other Entity in the Schema for its
identification. It has a primary key that ensures its uniqueness and is
represented by a rectangle in an ER diagram.
2. Weak Entity: A Weak Entity cannot be uniquely identified by its own
attributes alone. It depends on a strong entity to be identified. A weak
entity is associated with an identifying entity (strong entity), which helps
in its identification. A weak entity is represented by a double rectangle.
The participation of weak entity types is always total. The relationship
between the weak entity type and its identifying strong entity type is
called identifying relationship and it is represented by a double diamond.
Example: A company may store the information of dependents (Parents,
Children, Spouse) of an Employee. But the dependents can't exist without
the employee. So dependent will be a Weak Entity Type and Employee will
be identifying entity type for dependent, which means it is Strong Entity
Type.

Student 9 Grades
(Strong Entity)
Grades
(Weak Entity)
Q. What is an Attribute?
Attributes are the properties that define the entity type.
For example, for a student entity Roll No., Name, DOB, Age, Address, and
Mobile No. are the attributes that define entity type Student. In ER
diagram, the attribute is represented by an oval.

Attribute

Types of Attributes
There are five main types of attributes:
1. Simple Attribute: Simple attributes are those attributes that
cannot be divided into more attributes. These are represented by a
simple oval in the ER Diagram. Simple attributes state the simple
information about the entity such as name, roll-no, class, age, etc.
2. Composite Attribute: When 2 or more than 2 simple attributes are
combined to make an attribute then that attribute is called a
Composite attribute. These attributes are represented as a child of
multiple other attributes in the ER Diagram.
The composite attribute is made up of multiple attributes. After
combining these attributes, the composed attributes are formed. For
example, address is the attribute derived from the 3 simple
attributes i.e., City, State, and Street.
3. Multivalued Attribute: An attribute which can have multiple
values is known as a multivalued attribute. Multivalued attributes
have multiple values for the single instance of an entity. These
attributes are represented by a double oval in an ER Diagram. For
example, contact number as an attribute in a database can have
multiple values.
4. Key Attribute: The attribute which has unique values for every row
in the table is known as a Key Attribute. The key attribute is a
distinct and unique characteristic of the entity that can be used to
identify the entity uniquely.
It is represented by an underline in the ER Diagram

10
 For example, roll number can act as a key attribute in a table of
students
5. Derived Attribute: The attribute that can be derived from the
other attributes and does not require to be already present in the
database is called a Derived Attribute. Derived attributes are not
stored in the Database directly. These are represented by a dotted
oval in the ER Diagram. It is calculated by using the stored
attributes in the database. For example, age attribute can be a
derived attribute as it can be calculated using date of birth of an
individual.

name roll-no phone-no

(Multivalued Attribute)
(Simple Attribute) (Key Attribute)

B
age A C
(Simple Attribute)

address
Q. What is a Relation? (Composite Attribute)

A Relationship represents the association between entity types. For

example, ‘Enrolled in’ is a relationship type that exists between entity
type Student and Course. In ER diagram, the relationship type is
represented by a diamond and connecting the entities with lines.

Enrolled_I
n

Degree of Relationship Set

The number of different entity sets participating in a relationship set is
called the degree of a relationship set.
Unary Relationship: When there is only ONE entity set participating in a
relation, the relationship is called a unary relationship. For example, one
person is married to only one person.

married_t
person o

11
Binary Relationship: When there are TWO entities set participating in a
relationship, the relationship is called a binary relationship. For example, a
student is enrolled in a course.

enrolled_
student in
course

Ternary Relationship: When there are three entity sets participating in

a relationship, the relationship is called a ternary relationship.

employe works_in departme

e nt

location
N-ary Relationship: When there are n entities set participating in a
relationship, the relationship is called an n-ary relationship.

12
What is Normalization?
Normalization is a systematic approach to organize data within a database
to reduce redundancy and eliminate undesirable characteristics such as
insertion, update, and deletion anomalies. The process involves breaking
down large tables into smaller, well-structured ones and defining
relationships between them. This not only reduces the chances of storing
duplicate data but also improves the overall efficiency of the database.
There are 6 levels of normalization described as follows:
1. First Normal Form (1NF): A table is in 1NF if it satisfies the following
conditions:
 All columns contain atomic values (i.e., indivisible values).
 Each row is unique (i.e., no duplicate rows).
 Each column has a unique name.
 The order in which data is stored does not matter.

Example of 1NF Violation: If a table has a column "Phone Numbers"

that stores multiple phone numbers in a single cell, it violates 1NF. To
bring it into 1NF, you need to separate phone numbers into individual
rows.
2. Second Normal Form (2NF): A relation is in 2NF if it satisfies the
conditions of 1NF and additionally. No partial dependency exists, meaning
every non-prime attribute (non-key attribute) must depend on the entire
primary key, not just a part of it.
Example: For a composite key (StudentID, CourseID), if the StudentName
depends only on StudentID and not on the entire key, it violates 2NF. To
normalize, move StudentName into a separate table where it depends
only on StudentID.

13
3. Third Normal Form (3NF): A relation is in 3NF if it satisfies 2NF and
additionally, there are no transitive dependencies. In simpler terms, non-
prime attributes should not depend on other non-prime attributes.
Example: Consider a table with (StudentID, CourseID, Instructor).
If Instructor depends on CourseID, and CourseID depends on StudentID,
then Instructor indirectly depends on StudentID, which violates 3NF. To
resolve this, place Instructor in a separate table linked by CourseID.
4. Boyce-Codd Normal Form (BCNF): BCNF is a stricter version of 3NF
where for every non-trivial functional dependency (X → Y), X must be a
superkey (a unique identifier for a record in the table).
Example: If a table has a dependency (StudentID, CourseID) → Instructor,
but neither StudentID nor CourseID is a superkey, then it violates BCNF.
To bring it into BCNF, decompose the table so that each determinant is a
candidate key.
5. Fourth Normal Form (4NF): A table is in 4NF if it is in BCNF and has
no multi-valued dependencies. A multi-valued dependency occurs when
one attribute determines another, and both attributes are independent of
all other attributes in the table.
Example: Consider a table where (StudentID, Language, Hobby) are
attributes. If a student can have multiple hobbies and languages, a multi-
valued dependency exists. To resolve this, split the table into separate
tables for Languages and Hobbies.
6. Fifth Normal Form (5NF): 5NF is achieved when a table is in 4NF and
all join dependencies are removed. This form ensures that every table is
fully decomposed into smaller tables that are logically connected without
losing information.
Example: If a table contains (StudentID, Course, Instructor) and there is a
dependency where all combinations of these columns are needed for a
specific relationship, you would split them into smaller tables to remove
redundancy.

What is functional dependency?

A functional dependency occurs when one attribute uniquely determines
another attribute within a relation. It is a constraint that describes how
attributes in a table relate to each other. If attribute A functionally
determines attribute B we write this as the A→B.

Example:
roll_no name dept_nam dept_buildi

14
 e ng
42 abc CO A4
43 pqr IT A3
44 xyz CO A4

From the above table we can conclude some valid functional

dependencies:
 roll_no → { name, dept_name, dept_building }→ Here, roll_no can
determine values of fields name, dept_name and dept_building,
hence a valid Functional dependency
 roll_no → dept_name , Since, roll_no can determine whole set of
{name, dept_name, dept_building}, it can determine its subset
dept_name also.
 dept_name → dept_building , Dept_name can identify the
dept_building accurately, since departments with different
dept_name will also have a different dept_building
Armstrong's Axioms in Functional Dependency
Armstrong's Axioms refer to a set of inference rules, introduced by William
W. Armstrong, that are used to test the logical implication of functional
dependencies. Given a set of functional dependencies F, the closure of F
(denoted as F+) is the set of all functional dependencies logically implied
by F. Armstrong's Axioms, when applied repeatedly, help generate the
closure of functional dependencies.
 Reflexivity: If A is a set of attributes and B is a subset of A, then A
holds B. If B⊆A then A→B. This property is trivial property.
 Augmentation: If A→B holds and Y is the attribute set, then
AY→BY also holds. That is adding attributes to dependencies, does
not change the basic dependencies. If A→B, then AC→BC for any C.
 Transitivity: Same as the transitive rule in algebra, if A→B holds
and B→C holds, then A→C also holds. A→B is called A functionally
which determines B. If X→Y and Y→Z, then X→Z.
 Union: If A→B holds and A→C holds, then A→BC holds. If X→Y and
X→Z then X→YZ.
 Composition: If A→B and X→Y hold, then AX→BY holds.
 Decomposition: If A→BC holds then A→B and A→C hold. If X→YZ
then X→Y and X→Z.
 Pseudo Transitivity: If A→B holds and BC→D holds, then AC→D
holds. If X→Y and YZ→W then XZ→W.

15
Keys in DBMS
In the context of a relational database, Keys are one of the basic
requirements of a relational database model. keys are fundamental
components that ensure data integrity, uniqueness, and efficient access.
It is widely used to identify the tuples(rows) uniquely in the table.

Types of Keys
 Super Key: The set of one or more attributes (columns) that can
uniquely identify a tuple (record) is known as Super Key. It may
include extra attributes that aren't essential for uniqueness but still
uniquely identify the row. For Example, STUD_NO, (STUD_NO,
STUD_NAME), etc.
 Candidate Key: The minimal set of attributes that can uniquely
identify a tuple is known as a candidate key. For Example, STUD_NO
in STUDENT relation. A candidate key is a minimal super key,
meaning it can uniquely identify a record but contains no extra
attributes.
 Primary Key: There can be more than one candidate key in
relation out of which one can be chosen as the primary key. For
Example, STUD_NO, as well as STUD_PHONE, are candidate keys for
relation STUDENT but STUD_NO can be chosen as the primary key
(only one out of many candidate keys).
 Alternate Key: An alternate key is any candidate key in a table
that is not chosen as the primary key. In other words, all the keys
that are not selected as the primary key are considered alternate
keys. An alternate key is also referred to as a secondary key
because it can uniquely identify records in a table, just like the
primary key. Example: In the STUDENT table, both STUD_NO and
PHONE are candidate keys. If STUD_NO is chosen as the primary
key, then PHONE would be considered an alternate key.
 Foreign Key: A foreign key is an attribute in one table that refers
to the primary key in another table. The table that contains the
foreign key is called the referencing table, and the table that is
referenced is called the referenced table. A foreign key in one table

16
 points to the primary key in another table, establishing a
relationship between them.
It helps connect two or more tables, enabling you to create
relationships between them. This is essential for maintaining data
integrity and preventing data redundancy.
 Composite Key: Sometimes, a table might not have a single
column/attribute that uniquely identifies all the records of a table.
To uniquely identify rows of a table, a combination of two or more
columns/attributes can be used. It still can give duplicate values in
rare cases. So, we need to find the optimal set of attributes that can
uniquely identify rows in a table. It acts as a primary key if there is
no primary key in a table.
Two or more attributes are used together to make a composite key .
Different combinations of attributes may give different accuracy in
terms of identifying the rows uniquely.
Example: In the STUDENT_COURSE table, {STUD_NO, COURSE_NO}
can form a composite key to uniquely identify each record.

17
Structured Query Language
Structured Query Language (SQL) is the standard language used to
interact with relational databases. Whether you want to create, delete,
update or read data, SQL provides the structure and commands to
perform these operations. SQL is widely supported across various
database systems like MySQL, Oracle, PostgreSQL, SQL Server and many
others.
SQL Commands are mainly categorized into five categories:

 DDL – Data Definition Language: DDL or Data Definition

Language actually consists of the SQL commands that can be used
for defining, altering and deleting database structures such as
tables, indexes and schemas. It simply deals with descriptions of the
database schema and is used to create and modify the structure of
database objects in the database.
Example, CREATE, DROP, ALTER, TRUNCATE, COMMENT, RENAME,
etc.

 DQL – Data Query Language: DQL statements are used for

performing queries on the data within schema objects. The purpose
of the DQL Command is to get some schema relation based on the
query passed to it. This command allows getting the data out of the
database to perform operations with it. When a SELECT is fired
against a table or tables the result is compiled into a further
temporary table, which is displayed or perhaps received by the
program.
Example, SELECT, etc.

 DML – Data Manipulation Language: The SQL commands that

deal with the manipulation of data present in the database belong
to DML or Data Manipulation Language and this includes most of the
SQL statements. It is the component of the SQL statement that
controls access to data and to the database. Basically, DCL
statements are grouped with DML statements.
Example, INSERT, UPDATE, DELETE, LOCK, CALL, etc.

 DCL – Data Control Language: DCL (Data Control Language)

includes commands such as GRANT and REVOKE which mainly deal
with the rights, permissions and other controls of the database
system. These commands are used to control access to data in the
database by granting or revoking permissions.
Example, GRANT, REVOKE, etc.
18
  TCL - Transaction Control Language: Transactions group a set of
tasks into a single execution unit. Each transaction begins with a
specific task and ends when all the tasks in the group are
successfully completed. If any of the tasks fail, the transaction fails.
Therefore, a transaction has only two results: success or failure.
Example, COMMIT, ROLLBACK, SAVEPOINT, etc.

Common SQL Queries

1. SELECT
Syntax: SELECT column1, column2, ... FROM table_name;
Example: SELECT CustomerName, City FROM Customers;
Result:
CustomerNa City
me
abc A
pqr B
klm C

2. CREATE TABLE
Syntax: CREATE TABLE table_name (column1 datatype, column2
datatype, column3 datatype,....);
Example: CREATE TABLE Persons (PersonID int, LastName
varchar(255), FirstName varchar(255), Address varchar(255), City
varchar(255));
Result:
PersonID LastName FirstName Address City

3. UPDATE
Syntax: UPDATE table_name
SET column1 = value1, column2 = value2, ... WHERE condition;

Example: UPDATE Customers SET ContactName = 'Alfred Schmidt',

City= 'Frankfurt' WHERE CustomerID = 1;
Result:
CustomerI ContactNa City
D me

19
1 Alfred Frankfurt
Schmidt
2 Joseph Ohio

4. DELETE
Syntax: DELETE FROM table_name WHERE condition;
Example: DELETE FROM Customers WHERE CustomerName= ‘Alfred
Schmidt’;
Result:
CustomerI ContactName City
D
2 Joseph Ohio

5. WHERE
Syntax: SELECT column1, column2, ... FROM table_name
WHERE condition;

Example: SELECT * FROM Customers WHERE Country='Mexico';

Result:
CustomerI ContactName City Country
D
2 Joseph Puebla Mexico
7 Eddy Mexico City Mexico

6. GRANT
Syntax: GRANT privileges_names ON object TO user;
Example: GRANT SELECT, INSERT, DELETE, UPDATE ON Users TO
'Amit'@'localhost';

7. REVOKE
Syntax: REVOKE privileges ON object FROM user;
Example: REVOKE SELECT, INSERT, DELETE, UPDATE ON Users FROM
'Amit'@'localhost';

Security in DBMS

20
Security of databases refers to the array of controls, tools, and procedures
designed to ensure and safeguard confidentiality, integrity, and
accessibility. This will concentrate on confidentiality because it's a
component that is most at risk in data security breaches.
Why Database Security is Important?
o According to the definition, a data breach refers to a breach of data
integrity in databases. The amount of damage an incident like a
data breach can cause our business is contingent on various
consequences or elements.
o Intellectual property that is compromised: Our intellectual
property--trade secrets, inventions, or proprietary methods -- could
be vital for our ability to maintain an advantage in our industry. If
our intellectual property has been stolen or disclosed and our
competitive advantage is lost, it could be difficult to keep or
recover.
o The damage to our brand's reputation: Customers or partners
may not want to purchase goods or services from us (or deal with
our business) If they do not feel they can trust our company to
protect their data or their own.
o The concept of business continuity (or lack of it): Some
businesses cannot continue to function until a breach has been
resolved.
o Penalties or fines to be paid for not complying: The cost of not
complying with international regulations like the Sarbanes-Oxley Act
(SAO) or Payment Card Industry Data Security Standard (PCI DSS)
specific to industry regulations on data privacy, like HIPAA or
regional privacy laws like the European Union's General Data
Protection Regulation (GDPR) could be a major problem with fines in
worst cases in excess of many million dollars for each violation.
o Costs for repairing breaches and notifying consumers about
them: Alongside notifying customers of a breach, the company that
has been breached is required to cover the investigation and
forensic services such as crisis management, triage repairs to the
affected systems, and much more.

Common Threats and Challenges

21
Numerous software configurations that are not correct, weaknesses, or
patterns of carelessness or abuse can lead to a breach of security. Here
are some of the most prevalent kinds of reasons for security attacks and
the reasons.
Human Error: The unintentional mistakes, weak passwords or sharing
passwords, and other negligent or uninformed behaviors of users remain
the root causes of almost half (49 percent) of all data security breaches.
SQL/NoSQL Injection Attacks: A specific threat to databases is the
infusing of untrue SQL as well as other non-SQL string attacks in queries
for databases delivered by web-based apps and HTTP headers. Companies
that do not follow the safe coding practices for web applications and
conduct regular vulnerability tests are susceptible to attacks using these.
DDoS (DoS/DDoS) Attacks: In a denial-of-service (DoS) attack in which
the attacker overwhelms the targeted server -- in this case, the database
server with such a large volume of requests that the server is unable to
meet no longer legitimate requests made by actual users. In most cases,
the server is unstable or even fails to function.
Malware: Malware is software designed to exploit vulnerabilities or cause
harm to databases. Malware can be accessed via any device that
connects to the databases network.
Attacks on Backups: Companies that do not protect backup data using
the same rigorous controls employed to protect databases themselves are
at risk of cyberattacks on backups.

Data protection tools and platforms

Today, a variety of companies provide data protection platforms and
tools. A comprehensive solution should have all of the following features:
o Discovery: The ability to discover is often needed to meet
regulatory compliance requirements. A tool that can detect and
categorize weaknesses across our databases, whether they're
hosted in the cloud or on-premises can provide recommendations to
address any vulnerabilities that are discovered.
o Monitoring of Data Activity: The solution should be capable of
monitoring and analyzing the entire data activity in all databases,
whether our application is on-premises, in the cloud, or inside a
container. It will alert us to suspicious activity in real-time to allow
us to respond more quickly to threats. It also provides visibility into
the state of our information through an integrated and
comprehensive user interface. It is also important to choose a

22
 system that enforces rules that govern policies, procedures, and the
separation of duties.
o The ability to Tokenize and Encrypt Data: In case of an
incident, encryption is an additional line of protection against any
compromise. Any software we choose to use must have the
flexibility to protect data cloud, on-premises hybrid, or multi-cloud
environments
o Optimization of Data Security and Risk Analysis: An
application that will provide contextual insights through the
combination of security data with advanced analytics will allow
users to perform optimizing, risk assessment, and reporting in a
breeze. Select a tool that is able to keep and combine large
amounts of recent and historical data about the security and state
of your databases.

Distributed Database System

A distributed database is basically a database that is not limited to one
system, it is spread over different sites, i.e., on multiple computers or over
a network of computers. A distributed database system is located on
various sites that don't share physical components. This may be required
when a particular database needs to be accessed by various users

23
globally. It needs to be managed such that for the users it looks like one
single database.
Types of Distributed Database System are as follows:
1. Homogeneous Database: In a homogeneous database, all different
sites store database identically. The operating system, database
management system, and the data structures used - all are the same at
all sites. Hence, they're easy to manage.
2. Heterogeneous Database: In a heterogeneous distributed database,
different sites can use different schema and software that can lead to
problems in query processing and transactions. Also, a particular site
might be completely unaware of the other sites. Different computers may
use a different operating system, different database application. They
may even use different data models for the database. Hence, translations
are required for different sites to communicate.
Applications of Distributed Database:
 It is used in Corporate Management Information System.
 It is used in multimedia applications.
 Used in Military's control system, Hotel chains etc.
 It is also used in manufacturing control system.

Advantages of Distributed Database System:

 There is fast data processing as several sites participate in request

processing.
 Reliability and availability of this system is high.
 It possesses reduced operating cost.
 It is easier to expand the system by adding more sites.
 It has improved sharing ability and local autonomy.

Disadvantages of Distributed Database System:

 The system becomes complex to manage and control.

 The security issues must be carefully managed.
 The system requires deadlock handling during the transaction
processing otherwise
 the entire system may be in inconsistent state.
 There is need of some standardization for processing of distributed
database
 system.

24
25