数据库系统原理(英文).ppt

April 2011 Database System Concepts - Chapter8 Application Design and Development - PART 2 RELATIONAL DATABASES Chapter 8  Application Design and Development Suppose that, instead of allowing negative account balances, the bank deals with overdrafts (透支) by following actions setting the account balance to zero creating a loan in the amount of the overdraft giving this loan a loan number identical to the account number of the overdrawn account Trigger overdraft-trigger in Fig.8.8 the triggering event is update on balance the condition for executing the trigger is an modification to the account relation that results in a negative balance value GSM网络配置数据库中，利用触发器实现 向小区(cell)中新增频点，约束：每个小区最多只有8个频点 计算性能指标“BSC切换成功率”，原理：每当发生一次BSC切换时，根据本次切换是否成功重新计算“切换成功率” §8.7 Authorization in SQL Authorization：授权，鉴权，特许 Authentication：验证，鉴别 Privilege：权限，特权 Encryption：加密 Encryption key：密钥 Cryptography (密码技术) Security mechanism guarding against malicious/illegal access to DBS, such as unauthorized reading, modification, and destruction of data §8.7.0 Security Levels Fig. Security Control Architecture in Database Application Systems 8.7.0 Security Levels (cont.) Security mechanisms at several levels database system level authorization and authentication mechanisms to allow specific users access only to required data OS level protection from invalid logins, and protection from improper use of “superuser” authority file-level access protection (often not very helpful for database security) network level communications links must be protected from theft or modification of messages, by means of 8.7.0 Security Levels (cont.) identification protocol (password-based) cryptography(密码技术） human level users should be trained on password selection and secrecy users must be screened to ensure that an authorized users do not give access to intruders physical level system must be physically secured against armed or surreptitious entry by intruders Authorization in DBS DBMS provides authorization