Declaration

We the members of group no. 9 hereby declare that the

project entitled survey on databse security,backup &
recovery submitted to the computer engineering
department of GPG for the practical work of DBMS
subject that the microproject is not previously formed
the basis of any copyright
Submitted by-
Sarvesh Fating 2012420107
Atharva Telang 2012420108
Vivek Harinkhade 2012402105
Disha Baghele 2012420109
Surbhi Budekar 2012402104
 Acknowledgement

This complete microproject work comes as a gift to me

after all the efforts that has gone a beautiful endeavor
only because of the valuable guidance of our guide and
well-wishers.

We wish to extendour heartful gratitude to our guide

Bhagyashree Meshram Maam for her constant guidance
, encouragement , motivation for every stage of this
work made this microproject a success.

Finely we are proud to express and gratitude and

respect to each member of this group .
 Index

 Rationale
 Cource Outcomes
 Literature Review
 Actual Methodology Followed
 Actual Resources Used
 Information
 Output of the Microproject
 Learning Outcomes of Microproject
 Application of Microproject
 Area of Future Improvements
 Conclusion
 RATIONALE

 Our microproject is about database security,backup & recovery.

 Database security is the technique that protects and secures the

database against intentional or accidental threats.

 Security concerns will be relevant not only to the data resides in an

organization's database: the breaking of security may harm other
parts of the system, which may ultimately affect the database
structure.

 Database backup basically means that a duplicate of the database

information and data is created and stored in backup server just to be
on the safe side.

 Transaction logs are also stored in the backup along with the
database data because without them, the data would be useless.
 Cource outcomes

1.Understand project characteristics and various stages of a project.

2. Understand the conceptual clarity about project organization and
database security,backup & recovery.
3. Analyze the learning and understand techniques for Project planning &
scheduling.
4. Apply the security , backup and recovery methods of dbms.
5. Understand the various aspects of dbms security.
6. Understand the backup and recovery are practiced in computer industry.

LITERATURE REVIEW

1. First to understand the topic we took the advice from our respected
sir.

2. To get the information written and in brief we searched on internet i.e

Google.

3. To understand the topic visually we took the support of Youtub.

4. For diagrams we took help of the books and internet too.

 ACTUAL METHODOLOGY FOLLOWED

SRNO. DETAILS PLANNED PLANNED NAME OF

STARTING FINISHED REP.
OF DATE DATE
ACTIVITY (MEMBER)
1. SELECTION OF 21.12.2021 22.12.2021 ALL GROUP
MICROPROJECT MEMBERS
TITLE FOR THIS
BATCH ―DATABASE
SECURITY,BACKUP
& RECOVERY ‖

2. STUDY OF BOOK 21.12.2021 22.12.2021 SARVESH FATING

FOR SEACHING
INFO

3. COLLECTION AND 21.12.2021 22.12.2021 DISHA BAGHELE

FORMATING BY
TEAM MEMBER

4. FINAL 21.12.2021 22.12.2021 ALL GROUP

VERIFICATION AND MEMBERS
GUIDE HOW TO
MAKE OUT TOPICS

5. MAKING THE 21.12.2021 22.12.2021 SURBHI

FORMAT OF PART A BUDEKAR,ATHARVA
AND PART B TELANG & VIVEK
HARINKHEDE
 ACTUAL resouces FOLLOWED

SrNo Name of Specification Quantity Remark

Resources

1. TEXT BOOK & DATABASE 1 ✔

SYLLABUS MANAGEMENT
TEXTBOOK

2. REFERENCE DBMS SECURITY 1 ✔

BOOK
 Information
Database security is the technique that protects and secures the database
against intentional or accidental threats. Security concerns will be relevant
not only to the data resides in an organization's database: the breaking of
security may harm other parts of the system, which may ultimately affect
the database structure. Consequently, database security includes hardware
parts, software parts, human resources, and data. To efficiently do the uses
of security needs appropriate controls, which are distinct in a specific
mission and purpose for the system. The requirement for getting proper
security while often having been neglected or overlooked in the past days; is
now more and more thoroughly checked by the different organizations.
We consider database security about the following situations:
 Theft and fraudulent.
 Loss of confidentiality or secrecy.
 Loss of data privacy.
 Loss of data integrity.
 Loss of availability of data.
These listed circumstances mostly signify the areas in which the
organization should focus on reducing the risk that is the chance of
incurring loss or damage to data within a database. In some conditions,
these areas are directly related such that an activity that leads to a loss in
one area may also lead to a loss in another since all of the data within an
organization are interconnected.
 What is a Threat?
Any situation or event, whether intentionally or incidentally, can cause
damage, which can reflect an adverse effect on the database structure and,
consequently, the organization. A threat may occur by a situation or event
involving a person or the action or situations that are probably to bring
harm to an organization and its database.
The degree that an organization undergoes as a result of a threat's
following which depends upon some aspects, such as the existence of
countermeasures and contingency plans. Let us take an example where you
have a hardware failure that occurs corrupting secondary storage; all
processing activity must cease until the problem is resolved.

Computer-Based Controls
The different forms of countermeasure to threats on computer systems
range from physical controls to managerial procedures. In spite of the
range of computer-based controls that are preexisting, it is worth noting
that, usually, the security of a DBMS is merely as good as that of the
operating system, due to the close association among them.
Most of the computer-based database security are listed below:
 Access authorization.
 Access controls.
 Views.
 Backup and recovery of data.
 Data integrity.
 Encryption of data.
 RAID technology.
 What is Access Controls?
The usual way of supplying access controls to a database system is
dependent on the granting and revoking of privileges within the database. A
privilege allows a user to create or access some database object or to run
some specific DBMS utilities. Privileges are granted users to achieve the
tasks required for those jobs.
The database provides various types of access controls:
 Discretionary Access Control (DAC)
 Mandatory Access Control (MAC)

Backup and Recovery

Every Database Management System should offer backup facilities to help
with the recovery of a database after a failure. It is always suitable to make
backup copies of the database and log files at the regular period and for
ensuring that the copies are in a secure location. In the event of a failure
that renders the database unusable, the backup copy and the details
captured in the log file are used to restore the database to the latest
possible consistent state.
Privilege and Roles in DBMS
Confidentiality, integrity, and availability are the stamps of database
security. Authorization is the allowance to the user or process to access
the set of objects. The type of access granted can be any like, read-only,
read, and write. Privilege means different DML operations which can be
performed by the user on data like INSERT, UPDATE, SELECT and DELETE,
etc.
There are two methods by which access control is performed is done by
using the following.
1. Privileges
2. Roles

Privileges
The authority or permission to access a named object as advised manner,
for example, permission to access a table. Privileges can allow permitting a
particular user to connect to the database. In, other words privileges are
the allowance to the database by the database object.
Database privileges —
A privilege is permission to execute one particular type of SQL statement or
access a second persons’ object. Database privilege controls the use of
computing resources. Database privilege does not apply to the Database
administrator of the database.

System Privileges —
A system privilege is the right to perform an activity on a specific type of
object. for example, the privilege to delete rows of any table in a database is
system privilege. There are a total of 60 different system privileges.
System privileges allow users to CREATE, ALTER, or DROP the database
objects.

Object Privileges
An object privilege is a privilege to perform a specific action on a particular
table, function, or package. For example, the right to delete rows from a
table is an object privilege. For example, let us consider a row of table GPG
that contains the name of the employee who is no longer a part of the
organization, then deleting that row is considered as an object privilege.
Object privilege allows the user to INSERT, DELETE, UPDATE, or SELECT the
data in the database object.

Roles
A role is a mechanism that can be used to allow authorization. A person or a
group of people can be allowed a role or group of roles. By many roles, the
head can manage access privileges very easily. The roles are provided by
the database management system for easy and managed or controlled
privilege management.
Properties –
The following are the properties of the roles which allow easy privilege
management inside a database:
Reduced privilege Administration —
The user can grant the privilege for a group of users who are related
instead of granting the same set of privileges to the users explicitly.
Dynamic privilege management —
If the privilege of the group changes then, only the right of role needs to be
changed.
Application-specific security —
The user can also protect the use of a role by using a password.
Applications can be created to allow a role when entering the correct and
best password. Users are not allowed the role if they do not know about the
password.
Recovery techniques
Recovery techniques are heavily dependent upon the existence of a special
file known as a system log. It contains information about the start and end
of each transaction and any updates which occur in the transaction. The
log keeps track of all transaction operations that affect the values of
database items. This information is needed to recover from transaction
failure.
 The log is kept on disk start_transaction(T): This log entry records that

transaction T starts the execution.

 read_item(T, X): This log entry records that transaction T reads the

value of database item X.

 write_item(T, X, old_value, new_value): This log entry records that

transaction T changes the value of the database item X from old_value

to new_value. The old value is sometimes known as a before an image of
X, and the new value is known as an afterimage of X.
 commit(T): This log entry records that transaction T has completed all

accesses to the database successfully and its effect can be committed

(recorded permanently) to the database.
 abort(T): This records that transaction T has been aborted.

 checkpoint: Checkpoint is a mechanism where all the previous logs are

removed from the system and stored permanently in a storage disk.

Checkpoint declares a point before which the DBMS was in consistent
state, and all the transactions were committed.

A transaction T reaches its commit point when all its operations that
access the database have been executed successfully i.e. the transaction
has reached the point at which it will not abort (terminate without
completing). Once committed, the transaction is permanently recorded in
the database. Commitment always involves writing a commit entry to the
log and writing the log to disk. At the time of a system crash, item is
searched back in the log for all transactions T that have written a
start_transaction(T) entry into the log but have not written a commit(T)
entry yet; these transactions may have to be rolled back to undo their
effect on the database during the recovery process

 Undoing – If a transaction crashes, then the recovery manager may

undo transactions i.e. reverse the operations of a transaction. This
involves examining a transaction for the log entry write_item(T, x,
old_value, new_value) and setting the value of item x in the database to
old-value.There are two major techniques for recovery from non-
catastrophic transaction failures: deferred updates and immediate
updates.
 Deferred update – This technique does not physically update the
database on disk until a transaction has reached its commit point.
Before reaching commit, all transaction updates are recorded in the
local transaction workspace. If a transaction fails before reaching its
commit point, it will not have changed the database in any way so UNDO
is not needed. It may be necessary to REDO the effect of the operations
that are recorded in the local transaction workspace, because their
effect may not yet have been written in the database. Hence, a deferred
update is also known as the No-undo/redo algorithm
 Immediate update – In the immediate update, the database may be
updated by some operations of a transaction before the transaction
reaches its commit point. However, these operations are recorded in a
log on disk before they are applied to the database, making recovery
still possible. If a transaction fails to reach its commit point, the effect
 of its operation must be undone i.e. the transaction must be rolled back
hence we require both undo and redo. This technique is known
as undo/redo algorithm.
 Caching/Buffering – In this one or more disk pages that include data

items to be updated are cached into main memory buffers and then
updated in memory before being written back to disk. A collection of in-
memory buffers called the DBMS cache is kept under control of DBMS
for holding these buffers. A directory is used to keep track of which
database items are in the buffer. A dirty bit is associated with each
buffer, which is 0 if the buffer is not modified else 1 if modified.
 Shadow paging – It provides atomicity and durability. A directory with n

entries is constructed, where the ith entry points to the ith database
page on the link. When a transaction began executing the current
directory is copied into a shadow directory. When a page is to be
modified, a shadow page is allocated in which changes are made and
when it is ready to become durable, all pages that refer to original are
updated to refer new replacement page.
Some of the backup techniques are as follows :
 Full database backup – In this full database including data and database,
Meta information needed to restore the whole database, including full-
text catalogs are backed up in a predefined time series.
 Differential backup – It stores only the data changes that have occurred
since last full database backup. When same data has changed many
times since last full database backup, a differential backup stores the
most recent version of changed data. For this first, we need to restore
a full database backup.
 Transaction log backup – In this, all events that have occurred in the
database, like a record of every single statement executed is backed up.
It is the backup of transaction log entries and contains all transaction
that had happened to the database. Through this, the database can be
recovered to a specific point in time. It is even possible to perform a
backup from a transaction log if the data files are destroyed and not
even a single committed transaction is lost .
 OUTPUT OF MICROPROJECT

 We did a brief and knowledgeable

survey on database security , backups
and recovery.

 understood the need of data security.

 Came to know about different database

user.

 Understood to protect and secure the

database and studied different
database privileges.

 Learned and understood the importance

of database backup and recovery
verified causes of failure and and used
some recovery techniques.
 Learning Outcomes of Microproject

 Have a broad understanding of database concepts and

database management system software.
 have a high-level understanding of major DBMS
components and their function
 be able to model an application’s data requirements using
conceptual modeling tools like ER diagrams and design
database schemas based on the conceptual model.
 be able to write SQL commands to create tables and
indexes, insert/update/delete data, and query data in a
relational DBMS.
 be able to program a data-intensive application using
DBMS APIs
 We understod transactions and their properties (ACID)
 We understood the anomalies that occur without ACID
 We understood the locking protocols used to ensure
Isolation
 We understood the logging techniques used to ensure
Atomicity and Durability
 We understood Recovery techniques used to recover
from crashes.
 Applications

RAILWAY RESERVATION SYSTEM

LIBRARY MANAGEMENT SYSTEM
BANKING
EDUCATION SECTOR
SREDIT CARD EXCHANGES
SOCIAL MEDIA SITES
BROADCAST COMMUNICATIONS
ACCOUNT