Views, Indexes, Authorization. Views. Views 8/6/18. Virtual and Materialized Views Speeding Accesses to Data Grant/Revoke Priviledges

Similar documents
Transactions, Views, Indexes. Controlling Concurrent Behavior Virtual and Materialized Views Speeding Accesses to Data

Introduction to Transactions: Controlling Concurrent "Behavior" Virtual and Materialized Views" Indexes: Speeding Accesses to Data"

Grouping Operator. Applying γ L (R) Recall: Outerjoin. Example: Grouping/Aggregation. γ A,B,AVG(C)->X (R) =??

Databases 1. Defining Tables, Constraints

Chapter 10 Advanced topics in relational databases

Instructor: Jinze Liu. Fall 2008

Introduction to SQL. Multirelation Queries Subqueries. Slides are reused by the approval of Jeffrey Ullman s

Constraints, Views & Indexes. Running Example. Kinds of Constraints INTEGRITY CONSTRAINTS. Keys Foreign key or referential integrity constraints

SQL Continued! Outerjoins, Aggregations, Grouping, Data Modification

Introduction to SQL. Select-From-Where Statements Multirelation Queries Subqueries. Slides are reused by the approval of Jeffrey Ullman s

EXTENDED RELATIONAL ALGEBRA OUTERJOINS, GROUPING/AGGREGATION INSERT/DELETE/UPDATE

INDEXES MICHAEL LIUT DEPARTMENT OF COMPUTING AND SOFTWARE MCMASTER UNIVERSITY

More SQL. Extended Relational Algebra Outerjoins, Grouping/Aggregation Insert/Delete/Update

Chapter 6 The database Language SQL as a tutorial

Introduction to SQL. Select-From-Where Statements Multirelation Queries Subqueries

Introduction to SQL SELECT-FROM-WHERE STATEMENTS SUBQUERIES DATABASE SYSTEMS AND CONCEPTS, CSCI 3030U, UOIT, COURSE INSTRUCTOR: JAREK SZLICHTA

SQL DATA DEFINITION LANGUAGE

SQL DATA DEFINITION LANGUAGE

Constraints. Local and Global Constraints Triggers

Chapter 2 The relational Model of data. Relational model introduction

SQL DATA DEFINITION LANGUAGE

CS54100: Database Systems

SQL: Data Definition Language

Chapter 6 The database Language SQL as a tutorial

Likesèdrinker, beerè. Sellsèbar, beer, priceè. Frequentsèdrinker, barè

Why SQL? SQL is a very-high-level language. Database management system figures out best way to execute query

Databases-1 Lecture-01. Introduction, Relational Algebra

CSC 343 Winter SQL: Aggregation, Joins, and Triggers MICHAEL LIUT

CSCI3030U Database Models

SQL: Data Manipulation Language

Constraints and Triggers

Chapter 7: Constraints and Triggers. Foreign Keys Local and Global Constraints Triggers

Subqueries. Must use a tuple-variable to name tuples of the result

Database Design and Programming

CS 464/564 Introduction to Database Management System Instructor: Abdullah Mueen

CS145 Introduction. About CS145 Relational Model, Schemas, SQL Semistructured Model, XML

From E/R Diagrams to Relations

CS54100: Database Systems

Most database operations involve On- Line Transaction Processing (OTLP).

On-Line Application Processing

CS 317/387. A Relation is a Table. Schemas. Towards SQL - Relational Algebra. name manf Winterbrew Pete s Bud Lite Anheuser-Busch Beers

Warehousing. Data Mining

Entity-Relationship Model. Purpose of E/R Model

CSCD43: Database Systems Technology. Lecture 4

Schedule. Today: Feb. 21 (TH) Feb. 28 (TH) Feb. 26 (T) Mar. 5 (T) Read Sections , Project Part 6 due.

A tuple is dangling if it doesn't join with any

ENTITY-RELATIONSHIP MODEL

types, but key declarations and constraints Similar CREATE X commands for other schema ëdrop X name" deletes the created element of beer VARCHARè20è,

Entity-Relationship Model

Security and Authorization

Design Techniques. 1. Avoid redundancy 2. Limit the use of weak entity sets 3. Don t use an entity set when an attribute will do

Database System Concepts"

Debapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata

Database Security Lecture 10

COSC 304 Introduction to Database Systems. Views and Security. Dr. Ramon Lawrence University of British Columbia Okanagan

SQL. The Basics Advanced Manipulation Constraints Authorization 1. 1

Relational Query Languages

e e Conceptual design begins with the collection of requirements and results needed from the database (ER Diag.)

Relational Algebra and SQL. Basic Operations Algebra of Bags

Creating Tables, Defining Constraints. Rose-Hulman Institute of Technology Curt Clifton

Chapter 1 SQL and Data

Outline. CS 235: Introduction to Databases. DB Application Programming. Interface Solutions. Basic PSM Form. Persistent Stored Modules

E/R Diagrams! Converting E/R Diagrams to Relations!

SQL Functionality SQL. Creating Relation Schemas. Creating Relation Schemas

Beersèname, manfè. Likesèdrinker, beerè. Sellsèbar, beer, priceè. Frequentsèdrinker, barè

Relational Algebra. Algebra of Bags

Contains slides made by Naci Akkøk, Pål Halvorsen, Arthur M. Keller, Vera Goebel

Announcements (September 21) SQL: Part III. Triggers. Active data. Trigger options. Trigger example

Logical Query Languages. Motivation: 1. Logical rules extend more naturally to. recursive queries than does relational algebra. Used in SQL recursion.

Conceptual Design with ER Model

Views. COSC 304 Introduction to Database Systems. Views and Security. Creating Views. Views Example. Removing Views.

The Relational Model

Database Security Overview. Murat Kantarcioglu

Textbook: Chapter 4. Chapter 5: Intermediate SQL. CS425 Fall 2016 Boris Glavic. Chapter 5: Intermediate SQL. View Definition.

Databases 1. SQL/PSM and Oracle PL/SQL

Debapriyo Majumdar DBMS Fall 2016 Indian Statistical Institute Kolkata

Relational Algebra BASIC OPERATIONS DATABASE SYSTEMS AND CONCEPTS, CSCI 3030U, UOIT, COURSE INSTRUCTOR: JAREK SZLICHTA

Database Management System Dr. S. Srinath Department of Computer Science & Engineering Indian Institute of Technology, Madras Lecture No.

I Relational Database Modeling how to define

CS425 Fall 2017 Boris Glavic Chapter 5: Intermediate SQL

I Relational Database Modeling how to define

Chapter 4: Intermediate SQL

Design Theory for Relational Databases

SQL: Concepts. Todd Bacastow IST 210: Organization of Data 2/17/ IST 210

Database Programming with PL/SQL

CSE 565 Computer Security Fall 2018

SQL: Part III. Announcements. Constraints. CPS 216 Advanced Database Systems

CS W Introduction to Databases Spring Computer Science Department Columbia University

Running Example Tables name location

Chapter 2 The relational Model of data. Relational algebra

Physical Design. Elena Baralis, Silvia Chiusano Politecnico di Torino. Phases of database design D B M G. Database Management Systems. Pag.

1 Relational Data Model

Outerjoins, Constraints, Triggers

The Relational Model. Chapter 3. Comp 521 Files and Databases Fall

PostgreSQL Documentation. Fast Backward

Access Control. Access control: ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions

Database Management System Dr. S. Srinath Department of Computer Science & Engineering Indian Institute of Technology, Madras Lecture No.

Polls on Piazza. Open for 2 days Outline today: Next time: "witnesses" (traditionally students find this topic the most difficult)

Recap and Schedule. Till Now: Today: Ø Query Languages: Relational Algebra; SQL. Ø Datalog A logical query language. Ø SQL Recursion.

Chapter 4: Intermediate SQL

Transcription:

Views, Indexes, Authorization Virtual and Materialized Views Speeding Accesses to Data Grant/Revoke Priviledges 1 Views External Schema (Views) Conceptual Schema Physical Schema 2 Views A view is a relation defined in terms of stored tables (called base tables ) and other views. Two kinds: 1. Virtual = not stored in the database; just a query for constructing the relation. 2. Materialized = actually constructed and stored. 3 1

Declaring Views Declare by: CREATE [MATERIALIZED] VIEW <name> AS <query>; Default is virtual. 4 Example: View Definition Define CanDrink(drinker, beer) as a view containing the drinker-beer pairs such that the drinker frequents at least one bar that serves the beer: 5 Recall Our Running Example All our SQL queries will be based on the following database schema. o Underline indicates key attributes. Beers(name, manf) Bars(name, addr, license) Drinkers(name, addr, phone) Likes(drinker, beer) Sells(bar, beer, price) Frequents(drinker, bar) 6 2

Example: View Definition Define CanDrink(drinker, beer) as a view containing the drinker-beer pairs such that the drinker frequents at least one bar that serves the beer: CREATE VIEW CanDrink AS SELECT drinker, beer FROM Frequents, Sells WHERE Frequents.bar = Sells.bar; 7 Example: Accessing a View Query a view as if it were a base table. o Also: a limited ability to modify views if it makes sense as a modification of one underlying base table. Example query: SELECT beer FROM CanDrink WHERE drinker = Sally ; 8 Triggers on Views Generally, it is impossible to modify a virtual view, because it doesn t exist. But an INSTEAD OF trigger lets us interpret view modifications in a way that makes sense. Example: View Synergy has (drinker, beer, bar) triples such that the bar serves the beer, the drinker frequents the bar and likes the beer. 9 3

Example: The View CREATE VIEW Synergy AS Pick one copy of each attribute SELECT Likes.drinker, Likes.beer, Sells.bar FROM Likes, Sells, Frequents WHERE Likes.drinker = Frequents.drinker AND Likes.beer = Sells.beer AND Sells.bar = Frequents.bar; Natural join of Likes, Sells, and Frequents 10 Interpreting a View Insertion We cannot insert into Synergy --- it is a virtual view. But we can use an INSTEAD OF trigger to turn a (drinker, beer, bar) triple into three insertions of projected pairs, one for each of Likes, Sells, and Frequents. o Sells.price will have to be NULL. 11 The Trigger CREATE TRIGGER ViewTrig INSTEAD OF INSERT ON Synergy REFERENCING NEW ROW AS n FOR EACH ROW BEGIN INSERT INTO LIKES VALUES(n.drinker, n.beer); INSERT INTO SELLS(bar, beer) VALUES(n.bar, n.beer); INSERT INTO FREQUENTS VALUES(n.drinker, n.bar); END; 12 4

Materialized Views Problem: each time a base table changes, the materialized view may change. o Cannot afford to recompute the view with each change. Solution: Periodic reconstruction of the materialized view, which is otherwise out of date. 13 Example: A Data Warehouse Wal-Mart stores every sale at every store in a database. Overnight, the sales for the day are used to update a data warehouse = materialized views of the sales. The warehouse is used by analysts to predict trends and move goods to where they are selling best. 14 Indexes Index = data structure used to speed access to tuples of a relation, given values of one or more attributes. Could be a hash table, but in a DBMS it is always a balanced search tree with giant nodes (a full disk page) called a B-tree. 15 5

Declaring Indexes No standard! Typical syntax: CREATE INDEX BeerInd ON Beers(manf); CREATE INDEX SellInd ON Sells(bar, beer); 16 Using Indexes Given a value v, the index takes us to only those tuples that have v in the attribute(s) of the index. Example: use BeerInd and SellInd to find the prices of beers manufactured by Pete s and sold by Joe. (next slide) 17 Using Indexes --- (2) SELECT price FROM Beers, Sells WHERE manf = Pete s AND Beers.name = Sells.beer AND bar = Joe s Bar ; 1. Use BeerInd to get all the beers made by Pete s. 2. Then use SellInd to get prices of those beers, with bar = Joe s Bar 18 6

Database Tuning A major problem in making a database run fast is deciding which indexes to create. Pro: An index speeds up queries that can use it. Con: An index slows down all modifications on its relation because the index must be modified too. 19 Example: Tuning Suppose the only things we did with our beers database was: 1. Insert new facts into a relation (10%). 2. Find the price of a given beer at a given bar (90%). Then SellInd on Sells(bar, beer) would be wonderful, but BeerInd on Beers(manf) would be harmful. DBMS is not required to use an index even if you create it 20 Tuning Advisors A major research thrust. o Because hand tuning is so hard. An advisor gets a query load, e.g.: 1. Choose random queries from the history of queries run on the database, or 2. Designer provides a sample workload. 21 7

Tuning Advisors --- (2) The advisor generates candidate indexes and evaluates each on the workload. o Feed each sample query to the query optimizer, which assumes only this one index is available. o Measure the improvement/degradation in the average running time of the queries. 22 SQL Authorization Privileges Grant and Revoke Grant Diagrams 23 Authorization A file system identifies certain privileges on the objects (files) it manages. o Typically read, write, execute. A file system identifies certain participants to whom privileges may be granted. o Typically the owner, a group, all users. 24 8

Privileges (1) SQL identifies a more detailed set of privileges on objects (relations) than the typical file system. Nine privileges in all, some of which can be restricted to one column of one relation. 25 Privileges (2) Some important privileges on a relation: 1. SELECT = right to query the relation. 2. INSERT = right to insert tuples. May apply to only one attribute. 3. DELETE = right to delete tuples. 4. UPDATE = right to update tuples. May apply to only one attribute. 26 Example: Privileges For the statement below: INSERT INTO Beers(name) SELECT beer FROM Sells WHERE NOT EXISTS (SELECT * FROM Beers WHERE name = beer); beers that do not appear in Beers. We add them to Beers with a NULL manufacturer. We require privileges SELECT on Sells and Beers, and INSERT on Beers or Beers.name. 27 9

Database Objects The objects on which privileges exist include stored tables and views. Other privileges are the right to create objects of a type, e.g., triggers. Views form an important tool for access control. 28 Example: Views as Access Control We might not want to give the SELECT privilege on Emps(name, addr, salary). But it is safer to give SELECT on: CREATE VIEW SafeEmps AS SELECT name, addr FROM Emps; Queries on SafeEmps do not require SELECT on Emps, just on SafeEmps. 29 Authorization ID s A user is referred to by authorization ID, typically their login name. There is an authorization ID PUBLIC. o Granting a privilege to PUBLIC makes it available to any authorization ID. 30 10

Granting Privileges You have all possible privileges on the objects, such as relations, that you create. You may grant privileges to other users (authorization ID s), including PUBLIC. You may also grant privileges WITH GRANT OPTION, which lets the grantee also grant this privilege. 31 The GRANT Statement To grant privileges, say: GRANT <list of privileges> ON <relation or other object> TO <list of authorization ID s>; If you want the recipient(s) to be able to pass the privilege(s) to others add: WITH GRANT OPTION 32 Example: GRANT Suppose you are the owner of Sells. You may say: GRANT SELECT, UPDATE(price) ON Sells TO sally; Now Sally has the right to issue any query on Sells and can update the price component only. 33 11

Example: Grant Option Suppose we also grant: GRANT UPDATE ON Sells TO sally WITH GRANT OPTION; Now, Sally not only can update any attribute of Sells, but can grant to others the privilege UPDATE ON Sells. o Also, she can grant more specific privileges like UPDATE(price)ON Sells. 34 Revoking Privileges REVOKE <list of privileges> ON <relation or other object> FROM <list of authorization ID s>; Your grant of these privileges can no longer be used by these users to justify their use of the privilege. o But they may still have the privilege because they obtained it independently from elsewhere. 35 REVOKE Options We must append to the REVOKE statement either: 1. CASCADE. Now, any grants made by a revokee are also not in force, no matter how far the privilege was passed. 2. RESTRICT. If the privilege has been passed to others, the REVOKE fails as a warning that something else must be done to chase the privilege down. 36 12

Example: Grant Diagram AP** A: GRANT P TO B WITH GRANT OPTION BP* CP* B: GRANT P TO C WITH GRANT OPTION A owns the object on which P is a privilege CP A: GRANT P TO C 37 Grant Diagrams Nodes = user/privilege/grant option?/is owner? o UPDATE ON R, UPDATE(a) on R, and UPDATE(b) ON R live in different nodes. o SELECT ON R and SELECT ON R WITH GRANT OPTION live in different nodes. Edge X ->Y means that node X was used to grant Y. 38 Notation for Nodes Use AP for the node representing authorization ID A having privilege P. o P * = privilege P with grant option. o P ** = the source of the privilege P. I.e., A is the owner of the object on which P is a privilege. Note ** implies grant option. 39 13

Manipulating Edges (1) When A grants P to B, We draw an edge from AP * or AP ** to BP. o Or to BP * if the grant is with grant option. If A grants a subprivilege Q of P [say UPDATE(a) on R when P is UPDATE ON R] then the edge goes to BQ or BQ *, instead. 40 Manipulating Edges (2) Fundamental rule: User C has privilege Q as long as there is a path from XP ** to CQ, CQ *, or CQ **, and P is a superprivilege of Q. o Remember that P could be Q, and o X could be C. 41 Manipulating Edges (3) If A revokes P from B with the CASCADE option, delete the edge from AP to BP. But if A uses RESTRICT instead, and there is an edge from BP to anywhere, then reject the revocation and make no change to the graph. 42 14

Manipulating Edges (4) Having revised the edges, we must check that each node has a path from some ** node, representing ownership. Any node with no such path represents a revoked privilege and is deleted from the diagram. 43 Example: Grant Diagram AP** A: GRANT P TO B WITH GRANT OPTION BP* CP* B: GRANT P TO C WITH GRANT OPTION A owns the object on which P is a privilege CP A: GRANT P TO C 44 AP** BP* CP* CP Example: Grant Diagram A executes REVOKE P FROM B CASCADE; AP** BP* CP* Even had C passed P to B, both nodes are still cut off. Not only does B lose P*, but C loses P*. Delete BP* and CP*. CP However, C still has P without grant option because of the direct grant. 45 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback