Database Systems and Security

Introduction to Databases

Evrad KAMTCHOUM

CENTER FOR CYBERSECURITY AND MATHEMATICAL CRYPTOLOGY - THE

UNIVERSITY OF BAMENDA

October 10, 2024

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 1 / 44

Contents

1 Course Overview

2 Prerequisites and Outcomes

3 Definition and importance of databases

4 Evolution of database systems

5 Role of databases in modern applications

6 Database Architecture and Components

Components of a Database System
Client-Server and Distributed Architectures

7 Conclusion

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 2 / 44

 Course Overview

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 3 / 44

Course Overview

Introduction to Databases
Relational Data Model
SQL Fundamentals
Database Design and Modeling
Advanced Database Design and Query Optimization
Database Security Fundamentals
Access Control Mechanisms
Database Encryption and Privacy
Vulnerability Assessment and Penetration Testing
Secure Database Development and Best Practices
Compliance and Legal Aspects of Database Security
Emerging Trends in Database Security

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 4 / 44

 Prerequisites and Outcomes

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 5 / 44

Prerequisites

Basic Computer Skills

Programming Fundamentals
Mathematics (Algebra, Set Theory)
Data Structures and Algorithms
College-level Coursework
Database Basics (Optional)

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 6 / 44

Outcomes
Understanding of Database Concepts: Students will gain a solid understanding of
fundamental database concepts, including data modeling, relational databases, and
database design principles.
Proficiency in SQL: Students will become proficient in writing SQL queries for data
manipulation and retrieval, enabling them to work with relational databases effectively.
Database Design Skills: Students will learn how to design efficient and scalable database
schemas using normalization techniques and entity-relationship modeling.
Understanding of Security Threats and Vulnerabilities: Identify and explain common
security threats, vulnerabilities, and attack vectors (e.g., SQL injection, privilege
escalation) in database systems. Evaluate the potential risks and security challenges in
various database environments.
Implementation of Database Security Measures: Apply security best practices, including
role-based access control (RBAC), encryption, auditing, and backup security, to protect
database systems from unauthorized access and data breaches. Secure databases against
common attacks by configuring security policies and mitigating vulnerabilities.
Practical Database Security Skills: Conduct vulnerability assessments and penetration
testing on database systems, identifying security weaknesses and proposing appropriate
remediation strategies. Implement cryptographic techniques for securing data-at-rest and
data-in-transit within databases, ensuring compliance with data protection regulations.
Ability to Respond to Security Incidents: Develop an incident response plan specific to
database security, including forensic techniques for analyzing breaches and implementing
remediation strategies. Use database security tools to detect, analyze, and mitigate
potential security incidents.
Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 7 / 44
 Definition and importance of databases

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 8 / 44

Definition of Databases

Definition (Database)
A database is a structured collection of data organized for efficient
retrieval, storage, and management. It typically consists of one or more
tables where each table is comprised of rows and columns, with each
column representing a specific attribute of the data.

Examples
Consider a university database system. It may contain tables for students,
courses, instructors, and enrollments. Each table would have attributes
such as student ID, course code, instructor name, etc. This database
allows the university to efficiently manage student records, course
offerings, and academic information.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 9 / 44

Importance of Databases

Databases play a crucial role in modern information systems for several reasons:
Efficient Data Storage: Databases provide a structured and organized way to store large
volumes of data efficiently.
Data Retrieval: They allow for quick and easy retrieval of specific information, enabling
faster decision-making.
Data Integrity: Databases ensure data integrity by enforcing constraints and rules,
reducing the risk of errors and inconsistencies.
Concurrent Access: Multiple users can access and manipulate data simultaneously,
facilitating collaboration and scalability.
Security: Databases offer robust security features to protect sensitive information from
unauthorized access and manipulation.
Supporting decision-making processes by providing timely and accurate information.
Facilitating collaboration and data sharing among users.
In conclusion, databases are fundamental to modern computing and information systems. They
provide a structured and efficient way to store, retrieve, and manage data, enabling
organizations to make informed decisions, improve productivity, and enhance collaboration.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 10 / 44

Components of Databases

Databases consist of several key components:

Tables: Data is organized into tables, which consist of rows and
columns.
Relationships: Tables can be related to each other through common
fields.
Queries: Queries are used to retrieve specific data from the database.
Indexes: Indexes improve the performance of queries by speeding up
data retrieval.
Constraints: Constraints enforce rules and maintain data integrity.
Transactions: Transactions ensure the atomicity, consistency,
isolation, and durability (ACID properties) of database operations.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 11 / 44

Types of Databases

There are several types of databases, including:

Relational Databases
NoSQL Databases
Object-Oriented Databases
Graph Databases
Document Databases
Key-Value Stores
Each type has its own data model and characteristics suited for specific
use cases.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 12 / 44

The Big Landscape of Database Systems

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 13 / 44

NoSQL Systems

Definition
NoSQL (Not Only SQL) systems are a category of database management
systems that diverge from traditional relational database management
systems (RDBMS) in favor of flexibility, scalability, and performance in
dealing with large volumes of unstructured or semi-structured data.

Characteristics
NoSQL systems are characterized by:
Schema flexibility: They do not require a fixed schema, allowing for easy storage of
heterogeneous data types.
Scalability: NoSQL databases are designed to scale horizontally across distributed
clusters, enabling them to handle massive amounts of data and high transaction loads.
High availability: They often provide built-in fault tolerance and replication mechanisms
to ensure continuous availability, even in the event of node failures.
Performance: NoSQL databases are optimized for specific use cases, such as real-time
analytics, caching, or content management, often offering superior performance compared
to traditional RDBMS.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 14 / 44

NoSQL Systems (2)

Types of NoSQL Databases

There are several types of NoSQL databases, including:
Document-oriented databases: Stores and retrieves
semi-structured data as documents (e.g., MongoDB).
Key-value stores: Simplest NoSQL model, storing data as key-value
pairs (e.g., Redis).
Column-family stores: Organizes data into columns instead of rows
(e.g., Apache Cassandra).
Graph databases: Designed for managing and querying graph-like
data structures (e.g., Neo4j).
Multi-model NoSQL databases: Designed to support multiple data
models within a single database system.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 15 / 44

Object-Oriented Databases

Introduction
Object-Oriented Databases (OODBMS) are database management
systems that store data as objects, integrating database functionality with
object-oriented programming concepts such as encapsulation, inheritance,
and polymorphism.

Key Concepts
Objects: In OODBMS, data is represented as objects, which encapsulate both data and
behavior.
Classes: Objects are instances of classes, defining the structure and behavior of objects.
Inheritance: Objects can inherit attributes and methods from parent classes, promoting
code reuse and modularity.
Polymorphism: Objects can exhibit different behaviors based on their type, allowing for
flexible and dynamic interactions.
Object Identity: Each object in the database has a unique identity, allowing for precise
manipulation and referencing.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 16 / 44

Object-Oriented Databases (2)

Advantages
Object-Oriented Databases offer several advantages:
Native Representation: They provide a natural mapping between
application objects and database objects, simplifying development and
maintenance.
Complex Data Modeling: OODBMS support complex data
structures and relationships, making them suitable for applications
with intricate data models.
Improved Performance: By directly accessing objects, OODBMS
can offer improved performance compared to relational databases for
certain use cases.
Schema Evolution: They support schema evolution, allowing for
dynamic changes to the database structure without disrupting
existing data.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 17 / 44

Object-Oriented Databases (3)
Challenges
Despite their advantages, OODBMS also pose challenges:
Lack of Standardization: OODBMS lack a widely adopted standard, leading to
interoperability issues and vendor lock-in.
Limited Tooling: Development tools and frameworks for OODBMS are less mature
compared to relational databases.
Performance Trade-offs: While OODBMS offer performance benefits for certain
scenarios, they may suffer in terms of scalability and efficiency for others.

Examples
ObjectDB: ObjectDB is a commercial object database management system for Java
applications. It supports JPA (Java Persistence API) and provides transparent persistence
for Java objects.
db4o: db4o is an open-source object database management system written in Java and
.NET. It provides a simple API for storing and retrieving objects directly from the
database.
Versant Object Database: Versant Object Database is a high-performance commercial
OODBMS designed for complex, mission-critical applications. It offers scalability, fault
tolerance, and advanced querying capabilities.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 18 / 44

 Evolution of database systems

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 19 / 44

Evolution of Database Systems

Introduction
The evolution of database systems spans several decades, characterized by
significant advancements in data management technologies and
methodologies. In this section, we will explore the key milestones and
trends in the evolution of database systems.

Hierarchical and Network Models: 1960s-1970s

Hierarchical and network database models dominated the scene.
Data was organized in tree-like structures (hierarchical) or complex
interconnected graphs (network).
These models were rigid and lacked flexibility, making data
management cumbersome.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 20 / 44

Relational Model

1970s-1980s
Edgar F. Codd introduced the relational model in the early 1970s.
Relational databases offered a more flexible and intuitive way to
model data using tables, rows, and columns.
SQL (Structured Query Language) emerged as the standard language
for querying and manipulating relational databases.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 21 / 44

Client-Server Architecture

1980s-1990s
Client-server architecture became prevalent, separating the database
server from the application clients.
This architecture improved scalability, performance, and
manageability of database systems.
Relational database management systems (RDBMS) like Oracle, IBM
DB2, and Microsoft SQL Server gained widespread adoption.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 22 / 44

Distributed and Parallel Databases

1990s-2000s
With the growth of the internet and globalization, distributed and
parallel database systems emerged.
These systems distributed data across multiple nodes or processed
queries in parallel for improved scalability and performance.
Examples include Google’s Bigtable, Amazon’s DynamoDB, and
Apache Hadoop.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 23 / 44

NoSQL and NewSQL

2000s-Present
NoSQL databases, designed for handling unstructured and
semi-structured data at scale, gained popularity.
NewSQL databases emerged, combining the scalability of NoSQL
with the ACID guarantees of traditional relational databases.
Examples include MongoDB, Cassandra, and CockroachDB.

Summary
The evolution of database systems has been marked by a progression from
hierarchical and network models to relational databases, client-server
architectures, and distributed systems. Today, the landscape includes a
diverse array of database technologies tailored to specific use cases and
requirements.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 24 / 44

 Role of databases in modern applications

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 25 / 44

Role of Databases in Modern Applications

Introduction
Databases play a crucial role in modern applications, serving as the
backbone for storing, managing, and retrieving data. In this presentation,
we’ll explore the various ways databases contribute to the functionality and
success of modern applications.

Structured Data Storage

Databases provide structured storage for various types of data,
including user information, product catalogs, transaction records, and
more.
They offer efficient mechanisms for organizing and indexing data,
enabling fast and scalable data retrieval.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 26 / 44

Data Retrieval

Efficient Data Retrieval

Databases allow applications to retrieve specific data quickly using
queries, filters, and indexes.
Advanced querying capabilities, such as joins, aggregates, and sorting,
enable complex data analysis and reporting.

Ensuring Data Integrity

Databases enforce data integrity through constraints, validations, and
transactions.
Constraints ensure that data meets specified rules and requirements,
maintaining consistency and accuracy.
Transactions provide atomicity, consistency, isolation, and durability
(ACID properties), ensuring reliable and predictable data operations.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 27 / 44

Concurrent Access

Supporting Concurrent Access

Databases support simultaneous access from multiple users or
applications, allowing for concurrency control.
Locking mechanisms, isolation levels, and transaction management
ensure data consistency and prevent conflicts in concurrent
environments.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 28 / 44

Security

Ensuring Data Security

Databases offer robust security features to protect sensitive data from
unauthorized access, manipulation, and breaches.
Authentication, authorization, encryption, and auditing mechanisms
safeguard data privacy and integrity.

Summary
Databases serve as the foundation for modern applications, facilitating
data storage, retrieval, integrity, concurrency, and security. Their role in
application development and operations is indispensable, enabling
businesses to deliver reliable, scalable, and secure software solutions.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 29 / 44

 Database Architecture and Components

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 30 / 44

What is Database Architecture?

The framework that defines the design, implementation, operation,

and management of a database system.
Determines how data is stored, managed, and accessed.
Supports multi-user environments and ensures data consistency,
integrity, and security.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 31 / 44

Types of Database Architecture

Single-tier architecture:
Simplest model, where the database and application reside on the same
machine.
Two-tier architecture:
Client-server architecture, with a user interface on the client side and
the database on the server side.
Three-tier architecture:
Separates the presentation layer (UI), logic layer (business rules), and
data layer (DBMS).

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 32 / 44

Overview of Database Components

DBMS (Database Management System)

Database Engine
Query Processor
Transaction Management System
Data Storage
Metadata

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 33 / 44

Database Management System (DBMS)

Software that enables users to define, create, maintain, and control

access to the database.
Examples: MySQL, PostgreSQL, Oracle DB, Microsoft SQL Server.
Functions of DBMS:
Data definition and manipulation.
Security and access control.
Backup and recovery management.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 34 / 44

Database Engine

The core service that processes queries and transactions.

Responsible for data storage, retrieval, and update operations.
Manages the physical and logical data structures.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 35 / 44

Query Processor

Converts user queries into efficient execution plans.

Key components:
Parser: Validates syntax and generates a parse tree.
Optimizer: Determines the most efficient way to execute the query.
Executor: Runs the query on the database.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 36 / 44

Transaction Management System

Ensures the database remains in a consistent state despite system

failures or multiple user transactions.
Manages ACID properties (Atomicity, Consistency, Isolation,
Durability).
Supports concurrency control and deadlock resolution.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 37 / 44

Data Storage

Physical storage of data on disk.

Managed by the storage manager of the DBMS.
Data stored in tables, indexes, views, and files.
Data partitioning and replication for distributed databases.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 38 / 44

Metadata

Data that describes other data (data about data).

Stored in the data dictionary.
Contains information about tables, columns, indexes, users, and
privileges.
Crucial for database optimization and query processing.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 39 / 44

Client-Server Architecture

Client: User interface that sends requests to the server.

Server: Processes requests and returns the result to the client.
Benefits:
Centralized management.
Scalability.
Secure access to the database.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 40 / 44

Distributed Database Architecture

Database is distributed across multiple sites.

Improves availability, fault tolerance, and load balancing.
Data is partitioned or replicated across locations.
Challenges: Data consistency, synchronization, and latency.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 41 / 44

 Conclusion

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 42 / 44

Conclusion

Key Takeaways
Databases are structured collections of data organized for efficient storage, retrieval, and
management.
They play a fundamental role in modern information systems, enabling organizations to
store, manipulate, and analyze vast amounts of data.
The relational model, introduced by Edgar F. Codd, revolutionized data management by
providing a flexible and intuitive way to represent data using tables, rows, and columns.
Relational database management systems (RDBMS) like MySQL, PostgreSQL, and
Oracle are widely used in various applications and industries.
Recent developments such as NoSQL databases and NewSQL databases offer alternatives
to traditional relational databases, catering to specific use cases and scalability
requirements.
Database architecture defines the structure, design, and functioning of a database system.
Components include the DBMS, query processor, transaction manager, storage system,
and metadata.
Different architectures (client-server, distributed) serve various scalability, security, and
performance needs.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 43 / 44

Conclusion (2)

Future Directions
As data continues to grow in volume and complexity, database
technologies will evolve to address emerging challenges and
opportunities.
Advancements in areas such as distributed computing, cloud
computing, and artificial intelligence will influence the development of
next-generation database systems.
It’s essential for professionals in the field of data management to stay
updated with the latest trends and technologies to effectively harness
the power of data for innovation and decision-making.

Evrad KAMTCHOUM (CCMC (UBa)) Database Systems October 10, 2024 44 / 44