DBMS Topic 1: Database System

1. What is a Database?

A Database is a structured collection of data that allows easy access, management, and updating of data. It
stores real-world entities in the form of rows and columns (tables) and supports efficient querying.

Example: A university database might store student records, course Enrollments, grades, etc.

2. What is a Database System?

A Database System is a combination of:

 Database: The actual stored data.( structured :- relational DBMS consist tables

and unstructured:- ex webpages)

 Database Management System (DBMS): Software that manages and interacts with the database.

Purpose: To provide efficient, reliable, and secure access to large amounts of data, ensuring:

 Minimal redundancy

 Data consistency

 Easy retrieval

 Concurrent access

3. Characteristics of a DBMS

 C – Centralized control of data

 R – Reduced redundancy and inconsistency

 I – Integrity and security of data

 S – Support for data independence

 T – Transaction management

What is database design?

Database Design can be defined as a set of procedures or collection of tasks involving various steps taken to
implement a database. A good database design is important. It helps you get the right information when
you need it. Following are some critical points to keep in mind to achieve a good database design:

1. Data consistency and integrity must be maintained.

2. Low Redundancy

3. Faster searching through indices

4. Security measures should be taken by enforcing various integrity constraints.

DBMS Topic 2: File System

1 File system vs dbms

Feature File System DBMS 💾 🔑Code

Stores data in files with a hierarchical Manages structured data using tables &
Structure 234+2
structure. queries.

High – same data may exist in Low – due to normalization, reducing

Redundancy 234+2
multiple files. duplication.

Backup & ❌ No built-in backup or recovery

✅ Built-in tools to ensure data safety. 234+2
Recovery tools.

Low – no centralized control or High – uses constraints to maintain

Consistency 234+2
constraints. accuracy.

Complex – handles large, structured

Complexity Simple – good for basic storage. 234+2
data well.

S.R.B.C.C." – Smart Rabbits Build Clean Caves

Schema in DBMS

Definition:

A schema in DBMS is the logical design or structure of a database that defines how data is stored,
organized, and related within the database.

Key Points about Schema:

1. Describes tables – Names of tables, their columns, and data types.

2. Defines relationships – How tables are linked using keys (like foreign keys).

3. Specifies constraints – Like primary keys, unique constraints, etc.

4. Logical level – It works at the logical level, not the physical storage level.

Mnemonic:

S.C.H.E.M.A

 Structure of tables

 Constraints (PK, FK)

 How data is linked

 Entities and attributes

 Model of data

 Abstract view of database

Three-Schema Architecture (ANSI/SPARC Model)

  It divides the database system into three levels to separate user views from physical data storage.
This ensures data independence and flexibility.

Schema Level Description Concerned With Example

External User-specific views What the user sees Student sees only own data

Conceptual Logical design of the whole database What data is stored Tables and relationships

Internal Physical storage of data How data is stored Indexes, file formats

2 tier and 3 tier architecture

Feature 2-Tier Architecture 3-Tier Architecture

Layers Client, DB Server Client, Application Server, DB Server

Application Logic On Client On Middle Tier (App Server)

Scalability Low High

Maintenance Harder Easier

Security Lower Higher

Best for Small systems Large web apps

Disadvantages: 3-Tier Architecture

 More complex.

 Slightly slower due to extra layer.

 Components of DBMS
 A Database Management System (DBMS) consists of several key components that work
together to manage and utilize databases efficiently. The main components
include hardware, software, data, database access language, procedures, and users.

Data Independence in DBMS

 Data Independence means the ability to change the schema at one level of a database system
without affecting the schema at the next higher level.

Types of Data Independence

 🔹 1. Logical Data Independence

 ✅ Definition:
The ability to change the conceptual schema (like adding/removing fields or tables) without
changing the external schemas (user views or applications).
  2. Physical Data Independence
 ✅ Definition:
The ability to change the internal schema (how data is stored physically) without affecting the
conceptual schema (logical structure).

DBMS Topic 3: Data Models

What is a Data Model?

Data models in Database Management Systems (DBMS) are conceptual tools that help in understanding
and designing databases. They provide a clear picture of how data is organized, stored, accessed, and
updated within a database system.

Types of Data Models

1. Hierarchical Model: Data organized in a tree-like structure (parent-child).

Example: XML documents.

2. Network Model: More flexible; allows many-to-many relationships using graphs.

3. Relational Model: Uses tables (relations); most widely used today.

4. Entity-Relationship (ER) Model: Conceptual design tool using entities, attributes, and relationships.

5. Object-Oriented Model: Extends ER with encapsulation, inheritance, etc.

6. Semi-Structured Model: Schema-less data like JSON/XML.

Relational Model is dominant in modern databases.

DBMS Topic 4: Data Independence

1. What is Data Independence?

Ability to modify one level of schema without affecting the next level.

Types

 Logical Data Independence: Ability to change logical schema (e.g., add/remove columns) without
changing applications.

 Physical Data Independence: Ability to change physical storage (e.g., file organization, indexing)
without affecting logical schema.
Mnemonic:
Logical – Change in Layout
Physical – Change in Path or storage method

DBMS Topic 5: DBMS System Architecture

DBMS Topic 6: Components of DBMS

1. Query Processor

 Parses and executes SQL queries.

 Optimizes and translates queries into low-level operations.

2. Storage Manager

 Manages disk space and data access.

 Controls file and index organization.

3. Transaction Manager

 Ensures database consistency through ACID properties.

 Handles concurrency and failure recovery.

4. Buffer Manager

 Manages main memory buffers.

 Determines which data to cache or evict.

5. Metadata Manager

 Maintains the data dictionary (schema, indexes, users, etc.)

DBMS Topic 7: Relational Data Model

The relational model is one of the most widely used models. It organizes data into tables with rows and
columns, where each row represents a record and each column represents a field. This model is based on
the concept of relations and is designed to handle complex data relationships efficiently

Core Concepts

 Relation (Table): Set of tuples (rows).

 Tuple: A single row.

 Attribute: A column in a table.

 Schema: Description of the structure.

Keys

 Primary Key: Uniquely identifies each row.

  Candidate Key: Potential primary keys.

 Foreign Key: Refers to primary key in another table.

Important Properties:

 Tables must have atomic attributes.

 No duplicate tuples.

 Tuples are unordered; so are attributes.

DBMS Topic 8: Relational Database Design

Relational Database Design (RDD) is a process that organizes data into tables consisting of rows and
columns, where each row represents a record and each column represents an attribute or field of the
record.

 Entity-Relationship Diagram (ERD): A tool used to visualize entities and their relationships, helping
to clarify the structure of the database.8

 Normalization: A process to reduce data redundancy and improve data integrity by organizing data
into tables and columns.28

 Primary Key: A column or set of columns that uniquely identifies each row in a table.8

 Foreign Key: A column in a table that references the primary key of another table, used to establish
relationships between tables

Normalization in DBMS

✅ Definition:

Normalization is the process of organizing data in a database to:

  Reduce data redundancy (duplicate data)

 Ensure data integrity (accuracy and consistency)

It breaks large tables into smaller, related tables and defines relationships between them using keys.

Normal Forms  Aunt → Atomic → 1NF

 1NF: Atomic attributes [Link] multivalued  Polly → Partial → 2NF
 2NF: No partial dependency.  Takes → Transitive → 3NF
 3NF: No transitive dependency.  Big → BCNF (Candidate Key)
 BCNF: Stronger form of 3NF. LHS must be CK or Sk  Milk → Multivalued → 4NF
 4NF: Removes multi-valued dependency.  Jugs → Join Dependency → 5NF
 5NF: Removes join dependency.

Functional Dependency

If A → B, then knowing A means you can determine B.

Design Goals

 Lossless decomposition

 Dependency preservation

 Avoid redundancy

DBMS Topic 9: Data Storage and Indexing

1. File Organization

 Heap file: Unordered.

 Sequential file: Ordered.

 Hashing: Quick access using hash functions.

2. Indexing

Improves speed of data retrieval.

 Primary Index: Based on primary key.

 Secondary Index: On non-primary attributes.

 Clustered Index: Table data stored in the same order as the index.

 B+ Trees: Balanced tree structure used for dynamic data.

3. Query Optimization

 Estimate cost of operations (disk I/O, CPU time)

 Use equivalence rules to reorder joins/selections

DATA STORAGE IN DBMS

Mnemonic Storage Type Examples & Purpose

Rich Registers & Cache (Primary) Fastest, inside CPU for immediate use

Cats RAM/Main Memory (Primary) Fast access to active data and programs

Make Magnetic/SSD Disks (Secondary) Moderate speed, stores OS, DB, files

Tiny Tapes & Optical Disks (Tertiary) Slow but cheap, used for backups/archive

Clouds Cloud Storage (Quaternary) Remote, internet-based, scalable & reliable

Computer Security – Complete Notes

1. Overview of Security Threats and Vulnerabilities

Security Threat

A threat is a potential cause of an unwanted impact to a system or organization.

Types of Threats

1. Interruption – Service unavailable (e.g., DoS attack).

2. Interception – Unauthorized access (e.g., eavesdropping).

3. Modification – Unauthorized changes (e.g., man-in-the-middle attack).

4. Fabrication – Fake data insertion (e.g., spoofing).

Vulnerability

A vulnerability is a weakness or flaw in the system that can be exploited by a threat.

Examples:

 Poor password policies

 Unpatched software

 Insecure network protocols

Key Point:
Threats exploit vulnerabilities to cause risks to security.

2. Malware: Viruses, Worms, Trojan Horses

Malware = Malicious + Software

Virus

 Attaches to files or programs.

 Needs human action to spread (like opening a file).

 Can delete data, corrupt files, or slow systems.

Worm

 Self-replicating.

 Spreads through networks automatically.

 Slows down or crashes systems due to excessive replication.

Trojan Horse

 Disguises as legitimate software.

 Opens backdoors for attackers.

 Common in pirated software and email attachments.

Type Self-Replicating Requires User Action Damage Potential

Virus Yes Yes High

Worm Yes No Medium–High

Trojan No Yes (to install) Very High

Mnemonic:
Virus = Victim-dependent
Worm = Wanders on its own
Trojan = Trickware

3. Security Countermeasures

Definition:

Actions or tools that reduce or eliminate risks from threats.

Types of Countermeasures

1. Technical Controls: Firewalls, antivirus, encryption.

2. Physical Controls: Locks, surveillance, restricted access.

3. Administrative Controls: Policies, training, audit logs.

Best Practices

 Regular software updates

 Multi-factor authentication

 User training

 Least privilege principle

 Backup and disaster recovery planning

4. Intrusion Detection

What is Intrusion Detection?

Process of monitoring system/network activities for malicious actions or policy violations.

Types of IDS (Intrusion Detection Systems)

1. Host-based IDS (HIDS):

o Monitors a single host or device

o Tracks system calls, file integrity, logins

2. Network-based IDS (NIDS):

o Monitors network traffic

 o Analyzes packets using sniffers

Detection Techniques

 Signature-based: Matches known attack patterns.

 Anomaly-based: Detects deviations from normal behavior.

Limitation:
IDS detects – it doesn’t prevent. (That’s done by IPS – Intrusion Prevention System)

5. Antivirus Software

Definition:

Software that scans, detects, and removes malicious programs (malware).

Functions

 Real-time scanning

 Quarantine infected files

 Heuristic analysis (detect unknown threats)

 Automatic updates for threat definitions

Limitations

 Cannot detect 0-day threats perfectly

 Needs regular updates

 May slow down system

Popular Tools: Avast, Norton, Quick Heal, Windows Defender

6. Information Security

Definition

Protecting information from unauthorized access, modification, disclosure, or destruction.

Key Objectives (CIA Triad)

1. Confidentiality – Only authorized users access the data.

2. Integrity – Data is accurate and unaltered.

3. Availability – Data is accessible when needed.

Other Principles

 Authentication – Verifying user identity.

 Non-repudiation – Ensures a user cannot deny actions (digital signatures).

  Accountability – Tracking user actions through logs.

7. Privacy

Definition

Privacy is the right of individuals to control how their personal data is collected, used, and shared.

Privacy Risks

 Tracking without consent

 Unauthorized data sales

 Data breaches

Data Protection Measures

 Data anonymization

 Access controls

 Consent forms

 Privacy policies

Example Laws:

 GDPR (Europe)

 IT Act 2000 (India – amended with data protection rules)

8. Ethical Issues

What are Ethical Issues?

Moral principles that govern how data and information systems should be used.

Key Ethical Concerns

 Data misuse

 Unauthorized surveillance

 Intellectual property theft

 Employee monitoring

Guiding Principles

 Respect privacy

 Be transparent

 Don’t misuse data access

 Protect intellectual property

Real-World Example: Cambridge Analytica scandal (Facebook data misuse)

9. Ethical Hacking

Definition

Ethical hacking involves testing systems for vulnerabilities legally and ethically to strengthen security.

Types of Hackers

 White Hat – Ethical hackers

 Black Hat – Malicious hackers

 Grey Hat – In-between

Purpose of Ethical Hacking

 Penetration testing

 Vulnerability scanning

 Risk assessment

 Improving defenses

Tools Used:
Kali Linux, Nmap, Wireshark, Metasploit

10. Ethical Issues in Information Security and Privacy

Key Conflicts

 Security vs. Privacy: Surveillance can protect security but invade privacy.

 Access vs. Authorization: Who decides what’s ethical use of data?

 Employee Rights: Should companies monitor employee behavior online?

Resolution Strategies

 Adopt fair-use policies

 Transparent communication

 Legal compliance (e.g., GDPR, IT Act)

ADDITIONAL NOTES

DBMS – Characteristics of the Database Approach

1. Data Abstraction: Three-level architecture separates user view from data storage.
 2. Minimal Redundancy: Centralized control avoids duplication.

3. Data Integrity: Constraints ensure valid and consistent data.

4. Security: Access controls protect sensitive data.

5. Data Independence: Logical and physical independence make schema changes easy.

6. Concurrent Access: Supports multiple users simultaneously with consistency.

7. Backup and Recovery: Mechanisms ensure data safety after failures.

8. Data Sharing: Centralized DB allows sharing among multiple applications.

Computer Security – Security Management

Definition:

Security Management involves planning, implementing, and monitoring security policies to protect an
organization’s assets (data, software, hardware).

Objectives:

 Ensure confidentiality, integrity, and availability (CIA triad)

 Prevent, detect, and respond to cyber threats

 Define and enforce security policies

Key Components:

1. Risk Assessment

o Identify vulnerabilities and threats

o Assess their impact and likelihood

2. Security Policies

o Written rules on acceptable use, access control, password management, etc.

3. Incident Response Plan

o Steps to follow when a breach occurs (contain, analyze, recover, report)

4. Access Control

o Role-Based Access Control (RBAC), Mandatory Access Control (MAC), Discretionary Access
Control (DAC)

5. Monitoring and Auditing

o Log management, anomaly detection, security audits

6. User Training
 o Awareness programs to prevent phishing, malware, and data misuse

Tools and Techniques:

 Firewalls, IDS/IPS, Antivirus

 Encryption tools

 Security Information and Event Management (SIEM)

Security Management Cycle:

1. Plan → 2. Implement → 3. Monitor → 4. Improve