Assignment

3
Course Title: Database Systems (CSE 351)

Submitted To:
Submitted by :
Mr. Ramandeep Singh Gurneet Singh
 RA1803 A43

PART – A

1. Consider R (A B C D) and FD’s are

A -> B
C -> B
D -> ABC
AC -> D

Find the minimal set ???

Solution:

Step1: try to have single value attributes on dependent side i.e R.H.S

Thus after applying ths rule we get the following FD set

A -> B
C -> B
D -> A
D -> B
D -> C
AC -> D
Step2: applicable to FD of the type X->Y
A FD X-> Y can be remved only if it can be derived from left set of FD.

• If we remove A->B then A+=A, A->B cannot be derived thus we cannot

remove A->B

• If we remove C->B then C+=C, C->B cannot be derived thus we cannot

remove C->B

• If we remove D->A then D+=DBC, D->A cannot be derived thus we cannot

remove D->A
 • If we remove D->B then D+=DABC, D->B can be derived thus we can remove
D->B

• If we remove D->C then D+=DAB, D->C cannot be derived thus we cannot

remove D->C

After applying step 2 we obtain following se t of FD:

A -> B
C -> B
D -> A
D -> C
AC -> D

Step3: applicable to FD of the form XY->Z

We have one such dependency AC -> D
• Remove A and compute closure of C
C+=CDAB
If we don’t remove A then closure of C
C+=CB
Thus A is permanent because C+ varies if we keep or remove A.
• Remove C and compute closure of A
A+=CDAB
If we don’t remove C then closure of A
A+=AB
Thus C is permanent because A+ varies if we keep or remove C.

Thus cant remove A or C

Hence minimal set is:
A -> B
C -> B
D -> A
D -> C
AC -> D

2. Consider R ( ABCDEFG) , FD’s are

BCD -> A
BC -> E
A -> F
F -> G
C -> D
A -> G
 Decompose upto BCNF ????

Solution:

Determine the primary key

BCD+=BCDAFGE

BC+=BCED

A+=AFG

F+=FG

C+=CD

Hence BCD contains all the attributes of the realtion R(ABCDEFG). Thus BCD is the
Primary KEy

The above FD’s are already in 1NF as there are no groups.

Now we will convert this into 2NF, for that we will remove the partial dependencies
that exist in the given FD set.

There are 2 partial dependencies

BC -> E
C -> D
Thus we remove the dependent from the relation R and create a new relation taking
a copy of its determinant.
i.e
in 2NF
BCE
CD
ABCFG

Now for converting it into 3NF we need to remove transitive dependencies, there are
3 of them

A -> F
F -> G
A -> G
Thus we remove the dependent from the relation R and create a new relation taking
a copy of its determinant.
i.e
in 3NF
AF
FG
AG
BCE
CD
ABCFG

Now all of the above keys are candidate keys in their relations. Hence the above 3NF
is already in BCNF.

3. In designing a Relational database, why might we choose a non-BCNF

design ?
Solution:
We prefer a non-BCNF design because in BCNF there are chances that we may
loose dependencies. BCNF is not always dependency preserving. Thus we
prefer 3NF more so that checking dependencies becomes easier.

T1 T2 T3
PART – B
READ(A)
4. A Schedule S : Is this Schedule Conflict
Schedule S READ(B)
Serializable ? If yes, What is the
WRITE(A
Equivalent Serial Schedule ?
)
READ(A)

WRITE(B)

READ(B)
WRITE(A
)

WRITE(B
)

READ(C)

WRITE(C
READ(C)
)
WRITE(C
WRITE(B)
)
 Solutin:- Yes ,this Schedule is Conflict Serializable.

5. Make a list of Security Concerns for a Bank. For each item on your
list, state whether this concern relates to physical security, human
security, operating system security, or database security.

Solution:

 Organized Crime Targeting banks (operating system and database

security):law enforcement investigations into cyber crime have
uncovered global networks of organized crime groups, including
overseas criminal organizations that hire and direct hackers.

 Authentication (human, operating system and database security): The

banking regulatory bodies have long called for mandatory two-factor
authentication for all online banking sites. Now industry security experts
warn that attacks against those traditional customer authentication
methods are being challenged and defeated. Commercial banking has
already seen early signs of man-in-the-browser attacks targeting two-
factor authentication used to protect U.S. commercial online banking
customers.
 Malware (operating system and database security): The rate of the malware infection of
personal computers was 10 times higher during 2009 compared to 2008. Leading the
infection methods are drive-by-download (taking over legitimate websites; routing visitors
to an infection server) and social network infections (spamming a victim's entire social
network "friend list" with links to infection servers).
  Telephone-Based Fraud (human security): One thing criminals attacking financial
institutions and customers are is persistent, as seen by the number of attacks hitting US
banks and credit unions in 2009. When one avenue of entry is closed, the criminals look to
other ways to what they're after, says RSA's Rivner. As institutions beef up their online
security, many fraudsters turned to more traditional telephony fraud.
 Increased Insider Threat (physical security): The trusted insider is
the most dangerous foe for any institution -- and the most feared, as
seen by the amounts of money and data taken by insiders The
prevalence of insider crime can be blamed on several factors, but the
insider threat at financial institutions is increasing

 Mobile Banking Attacks (human security): The move to mobile

banking by financial institutions that want to offer customers
instantaneous access to their accounts is catching fire around the
country, with hundreds of institutions now offering customers the ability
to look up their account data and balances on cell phones. But security
experts see trouble ahead when institutions begin allowing more than
just account balance checks to happen. The chance for fraud via the
mobile phone is already here.

 SQL Attacks (operating system and database security):: The biggest

data breach on record -- Heartland Payment Systems -- was done using a
"Sequel Injection," or SQL injection, attack. SQL attacks are a popular
way to infect and take over websites, as seen by the recent findings by
security researchers at Verizon Business. SQL injection attacks were one
of the most common methods of breaching systems in the Verizon
report's cases. They were used in 19 percent of the cases and accounted
for 79 percent of the breached records.

6. Which normal form is more desirable ? Justify your answer with the
help of an example ?

Solution:

3NF is more desirable normal form as there are less chances or no scope of
lossy decomposition till this normal form.
 For example:

We have a relation orders

(Order Number, Customer Number, Unit Price, Quantity, Total)

The customer number varies with the order number and it doesn't appear to
depend upon any of the other fields. Unit Price could be dependent upon the
customer number in a situation where we charged each customer a set price.
However, it appears we sometimes charge the same customer different prices.
Therefore, the unit price is fully dependent upon the order number. The
quantity of items also varies from order to order.

The total can be derived by multiplying the unit price by the quantity,
therefore it's not fully dependent upon the primary key. We must remove it
from the table to comply with the third normal form.

Thus we use the following attributes:

(Order Number, Customer Number, Unit Price, Quantity)

The 3NF does not employ any lossy decomposition, thus it is more desirable
normal form.

But if we compare BCNF and 4NF

4NF is more desirable than BCNF because it reduces the repetition of information. If
we consider a BCNF schema not in 4NF, we observe that decomposition into 4NF
does not lose information provided that a lossless join decomposition is used, yet
redundancy is reduced.

*******