ENTITY RELATIONSHIP DIAGRAMS(ERDs)

-An entity relationship diagram (ERD) shows the relationships of entity sets stored in a
database. An entity in this context is a component of data

-An entity relationship diagram, also called entity relationship model, is a graphical
representation of entities and their relationships to each other, typically used in computing in
regard to the organization of data within databases or information systems.

-The purpose of an entity-relationship diagram is to show the various things we are modeling or
tracking, and how they are related to each other.

-Entity relationship diagram (ERD) is a kind of diagram for presenting visually the structure of
relational database.

-An Entity Relationship Diagram (ERD) is a visual representation of different data using
conventions that describe how these data are related to each other. For example, the elements
writer,novel, and consumer may be described using ER diagrams this way:

*At first glance an entity relationship diagram looks very much like a flowchart. It is the
specialized symbols, and the meanings of those symbols, that make it unique.

-In the diagram, the elements inside rectangles are called entities while the items inside
diamonds denote the relationships between entities.

ER Diagrams Usage
While able to describe just about any system, ER diagrams are most often associated with
complex databases that are used in software engineering and IT networks. In particular, ER
diagrams are frequently used during the design stage of a development process in order to
identify different system elements and their relationships with each other. For example, an
inventory software used in a retail shop will have a database that monitors elements such as
purchases, item, item type, item source and item price. Rendering this information through an
ER diagram would be something like this:
There are three basic elements in an ER Diagram: entity, attribute, relationship. There are more
elements which are based on the main elements. They are weak entity, multivalued attribute,
derived attribute, weak relationship and recursive relationship. Cardinality and ordinality are
two other notations used in ER diagrams to further define relationships.

Entity:An entity can be a person, place, event, or object that is relevant to a given system. For
example, a school system may include students, teachers, major courses, subjects, fees, and
other items. Entities are represented in ER diagrams by a rectangle and named using singular
nouns.

Weak Entity: A weak entity is an entity that depends on the existence of another entity. In
more technical terms it can defined as an entity that cannot be identified by its own attributes.
It uses a foreign key combined with its attributed to form the primary key. An entity like order
item is a good example for this. The order item will be meaningless without an order so it
depends on the existence of order.

Attribute: An attribute is a property, trait, or characteristic of an entity, relationship, or another

attribute. For example, the attribute Inventory Item Name is an attribute of the entity Inventory
Item. An entity can have as many attributes as necessary. Meanwhile, attributes can also have
their own specific attributes. For example, the attribute “customer address” can have the
attributes number, street, city, and state. These are called composite attributes. Note that
some top level ER diagrams do not show attributes for the sake of simplicity. In those that do,
however, attributes are represented by oval shapes.
Multivalued Attribute: If an attribute can have more than one value it is called an multivalued
attribute. It is important to note that this is different to an attribute having its own attributes.
For example a teacher entity can have multiple subject values.

Derived Attribute: An attribute based on another attribute. This is found rarely in ER diagrams.
For example for a circle the area can be derived from the radius.
Relationship: A relationship describes how entities interact. For example, the entity
“carpenter” may be related to the entity “table” by the relationship “builds” or “makes”.
Relationships are represented by diamond shapes and are labeled using verbs.

Recursive Relationship: If the same entity participates more than once in a relationship it is
known as a recursive relationship. In the below example an employee can be a supervisor and
be supervised, so there is a recursive relationship.

Cardinality and Ordinality

These two further defines relationships between entities by placing the relationship in the
context of numbers. In an email system, for example, one account can have multiple contacts.
The relationship in this case follows a “one to many” model. There are number of notations
used to present cardinality in ER diagrams. Chen, UML, Crow’s foot, Bachman are some of the
popular notations. Creately supports Chen, UML and Crow’s foot notations.The following
example uses UML to show cardinality.
Tips on How to Draw ER Diagrams

1.Identify all the relevant entities in a given system and determine the relationships among
these entities.

2.An entity should appear only once in a particular diagram.

3.Provide a precise and appropriate name for each entity, attribute, and relationship in the
diagram. Terms that are simple and familiar always beats vague, technical-sounding words. In
naming entities, remember to use singular nouns. However, adjectives may be used to
distinguish entities belonging to the same class (part-time employee and full time employee, for
example). Meanwhile attribute names must be meaningful, unique, system-independent, and
easily understandable.

4. Remove vague, redundant or unnecessary relationships between entities.

5. Never connect a relationship to another relationship.

6.Make effective use of colors. You can use colors to classify similar entities or to highlight
key areas in your diagrams.

ER Diagram Templates
Benefits of ER diagrams

ER diagrams constitute a very useful framework for creating and manipulating databases. First,
ER diagrams are easy to understand and do not require a person to undergo extensive training
to be able to work with it efficiently and accurately. This means that designers can use ER
diagrams to easily communicate with developers, customers, and end users, regardless of their
IT proficiency. Second, ER diagrams are readily translatable into relational tables which can be
used to quickly build databases. In addition, ER diagrams can directly be used by database
developers as the blueprint for implementing data in specific software applications. Lastly, ER
diagrams may be applied in other contexts such as describing the different relationships and
operations within an organization.
Structure of an Entity Relationship Diagram with Common ERD Notations
An entity relationship diagram is a means of visualizing how the information a system produces
is related. There are five main components of an ERD:
How to Create an Entity Relationship Diagram

1. Identify the entities. The first step in making an ERD is to identify all of the entities you
will use. An entity is nothing more than a rectangle with a description of something that
your system stores information about. This could be a customer, a manager, an invoice,
a schedule, etc. Draw a rectangle for each entity you can think of on your page. Keep
them spaced out a bit.

2. Identify relationships. Look at two entities, are they related? If so draw a solid line
connecting the two entities.
3. Describe the relationship. How are the entities related? Draw an action diamond
between the two entities on the line you just added. In the diamond write a brief
description of how they are related.
4. Add attributes. Any key attributes of entities should be added using oval-shaped
symbols
5. Complete the diagram. Continue to connect the entities with lines, and adding
diamonds to describe each relationship until all relationships have been described. Each
 of your entities may not have any relationships, some may have multiple relationships.
That is okay.

Tips for Effective ER Diagrams

1.Make sure that each entity only appears once per diagram.

2.Name every entity, relationship, and attribute on your diagram.

3.Examine relationships between entities closely. Are they necessary? Are there any
relationships missing? Eliminate any redundant relationships. Don't connect relationships to
each other.

4.Use colors to highlight important portions of your diagram.

Example: A Resource Management Application

 DATABASE MANAGEMENT SYSTEM(DBMS)
STRUCTURE OF DBMS

DBMS (Database Management System) acts as an interface between the user and the database.
The user requests the DBMS to perform various operations (insert, delete, update and retrieval)
on the database. The components of DBMS perform these requested operations on the
database and provide necessary data to the users. The various components of DBMS are shown
below: -

1. DDL Compiler - Data Description Language compiler processes schema definitions

specified in the DDL. It includes metadata information such as the name of the files,
data items, storage details of each file, mapping information and constraints etc.
2. DML Compiler and Query optimizer - The DML commands such as insert, update,
delete, retrieve from the application program are sent to the DML compiler for
compilation into object code for database access. The object code is then optimized in
the best way to execute a query by the query optimizer and then send to the data
manager.
3. Data Manager - The Data Manager is the central software component of the DBMS also
knows as Database Control System.
 DATABASE ARCHITECTURE

Software systems generally have an architecture, ie. possessing of a structure (form)

and organisation (function). The former describes identifiable components and how
they relate to one another structurally; the latter describes how the functions of the
various structural components interact to provide the overall functionality of the system
as a whole. Since a database system is basically a software system (albeit complex), it
too possesses an architecture. A typical architecture must define a particular
configuration of and interaction between data, software modules, meta-data, interfaces
and languages.

The architecture of a database system determines its capability, reliability, effectiveness

and efficiency in meeting user requirements. But besides the visible functions seen
through some data manipulation language, a good database architecture should
provide:

a) Independence of data and programs

b) Ease of system design
c) Ease of programming
d) Powerful query facilities
e) Protection of data

A database schema is the skeleton structure that represents the logical view of the
entire database. It defines how the data is organized and how the relations among them
are associated. It formulates all the constraints that are to be applied on the data.

A database schema defines its entities and the relationship among them. It contains a
descriptive detail of the database, which can be depicted by means of schema diagrams.
It’s the database designers who design the schema to help programmers understand the
database and make it useful.

*In a relational database, the schema defines the tables, the fields in each table, and the
relationships between fields and tables.Schemas are generally stored in a data
dictionary. Although a schema is defined in text database language, the term is often
used to refer to a graphical depiction of the database structure.

A database schema can be divided broadly into two categories −

Physical Database Schema − This schema pertains to the actual storage of data and its form of
storage like files, indices, etc. It defines how the data will be stored in a secondary storage.

Logical Database Schema − This schema defines all the logical constraints that need to be
applied on the data stored. It defines tables, views and integrity constraints.

Database Instance

It is important that we distinguish these two terms individually. Database schema is the
skeleton of database. It is designed when the database doesn't exist at all. Once the database is
operational, it is very difficult to make any changes to it. A database schema does not contain
any data or information.

A database instance is a state of operational database with data at any given time. It contains a
snapshot of the database. Database instances tend to change with time. A DBMS ensures that
its every instance (state) is in a valid state, by diligently following all the validations, constraints,
and conditions that the database designers have imposed.

WHAT IS DBMS ?

- To be able to carry out operations like insertion, deletion and retrieval, the database needs to
be managed by a substantial piece of software; this software is usually called a Database
Management System(DBMS).

- A DBMS is usually a very large software package that enables many different tasks including
the provision of facilities to enable the user to access and modify information in the database.

- Data Description Languages (DDL) and Data Manipulation Languages (DML) are needed for
manipulating and retrieving data stored in the DBMS. These languages are called respectively.

An architecture for database systems, called the three-schema architecture was proposed to
help achieve and visualize the important characteristics of the database approach.

THE THREE-SCHEMA ARCHITECTURE:

The goal of the three-schema architecture is to separate the user applications and the
physical database. In this architecture, schemas can be defined at 3 levels :
1. Internal level or Internal schema : Describes the physical storage structure of the
database. The internal schema uses a physical data model and describes the complete
details of data storage and access paths for the database.

2. Conceptual level or Conceptual schema : Describes the structure of the whole database
for a community of users. It hides the details of physical storage structures and
concentrates on describing entities, data types, relationships, user operations, and
constraints. Implementation data model can be used at this level.

3. External level or External schema : It includes a number of external schemas or user

views. Each external schema describes the part of the database that a particular user is
interested in and hides the rest of the database from user. Implementation data model can
be used at this level.
IMPORTANT TO REMEMBER :

Data and meta-data

– three schemas are only meta-data(descriptions of data).

– data actually exists only at the physical level.

Mapping

– DBMS must transform a request specified on an external schema into a request against the
conceptual schema, and then into the internal schema.

– requires information in meta-data on how to accomplish the mapping among various levels.

– overhead(time-consuming) leading to inefficiencies.

– few DBMSs have implemented the full three-schema architecture.

DBMS

Data dictionary: A data dictionary, or metadata repository is a "centralized repository of

information about data such as meaning, relationships to other data, origin, usage, and
format."The term can have one of several closely related meanings pertaining to databases and
database management systems (DBMS):

A document describing a database or collection of databases

An integral component of a DBMS that is required to determine its structure

A piece of middleware that extends or supplants the native data dictionary of a DBMS

-If a data dictionary system is used only by the designers, users, and administrators and not by
the DBMS Software

-A data dictionary is a collection of descriptions of the data objects or items in a data model for
the benefit of programmers and others who need to refer to them.

Data Definition Language (DDL): Data Definition Language (DDL) is a vocabulary used to define
data structures in SQL Server. You use these statements to create, alter, or drop data structures
in an instance of SQL Server. A DDL is a language used to define data structures and modify
data. For example, DDL commands can be used to add, remove, or modify tables within in a
database. DDLs used in database applications are considered a subset of SQL, the Structured
Query Language. However, a DDL may also define other types of data, such as XML.

A Data Definition Language has a pre-defined syntax for describing data. For example, to build a
new table using SQL syntax, the CREATE command is used, followed by parameters for the table
name and column definitions. The DDL can also define the name of each column and the
associated data type. Once a table is created, it can be modified using the ALTER command. If
the table is no longer needed, the DROP command can be used to delete the table.

Data Definition Language (DDL) statements are used to define the database structure or
schema. Some examples:

CREATE - to create objects in the database

ALTER - alters the structure of the database

DROP - delete objects from the database

 TRUNCATE - remove all records from a table, including all spaces allocated for the records are
removed

COMMENT - add comments to the data dictionary

RENAME - rename an object

Data Manipulation Language (DML): Data Manipulation Language (DML) statements are used
for managing data within schema objects. The DML section is used to manipulate the data such
as querying it.Some examples:

SELECT - retrieve data from the a database

INSERT - insert data into a table

UPDATE - updates existing data within a table

DELETE - deletes all records from a table, the space for the records remain

MERGE - UPSERT operation (insert or update)

CALL - call a PL/SQL or Java subprogram

EXPLAIN PLAN - explain access path to data

LOCK TABLE - control concurrency

SQL (Structured Query Language): SQL (Structured Query Language) is a standard interactive
and programming language for getting information from and updating a database. Queries take
the form of a command language that lets you select, insert, update, find out the location of
data, and so forth. There is also a programming interface. SQL is a standardized query language
for requesting information from a database.

What are the Functions and Service of DBMS

A DBMS performs several important functions that guarantee integrity and consistency of data
in the database. Most of these functions are transparent to end-users. There are the following
important functions and services provided by a DBMS:

(ii) Data Storage Management: It provides a mechanism for management of permanent

storage of the data. The internal schema defines how the data should be stored by the storage
management mechanism and the storage manager interfaces with the operating system to
access the physical storage.

(ii) Data Manipulation Management: A DBMS furnishes users with the ability to retrieve,
update and delete existing data in the database.

(iii) Data Definition Services: The DBMS accepts the data definitions such as external schema,
the conceptual schema, the internal schema, and all the associated mappings in source form.

(iv) Data Dictionary/System Catalog Management: The DBMS provides a data dictionary or
system catalog function in which descriptions of data items are stored and which is accessible
to users.

(v) Database Communication Interfaces: The end-user's requests for database access are
transmitted to DBMS in the form of communication messages.

(vi) Authorization / Security Management: The DBMS protects the database against
unauthorized access, either international or accidental. It furnishes mechanism to ensure that
only authorized users an access the database.

(vii) Backup and Recovery Management: The DBMS provides mechanisms for backing up data
periodically and recovering from different types of failures. This prevents the loss of data.

(viii) Concurrency Control Service: Since DBMSs support sharing of data among multiple users,
they must provide a mechanism for managing concurrent access to the database. DBMSs
ensure that the database kept in consistent state and that integrity of the data is preserved.

(ix) Transaction Management: A transaction is a series of database operations, carried out by a

single user or application program, which accesses or changes the contents of the database.
Therefore, a DBMS must provide a mechanism to ensure either that all the updates
corresponding to a given transaction are made or that none of them is made.

(x) Database Access and Application Programming Interfaces: All DBMS provide interface to
enable applications to use DBMS services. They provide data access via Structured Query
Language (SQL). The DBMS query language contains two components: (a) a Data Definition
Language (DDL) and (b) a Data Manipulation Language (DML).

DATABASE SECURITY
It is important to develop a security policy for every database. The security policy establishes
methods for protecting your database from accidental or malicious destruction of data or
damage to the database infrastructure.

Each database can have an administrator, referred to as the security administrator, who is
responsible for implementing and maintaining the database security policy If the database
system is small, the database administrator can have the responsibilities of the security
administrator. However, if the database system is large, a designated person or group of people
may have sole responsibility as security administrator.

List the importance of security

- To prevent unauthorized data observation.

- To prevent unauthorized data modification.

- To ensure the data confidential.

- To make sure the data integrity is preserved.

- To make sure only the authorized user have access to the data.

Methods of securing a database

Introduction to Views

A view is a presentation of data selected from one or more tables (possibly including other
views). In addition to showing the selected data, a view also shows the structure of the
underlying tables, and can be thought of as the result of a stored query.

The view contains no actual data but rather derives what it shows from the tables and views on
which it is based. A view can be queried, and the data it represents can be changed. Data in a
view can be updated or deleted, and new data inserted. These operations directly alter the
tables on which the view is based and are subject to the integrity constraints and triggers of the
base tables.

For example, a base table of all employee data may have several columns and numerous rows
of information. If you want a certain set of users to see only specific columns, then you can
create a view of that table, containing only the allowable columns. You can then grant other
users access to the new view, while disallowing access to the base table.

Figure 6-1 shows an example of a view called staff derived from the base table employees.
Notice that the view shows only five of the columns in the base table.

Figure 6-1 An Example of a View

2. Views can be used as a security mechanism

A view can select certain columns and/or rows from a table, and permissions set on the view
instead of the underlying tables. This allows surfacing only the data that a user needs to see.

Views can represent a subset of the data contained in a table. Consequently, a view can limit
the degree of exposure of the underlying tables to the outer world: a given user may have
permission to query the view, while denied access to the rest of the base table.

Data protection – create views to protect sensitive data. For example the salary column was
hidden in my example above.

ways to secure your stored data

Securing stored data involves preventing unauthorized people from accessing it as well as
preventing accidental or intentional destruction, infection or corruption of information. While
data encryption is a popular topic, it is just one of many techniques and technologies that can
be used to implement a tiered data-security strategy. Steps to secure data involve
understanding applicable threats, aligning appropriate layers of defense and continual
monitoring of activity logs taking action as needed.

Implement a tiered data protection and security model including multiple perimeter rings of
defense to counter applicable threats. Multiple layers of defense can isolate and protect data
should one of the defense perimeters be compromised from internal or external threats.

Include both logical (authorization, authentication, encryption and passwords) and physical
(restricted access and locks on server, storage and networking cabinets) security. Hopefully, the
closets in your facility for cleaning personal and their tools are separate from where you keep
your storage and networking cabling and tools. Physical security includes maintaining a low
profile. For example, if yours is the only building with lights on during a heat-wave-induced
electrical power blackout, at least turn your outside lights off as well as other lights that can be
seen from the outside so as to not draw unwanted attention.

Logical security includes securing your networks with firewalls, running antispyware and virus-
detection programs on servers and network-addressed storage systems. No storage security
strategy would be complete without making sure that applications, databases, file systems and
server operating systems are secure to prevent unauthorized or disruptive access to your
stored data. Implement storage system based volume or logical unit number mapping and
masking as a last line of defense for your stored data.

Speaking of physical security and access controls, change your key-code or door-lock
combinations regularly, informing only those who need access. You might be surprised who
stops by to ask for the access for the combination or password for something that you did know
that they had access to in the first place.

Some storage and networking tools will encourage you to change management passwords at
initial installation. I hope that this sounds like common sense, however, due diligence is to say
the obvious -- change default passwords at installation and on an ongoing basis. Likewise,
restrict access to management tools to those who need it.

Know who has physical access to fixed and removable data-storage media and devices.
Leverage access logs as well as perform background checks of contractor and third-party
personnel who will be handling your data and media. Identify where weak links are in your
data-movement processes and correct those deficiencies. Data-discovery tools can be used to
identify sensitive data that may not be adequately protected.

If you are currently moving data electronically to avoid losing tapes or are planning to, then
make sure data being transmitted over a public or private network is safe and secure. Some
techniqes to protect data while in-flight include encryption, virtual private networks and the
IPSec protocol.

Data encryption is a topic people in the industry like to talk about, however, like other
technologies, wide-scale mass adoption has been elusive. However, as a trend, encryption -- in
some shape or form -- is here to stay and most likely is in your future. There is plenty of debate
as to when (at rest, in flight), where (storage, network, appliance, servers) and how (hardware,
software) to implement encryption. For now, consider what the level or depth of encryption
you need to counter your applicable threats. Also, consider how key management will be
performed for your environment. In addition, consider the potential effect on performance and
interoperability for your environment when looking at data-encryption technologies.