Database Concepts
Sixth Edition
Database Concepts, 6e (Kroenke/Auer)
Full download at: Solution Manual:
https://testbankpack.com/p/solution-manual-for-database-concepts-6th-edition-by-kroenke-andauer-isbn-0132742926-9780132742924/
Test bank:
https://testbankpack.com/p/test-bank-for-database-concepts-6th-edition-by-kroenke-and-auerisbn-0132742926-9780132742924/
CHAPTER SIX
DATABASE ADMINISTRATION
Instructor's Manual to accompany:
Database Concepts (Sixth Edition)
David M. Kroenke and David J. Auer
© 2013, 2011, 2010, 2008 Pearson Education, Inc. Publishing as Prentice Hall
CHAPTER OBJECTIVES
Understand the need for and importance of database administration
Learn different ways of processing a database
Understand the need for concurrency control, security, and backup and recovery
Learn typical problems that can occur when multiple users process a database concurrently
Understand the use of locking and the problem of deadlock
Learn the difference between optimistic and pessimistic locking
Know the meaning of ACID transaction
Learn the four 1992 ANSI standard isolation levels
Understand the need for security and specific tasks for improving database security
Know the difference between recovery via reprocessing and recovery via rollback/rollforward
Understand the nature of the tasks required for recovery using rollback/rollforward
Know basic administrative and managerial DBA functions
CHAPTER ERRATA
There are no known errors at this time. Any errors that are discovered in the future will be reported and corrected in the Online DBC e06 Errata document, which will be available at http://www.pearsonhighered.com/kroenke.
THE ACCESS WORKBENCH
Solutions to the Access Workbench exercises may be found in Solutions to all Sections: The Access Workbench, which is a separate document within the Instructor’s Manual.
TEACHING SUGGESTIONS
This chapter introduces the topic of database administration by describing the fundamental concepts, technology, and terminology used for multi-user database management.
Page 3 of 28
This text distinguishes between database administration and data administration. The latter is an organizational activity that typically sits high in the enterprise organization chart and may be concerned with much larger issues than the maintenance of a particular database. This chapter is concerned with database administration, a more pedestrian function that occurs at a much lower level in the organization. Every multi-user database needs a database administrator. The administrator may only have a few tasks to perform and may work on them only a few hours a week, but someone needs to be given the responsibility for ensuring that the database administration tasks are accomplished on a timely basis. This is especially true for Internet technology databases where the users may be far away or even anonymous, and where the consequences of failures and mistakes will be difficult to correct.
Concurrency control is important and sometimes seems obscure. If users do not learn the concepts and techniques, however, the DBMS will use default settings. These defaults may be perfect, but they also may be terrible. Thus, even though these issues can be ignored, the consequences of them cannot be avoided.
Security is becoming more and more important. As implied in the text, for Internet applications, security tasks are accomplished by both the Web server and the DBMS. Students should look into these issues when they have had both Web server and database classes.
If you are working with SQL Server 2008 R2, be sure to create the server login and database user accounts as shown in the chapter. The Web site material in Chapter 7 will not work without them!
The goal of this chapter with regard to backup and recovery is to raise the students’ consciousness to these issues. They should get a general idea of the importance of backup and recovery and the general nature of backup and recovery tools and techniques.
ANSWERS TO REVIEW QUESTIONS
6.1 What is the purpose of database administration?
The purpose of this function is to manage a database so that its value to an organization is maximized.
6.2 Explain how database administration tasks vary with the size and complexity of the database.
Single-user databases are much easier to administer than large organizational databases with hundreds of concurrent users and dozens of applications.
6.3 What are two interpretations of the abbreviation DBA?
Database administration and database administrator.
Page 4 of 28
6.4 What is the purpose of concurrency control?
The purpose of concurrency control is to ensure that the results obtained when more than one user processes the database are consistent with what is expected.
6.5 What is the goal of a database security system?
The goal of a database security system is to ensure that only authorized users can take authorized actions at appropriate times.
6.6 Explain the meaning of the word inappropriately in the phrase “one user’s work does not inappropriately influence another user’s work.”
It means that any overlap of work results is anticipated and is in accordance with the requirements. In some applications, the work of two users is supposed to be completely isolated from each other, say patient records processing for two different patients in a hospital. In other applications, two users’ work need not be so isolated someone who wants the latest stock price won’t mind if the price is updated as the list is being produced as long as they know that it may happen.
6.7 Explain the trade-off that exists in concurrency control.
A high level of control granularity means easy administration for the DBMS but poor throughput. A low level of control granularity means difficult administration for the DBMS, but better throughput.
6.8 Describe what an atomic transaction is and explain why atomicity is important.
An atomic transaction is one in which either all of the database actions are committed to the database or none of them are. Without it, there is a danger that partially processed transactions will be committed to the database.
6.9 Explain the difference between concurrent transactions and simultaneous transactions. How many CPUs are required for simultaneous transactions?
With concurrent transactions, two or more users access the database using a single CPU on the database server. The CPU executes some instructions from one, and then executes some from the other, switching back and forth between them. The actions may appear simultaneous to the two users. For transactions to be simultaneous, they would have to be actually processed at the same time. For transactions to be processed simultaneously, two or more CPUs are required. With modern server computers, such processing is possible.
6.10 Give an example, other than the one in this text, of the lost update problem.
The lost update problem occurs when two transactions attempt to update the same data resource simultaneously. Because each transaction copies the record into its work area, each can effect different changes and then rewrite the record. The problem is that all updates except the last one to be rewritten are lost. Example: At a music store, two salespeople rent the same B-flat clarinet to two different customers.
6.11 Define the terms dirty read, nonrepeatable read, and phantom read
A dirty read reads data that has been changed but not committed by another user.
A nonrepeatable read is a read in which multiple reads of the same record may not obtain the same values because of changes made by other users.
A phantom read occurs when new rows are found on a second or subsequent read of a file.
6.12 Explain the difference between an explicit and an implicit lock.
Explicit locks are set by the application program, while implicit locks are set by the DBMS on behalf of the application or users.
6.13 What is lock granularity?
Lock granularity is the size of the resource that is locked. Large grained locks are easy for the DBMS to administer but result in frequent conflicts, whereas small grained locks are more difficult and expensive to administer but result in fewer conflicts.
6.14 Explain the difference between an exclusive lock and a shared lock.
An exclusive lock allows no other access, whereas a shared lock allows other transactions to read but not update the data.
6.15 Explain two-phased locking.
The two-phase locking strategy is used to obtain a number of locks until a lock is released, and after that no more locks can be obtained until all are released. Thus, the transaction has a lock growing phase and then a lock shrinking phase. Most DBMS products implement a special case of this in which all locks are released when a transaction commits.
6.16 How does releasing all locks at the end of a transaction relate to two-phase locking?
It is a special case of two-phase locking during the life of the transaction, locks are only acquired (the growing phase). When the transaction is committed, all locks are released. The shrinking phase occurs at one point.
6.17 What is deadlock? How can it be avoided? How can it be resolved when it occurs?
Deadlock occurs when each of two transactions is waiting for a resource the other has locked. Both transactions are placed in the wait state, but neither one can get out of it. A DBMS can either prevent the deadly embrace from occurring (via control over locking) or it can allow it and then detect and break it (by aborting one of the transactions, thus releasing its locks and enabling the other transaction to continue).
6.18 Explain the difference between optimistic and pessimistic locking.
The assumption with optimistic locking is that conflict will not occur. Therefore, no locks are placed until the transaction is completed. At that point, locks are obtained and records are updated only if they have not been changed since last read. With pessimistic locking, the assumption is made that conflict will occur. Therefore, records are locked before they’re read. When the transaction is complete, all locks are released.
6.19 Explain the benefits of marking transaction boundaries, declaring lock characteristics, and letting a DBMS place locks.
It’s more flexible and puts less demand on the application programmer. The programmer defines the boundaries of the transaction and then defines the locking behavior that is wanted. The DBMS then figures out where to set locks. If the locking behavior declaration is subsequently changed, the DBMS will then place locks in accordance with the new behavior. This reduces the likelihood of programmer errors as well.
6.20 Explain the use of the SQL transaction control statements BEGIN TRANSACTION, COMMIT TRANSACTION, and ROLLBACK TRANSACTION.
These statements are used to mark transaction boundaries. The application programmer must set these boundaries because the DBMS cannot automatically determine what DBMS operations are to be atomic.
6.21 Explain the meaning of the expression ACID transaction.
An ACID transaction is atomic, consistent, insolated, and durable.
6.22 Describe statement-level consistency.
An update will apply to a set of rows as they existed at the time the statement was first executed.
6.23 Describe transaction-level consistency. What disadvantage can exist with it?
All updates in a transaction will be to rows as they existed at the time the transaction began. The possible disadvantage is that, depending on how this is implemented, transaction cannot view its own changes.
6.24 What is the purpose of transaction isolation levels?
They exist to provide flexibility in the degree of isolation between the works of different transactions.
6.25 Explain what read uncommitted isolation level is. Give an example of its use.
The read uncommitted isolation level allows dirty reads, nonrepeatable reads, and phantom reads. It might be used when making a list of Web sites in response to a search for articles on a movie.
6.26 Explain what read committed isolation level is. Give an example of its use.
The read committed isolation level disallows dirty reads, but allows nonrepeatable reads and phantom reads. It might be used when making a list of stock prices that are expected to be current only as of the time the stock price was read.
6.27 Explain what repeatable read isolation level is. Give an example of its use.
The repeatable read isolation level disallows dirty reads and nonrepeatable reads, but allows phantom reads. It might be used when making a list of inventory quantities on a list of inventory items that were known to be in the database when the read began.
6.28 Explain what serializable isolation level is. Give an example of its use.
The serializable isolation level disallows dirty reads, nonrepeatable reads, and phantom reads. It might be used when rank ordering a list of commodities, where the ranking process requires several passes through the table.
6.29 Explain the term cursor
A cursor is a pointer into a set of rows.
6.30 Explain why a transaction may have many cursors. Also, how is it possible that a transaction may have more than one cursor on a given table?
The transaction may need to process several tables at one time. A cursor can be opened on two different views of a table (these are SQL views, not application views), in which case there will be two cursors open on the same table for that transaction. Furthermore, there are some transactions in which the logic requires that two cursors process the same table.
6.31 What is the advantage of using different types of cursors?
Because cursors require considerable memory, having many cursors open at the same time for, say, a thousand concurrent transactions, can consume considerable memory and CPU time. One way to reduce cursor overhead is to define reduced-capability cursors and use them when a full-capability cursor is not needed.
6.32 Explain forward-only cursors. Give an example of their use.
The simplest cursor is the forward-only cursor. With it, the application can only move forward through the recordset. Changes made by other cursors in this transaction and by other transactions will be visible only if they occur in rows ahead of the cursor. They would be used when processing a report sequentially and you use a forward-only cursor when you are sequentially reading a recordset.
6.33 Explain static cursors. Give an example of their use.
With a static cursor, the application sees the data as it was at the time the cursor was opened. Changes made by this cursor are visible. Changes from other sources are not visible. Both backward and forward scrolling are allowed. Use this when processing a recordset and you need to see any changes you have made but not changes other users have made.
6.34 Explain keyset cursors. Give an example of their use.
Dynamic changes of any type and from any source are visible. When the cursor is opened, a primary key value is saved for each row in the recordset. When the application accesses a row, the key is used to fetch the current values for the row. All inserts, updates, deletions, and
changes in the recordset order are visible. If the isolation level is dirty read, then uncommitted changes are visible. Otherwise, only committed changes are visible. Updates from any source are visible. Inserts from sources outside this cursor are not visible (There is no key for them in the keyset ) Inserts from this cursor appear at the bottom of the recordset. Deletions from any source are visible. Use a keyset cursor when you need to see updates from any source and your own inserts, but not inserts from other sources
6.35 Explain dynamic cursors. Give an example of their use.
With a dynamic cursor, changes in row order are not visible. If the isolation level is dirty read, then committed updates and deletions are visible; otherwise only committed updates and deletions are visible. Use a dynamic cursor when you need to see all changes being made. Use with dirty read isolation level to see uncommitted changes, otherwise only committed changes will be seen.
6.36 What happens if you do not declare transaction-isolation level and cursor type to the DBMS? Is not declaring the isolation level and cursor type good or bad?
If you do not specify the isolation level of a transaction or do not specify the type of cursors you open, the DBMS will use a default level and type. These defaults may be perfect for your application, but they also may be terrible. Thus, even though these issues can be ignored, the consequences of them cannot be avoided.
6.37 Explain the necessity of defining processing rights and responsibilities. How are such responsibilities enforced?
We need to define processing rights and responsibilities to bring order to the processing of the database, which is a shared resource. While rights can be enforced by the DBMS and application programs, responsibilities must be documented and understood by users. The upholding of responsibilities cannot be automated; it’s a matter of user training and behavior.
6.38 Explain the relationships of users, groups, permission, and objects for a generic database security system.
Permissions give roles to users and database objects themselves the ability to interact with database objects. [NOTE: Although permissions can be granted to users, a basic principle of systems administration is that, unless absolutely necessary, no users should have permissions granted directly to them. Instead, users should be placed in roles (which will hold groups of users), and the roles should be granted permissions to the database objects].
Each user can be in many roles, and each role can have many users. Each user, role or object may have many permissions. Each permission gives one user, role or object to one database object.
6.39 Describe the advantages and disadvantages of DBMS-provided security. Advantages:
Easier to implement
Done regardless of the source of data changes and activities
Page 9 of 28
Probably more consistent
Disadvantages:
May not suffice for particular needs
Works best for vertical security
6.40 Describe the advantages and disadvantages of application-provided security.
Advantages:
Easier to implement
Done regardless of the source of data changes and activities
Probably more consistent
Disadvantages:
May not suffice for particular needs
Works best for vertical security
6.41 Explain how a database could be recovered via reprocessing. Why is this generally not feasible?
Reprocessing means reapplying all transactions since the latest database save to that saved copy of the database. Because reprocessing takes as much time as original processing, reprocessing is usually infeasible. Additionally, initially asynchronous events may occur in a different order.
6.42 Define the terms rollback and rollforward
Rollback means applying before images (before changes were made) to the current database. This takes the database backwards in time.
Rollforward means loading the latest database backup then applying all after images (after changes were made) to it. This brings the database forward in time.
6.43 Why is it important to write to a log before changing the database values?
When database values are written to the log before they are changed in the database, the log record is correct in the event a database failure. Otherwise the database could be behind the log and changes that were committed might not be recovered.
6.44 Describe the rollback process. Under what conditions should rollback be used?
Start with a current copy of the database, and then back out changes. This method is used when database has not been lost; there is just some update activity that needs to be removed.
Page 10 of 28
6.45 Describe the rollforward process. Under what conditions should rollforward be used?
Start with a restored database from a prior saved backup, then apply after images. This method is used when database has been lost.
6.46 What is the advantage of making frequent checkpoints of a database?
Checkpoints are snapshots of updated parts of a database. They can be taken automatically by the DBMS. In the event of a needed recovery, checkpoints can be used to perform recovery because they provide a point of synchronization between the log and the database. This is faster than recovering the entire database from a backup and then applying all after images since the backup was taken.
6.47 Summarize a DBA’s responsibilities for managing database user problems. The DBA’s responsibilities for managing user problems include:
Creating and managing a process for gathering and recording user-reported errors and other problems
Creating and managing a process to prioritize user-reported errors and other problems
Creating and managing a process for ensuring that user-reported errors and other problems are corrected
6.48 Summarize the DBA’s responsibilities for configuration control. The DBA’s responsibilities for configuration control include:
Creating and managing a process for recording change requests
Creating and managing a process for conducting user and developer reviews of change requests
Creating and managing a process for creating tasks and projects for implementing approved change requests
6.49 Summarize the DBA’s responsibilities for documentation. The DBA’s responsibilities for documentation include ensuring that proper documentation is maintained on:
Database structure
Concurrency control
Security
Backup and recovery
What applications use that database, and how they use it
ANSWERS TO EXERCISES
6.50 Use the Microsoft SQL Server 2012 online documentation to answer the following questions.
A. Does Microsoft SQL Server 2012 support both optimistic and pessimistic locking? Yes.
B. What levels of transaction isolation are available? All via cursor type
C. What types of cursors, if any, does Microsoft SQL Server use? READ_ONLY, OPTIMISTIC, SCROLL_LOCK (=Optimistic)
D. How does the security model for Microsoft SQL Server 2012 differ from that shown in Figure 6-15?
In SQL Server 2000, it was pretty much the same. SQL Server 2005 added a new layer, name “schema”, which has continued into SQL Server 2008, SQL Server 2008 R2 and now SQL Server 2012. Schemas own objects, while users own schemas. Schemas are now database owners, and the “dbo” that is seen in the SQL Server 2012 screen shots refers to the dbo schema, not a dbo user (which no longer exists).
E. Summarize the types of Microsoft SQL Server 2012 backup. You can create a complete or differential backup of the database, you can create a transaction log backup, and you can create a backup of particular files and file groups.
F. Summarize the Microsoft SQL Server recovery models. They are simple, full, and bulk-logged. With the simple recovery model, no logging is done. The only way to recover a database is to restore the database to the last backup. Changes made since that last backup are lost. The simple recovery model could be used for a database that is never changed say, one having the names and locations of the occupants of a full graveyard. Or, one that is used for read-only analysis of data that is copied from some other transactional database. With full recovery, all database changes are logged, and with bulk-logged database recovery, all changes are logged except those that cause large log entries. With bulk-logged recovery, changes to large text and graphic data items are not recorded to the log actions like CREATE INDEX are not logged, and some other bulk-oriented actions are not logged. An organization would use bulk-logged recovery if conserving log space is important and if the data used in the bulk operations is saved in some other way.
Page 12 of 28
6.51 Use Oracle Database 11g Release 2 online documentation to answer the following questions.
A. How does Oracle Database 11g Release 2 use read and write locks?
This is complex, and since MySQL can use different database engines, it depends on the database engine being used. For InnoDB:
“In the InnoDB transaction model, the goal is to combine the best properties of a multiversioning database with traditional two-phase locking. InnoDB does locking on the row level and runs queries as non-locking consistent reads by default, in the style of Oracle. The lock table in InnoDB is stored so space-efficiently that lock escalation is not needed: Typically several users are allowed to lock every row in the database, or any random subset of the rows, without InnoDB running out of memory.”
B. What, if any, levels of transaction isolation are available in Oracle Database 11g Release 2?
For InnoDB:
“In terms of the SQL:1992 transaction isolation levels, the InnoDB default is REPEATABLE READ InnoDB offers all four transaction isolation levels described by the SQL standard. You can set the default isolation level for all connections by using the transaction-isolation option on the command line or in an option file ”
C. How does the security model for Oracle Database 11g Release 2 differ from that shown in Figure 6-15?
The security model in Figure 6-15 is actually based on Oracle Database security, and there are no differences.
D. Summarize the backup capabilities of Oracle Database 11g Release 2
Oracle Database 11g Release 2 has basic database file backup capability, which is easily accessed through the MySQL Administrator. Backups can be scheduled.
E. Summarize the recovery capabilities of Oracle Database 11g Release 2
Oracle Database 11g Release 2 has complex database recovery capability, which is easily accessed through the MySQL Administrator.
Page 13 of 28
6.52 Use MySQL 5.5 online documentation to answer the following questions.
A. How does MySQL 5.5 use read locks and write locks? This is complex, and since MySQL 5.5 can use different database engines, it depends on the database engine being used. For InnoDB:
“In the InnoDB transaction model, the goal is to combine the best properties of a multiversioning database with traditional two-phase locking. InnoDB does locking on the row level and runs queries as non-locking consistent reads by default, in the style of Oracle. The lock table in InnoDB is stored so space-efficiently that lock escalation is not needed: Typically several users are allowed to lock every row in the database, or any random subset of the rows, without InnoDB running out of memory.”
B. What, if any, levels of transaction isolation are available in MySQL 5.5? For InnoDB:
“In terms of the SQL:1992 transaction isolation levels, the InnoDB default is REPEATABLE READ InnoDB offers all four transaction isolation levels described by the SQL standard. You can set the default isolation level for all connections by using the transaction-isolation option on the command line or in an option file ”
C. What types of cursors, if any, does MySQL 5.5 use?
“Simple cursors are supported inside stored procedures and functions. The syntax is as in embedded SQL. Cursors are currently asensitive, read-only, and non-scrolling. Asensitive means that the server may or may not make a copy of its result table ”
D. How does the security model for MySQL 5.5 differ from that shown in Figure 6-15?
The model is about the same, except that MySQL does not have Roles (Groups), only Users.
E. Summarize the backup capabilities of MySQL 5.5. MySQL has basic database file backup capability, which is easily accessed through the MySQL Administrator. Backups can be scheduled.
F. Summarize the recovery capabilities of MySQL 5.5. MySQL has basic database recovery capability, which is easily accessed through the MySQL Administrator.
Page 14 of 28
ANSWERS TO MARCIA’S DRY CLEANING CASE QUESTIONS
Ms. Marcia Wilson owns and operates Marcia’s Dry Cleaning, which is an upscale dry cleaner in a well-to-do suburban neighborhood. Marcia makes her business stand out from the competition by providing superior customer service. She wants to keep track of each of her customers and their orders. Ultimately, she wants to notify them that their clothes are ready via email.
Assume that Marcia has hired you as a database consultant to develop an operational database having the following four tables:
CUSTOMER (CustomerID, FirstName, LastName, Phone, Email)
INVOICE (InvoiceNumber, CustomerID, DateIn, DateOut, Subtotal, Tax, TotalAmount)
INVOICE_ITEM (InvoiceNumber, ItemNumber, ServiceID, Quantity, UnitPrice, ExtendedPrice)
SERVICE (ServiceID, ServiceDescription, UnitPrice)
A. Assume that Marcia’s Dry Cleaning has the following personnel: two owners, a shift manager, a part-time seamstress, and two salesclerks. Prepare a two-to-three-page memo that addresses the following points:
1. The need for database administration.
This part of the memo should summarize the issues discussed on page 303-304.
2. Your recommendation as to who should serve as database administrator. Assume that Marcia’s Dry Cleaning is not sufficiently large to need or afford a full-time database administrator.
The database administration tasks should probably be shared among the owners, the shift manager, and you, the consultant. The owners need to understand the importance and their vulnerability; the shift manager needs to know what documentation and procedures exist and to help ensure compliance. The consultant needs to perform technical tasks.
Page 15 of 28
3. Using the main topics in this chapter as a guide, write a job description describing the nature of database administration activities at Marcia’s Dry Cleaning. As an aggressive consultant, keep in mind that you can recommend yourself for performing some of the DBA functions.
The job description should contain the following information:
Task Owners Shift Manager Consultant Managing database structure Ensure documents exist
Design, implement, and document database structure
Controlling concurrent processing Establish policies Define transactions and set up DBMS concurrency
Managing processing rights and responsibilities
Set requirements Enforce responsibilities
Document rights and responsibilities
Developing database security Understand vulnerability Ensure procedures are followed
Providing for database recovery Understand vulnerability Ensure procedures are followed
Set up security system for rights
Set up DBMS and application security
Set up system and procedures, document procedures and train users
Managing the DBMS Understand the nature of this activity
Respond to performance problems, watch for new versions of DBMS with potential use for Marcia’s Dry Cleaning
Maintaining the data repository
Understand the importance Ensure documentation is kept up to date
Produce repository and other documentation
Page 16 of 28
B. For the employees described in part A, define users, groups, and permissions on data in these four tables. Use the security scheme shown in Figure 6-15 as an example. Create a table like that in Figure 6-16. Don’t forget to include yourself.
The following table identifies five groups (with the obvious personnel assigned to them) and processing rights over the four tables. This is a restrictive set of permissions and the employees may rail at it. Given that Marcia’s Dry Cleaning is a small company, there may be a need to broaden these rights. One course of action is to start restrictive and broaden from there. It’s easier to give new permissions than to take existing ones away!
C. Suppose that you are writing a part of an application to create new records in SERVICE for new services that Marcia’s will perform. Suppose that you know that while your procedure is running another part of the same application that records new or modifies existing customer orders, order line items can also be running. Additionally, suppose that a third part of the application that records new customer data also can be running.
1. Give an example of a dirty read, a nonrepeatable read, and a phantom read in this application.
AppPart01: This procedure should only be using the SERVICE table to insert new SERVICEs.
Page 17 of 28
AppPart02: This procedure should be writing to the INVOICE and INVOICE _ITEM tables, but may be reading from the CUSTOMER and SERVICE tables.
AppPart03: This procedure should only be inserting new rows into the CUSTOMER table.
It appears that all reads are performed in the second procedure but it reads only CUSTOMER and SERVICE. The first procedure deals with inserting new records into the SERVICE table and the third transaction inserts or modifies CUSTOMER rows only.
A dirty read would occur if AppPart02 read a newly inserted SERVICE before the transaction was committed.
A nonrepeatable read would occur if AppPart02 read a newly inserted SERVICE a second time, where the transaction was not committed during the first read, was modified, and was committed by the time the second read occurred.
A phantom read would occur if AppPart02 read SERVICE before a new SERVICE was entered, and then reads SERVICE again after the new SERVICE was entered and committed by the time the second read occurred.
2. What concurrency control measures are appropriate for the part off the application that you are creating?
AppPart01 is simply inserting rows into the SERVICE table. We are not doing any reads, so read-committed isolation will thus be fine.
3. What concurrency control measures are appropriate for the two other parts of the application?
AppPart02 is reading all tables and inserting data into two of them. We will use serializable isolation here. We never want to confuse our employees by having data read problems occur when they are working with a customer.
AppPart03 is simply inserting rows into the SERVICE table. We are not doing any reads, so read-committed isolation will thus be fine.
ANSWERS TO GARDEN GLORY PROJECT QUESTIONS
The following Garden Glory database design is used in Chapter 3:
OWNER (OwnerID, OwnerName, OwnerEmail, OwnerType)
PROPERTY (PropertyID, PropertyName, Street, City, State, Zip, OwnerID)
EMPLOYEE (EmployeeID, LastName, FirstName, CellPhone, ExperienceLevel)
SERVICE (PropertyID, EmployeeID, ServiceDate, HoursWorked)
The referential integrity constraints are:
OwnerID in PROPERTY must exist in OwnerID in OWNER
PropertyID in SERVICE must exist in PropertyID in PROPERTY
EmployeeID in SERVICE must exist in EmployeeID in EMPLOYEE
Garden Glory has modified the EMPLOYEE table by adding a TotalHoursWorked column:
EMPLOYEE (EmployeeID, LastName, FirstName, CellPhone, ExperienceLevel, TotalHoursWorked)
The office personnel at Garden Glory use a database application to record services and related data changes in this database. For a new service, the service-recording application reads a row from the PROPERTY table to get the PropertyID. It then creates a new row in SERVICE and updates TotalHoursWorked in EMPLOYEE by adding the HoursWorked value in the new SERVICE record to TotalHoursWorked. This operation is referred to as a Service Update Transaction.
In some cases, the employee record does not exist before the service is recorded. In such a case, a new EMPLOYEE row is created, and then the service is recorded. This is called a Service Update for New Employee Transaction
A. Explain why it is important for the changes made by the Service Update Transaction to be atomic.
Without atomicity, it would be possible to update employee TotalHoursWorked, but not create the new, corresponding SERVICE row.
B. Describe a scenario in which an update of TotalHoursWorked could be lost during a Service Update Transaction.
Two employees updating EMPLOYEE concurrently could cause the lost update problem as described in the text.
Page 19 of 28
C. Assume that many Service Update Transactions and many Service Update for New Employee Transactions are processed concurrently. Describe a scenario for a nonrepeatable read and a scenario for a phantom read.
Nonrepeatable read: Two Service Update Transactions processing One reads EMPLOYEE data, the second updates the same row of EMPLOYEE data and commits the change. The first rereads the same EMPLOYEE row and finds a different value for TotalHoursWorked than it found the first time.
Phantom: This shouldn’t occur for logic as described. But, if a Service Update Transaction counted the number of EMPLOYEE rows for some reason, then a Service Update for New Employee transaction committed a new EMPLOYEE row, and the first Service Update Transaction re-counts the rows, there will be a new phantom row to count.
D. Explain how locking could be used to prevent the lost update in your answer to part B.
Both transactions lock EMPLOYEE before reading and updating.
E. Is it possible for deadlock to occur between two Service Update Transactions? Why or why not? Is it possible for deadlock to occur between a Service Update Transaction and a Service Update for New Employee Transaction? Why or why not?
It shouldn’t occur for Service Update Transactions because only one EMPLOYEE row can be concurrently processed. It is not possible to have deadlock on one row. It shouldn’t happen for Service Update for New Employee transactions because only new rows are created.
F. Do you think optimistic or pessimistic locking would be better for the Service Update Transactions?
Optimistic locking should be better because conflict should be rare in such a small business.
G. Suppose Garden Glory identifies three groups of users: managers, administrative personnel, and system administrators. Suppose further that the only job of administrative personnel is to make Service Update Transactions. Managers can make Service Update Transactions and Service Updates for New Employee Transactions. System administrators have unrestricted access to the tables. Describe processing rights that you think would be appropriate for this situation. Use Figure 6-16 as an example. What problems might this security system have?
Page 20 of 28
DATABASE RIGHTS GRANTED
Potential problem: Everyone can update EMPLOYEE. Assuming that TotalHoursWorked is used to compensate employees, there might be an incentive for Administrative personnel to make unauthorized changes to that column for their friends/relatives, etc. They probably need to set up a manual procedure to ensure that all such changes have a physical document, signed by a manager, or some other compensating control.
H. Garden Glory has developed the following procedure for backup and recovery. The company backs up the database from the server to a second computer on its network each night. Once a month, it copies the database to a CD and stores it at a manager’s house. It keeps paper records of all services provided for an entire year. If it ever loses its database, it plans to restore it from a backup and reprocess all service requests. Do you think this backup and recovery program is sufficient for Garden Glory? What problems might occur? What alternatives exist? Describe any changes you think the company should make to this system.
Garden Glory is susceptible to a fire that could destroy both computers and the paper records. They should make backup to a CD much more frequently than once a month once every other day, perhaps. Also, they should store paper records away from office, if possible. Storing the CD at a manager’s house is probably a bad idea. What if that manager becomes dissatisfied with his or her job? Better to store it in an off-premise facility designed for such storage.
Recovery via reprocessing is probably fine here. Garden Glory is a small business and the nature of their transactions is such that reprocessing in a different order ought not to matter.
ANSWERS TO JAMES RIVER JEWELRY PROJECT QUESTIONS
[NOTE: The James River Jewelry Project Questions are available online for Appendix D, which can be downloaded from the textbook’s Web site: www.pearsonhighered.com/kroenke. The solutions for these questions will be included in the Instructor’s Manual for each chapter]
The James River Jewelry database design that was used in the James River Jewelry Project Questions for Chapter 3 that is online in Appendix D was:
CUSTOMER (CustomerID, LastName, FirstName, Phone, Email)
PURCHASE (InvoiceNumber, InvioceDate, PreTaxAmount, CustomerID)
PURCHASE_ITEM (InvoiceNumber, ItemNumber, RetailPrice)
ITEM (ItemNumber, Description, Cost, ArtistName)
The referential integrity constraints are:
CustomerID in PURCHASE must exist in Customer ID in CUSTOMER
InvoiceNumber in PURCHASE_ITEM must exist in InvoiceNumber in PURCHASE
ItemNumber in PURCHASE_ITEM must exist in ItemNumber in ITEM
James River Jewelry has modified the database by adding two tables OWNER and JEWELRY_ITEM as shown below:
OWNER (OwnerID, LastName, FirstName, Phone, Email, AmountOwed)
JEWELRY_ITEM (ItemNumber, DateReceived, DateSold, NegotiatedSalesPrice, ActualSalesPrice, CommissionPercentage, OwnerID)
where
OwnerID in JEWELRY_ITEM must exist in OwnerID in OWNER
ItemNumber in JEWELRY_ITEM must exist in ItemNumber in ITEM
The tables are used to record data and maintain owner data about jewelry accepted on consignment. JEWELRY_ITEM (which is a subtype of ITEM note the referential integrity constraint) is used to record the negotiated sales price, the commission percentage, and the actual sales price for each item of consigned jewelry.
Assume that office personnel at James River Jewelry use a database application to record consignment data. When an item is received on consignment, owner data are stored in OWNER if the owner is new; otherwise existing owner data are used. New ITEM and JEWELRY_ITEM rows are created. In ITEM, ItemNumber and Description are recorded, Cost is set to $0.00; and if there is an artist associated with the piece, ArtistName is entered. For JEWELRY_ITEM, data are stored for all columns except
DateSold and ActualSalesPrice. James River Jewelry personnel refer to these actions as an Acceptance Transaction Later, if the jewelry item does not sell, the
Page 22 of 28
NegotiatedSalesPrice and CommissionPercentage values may be reduced. This is called a Price Adjustment Transaction Finally, when an item sells, the DateSold and ActualSalesPrice fields for the item are given values, and the AmountOwed value in OWNER is updated by increasing AmountOwed by the owner’s percentage of the ActualSalesPrice value. This third transaction is called a Sales Transaction
A. Explain why it is important for the changes made by each of these transactions to be atomic.
The Acceptance and Sales Transactions must be atomic to prevent updating OWNER and not JEWELRY (or the reverse). Price Adjustment doesn’t need to be atomic because only one row is updated.
B. Describe a scenario in which an update of AmountOwed could be lost.
Conditions of the lost update are described in the text for two concurrent Sales Transactions in Figure 6-5 on page 308.
C. Describe a scenario for a nonrepeatable read and a scenario for a phantom read.
NONREPEATABLE READ:
1 Someone executes the following SQL statement: SELECT Name, SUM (AmountOwed) FROM OWNER GROUP BY Name;
2. Next, Sales Transaction is processed.
3. Someone reruns the query in 1.
The reads in the two SQL statements are nonrepeatable.
PHANTOM READ:
1. Someone executes the following SQL statement: SELECT Count(*) FROM OWNER;
2. Next, an Acceptance Transaction is processed where a new OWNER row is created.
3 Someone reruns the query in 1
The counts in 1 and 3 will be different because of a phantom read.
D. Explain how locking could be used to prevent the lost update in your answer to part B.
Lock both OWNER and JEWELRY_ITEM before reading for the purpose of update.
Page 23 of 28
E. Is it possible for deadlock to occur between two Acceptance Transactions? Why or why not? Is it possible for deadlock to occur between two Sales Transactions? Why or why not? Is it possible for deadlock to occur between an Acceptance Transaction and a Sales Transaction? Why or why not?
It is not possible to have deadlock between two transactions of the same type because the rows will be locked in the same order. It cannot occur between a Price Adjustment and any other transaction because Price Adjustment only processes a single row. There can be deadlock between Acceptance and Sales transactions because the first locks OWNER and then JEWELRY_ITEM, while the second locks JEWELRY_ITEM and then OWNER. If the order of processing in the Sales Transaction were changed so that OWNER was processed and then JEWELRY_ITEM, deadlock would not be possible for any of these transactions.
F. For each of these three types of transaction, describe whether you think optimistic or pessimistic locking would be better. Explain the reasons for your answer. For such a small business, they should use optimistic locking for all of them.
G. Suppose James River Jewelry identifies three groups of users: managers, administrative personnel, and system administrators. Suppose further that managers and administrative personnel can perform Acceptance Transactions and Sales Transactions, but only managers can perform Price Adjustment Transactions. Describe processing rights that you think would be appropriate for this situation. Use Figure 6-16 as an example.
This security system isn’t particularly strong. Because Acceptance Transactions require creating a new JEWELRY_ITEM row and possibly a new OWNER row, both Managers and Administrative personnel require read, insert, and update permissions on both tables. Better security would change this so that Administrators could only process Sales Transactions (That might not be realistic in this business, however.) Further, use SQL views (Appendix C) to limit the data they can actually see.
Page 24 of 28
H. James River Jewelry has developed the following procedure for backup and recovery. The company backs up the database from the server to a second computer on its network each night. Once a month, it copies the database to a CD and stores it at a manager’s house. It keeps paper records of all purchase and sales transactions for an entire year. If it ever loses its database, it plans to restore it from a backup and unrecorded transactions. Do you think this backup and recovery program is sufficient for James River Jewelry? What problems might occur? What alternatives exist? Describe any changes you think the company should make to this system.
James River is susceptible to a fire that could destroy both computers and the paper records. James River Jewelry should make backup to CD much more frequently than once a month once every other day, perhaps. Also, they should store paper records away from the office, if possible. Storing the CD at a manager’s house is probably a bad idea. What if that manager becomes dissatisfied with his/her job. It is better to store it in an off-premise facility designed for such storage.
Recovery via reprocessing is probably fine here. James River is a small business and the nature of their transactions is such that reprocessing in a different order ought not to matter.
ANSWERS TO THE QUEEN ANNE CURIOSITY SHOP PROJECT QUESTIONS
The Queen Anne Curiosity Shop database design used in Chapter 3 was:
ITEM (ItemNumber, Description, Cost, ListPrice, QuantityOnHand)
CUSTOMER (CustomerID, LastName, FirstName, Address, City, State, ZIP, Phone, Email)
EMPLOYEE (EmployeeID, LastName, FirstName, Phone, Email)
VENDOR (VendorID, CompanyName, ContactLastName, ContactFirstName, Address, City, State, ZIP, Phone, Fax, Email)
ITEM (ItemID, ItemDescription, PurchaseDate, ItemCost, ItemPrice, VendorID)
SALE (SaleID, CustomerID, EmployeeID, SaleDate, SubTotal, Tax, Total)
SALE_ITEM (SaleID, SaleItemID, ItemID, ItemPrice)
The referential integrity constraints are:
VendorID in ITEM must exist in VendorID in VENDOR
CustomerID in SALE must exist in CustomerID in CUSTOMER
EmployeeID in SALE must exist in EmployeeID in EMPLOYEE
SaleID in SALE_ITEM must exist in SaleID in SALE
ItemID in SALE_ITEM must exist in ItemID in ITEM
The Queen Anne Curiosity Shop has modified the ITEM and SALE_ITEM tables as follows:
ITEM (ItemID, ItemDescription, UnitCost, UnitPrice, QuantityOnHand, VendorID)
SALE_ITEM (SaleID, SaleItemID, ItemID, Quantity, ItemPrice, ExtendedPrice)
These changes allow the sales system to handle nonunique items that can be bought and sold in quantity. When new items from vendors arrive at the Queen Anne Curiosity Shop, the office personnel unpack the items, put them in the stockroom, and run an Item Quantity Received Transaction that adds the quantity received to QuantityOnHand. At the same time, another transaction called an Item Price Adjustment Transaction is run, if necessary, to adjust UnitCost and UnitPrice. Sales may occur at anytime, and when a sale occurs, the Sale Transaction is run. Every time a SALE_ITEM line is entered, the input Quantity is subtracted from QuantityOnHand in ITEM and the ItemPrice is set to the UnitPrice.
A. Explain why it is important for the changes made by each of these transactions to be atomic.
The Item Quantity Received Transaction and the Sale Transaction must be atomic to prevent corruptions of the values of QuantityOnHand. The Item Price Adjustment Transaction and the Sale Transaction must be atomic to make sure the correct ItemPrice is used.
B. Describe a scenario in which an update of QuantityOnHand could be lost.
Conditions of the lost update is described in the text for two concurrent Sale Transactions Figure 6-5 on page 308.
C. Describe a scenario for a nonrepeatable read and a scenario for a phantom read.
NONREPEATABLE READ:
1. Someone executes the following SQL statement: SELECT ItemID, ItemDescription, QuantityOnHand FROM ITEM;
2. Next, a Sale Transaction is processed.
3. Someone reruns the query in 1
The reads in the two SQL statements are nonrepeatable.
PHANTOM READ:
1. Someone executes the following SQL statement: SELECT SI.ItemID, I.ItemDescription, COUNT(Quantity) FROM SALE_ITEM AS SI, ITEM AS I GROUP BY SI.ItemID;
2. Next, a Sale Transaction is processed where a new SALE_ITEM row is created.
3. Someone reruns the query in 1. The counts in 1 and 3 will be different because of a phantom read.
Page 26 of 28
D. Explain how locking could be used to prevent the lost update in your answer to part B.
To prevent the lost update, lock ITEM during a Sale Transaction
E. Is it possible for deadlock to occur between two Sale Transactions? Why or why not? Is it possible for deadlock to occur between a Sale Transaction and a Item Quantity Received Transaction? Why or why not?
It is not possible to have deadlock between two transactions of the same type because the rows will be locked in the same order. It cannot occur between a Quantity Received Transaction and any other transaction because Quantity Received Transaction only processes a single row. Thus, there cannot be deadlock between Sale transaction and a Quantity Received Transaction because the first locks SALE_ITEM and then ITEM, while the second locks ITEM.
F. For each of these three types of transaction, describe whether you think optimistic or pessimistic locking would be better. Explain the reasons for your answer.
Since (1) The Queen Anne Curiosity Shop is a small business, and (2) there is no chance of deadlock, use optimistic locking for all of them.
G. Suppose that the Queen Anne Curiosity Shop identifies four groups of users: sales personnel, managers, administrative personnel, and system administrators. Suppose further that managers and administrative personnel can perform Item Quantity Received Transactions, but only managers can perform Item Price Adjustment Transactions. Describe processing rights that you think would be appropriate for this situation. Use Figure 6-16 as an example.
Page 27 of 28
H. The Queen Anne Curiosity Shop has developed the following procedure for backup and recovery. The company backs up the entire database from the server to tape every Saturday night. The tapes are taken to a safety deposit box at a local bank on the following Thursday. Printed paper records of all sales are kept for 5 years. If the database is ever lost, the plan is to restore the database from the last full backup and reprocess all the sales records. Do you think this backup and recovery program is sufficient for the Queen Anne Curiosity Shop? What problems might occur? What alternatives exist? Describe any changes you think the company should make to this system.
The Queen Anne Curiosity Shop is susceptible to a fire that could destroy both computers and the paper records. Daily differential backups should be run until Thursday, and then taking it off site on Thursday is fine. Without the daily differential backups, the tape should be taken off site on Monday morning. Also, they should store paper records away from office, if possible. Storing the CD at the bank is OK as long as more than one person has access.
Recovery via reprocessing is probably fine here. The Queen Anne Curiosity Shop is a small business and the nature of their transactions is such that reprocessing in a different order ought not to matter.
Page 28 of 28