The three language components of SQL are:
Data Definition Language
· Commands: CREATE, CREATE TABLE, DROP
Data Manipulation Language
· Commands: SELECT, FROM, WHERE
Data Control Language
· Commands: GRANT, REVOKE
Administrator language components and commands
GRANT, because this can GRANT users privileges
REVOKE, because it revokes user privileges
Both of these commands are for no one but the administrator to use only, ensuring the correct access rights are applied to the database.
Explain the purpose of SQL.
- It is a standard for relational databases
- It has statements for data definitions, queries and updates (DDL and DML)
- Facilities for defining views
- Specify transaction controls
- Data Validation – Check that people are entering correct input, e.g. to make sure an employee is not being over paid, you could use CHECK (Salary < 150000.00) to make sure they do not get more than 150,000 a year (in your dreams)
- Levels of access; user privileges (DCL) – GRANT; grant privileges to certain users. Can also revoke privileges with REVOKE.
Discuss possible threats to a database.
- Possible threats to a database include malware (e.g. an attacker could hack into the database server and steal information from it)
- Privilege misuse (e.g. a privileged user abuses his permissions by disabling the data validation for a database)
- Storage media exposure (e.g. an employee accidentally plugs in an infected USB into the computer the database is on, releasing a virus that destroys the database)
- Denial of service (attackers attack the database server by starting a DDOS attack, whereby the server is overloaded by junk data which crashes the server)
Discuss the three stages of database design.
Conceptual database design:
Modelling and formatting the data logically that will be put into the database.
Logical database design:
Designing the database, formulating how it will work.
Physical database design:
Implementing the actual database itself, e.g. making the forms and tables and creating the relationships.