Semantic Data Control
Semantic data control typically includes view management, security control, and semantic integrity control.
views, security constraints, and semantic integrity constraints can be defined as rules
that the system automatically enforces.
Views enable full logical data independence.
All views can be queried as base relations, but not all view can be updated as such
– Updates through views can be handled automatically only if they can be propagated
correctly to the base relations
– We classify views as updatable or not-updatable
Data security protects data against unauthorized acces and has two aspects:
– Data protection
– Authorization control
Data protection prevents unauthorized users from understanding the physical content of
• Well established standards exist
– Data encryption standard
– Public-key encryption scheme
Authorization control must guarantee that only authorized users perform operations
they are allowed to perform on the database.
Grand and revoke statements are used to authorize triplets (user, operation, data object)
– GRANT <operations> ON <object> TO <users>
– REVOKE <operations> ON <object> TO <users>
A database is said to be consistent if it satisfies a set of constraints, called semantic
Two main types of constraints can be distinguished:
– Structural constraints: basic semantic properties inherent to a data model e.g.,
unique key constraint in relational model
– Behavioral constraints: regulate application behavior e.g., dependencies
(functional, inclusion) in the relational model
A semantic integrity control system has 2 components:
– Integrity constraint specification – general constraint
– Integrity constraint enforcement – detection and prevention