Integrity Constraint
- not null (主码不可为空)
- unique
- check ( \
)
1 | CREATE table branch2(branch_name varchar(30) primary key, |
Domain Constraint
1 | create domain hourly-wage numeric(5,2); |
Referential Integrity
Account (account-number, branch-name, balance) — 参照关系
Branch (branch-name, branch-city, assets) — 被参照关系
cascading action
1 | Create table course |
Assertion
1 | CREATE assertion <assertion-name> |
But SQL does not provide a construct for asserting: for all X, P (X)
So it is achieved in a round -about fashion, using: not exists X, such that not P (X)
1 | CREATE assertion credits_earned_constraint check |
Trigger
1 | <CREATE/REPLACE> trigger secure_ student before <insert/delete/update> on student |
1 | drop trigger <trigger_name> |
Authorization
- Security Specification
1 | GRANT <privilege list> on <table/view> |
\
- Privilege
1 | GRANT select,insert ON branch TO U1,U2,U3 |
select / insert / update / delete / references / all privileges / all
Roles
permit common privileges for a class of users can be specified just once
1 | Create role teller; |
- Revoke
1 | REVOKE <privilege list> ON <table/view> |
restrict:仅撤回用户本人
cascade:连锁撤回,同时撤回用户对外的授权
Audit Trails
log all changes to the database
1 | AUDIT <st-opt>[BY <users>][BY session/access][whenever successful / whenever not seccessful] |
\
NOAUDIT… 取消审计
by\
by session:每次会话期间,相同类型需审计的SQL语句仅记录一次
- Audit in oracle:
1 | AUDIT <obj-opt> ON <obj>/DEFAULT [by session / by access][whenever successful / whenever not successful] |
实体审计对所有用户起作用
ON \
ON DEFAULT 对其后创建的所有对象起作用。
取消审计:NOAUDIT …