Scribd
Upload
16 views

IE2042 Assignment Semester2 2023

The document describes a group assignment for a database management systems security course. Students are asked to: 1) Design, develop and implement a database for an online auction system, including creating views, triggers, stored procedures and indexes. 2) Analyze two database vulnerabilities and ways to mitigate them, and suggest countermeasures. 3) Submit a report and SQL script by October 22nd documenting their work. The assignment will contribute 30% to the final grade.

Uploaded by

kkju
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

IE2042 Assignment Semester2 2023

The document describes a group assignment for a database management systems security course. Students are asked to: 1) Design, develop and implement a database for an online auction system, including creating views, triggers, stored procedures and indexes. 2) Analyze two database vulnerabilities and ways to mitigate them, and suggest countermeasures. 3) Submit a report and SQL script by October 22nd documenting their work. The assignment will contribute 30% to the final grade.

Uploaded by

kkju
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Sri Lanka Institute of Information Technology

BSc Honors in Information Technology Specializing in Cyber Security

IE2042- Database Management Systems for Security


Jun 2023

Group Assignment

Database Design, Implementation and Security

Anticipated Learning Outcomes


LO1: Design and develop database solutions for real world applications.
LO2: Apply relational query languages and database programming languages in database
applications.
LO3: Evaluate query plans and recommend solutions to speed up the database servers.
LO4: Apply appropriate solutions to address security and performance concerns related to
databases

Important Dates
Group Details Submission – 21st August 2023

Assignment Declaration – 1st September 2023

Assignment Deadline - 22nd Oct 2023

Contribution to Final Grade


CA Weightage - 30%

You are required to,


 Form a group of 4 members.
 Register the group using the ‘Group Registration’ Microsoft form given in Courseweb
before 21st August 2023
 If you are not working in a group of 4 you are required to get prior permission. Otherwise,
your marks will be penalized by 30%.
Part 1 – 65 Marks
 Analyze the given scenario and carry out the below tasks
 Document any assumptions made. (5 Marks)
 Develop the ERD and logical model. (15 Marks)
 Normalize the logical model to 3NF. (5 Marks)
 Implement the logical model in MS SQL server and enter suitable sample data. (5
Marks)
 Identify all necessary constraints and enforce them on the tables. (10 Marks)
 Develop the required views, functions, procedures, triggers, and indexes as specified
below. (25 Marks)
o Identify 2 suitable triggers that can be applied on the database and explain and
implement them. (5 Marks)
o Identify the possible users of this database and create 2 views for them. (5
Marks)
o Based on the below questions identify 2 indexes that will optimize the given
queries and implement them. (5 Marks)
o Write stored procedures to carry out the below DML functions. (10 Marks)
1. Retrieve the name and home address of all the members who have the
bank account in “Sampath Bank”.
2. Retrieve the list of names and emails of members and the bid price who
have bid for laptops and the bid price should be displayed in ascending
order.
3. Select the names of the sellers who have placed the item where the sum
of the starting bid prices is more than Rs.30,000.00.
4. Increase the current bid on the items bid by “Saman” by 15%.

Database Scenario
Consider an ONLINE AUCTION database system in which members (buyers and sellers)
participate in the sale of items. The online site has members, each of whom is identified by a
unique member number and is described by an e-mail address, name, password, home
address, and phone number. A member may be a buyer or a seller. A buyer has a shipping
address recorded in the database. A seller has routing number recorded in the database. Both
buyers and sellers can have multiple bank accounts associated with their account. This needs
to include Bank Name, Bank No, Branch Name, Account Name, Account ID, and Account
balance.

Items are placed by a seller for sale and are identified by a unique item number assigned by
the system. Items are also described by an item title, a description, starting bid price, bidding
increment, the start date of the auction, and the end date of the auction. Items are also
categorized based on a classification system which includes a Category ID and Description.

Buyers make bids for items they are interested in and are currently up for sale.
The bid price and time of bid is recorded. The bidder at the end of the auction with the highest
bid price is declared the winner. A transaction between buyer and seller may then proceed
for the winning bid. Information on when the transaction took place, Credit account and debit
account as well as who the seller and buyer for a transaction is as well as details of the winning
bid must be captured.

Part 2 – 35 Marks
 Select and study two database vulnerabilities focusing on techniques and impact. (20
Marks)
 Understand how to mitigate the selected vulnerabilities and suggest countermeasures to
overcome from the selected vulnerabilities. (15 Marks)

Submission Procedure:
 Group leader should submit the soft copy of the report (Max 2000 words) through
the assignment submission link available in the Courseweb on or before 22 nd Oct 2023.
 The report should include the diagrams for the ERD. Logical Design and normalized
tables showing functional dependencies
 For the practical SQL you need to include Screenshots of the SQL codes you have
written
 You are also expected to submit the SQL codes as a separate script

Note: Rename your submission with the group ID.

You might also like