The first field is the StudentID field, which can only be established by the registrar department, and the other fields have varying read, update, delete, and create privileges or rights depending on who is accessing the data. A single, unique ID that serves as the database's primary key will be created by the department. To ensure that it is distinct for each student entry in the database, this field was made the primary key.
You can update the name field. The field is created by the registrar department. However, only the student has the ability to change and update the field. The field is created in a way that no one can delete it once created.
The registrar department also creates the address, phone number field. For this particular fields, it is only the student who can update.
The registrar department also creates GPA. The individual teacher is the only one who can either delete or update the section.
The registrar department also creates the declared major and minor. For this particular field, it is only the teacher that can either delete or update.
The academic department creates the field of courses completed. The student can update and delete on the courses created by the academic department.
Part II
The CRUD matrix is an example of a method used in the modeling of data and process interactions enterprise wide (Politano, 2001). Create, Read, Update and Delete (CRUD), is an effective process used in understanding the relationship between the stored data in a database (Polo, Piattini, & Ruiz, 2001). Database designers and system analysts use this strategy to either store data or create a process that facilitates in effective management and manipulation of specific data (Lunsford & Collins, 2008). For this scenario, the data to establish its relationship is between the data to be stored and who has the privilege to create, update, and delete the data. The teacher, registrar department, and student are the only identified parties that have different levels of privilege on various data. The data being investigated is related to the students personal and transcript information. It includes student ID, name, phone number, GPA, declared major, address, declared minor and courses completed.
Student
Teacher
Registrar Department
Academic department
StudentID
RU
R
CRU
R
Name
RU
R
CRUD
R
Address
RU
R
CRUD
R
Phone number
RU
R
CRUD
R
GPA
R
RUD
CR
R
Declared Major
R
RUD
CR
R
Declared Minor
R
RUD
CR
R
Courses completed
RU
RUD
R
CRUD
Part III
The academic department provided the course offered for the semester to the students and teachers, as well as the sections of the course. The students can, however, select and provide the courses they prefer. The academic department displays the list of students and their courses that they will take during the semester. The students can then update their list concerning what they are taking and willing to take. For each course offered by the academic department, it has a unique course number, name, description and hours. Every course is allocated to a department. Every department has a unique ID and name.
From the above scenario, only the registrar, teacher and academic department have the right to delete data stored in the database. Every other person accessing the data has limited rights to either update or read data of any given field. Students for this particular case can only read and update their information but have no privilege or right to delete.
References
Lunsford, D. L., & Collins, M. R. (2008, June). The CRUD security matrix: A technique for documenting access rights. In 7th Annual Security Conference (pp. 2-4).
Politano, A. L. (2001). Salvaging information engineering techniques in the data warehouse environment. Informing Science, 4(2), 35-44.
Polo, M., Piattini, M., & Ruiz, F. (2001). Reflective persistence (Reflective CRUD: reflective create, read, update and delete). In Sixth European Conference on Pattern Languages of Programs (EuroPLOP) (pp. 69-85).
Type your email