The present invention relates to a system for relations recovery in case of errors.
In a data base system there are many measures which can be taken against loss of information. Normally backup copies and logs are used for securing that there is an extra copy of the data base. These are used for restoring the data base in case of system breakdown or hard ware errors.
A data base normally has a recovery function responsive for data stored in the data base being consistent, i.e. having a state to be expected with regard to different updates and their grouping.
For enabling recovery from errors writing the data base to breakdown a backup version has to be safely stored. A backup contains all information necessary for being able to recreate the data base to the same consistent state as prevailed at the time when the backup was created.
A typical strategy for recovering a data base can be summarized as follows:
If the data base has become inconsistent due to a catastrophic error having occurred, the recovery function orders restart with reloading of the data base to the latest backup version. In order to enable return to a more current state the data base is then updated with information that has been stored on a log, i.e. a history of earlier operations stored in a memory which is used by the recovery function for restoring the latest allowed transactions, i.e. operations on objects or records in the data base. The concept of object is here intended to have the conventional meaning within the data processing art. In short an object is an information packet with an associated description of how to manage its information. The objects are, as are also the data records, divided into classes after their area of use, and are identified by means of keys. A more detailed description of the concept of object can be found e.g. in "OBJECT-ORIENTED ANALYSIS" by Peter Coad and Edward Yourdon, Yourdon Press Computing Series.
The information and mechanisms required for recovery of the data base are determined by the method chosen for updating the data base. In the case of updating an object a copy of the original object is created, a lock is put in order to prevent other users from updating the data base and not until at commitment, i.e. the transaction operation used by a program or an operator for indicating that a current transaction has been ended and that its effects shall remain, the updated copy is introduced and put locks are released.
In cases where an error in the data base can not be detected immediately a data base copy is not enough. In a bank register an operator may e.g. by mistake remove a customer record despite the fact that there still exist associated account entries, or he may happen to remove all payment complaints.
In the first case there are well known means for securing data integrity. These are called integrity conditions. Such a condition could, e.g. be that account entries must be associated with a customer register. There could also exist established recovery mechanisms prescribing what shall happen if an integrity condition is violated. In the above example a definite removal of the customer record could be necessarily preceded by successive liquidating steps leading to the removal also of account entries together with the customer record.
In the second case, with all payment complaints removed, it is essential to be able to restore removed records from a backup copy. On the other hand, it is essential that not all data in the data base are restored, e.g. twelve hour old entries regarding bank transactions. Even if it would be possible to find and restore only records regarding payment complaints from the backup, while keeping the rest of the data base up to date, also all violations of integrity conditions must be able to be found and corresponding recover measurements be taken that are required for restoring the integrity of the data base. However, it may then be difficult to secure that not still more important data are destroyed through these measures, e.g. bank transactions.
In a conventional data base management system the function to recover part systems is implemented by the use of completely different data bases. This involves that there are no guaranties for consistency between the different recovery part systems, and no integrity conditions (such as existence dependency) are fullfilled between objects in different data bases and part systems.
Through U.S. Pat. No. 4,933,848 a data base management system is known in which demands are put on data that they shall have referential constraints. The data base is a relation data base in which data is stored in tables having rows and columns. New rows are loaded and information regarding these and their constraints are extracted and sorted. The new rows are checked for constraint violations and the violations are rectified to restore the referential integrity.
United Kingdom Patent Publication GB 2,252,853 generally relates to storing and recovering data in a relation data base.