| Lesson 2 | What is a role? |
| Objective | Understand how database roles are used |
How Database Roles are used
A role [1] is a way to group a series of security privileges[2] into a single entity. You can then use the role as a management tool for assigning and changing security privileges for individual users that are assigned the role.
A role is an intermediary between individual object grants and individual users. You assign a set of privileges to a role, and then assign users to that role.
A role is an intermediary between individual object grants and individual users. You assign a set of privileges to a role, and then assign users to that role.
Advantages of roles
You can use roles to simplify security administration and implementation in four ways:| Simplified granting of privileges: | By grouping privileges into a role, you reduce the amount of effort needed to grant multiple privileges. |
| Simplified management of privileges: | To change the object privileges for a group of users assigned to a role, you can change the privileges for the role instead of the privilegesfor each individual user |
| Dynamically changing security privileges: | A user can assume more than one role, and can change roles while connected to the database. You can enable and disable roles as an administrator. |
| Application roles: | You can create application roles, which allow all users of an application to have the same privileges while using the application. |
1) Roles and Privileges 1
2) Roles and Privileges 2
3) Roles and Privileges 3
4) Roles and Privileges 4
5) Roles and Privileges 5
Using DBA Security-granted By Roles Runtime
The next lesson shows how to create a role.
[1]: Role: A collection of privileges that can be assigned together.
[2]: Privilege: The capability to perform some type of database action.
