Security Roles   «Prev  Next»
Lesson 2 What is a role?
Objective Understand how database roles are used

How Database Roles are used

A role [1] is a way to group a series of security privileges[2] into a single entity. You can then use the role as a management tool for assigning and changing security privileges for individual users that are assigned the role.
A role is an intermediary between individual object grants and individual users. You assign a set of privileges to a role, and then assign users to that role.

Advantages of roles

You can use roles to simplify security administration and implementation in four ways:
Simplified granting of privileges: By grouping privileges into a role, you reduce the amount of effort needed to grant multiple privileges.
Simplified management of privileges: To change the object privileges for a group of users assigned to a role, you can change the privileges for the role instead of the privilegesfor each individual user
Dynamically changing security privileges: A user can assume more than one role, and can change roles while connected to the database. You can enable and disable roles as an administrator.
Application roles: You can create application roles, which allow all users of an application to have the same privileges while using the application.
The following SlideShow illustrates how roles work.
Roles and Privileges 1
1) Roles and Privileges 1
Roles and Privileges 2
2) Roles and Privileges 2
Roles and Privileges 3
3) Roles and Privileges 3
Roles and Privileges 4
4) Roles and Privileges 4
Roles and Privileges 5
5) Roles and Privileges 5

Using DBA Security-granted By Roles Runtime
The next lesson shows how to create a role.
[1]: Role: A collection of privileges that can be assigned together.
[2]: Privilege: The capability to perform some type of database action.