Authorization
Authorization
is the process of giving someone permission to do or have Something.
Authorization
is the function of specifying access rights/privileges to resources, which is
related to information security and computer security in general and to access
control in particular.
A
user may assign a user several forms of authorizations on parts of the
database.
Authorizations
on data include:
• Authorization to read data.
• Authorization to insert new data.
• Authorization to update data.
• Authorization to delete data.
Each of these types of authorizations is called
a privilege.
The user can be authorized with all, none, or a
combination of these types of privileges on specified parts of a database, such
as a relation or a view.
In addition to authorizations on data, users may
also be granted authorizations on the database schema, allowing them, for
example, to create, modify, or drop relations. A user who has some form of
authorization may be allowed to pass on (grant) this authorization to other
users, or to withdraw (revoke) an authorization that was granted earlier.
Granting and Revoking of Privileges
The SQL standard includes the privileges select,
insert, update, and delete. The privilege all privileges
can be used as a short form for all the allowable privileges.
The SQL data-definition language includes
commands to grant and revoke privileges. The grant statement is used to
confer authorization. The basic form of this statement is:
grant <privilege list>
on <relation name or view
name>
to <user/role list>;
Example:
grant select on department to Ashraf, Suresh;
grant update (budget) on department to Ashraf,
Suresh;
To revoke an authorization, we use the revoke
statement. It takes a form almost identical to that of grant:
revoke <privilege list>
on <relation name or view name>
from <user/role list>;
No comments:
Post a Comment