Scribd Logo
Upload

Welcome to Scribd!

  • Data Control Language: - Objectives

    Uploaded by

    MAHESH BHANDARI
    38 views10 pages
    This document discusses data control language (DCL) and security mechanisms in relational database management systems (RDBMS). It covers identifying users, privileges that can be granted, and the GRANT and REVOKE statements used to manage privileges. Privileges include permissions for SQL statements like SELECT, INSERT, and DELETE, as well as permissions to create database objects. Privileges can be granted directly on tables or indirectly through other database objects. All privilege information is stored in the system catalogue.

    Original Description:

    DCL

    Original Title

    11XMODCL

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses data control language (DCL) and security mechanisms in relational database management systems (RDBMS). It covers identifying users, privileges that can be granted, and the GRANT and REVOKE statements used to manage privileges. Privileges include permissions for SQL statements like SELECT, INSERT, and DELETE, as well as permissions to create database objects. Privileges can be granted directly on tables or indirectly through other database objects. All privilege information is stored in the system catalogue.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    38 views10 pages

    Data Control Language: - Objectives

    Uploaded by

    MAHESH BHANDARI
    This document discusses data control language (DCL) and security mechanisms in relational database management systems (RDBMS). It covers identifying users, privileges that can be granted, and the GRANT and REVOKE statements used to manage privileges. Privileges include permissions for SQL statements like SELECT, INSERT, and DELETE, as well as permissions to create database objects. Privileges can be granted directly on tables or indirectly through other database objects. All privilege information is stored in the system catalogue.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 10

    Data Control Language

    • Objectives
    – To learn about the security mechanisms implemented in an RDBMS
    and how to use them
    • Contents
    – Identifying Users
    – Privileges
    – The GRANT Statement
    – The REVOKE Statement
    – The System Catalogue

    DCL/1
    Using Bulk Insert Statement
    insert into
    `shippers`(`ShipperID`,`CompanyName`,`Phone`) values
    (1,'Speedy Express','(503) 555-9831'),
    (2,'United Package','(503) 555-3199'),
    (3,'Federal Shipping','(503) 555-9931');

    DCL/2
    Identifying Users

    Sales
    Admin

    FRED
    DCL/3
    Privileges
    • Allowable Privileges
    – SELECT, INSERT, UPDATE, DELETE
    – CREATE Table, View, Procedure, Trigger, Rule, Default
    • The owner/creator of a table automatically has all the
    privileges

    DCL/4
    Direct Privileges

    Customers Orders Products Staff

    DCL/5
    Indirect Privileges

    User

    Program

    Administrator

    Customers Orders Products Staff

    DCL/6
    Privileges
    CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY
    'password';
    GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
    GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost';
    ALTER USER 'jeffrey'@'localhost' WITH
    MAX_QUERIES_PER_HOUR 90;
    DROP USER ''@'localhost';

    DCL/7
    GRANT/ REVOKE
    • GRANT privilege ON tablename TO list
    [ WITH GRANT OPTION]

    • For example
    GRANT ALL ON dept TO John
    GRANT SELECT ON dept TO sally WITH GRANT OPTION
    GRANT SELECT, UPDATE, INSERT ON dept TO Jim, Mike, Howard

    REVOKE privilege ON tablename FROM list [CASCADE]


    e.g REVOKE SELECT ON dept FROM Sally CASCADE

    • However largely done these days via checkboxes in grids in


    GUI admin tools

    DCL/8
    Non-ANSI Privileges
    • Sample Non ANSI Table Privileges
    GRANT ALTER ON dept TO Sally
    GRANT INDEX ON dept TO John

    • Sample Non ANSI Database Privileges


    GRANT CONNECT ON database TO John, Ann
    GRANT RESOURCE TO Alex
    GRANT DBA TO Simon

    DCL/9
    Summary
    • Identifying Users
    – Users in the system can be grouped together to make security handling
    easier
    • Privileges
    – Permissions can be granted at several levels and can be granted
    directly or indirectly using views and stored procedures
    • The GRANT Statement
    – Is used to give people permissions on database objects
    • The REVOKE Statement
    – Is used to take permissions away
    • The System Catalogue
    – All information about permissions is stored within the catalogue

    DCL/10

    You might also like