Professional Documents
Culture Documents
Data Control Language: - Objectives
Data Control Language: - Objectives
• Objectives
– To learn about the security mechanisms implemented in an RDBMS
and how to use them
• Contents
– Identifying Users
– Privileges
– The GRANT Statement
– The REVOKE Statement
– The System Catalogue
DCL/1
Using Bulk Insert Statement
insert into
`shippers`(`ShipperID`,`CompanyName`,`Phone`) values
(1,'Speedy Express','(503) 555-9831'),
(2,'United Package','(503) 555-3199'),
(3,'Federal Shipping','(503) 555-9931');
DCL/2
Identifying Users
Sales
Admin
FRED
DCL/3
Privileges
• Allowable Privileges
– SELECT, INSERT, UPDATE, DELETE
– CREATE Table, View, Procedure, Trigger, Rule, Default
• The owner/creator of a table automatically has all the
privileges
DCL/4
Direct Privileges
DCL/5
Indirect Privileges
User
Program
Administrator
DCL/6
Privileges
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY
'password';
GRANT ALL ON db1.* TO 'jeffrey'@'localhost';
GRANT SELECT ON db2.invoice TO 'jeffrey'@'localhost';
ALTER USER 'jeffrey'@'localhost' WITH
MAX_QUERIES_PER_HOUR 90;
DROP USER ''@'localhost';
DCL/7
GRANT/ REVOKE
• GRANT privilege ON tablename TO list
[ WITH GRANT OPTION]
• For example
GRANT ALL ON dept TO John
GRANT SELECT ON dept TO sally WITH GRANT OPTION
GRANT SELECT, UPDATE, INSERT ON dept TO Jim, Mike, Howard
DCL/8
Non-ANSI Privileges
• Sample Non ANSI Table Privileges
GRANT ALTER ON dept TO Sally
GRANT INDEX ON dept TO John
DCL/9
Summary
• Identifying Users
– Users in the system can be grouped together to make security handling
easier
• Privileges
– Permissions can be granted at several levels and can be granted
directly or indirectly using views and stored procedures
• The GRANT Statement
– Is used to give people permissions on database objects
• The REVOKE Statement
– Is used to take permissions away
• The System Catalogue
– All information about permissions is stored within the catalogue
DCL/10