The basic security and authorization approach taken by DBMS vendors to secure database access is that all database resources are controlled by the DBMS. There are no default authorizations given to any user just because the user logs in to the DBMS. Therefore, for a user to be able to perform any DBMS operation or function, one of the following conditions must exist:
The user has been granted the ability to perform that function or operation
That operation or function has been granted generically to all users
Using the security features of the DBMS, the DBA can set up the environment such that only certain users or certain application programs are allowed to perform certain ...