The Data Control Language is the subset of Transact-SQL used to manage security in databases. Specifically, it is used to set permissions on database objects and statements. In general, after you create the database and database objects (through DDL), you are ready to set up permissions using the statements provided by the Data Control Language. The three statements that comprise the Data Control Language are
GRANT—Used to grant access on an object or a statement to a user.
DENY—Used to explicitly deny any permission on any object or statement. This always takes precedence over any other permission inherited by role or group membership.
REVOKE—Removes any entry in the permissions table (syspermissions) that either granted ...