If your application employs user passwords, it connects to the database with a particular login name that tells the database which user is running the program. The database uses that login name’s privileges to determine what access it should grant to your application.
As the database administrator, you can grant or deny privileges to individual users. For example, if you deny the CREATE TABLE privilege for the user Crissy, then while Crissy is using your program the program cannot create tables in the database.
The owner of a database object can also grant privileges for that object. For instance, if you created the Students database, you can grant and revoke privileges in that database.
Besides user logins, SQL Server ...