Database Reference
In-Depth Information
When user A needs to select all records from the employee's
relation, his query will be changed and his privileges will
be added as follows:
SELECT * FROM Employees; Will be changed to:
SELECT * FROM Employees
WHERE Department = 'material';
In SQL, granting is performed by means of the GRANT statement,
which has the following general format:
GRANT privileges
[ON relation]
TO users
[WITH GRANT OPTION]
For example:
GRANT SELECT
ON Employees
TO A
In SQL, revoking is performed by means of the REVOKE state-
ment, which has the following general format:
REVOKE privileges
[ON relation]
FROM users
For example:
REVOKE SELECT
ON Employees
FROM A
DAC suffers from some drawbacks when applied to the relational
database:
• Enforcement of the security policy: DAC depends on the
concept of ownership of the data. In DAC, the user who
Search WWH ::




Custom Search