The basic security and authorization approach taken by DBMS vendors to secure database access is that all database resource are controlled by the DBMS.
• For user to be able to perform any DBMS operation
or function, one of the following conditions must
exist:
– The user has been granted the ability to perform that
function or operation
– That operation or function has been granted generically
to all users