ALLBASE/SQL Reference Manual (36216-90216)
Chapter 2 75
Using ALLBASE/SQL
Controlling Database Access
Controlling Database Access
ALLBASE/SQL uses authorities to determine who can issue which SQL statements and
who can execute programs that access databases in a DBEnvironment. For complete
details about security schemes refer to the ALLBASE/SQL Database Administration
Guide.
Authorities
ALLBASE/SQL has the following several kinds of authorities:
• Table and view authorities are the following privileges used to access data in a
specific table or through a specific view and to add columns and indexes, and create
foreign keys referencing a specific table:
SELECT retrieve rows
INSERT insert rows
DELETE delete rows
UPDATE change one or more columns in a row
ALTER add new columns to a table
INDEX create an index for the table
REFERENCES refer to one or more columns when defining a foreign key in a
referencing table
• RUN authority is the privilege to execute a specific program module that accesses a
DBEnvironment.
EXECUTE execute a procedure
• Special authorities are the following privileges:
CONNECT connect to a DBEnvironment
RESOURCE create tables and authorization groups
DBA issue
all
SQL statements and to execute any program that accesses an
ALLBASE/SQL DBEnvironment
• OWNER authority controls specific programs, tables, views, or authorization groups.
Obtaining Authorization
You obtain authority by the following methods:
• Configuring a DBEnvironment and automatically becoming a DBA.
• Being granted one or more specific authorities.
• Owning a table, view, module, or group.