Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

Types of Discretionary Privileges

  • Last Updated : 20 Aug, 2020

Privilege allow a user to access some data in a certain manner either to read or to write or to delete etc.

Types of Discretionary Privileges :
Discretionary Access Control includes granting and revoking of the privileges which are known as Discretionary privileges.This access control consists of an owner account for each resource and the owner account can control the access of privileges like read the data or modify data of database.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.

 

There are two levels of Discretionary privileges in the database system :



  1. Account Level –
    Database Administrator specifies privileges that each account holds with out depending on the relations in database. The privileges at account level are CREATE SCHEMA or CREATE TABLE privilege or CREATE VIEW.
    • ALTER privilege to perform schema changes such adding or removing attributes from relations.
    • DROP privilege to delete relations or views,
    • MODIFY privilege to insert, delete, or update tuples
    • SELECT privilege to retrieve information or data from the database.
  2. Relation / Table Level –
    It is the second level of privileges which is applied to the relation level. This includes tables or relations and virtual relations known as views. A user who has created a database object such as a table or a view will get all privileges on that object.This user is the holder of owner account which is created for each relation.

    In this level, an owner account is created for each relation and this account will also have right to pass the privileges to other users by GRANTING privileges to their accounts.

    The granting and revoking of discretionary privileges can be done by using a model known as access matrix model. This model specifies rights of each subject for each object.

Access matrix Model :

subjectfile1file2file3
Maryreadwrite
Sashireadwrite
Rahulwritereadappend

Here, Mary has only read privilege on file1 she can’t modify that file1. So, we can represent the privileges of each subject on each object. The matrix M consists of rows which resembles subjects like users, accounts and the columns resembles objects like relations, views.Each position M(i,j) in the matrix represents the types of privileges like read, write, update that subject i holds on object j.

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!