For databases that require a high level of security, defining permissions directly on tables has limitations. Any permission granted to a user on a table applies to the whole table. There are many cases when users' permissions need to be shaped more precisely than on a table-by-table basis. For example:
It is not desirable to give access to personal or sensitive information stored in an employee table to users who need access to other parts of the table.
You may wish to give sales representatives update permissions on a table containing descriptions of their sales calls, but limit such permissions to their own calls.
In these cases, you can use views and stored procedures to tailor permissions to suit the needs of your organization. This section describes some of the uses of views and procedures for permission management.
For information on how to create views, see “Working with views”.