Chapter 7 Building a Database Access Structure

Introducing database access

In this manual, we group within the concept of database access, the objects that are used to let database users carry out their jobs while preserving the privacy and integrity of the information within the database.

Depending on the target DBMS, the setting up of a secure database environment implies the following tasks:

• Creation of users (see Users (PDM))
• Creation of groups (see Groups (PDM))
• Creation of roles (see Roles (PDM))
• Definition of system privileges (see Granting system privileges)
• Definition of object permissions (see Granting object permissions)

Reverse engineering

During reverse engineering by script, the permission and privilege grant orders are reverse engineered only if the user, group, or role already exist in the model.

If you reverse engineer into a new model, the permission and privilege grant orders are reverse engineered if the user, group, or role creation orders are in the same script.

These restrictions do not apply to ODBC reverse engineering.

Copyright (C) 2006. Sybase Inc. All rights reserved.