Authorization is finding out if the person once identified, is permitted to have the resource.

• Authorization explains that what you can do and is handled through the DBMS unless external security procedures are available.
• This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance.
• Authorization is equivalent to checking the guest list at an exclusive party or checking a ticket in an opera.
• DBMS allows DBA to give different access rights to the users as per their requirement.
• In SQL Authorization can be done by using Read, Insert, Update or Delete privileges.
• Types of authorization:

We can use any one or combinations of the following basic forms of authorization.

a) Resource Authorization:

• Authorization to access any system resource

  E.g: Sharing of database, Printers.

b) Alternation Authorization:

• Authorization to add attributes or delete attributes from relations.

c) Drop Authorization: A

• uthorization to drop a relation.

Database administrator:

• The main authority of databse system is databse administrator(DBA)
• The SQL standard specifies modification to the schema can be done only by the database owner of schema or DBA of schema.
• The DBA may authorize new users, restructure the database and so on.
• It is analogous to that of superuser or operator for operating systems.