• Authorization is finding out if the person once identified, is permitted to have the resource.

• Authorization explains that what you can do and is handled through the DBMS unless external security procedures are available.

• This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance.

• Authorization is equivalent to checking the guest list at an exclusive party or checking a ticket in an opera.

• DBMS allows DBA to give different access rights to the users as per their requirement.

• In SQL Authorization can be done by using Read, Insert, Update or Delete privileges.

• Types of authorization:

We can use any one or combinations of the following basic forms of authorization.

a) Resource Authorization:

• Authorization to access any system resource

E.g: Sharing of database, Printers.

b) Alternation Authorization:

• Authorization to add attributes or delete attributes from relations.

c) Drop Authorization:

• Authorization to drop a relation.

Database administrator:

• The main authority of database system is database administrator (DBA).

• The SQL standard specifies modification to the schema can be done only by the database owner of schema or DBA of schema.

• The DBA may authorize new users, restructure the database and so on.

• It is analogous to that of superuser or operator for operating systems.