Glossary
authorization identifier
An authorization identifier is an entity to which access to database objects can be granted. The four authorization identifiers are: Role, User, Group, or PUBLIC.
data at rest
Data "at rest" is data on physical media recorded in a persistent form.
database procedure
A database procedure is a set of SQL statements and control statements in a begin/end block that are stored as a unit in the database.
default group
A default group is the group assigned to a user when a user object is created or modified.
default profile
A default profile is the profile initially assigned to a user if one is not explicitly assigned.
grant
A grant is an object permission assigned to a group, role, or user.
group
A group is an identifier that can be used to apply permissions to a list of users associated with the identifier.
object permission
An object permission defines a capability related to a specific object, such as a database or a table. Object permissions are assigned to selected groups, roles, or users. Object permissions are also called grants, permits, or object privileges.
privileged user
A privileged user is any user with the necessary privileges to perform security-related operations. The system administrator, database administrator, or security administrator are privileged users.
profile
A profile is a template that defines a set of subject privileges and other attributes that can be applied to one or more users. The user authorization process can be streamlined by using profiles.
role
A role is an identifier that can be used to associate permissions with applications.
security alarm
A security alarm is an entity that can be created to monitor a security-related event, such as connecting to a database or updating a table.
security auditing
Security auditing is the recording of all or specified classes of security events for the entire installation.
subject privilege
A subject privilege defines the type of operations permissible in a user session. Subject privileges are assigned to a user (subject).
user object
A user object is a definition that specifies the user’s name, default group, default profile, subject privileges, and several other attributes.