Roles need access to databases and the right to perform a particular action on any schema object such as tables, views and procedures. DCL commands are used to enforce database security in a multiple user database environment. Only a database administrator or the owner(s) of a database object can GRANT and REVOKE privileges on a database object.

A privilege is a right to execute a particular type of SQL statement. The type of privilege granted varies based on the type of role assigned to a user. Privileges help the users to accomplish tasks required for their job.