SQL DCL - Data Control Language

In SQL there are several subdivisions that deal with different aspects of the database. DCL stands for Data Control Language. This is the part of SQL that controls access to certain areas of the database. It allows the administrator to restrict tables, processes, etcetera to specific users. Or conversely, it allows users control of every aspect of the database including creating further controls.

DCL in SQL is really about security. What scripts, what programs, what classes, and what people can restructure tables, add columns, or even run a basic SELECT query. This gate-keeping function is done through two statements: GRANT and REVOKE.

A GRANT statement allows certain priveleges, without the GRANT of at least something, the user will be unable to do anything. In this way all access to the database is shut off unless it is GRANTed. This is a very defensive way of providing security to the database. Nevertheless, it is effective and the administrator should endeavor to GRANT as few priveleges as are necessary for use of the database.

The REVOKE statement simply takes away any powers previously GRANTed. It is a process most often used to prevent abuse from previous employees or to more tightly restrict use of the database to certain classes of users.

DCL, though largely maintaining a background role in SQL, is vital in maintaining the integrity of the database.

Next Page: GRANTStatement

Interesting Pages