Database users and security

Properly identifying database users allows to use database security and audit features.

To get the benefit of the database server security features, you should identify each physical user as a database user.

Some applications use a single database user for different end users, to avoid user management and connection issues in the database. This is not good practice because all user-related features of the database are unusable. Furthermore, the single db user often has all database privileges and thus can lead in security issues.

According to the type of server, you must do this steps to create a database user:

  1. Define the user as an operating system user.
  2. Declare the user in the database server.
  3. Grant database access privileges.

Each database server has its specific users management and data access privilege mechanisms. Check the vendor documentation for security features and make sure you can define the users, groups, and privileges in all database servers you want to use.

Table 1. Database user definitions by database engine brands
Database Server Type DB Users topic
IBM® DB2® LUW (UNIX™) DB Users in IBM DB2 LUW
IBM Informix® DB Users in IBM Informix
IBM Netezza® DB Users in IBM Netezza
Microsoft™ SQL Server DB Users in SQL Server
Oracle® MySQL / MariadDB DB Users in Oracle MySQL
Oracle Database Server DB Users in Oracle DB
PostgreSQL DB Users in PostgreSQL
SAP® ASE DB Users in SAP ASE
SAP HANA® DB Users in SAP HANA
SQLite DB Users in SQLite