Data Control Language

The Data Control Language (DCL ) is the part of a database language that is used to assign permissions or withdraw. DCL is the language of a Data Monitoring database. The DCL is available in different systems in different forms. Examples:

  • In SQL it is (next to DDL and DML) English in the form of command clauses (eg GRANT SELECT, UPDATE ON INVOICE TO CLERK or REVOKE EXECUTE ON NIGHTLY_JOB FROM DEVELOPERS ).
  • In the historical IMS databases DCL is handled by the data protection component of the operating system.

Some software manufacturers do not use the term and count the DCL commands for authorization DDL.


In the practically important Structured Query Language, the syntax is as follows:

GRANT operation ON Relation TO (PUBLIC | user ) [WITH GRANT OPTION]     REVOKE operation ON relation FROM ( PUBLIC | user ) Relation can also be a particular point of view. WITH GRANT OPTION allows the new rights holders to pass on the right. PUBLIC means all users. The database administrator (DBA ) has all the rights. The owner of an object also has all the rights to that object.

The commands for rights management are specified in SQL, but not the user management. Therefore, each DBMS implements like to know its own user management, the role name and / or user groups or not.

  • In modern DBMS rights can be assigned to anything, not only on individual tables.


GRANT SELECT, UPDATE ON TABLE student TO GroupX; Allows the user or group GroupX a read and modify access to the Student table. REVOKE EXECUTE ON PROCEDURE DSN8ED6 FROM PUBLIC; Revokes all non explicitly authorized users the right to run the stored procedure DSN8ED6. Permissions that a user or group has been granted remain.