Access levels

One of the challenges of creating a DBMS is managing who can access and change the data.

If anyone can edit the database, data could easily become corrupted. It is better to have different levels of access for the database to maintain the integrity of the database.

For example, with personalised websites that require a login, you will only see data that is relevant to you. However, if an employee of that website company accesses the DBMS, they will be able to view all customer accounts. The customer details come from the same database, but different levels of access are given to different users.

A DBMS developer would think about the needs of the user and develop a bespoke system to suit the needs of the company.

With an online music library, there would be different access levels for different users. For example:

  • customers should only see their own music
  • administrators would have access to upload and amend the entire library
  • account managers would be able to see the financial details for the customers when required

Websites use database applications to customise the user interface to suit the needs of each user. The owner of a blog will be able to delete, add and edit comments, whereas the reader would simply be able to view the blog posts.

With social networks you customise who can access your data:

  • you might only allow 'friends' to see your data
  • you might allow 'friends' and 'friends of friends' to see your data
  • you might have a public account that is visible to everyone
Flowchart showing how a database algorithm drives friend access on a social media site

The data that appears on Sarah's profile on a social network is stored in a database. Sarah has set up access rights to her data. Sarah only allows users known as her 'friends' to view her profile. This means that the public and 'friends of friends' cannot see her data.