Procedures Provide Tailored Security

While views restrict access on the basis of data, procedures restrict the actions a user may take.

A user may have EXECUTE permission on a procedure without having any permissions on the table or tables on which the procedure acts.

By default, procedures execute with the permissions of the procedure owner. For a procedure that updates a table, if the procedure owner has UPDATE permissions on the table, the user can execute the procedure. The owner of the procedure can restrict the procedure to execute with the permissions of the user executing the procedure by specifying SQL SECURITY INVOKER to CREATE/ALTER PROCEDURE statement.

• Setting Up Task-based Security Restrictions
  For strict security, you can disallow all access to the underlying tables, and grant permissions to users or groups of users to execute certain stored procedures. This approach strictly defines how data in the database can be modified.
• Granting Users the Permissions to Run Related Stored Procedures
  Since most authorities are inherited through group membership, users can inherit the authority and also the execute permissions for IQ procedures from a group.